Feature modeling of the evolving access control requirements

Abstract

Access control mechanisms are an integral part of most modern software systems, but it is still not considered as an explicit part in the development process. Access control mechanisms and policies are generally added to existing systems as an afterthought, with all the problems of unsatisfied security requirements, integration difficulties, and mismatches between design models. In order to increase the overall system security, access control requirements should be taken into account early in the software development process. Due to the integration of Access control requirements early in the development process, potential security breaches can be detected and removed earlier. But, on the other hand, this integration results in spreading of access control functionalities across the software systems and making them tightly cohesive. When there is a need arises for updating the existing access control requirement, the changes would impact on several functional requirements. Moreover the access control requirements tend to evolve continually. Accordingly, the design phase should support both the static and dynamic changes of the access control requirements without making much impact on the functional requirements. To address this issue at the design level, we need an approach that could support to model the access control requirements along with the constraints and also capture the changes, without affecting the functional design. In this paper, we propose a Feature Conclave Model based on feature modeling, for analyzing and designing the evolving access control requirements along with the system design. The Feature Conclave Model views the access control requirements as "Features" and also provides step-by-step integration with the functional domain. Moreover, the new updates of the access control requirements can be represented as the variants and can easily be adapted within the system design. © 2011 Springer-Verlag Berlin Heidelberg.