Model-driven development of security-aware GUIs for data-centric applications
Abstract
In this tutorial we survey a very promising instance of modeldriven security: the full generation of security-aware graphical user interfaces (GUIs) from models for data-centric applications with access control policies. We describe the modeling concepts and languages employed and how model transformation can be used to automatically lift security policies from data models to GUI models. We work through a case study where we generate a security-aware GUI for a chatroom application. We also present a toolkit that supports the construction of security, data, and GUI models and generates complete, deployable, web applications from these models. Show more
Permanent link
https://doi.org/10.3929/ethz-a-006698961Publication status
publishedPublisher
Eidgenössische Technische Hochschule ZürichSubject
SPEZIFIKATIONEN (SOFTWARE ENGINEERING); DATA SECURITY + DATA PROTECTION (OPERATING SYSTEMS); SPECIFICATIONS (SOFTWARE ENGINEERING); USER INTERFACES (INFORMATION SYSTEMS); BENUTZEROBERFLÄCHEN (INFORMATIONSSYSTEME); DATENSICHERHEIT + DATENSCHUTZ (BETRIEBSSYSTEME)Organisational unit
02150 - Dep. Informatik / Dep. of Computer Science
More
Show all metadata
ETH Bibliography
yes
Altmetrics