RBAC metamodel

//RBAC metamodel

abstract User
    name : string 
    maxRoles : int ?
    maxRolesRespectingHierarchy ?
    maxSessions : int ?
    role -> Role +
        [parent in this.user]
    session -> Session *
        [parent in this.user]
    pred -> User ?
        [parent in this.succ]
    succ -> User ?
        [parent in this.pred]
    snapshot -> Snapshot 
        [parent in this.user]
    numberOfRoles:int
	[this = if maxRolesRespectingHierarchy then (#(role++role.junior)) else (#role)]
    [maxRoles => numberOfRoles < maxRoles]
    [maxSessions => #session < maxSessions]
    [all r:Resource|r.resourceBasedDynamicSeparationOfDuty => (one u_r:User_Resource|u_r.usr = this && u_r.res = r && lone u_r.tempSet1.action)]
    [all r:Resource|r.historyBasedDynamicSeparationOfDuty =>(one u_r:User_Resource|u_r.usr = this && u_r.res = r && #u_r.tempSet1.action < #r.action)]
    [succ => succ.snapshot = snapshot.succ]
    [succ => succ.name.ref = name.ref]
    


User_Resource *//Hepler clafer, used to implement set comprehensions in constraints that quantifies over all pairs of User-Resource.
    usr -> User
    res -> Resource
    tempSet1 -> Access*
	[this in res.access && this.session.user in (usr ++ usr.succ)]
    [all a:Access| (a in res.access && a.session.user in (usr ++ usr.succ)) => a in tempSet1]

abstract Role
    name : string 
    maxMembers : int ?
    maxJuniors : int ?
    exclusiveJuniorsAllowed ?
    maxSeniors : int ?
    permission -> Permission +
        [parent in this.role]
    user -> User *
        [parent in this.role]
    senior -> Role *
        [parent in this.junior]
    junior -> Role *
        [parent in this.senior]
    required -> Role *
        [parent in this.dependent]
    dependent -> Role *
        [parent in this.required]
    session -> Session *
        [parent in this.role]
    mutuallyExclusiveA -> MutuallyExclusive *
        [parent in this.roleA]
    mutuallyExclusiveB -> MutuallyExclusive *
        [parent in this.roleB]
    [this not in senior]
    [maxMembers => #user < maxMembers]
    [all u:user|required in u.role]
    [maxJuniors => #junior < maxJuniors]
    [maxSeniors => #senior < maxSeniors]
    [exclusiveJuniorsAllowed ||(all r1;r2:junior|(all m:r1.mutuallyExclusiveA |(m.wrtUserAssignment && m.roleB = r2) => m.identicalSeniorAllowed) &&(all m:r1.mutuallyExclusiveB |(m.wrtUserAssignment && m.roleB = r2) => m.identicalSeniorAllowed) )]
//Bug: Can't quantify over set union: [all a:(mutuallyExclusiveA++mutuallyExclusiveB)|......]
    


abstract Permission
    name : string 
    maxRoles : int ?
    maxSessions : int ?
    action -> Action *
        [parent in this.permission]
    resource -> Resource 
        [parent in this.permission]
    role -> Role *
        [parent in this.permission]
    required -> Permission *
        [parent in this.dependent]
    dependent -> Permission *
        [parent in this.required]
    [maxRoles => #role < maxRoles]
    [all r:role|required in r.permission]
    [maxSessions => (all sna:Snapshot|(one p_s:Permission_Snapshot|p_s.perm = this && p_s.snap = sna && #p_s.sess < maxSessions))]

Permission_Snapshot * //Hepler clafer, used to implement set comprehensions in constraints that quantifies over all pairs of Permission-Snapshot.
    perm -> Permission
    snap -> Snapshot
    sess -> Session *
	[this in perm.role.session && this.user.snapshot = snap]
    [all s:Session|(s in perm.role.session && s.user.snapshot = snap) => s in sess]

abstract Action
    name : string 
    access -> Access *
        [parent in this.action]
    mutuallyExclusiveA -> MutuallyExclusiveActions *
        [parent in this.roleA]
    mutuallyExclusiveB -> MutuallyExclusiveActions *
        [parent in this.roleB]
    permission -> Permission *
        [parent in this.action]
    resource -> Resource *
        [parent in this.action]

abstract Resource
    name : string 
    resourceBasedDynamicSeparationOfDuty ?
    historyBasedDynamicSeparationOfDuty ?
    access -> Access *
        [parent in this.resource]
    action -> Action *
        [parent in this.resource]
    permission -> Permission *
        [parent in this.resource]

abstract Session
    id : string 
    user -> User 
        [parent in this.session]
    role -> Role *
        [parent in this.session]
    access -> Access *
        [parent in this.session]
	neededPermissions -> Permission *
	    [this in parent.action.permission && this.resource = parent.resource]
	[all p:Permission|(p in this.action.permission && p.resource = this.resource) => p in neededPermissions]
    pred -> Session ?
        [parent in this.succ]
    succ -> Session ?
        [parent in this.pred]
    [user.role in (user.role ++ user.role.junior)]
    [all a:access|some a.neededPermissions && a.neededPermissions in (role.permission ++ role.junior.permission)]
    [this not in succ && (some s:Snapshot| (Snapshot -- s) in s.succ)]
    [succ => succ.user = user.succ]
    [succ => succ.id.ref = id.ref]				
	
abstract Access
    id : string 
    session -> Session 
        [parent in this.access]
    action -> Action 
        [parent in this.access]
    resource -> Resource 
        [parent in this.access]
    pred -> Access ?
        [parent in this.succ]
    succ -> Access ?
        [parent in this.pred]
    [succ => succ.session = session.succ]
    [succ => succ.id.ref = id.ref]

abstract PrerequisiteActions
    wrtResource ?
    wrtResourceAndUser ?
    required -> Action *
    dependent -> Action *

/*
abstract PrerequisiteActions_Resource *
    prerquis -> PrerequisiteActions
    resc -> Resource
    tempSet1 -> Access *
	[this in prerquis.dependent.access && this.resource = resc]
    [all a:Access|(a in prerquis.dependent.access && a.resource = resc) => a in tempSet1]
*/

abstract MutuallyExclusive
    id : string 
    wrtUserAssignment ?
    identicalSeniorAllowed ?
    wrtPermissionAssignment ?
    wrtActiveRoles ?
    wrtJuniors ?
    wrtSeniors ?
    roleA -> Role 
        [parent in this.mutuallyExclusiveA]
    roleB -> Role 
        [parent in this.mutuallyExclusiveB]
    [wrtUserAssignment || wrtPermissionAssignment || wrtActiveRoles|| wrtJuniors || wrtSeniors]
    [roleA != roleB]

abstract MutuallyExclusiveActions
    id : string 
    wrtResourceAndUser ?
    roleA -> Action 
        [parent in this.mutuallyExclusiveA]
    roleB -> Action 
        [parent in this.mutuallyExclusiveB]
    

abstract Snapshot
    pred -> Snapshot ?
        [parent in this.succ]
    succ -> Snapshot ?
        [parent in this.pred]
    user -> User *
        [parent in this.snapshot]  
Module Statistics: | No model. |

Module Downloads: | [.cfr] | [.html] |