1. XMLSecurity-1 CSE 5810 XML Security Framework Prof. Steven A. Demurjian, Sr. Computer Science & Engineering Department The University of Connecticut 371 Fairfield Road, Box U-1155 Storrs, CT 06269-1155 steve@engr.uconn.edu http://www.engr.uconn.edu/~steve (860) 486 - 4818

2. XMLSecurity-2 CSE 5810 Alberto De la Rosa Algarín Major Advisor: Dr. Steven A. Demurjian Associate Advisors: Dr. Jinbo Bi, Dr. Swapna Gokhale Dr. Xiaoyan Wang, An XML Security Framework that Integrates Role-Base, Mandatory, and Discretionary Access Control Policies

3. XMLSecurity-3 CSE 5810 Introduction   Today’s Applications and Systems Built around Multiple Technologies  APIs, Cloud Computing, Web Services, Data Mining, etc.   Alternative Data Structure Standards  XML, RDF, JSON, OWL, etc.   Meta-Systems that Share, Use and Exchange Information to fully function  XML as de-facto Standard   What are the Top Security Challenges?  Integrate Security Requirements of Existing Systems  Consolidate in Support of Newly Developed Application

4. XMLSecurity-4 CSE 5810 Tree-Structured Documents  Documents that follow a tree structure  Root node  Certain amount of children  Leaf nodes  Example of tree-structured document formats  eXtensible Markup Language (XML)  JSON (if written in a tree-structured form)  RDF serializations  Ontologies (e.g. Web Ontology Language, OWL)  XML and JSON extensively used  Information Exchange  SOAP  REST

5. XMLSecurity-5 CSE 5810 Secure Information Exchange  XML Quickly Emerging as Standard of Choice for:  Web Content  Information Exchange  Database Exchange  Standard format for Tools (e.g., UML Tools Export XMI)  Etc.  Our Perspective, Given a Document Repository  Each Document has a Schema  Multiple Documents per Schema  Users with Particular Roles in Application  Can We Customize the Displayed Instance Based on Role?  How Can we Incorporate RBAC, LBAC, etc.?

6. XMLSecurity-6 CSE 5810 Security for Tree-Structured Documents   Can we Customize Instance Based on Role?   Can we Incorporate RBAC, LBAC, and DAC ?   Security Schemas Set  Roles, Users, Constraints  RBAC, LBAC, DAC   Apply Security Schemas to Documents  Security Schema Filters Document  Document Appears Differently Based on Role, MAC, Delegation Security Schemas  Role Schema  User Schema  Constraint Schema Application Application Schemas Application XML Files Appl_Role.xml Appl _User.xml Appl_Constraint.xml Security Officer Generates Security XML files for the Application DTDs and XML User ’ s Role Determines the Scope of Access to Each XML Document

7. XMLSecurity-7 CSE 5810 What is a Schema?

8. XMLSecurity-8 CSE 5810 What is a Schema?

9. XMLSecurity-9 CSE 5810 What is an Associated Instance?

10. XMLSecurity-10 CSE 5810 Attaining Security  Given an Application of Schemas and Associated Instances, can we:  Define Schemas/Instances for Clearances, Roles, Users, User-Role Authorizations, and Delegation  Augment Application’s Schemas/Instances with LBAC Security Classifications (if Needed)  Then, as Instances are Dynamically Identified to Suit a User’s Needs for an Application, can we:  Retrieve and Filter those Instance(s) Based on User’s Role, LBAC, and/or Delegation  Deliver Filtered Instances(s) to User

11. XMLSecurity-11 CSE 5810 Main Research Questions   How do we Provide a Solution that Operates across Various Contexts?  Information Exchange, Databases, Web Services, etc.  Integrates Local and Global Security   How do we Integrate and Support Major Access Control Models?  Role-Based Access Control (RBAC)  Lattice-Based Access Control (LBAC)  Discretionary Access Control (DAC)   How Can we Make Security Policies Changes without Impacting Each Document?   How do we Enforce Security across Multiple Interoperating Systems?

12. XMLSecurity-12 CSE 5810 Attaining Security   Given an Application of Schemas and Associated Instances, can we:  Define Schemas for Security Levels, Roles, User- Role Authorizations, and Delegation  Augment Application’s Schemas/Instances with MAC Security Classifications (if Needed)   Instances are Dynamically Filtered to Suit a User’s Needs for an Application:  Based on User’s Role, MAC, Delegation  Deliver Filtered Instance(s) to User   Exploit eXtensible Access Control Markup Language (XACML) or other Policy Languages for Policy Generation

13. XMLSecurity-13 CSE 5810 What is the Big Picture?   An Security Framework for Secure Information Engineering and Enforcement  Provides Guidance and Structure for Information Usage and Exchange  Leverage Health Care Domain   Information Exchanged in Multiple Formats  XML, JSON, RDF, OWL   Unify (Convert) Data  Schema and Associated Documents  Use, Share, Exchange Documents  Provide Customized View based on User  Exchange Information over Secure Network  Provide a “Degree” of Security Assurance

14. XMLSecurity-14 CSE 5810 Why Health Care Domain?   Health Insurance Portability and Accountability Act (HIPAA) provides Security Guidelines  Usage, Transmission, and Sharing of Protected Health Information (PHI)  Protect Personally Identifiable Info (PII)  Encryption and secure transmission of PHI and PII (e.g., SSL, etc.)   In Practice, Security for Health Care goes well beyond the Needs of Compliance to HIPAA  What are the Available Technologies?  What is the Role of Standards in Exchange?  What are Standards for Security Policy Defining?  What Needs to be Exchanged & Controlled?

15. XMLSecurity-15 CSE 5810 Makeup of Health Care Landscape   Health Information Technology (HIT) Standards  HL7 Clinical Document Architecture (CDA)  Continuity of Care Record (CCR)  SNOMED, UMLS, LOINC, NDF-RT, etc.   HIT Systems  Electronic Health Records (EHRs)  VistA  GE Centricity, AllScripts  open HER, FreeMD, PatientOS  Personal Health Records (PHRs)  Microsoft HealthVault  Patient Portals (PPs)

16. XMLSecurity-16 CSE 5810 Interplay of Information in Health Care PHI Secure PHI Local Security Policy/Control XML Converter MeSH XML DTD SNOMED XML Schema RxNorm XML Schema RxTerms XML Schema LOINC XML Schema Standards Health Information Exchange UMLS XML DTD Global Security Policy and Control Secure XML XML-C PHA Patient App Mobile PHA Provider Mobile App SMARTSync App USES MS Health Vault ASP.NET API C# Data Harvard SMART EHR REST API JSON-LD Open mHealth JSON openEHR JAVA APIs XML PatientOS Java APIs HL7 CDA FreeMED PHP APIs HL7 CDA Secure CDA Secure CDA Secure XML Secure XML Secure XML XML-C

17. XMLSecurity-17 CSE 5810 Proposed Security Framework   Security Framework Definition  Extends the Unified Modeling Language  Model RBAC, LBAC and DAC for Tree-Structured Documents  Generates Enforcement policies in eXtensible Access Control Markup Language (XACML)  Target Schemas and Instances for any Application   Security Framework Enforcement  Generating Global Enforcement Policy  Leveraging UML diagrams  Develop Mapping Algorithms to Facilitate the Secure Interactions of Applications

18. XMLSecurity-18 CSE 5810 Why Multiple Access Control Models?   Filter Documents (Instances) based on:  RBAC: Limit what Portions of Document can be Read and/or Written (Nurse vs. MD)  LBAC: Security Level may Limit Portions of a Medical Record (Psychiatry Notes)  DAC: Delegation of Authority for Emergent Situations (ER MD Access External EHR)   Provide a Breath of Access Control Alternatives for Multiple Domains  Health Care  E-commerce  National Defense

19. XMLSecurity-19 CSE 5810 What is the Big Picture? HIT Application Schemas Application Instances XACML Policy Enforcement Role-Based Access Control Lattice-Based Access Control Discretionary Access Control Security Framework Enforcement Mechanism Filtered Instances Local Security Policies Generate XACML Global Security Policies Input Schemas and Local Schemas Medical Provider HIT System Data Sources PHA SMARTSync MS Health Vault ASP.NET API C# Data PatientOS HIE Server Java APIs HL7 CDA Secure Data XML-C Open mHealth JSON Secure Data Secure Data

20. XMLSecurity-20 CSE 5810 Expected Research Contributions   Security Model for Information Access Control  RBAC, LBAC and DAC Support   Security Extensions for UML  Represent schemas as UML-like Diagrams  Augment with Security Features and Definitions   Security Policy Generation  XACML Policy Generation  Mapping from UML Diagrams,  Algorithm for Automatic Generation   Secure Information Engineering  Process for Secure System Creation  Target Data to be Secured

21. XMLSecurity-21 CSE 5810 Remainder of Presentation   Background  UML, Access Control, XML, XACML   Security Model for Tree-Structured Documents  RBAC, LBAC and DAC Support   UML Diagram Extensions and Metamodel  DSCD, DRSD, SID, LSID, UD, DD, AD   Security Policy Generation  Mapping Statements and Algorithm   Secure Information Engineering Process  Development Cycle  Example Use-Case   Conclusion and Contributions   Ongoing Research and Future Directions   Publications, In Review and Work in Progress

22. XMLSecurity-22 CSE 5810 Unified Modeling Language   UML Diagrams Exhibit Two Views of a System’s Model  Structural View  Objects, Attributes, Operations, Relationships  Behavioral View  Collaboration Among Objects and Changes to Internal States   Different Kinds of Diagrams for System Modeling  Structure, Representing Components in the System  Behavior, Representing Series of Events that Must Happen  Interaction, Representing Data and Control-Flow between Components

23. XMLSecurity-23 CSE 5810 Access Control Models   Role-Based Access Control (RBAC)  Permissions assigned to Roles, Roles assigned to Users   Lattice-Based Access Control (LBAC)  Sensitivity Levels for data (classification) and users (clearance)  Policies defined and set by a Security Administrator   Discretionary Access Control (DAC)  Access to Objects is Permitted or Denied based on the Subject’s Identity  Users are capable of passing Permissions to other Users

24. XMLSecurity-24 CSE 5810 eXtensible Markup Language (XML)   Provides a Common, Structured Language  Independent of Systems   Information Hierarchically Structured and Tagged  Tags can Offer Semantics   XML schemas  Blueprints for new Instances  Validation Agents  Achieved with  XML Schema Definition (XSD)  XML Schema Language (XSL)

25. XMLSecurity-25 CSE 5810 Sample XML from CCR Standard

26. XMLSecurity-26 CSE 5810 eXtensible Access Control Markup Language   Aims to Define a Common Language and Processing Model  Permits a Level of Security Interoperability   XACML schema Provides Several Structures and Elements to Represent Policies  PolicySet, Policy, Rule   PolicySets and Rules Combined by Policy/Rule Combination Algorithm  Permit-overrides  Deny-overrides  First-applicable  Only-one-applicable PolicySet Policy Rule Subject Action Resource Rule Combination Algorithm Policy Combination Algorithm

27. XMLSecurity-27 CSE 5810 Introducing Security with our Framework Security Model and Policy Generation Information Security Extensions to UML Generated Security Policies SECURITY SCHEMA MODELING SECURE INFORMATION ENGINEERING Lattice-Based Access Control Role-Based Access Control Discretionary Access Control Document Schema Class Diagram Document Role Slice Diagram LBAC & DAC Features Roles, Actions, Resources Element Sensitivity User Clearance Delegations and Authorizations Schema CIS1 Schema CIS2 Schema CIS3 Schema CIS4 Schema LSIA1 Schema LSIA2 Schema Modeling Security Definition Policy Generation Access Control Models

28. XMLSecurity-28 CSE 5810 Security Model   Need to provide all relevant stakeholders with some degree of assurance on the different capabilities of RBAC, LBAC and DAC   Support any document format that follows a tree- structure for representation  XML, JSON, RDF, OWL, etc.   Support of major NIST RBAC capabilities  Roles, Permissions, Assignments, Mutual Exclusion, etc.   Support for LBAC capabilities  Classifications to all application schemas and their elements and define clearances for users.   Ability to support DAC  Delegation of role from user to user and the ability to pass on the delegation.

29. XMLSecurity-29 CSE 5810 Model: Application, Schema, Instances, and Users

30. XMLSecurity-30 CSE 5810 Model: Application, Schema, Instances, and Users

31. XMLSecurity-31 CSE 5810 Example of Model

32. XMLSecurity-32 CSE 5810 CDA Instance

33. XMLSecurity-33 CSE 5810 CDA Instance

34. XMLSecurity-34 CSE 5810 CCR Instance

35. XMLSecurity-35 CSE 5810 CCR Instance

36. XMLSecurity-36 CSE 5810 Model: Schema Operations for RBAC, LBAC, and DAC

37. XMLSecurity-37 CSE 5810 Model: Schema Operations for RBAC, LBAC, and DAC

38. XMLSecurity-38 CSE 5810 Projecting Instances – Define Projection

39. XMLSecurity-39 CSE 5810 Projecting Instances – Apply CDAProjection

40. XMLSecurity-40 CSE 5810 Projecting Instances – Apply CCR Projection

41. XMLSecurity-41 CSE 5810 Model: RBAC Security

42. XMLSecurity-42 CSE 5810 Model: RBAC Security

43. XMLSecurity-43 CSE 5810Examples

44. XMLSecurity-44 CSE 5810 Model: LBAC Security

45. XMLSecurity-45 CSE 5810 Model: LBAC Security Defn. 33: },{WRITEAMREADAM  is the set of access modesthat are used to categorize the multiple read oriented operations into the AM-READ category and multiple write operations in the AM-WRITE category that act against the secured tree nodes. Defn. 34: Each Oop  has an access modeassigned based on the operation.For non- destructive operations such as },{aggregateread haveREADAMam ,while destructive operationssuch as },,{deleteupdateinsert have WRITEAMam .

46. XMLSecurity-46 CSE 5810Examples

47. XMLSecurity-47 CSE 5810 LBAC in CDA Instance

48. XMLSecurity-48 CSE 5810 LBAC in CCR Instance

49. XMLSecurity-49 CSE 5810 Model: DAC Delegations

50. XMLSecurity-50 CSE 5810 Model: DAC Delegations

51. XMLSecurity-51 CSE 5810 Model: User Authorizations

52. XMLSecurity-52 CSE 5810 Delegation and Users UserID, Name, RoleID, DA, PODA CLR, Dom, RoleID, SoD, ME, DA, PODA

53. XMLSecurity-53 CSE 5810 Example Process

54. XMLSecurity-54 CSE 5810 Security Framework   Security Schema and Policy Generation  Schema Modeling via Seven Security Extensions to UML  Document Schema Class Diagram (DSCD)  Document Role Slice Diagram (DRSD)  Secure Information Diagram (SID)  LBAC Secure Information Diagram (LSID)  User Diagram (UD)  Delegation Diagram (DD)  Authorization Diagram (AD)  XACML Policy Generation  Mapping Process from Diagrams to Enforcement XACML Instances

55. XMLSecurity-55 CSE 5810 Securing Schemas with our Framework   UML provides diagrams to model applications  Lack of diagrams for Security  Pavlich-Mariscal defined new UML diagrams for RBAC in the Metamodel layer  Document Schema Class Diagram (DSCD)  UML Representation of the schema  For RBAC, Document Role Slice Diagram (DRSD)  Security Augmented Representation of schema Elements, Roles and Permissions  For LBAC, LBAC Secure Information Diagram (LSID)  Security Augmented Representation of schema with classification levels  For DAC and Authorizations, the Delegation and Authorization Diagrams (DD and AD)

56. XMLSecurity-56 CSE 5810 Document Schema Class Diagram (DSCD)   An artifact that holds all the characteristics of an schema  Structure, Data Type, Value Constraints   Hierarchical nature of schemas is modeled via a UML Profile  xs:complexType, xs:element, xs:sequence  Child Relations (xs:element, xs:sequene, xs:simpleType)  xs:extension  Data-type Cardinality Requirements and Constraints; type

57. XMLSecurity-57 CSE 5810 UML Profile for DSCD

58. XMLSecurity-58 CSE 5810 CDA Schema Segment

59. XMLSecurity-59 CSE 5810 CCR Schema Segment

60. XMLSecurity-60 CSE 5810 CCR Schema Segment

61. XMLSecurity-61 CSE 5810 Example DSCD for the HL7 CDA XML Schema

62. XMLSecurity-62 CSE 5810 Example DSCD for the HL7 CDA XML Schema

63. XMLSecurity-63 CSE 5810 Example DSCD for the CCR XML Schema

64. XMLSecurity-64 CSE 5810 Example DSCD for the CCR XML Schema

65. XMLSecurity-65 CSE 5810 Secure Information Diagram (SID)   Represents those elements from the DSCD that require some type of security  RBAC permissions  LBAC classification   Results from the projection operation over the original schema diagram  Truncates the original schema by some criteria  Elements, Roles, Classification

66. XMLSecurity-66 CSE 5810 Secure Information Diagram (SID)

67. XMLSecurity-67 CSE 5810 Document Role Slice Diagram (DRSD)   Represents Access Control Definitions on DSCD Attributes for RBAC  Fine Grained Control through Security Policies and Definitions to the DSCD  Permissions on Documents with operations –Read, Aggregate, Insert, Update, Delete   Represented in the DRSD with Stereotypes:  On a access() method for the class  «read» (non-destructive)  «aggregate» (non-destructive)  «insert» (destructive)  «update» (destructive)  «delete» (destructive)

68. XMLSecurity-68 CSE 5810 Document Role Slice Diagram (DRSD)

69. XMLSecurity-69 CSE 5810 Document Role Slice Diagram (DRSD)

70. XMLSecurity-70 CSE 5810 LBAC Secure Information Diagram (LSID)

71. XMLSecurity-71 CSE 5810 LBAC Secure Information Diagram (LSID)   Similar to SID  Represents those elements of the DSCD that require LBAC Sensitivities   UML package with the stereotype «SecureInformation» that decorates the  Contains all of the respective classes of elements from the schema to be secured  Access modes (ams)  Classifications (cls)

72. XMLSecurity-72 CSE 5810 User Diagram (UD)   Fulfills the need to quantify different users of the system  Their requirements and constraints  Define the users of the system whose information is to be secured.   The interplay of users, roles and delegation permissions, clearance levels, and authorization permissions  Jaime proposed a UML extension for users via a User Diagram.  We build upon it for information security

73. XMLSecurity-73 CSE 5810 User Diagram (UD)

74. XMLSecurity-74 CSE 5810 Delegation Diagram (DD)   Captures the information of the security model’s delegation  Mechanisms as a new UML diagram extension   Meant to capture the concepts  Original user  Role assigned  Delegable users  Role delegation

75. XMLSecurity-75 CSE 5810 Authorization Diagram (DD)   Illustrates a particular user/role combination  Connected to authorizations to particular schemas and/or their instances   Authorizations are used to augment security by providing another layer of verification.  If a user has permissions defined over a specific schema, but is not authorized to it, then that user cannot perform any of the permissions.  A user may have permission to access a particular schema but have no assigned instances.

76. XMLSecurity-76 CSE 5810 Authorization Diagram (DD)

77. XMLSecurity-77 CSE 5810 UML Metamodel

78. XMLSecurity-78 CSE 5810 Generating Enforcement Policies   UML has a long history for the automatic generation of code in varied languages  Our usage of our new UML diagrams to generate a security policy is consistent with this   Define a set of mapping statements (MSs)  Utilized to define the conditions under which the combination of the various diagrams (DSCD, SID, DRSD, LSID, UD, DD, and AD)  Utilized to support the creation of respective policies for RBAC, LBAC, DAC, and authorization   A mapping rule (MR) is defined to take the security model concepts and capabilities and the new the UML diagrams to yield a portion of the security policy  For example, an XACML Policy’s Subject is the role and role identifier set as a subtree with and children that corresponds to the DRSD package name.

79. XMLSecurity-79 CSE 5810 Generating Enforcement Policies

80. XMLSecurity-80 CSE 5810 Mapping Process

81. XMLSecurity-81 CSE 5810XACML

82. XMLSecurity-82 CSE 5810 RBAC Mapping Statements

83. XMLSecurity-83 CSE 5810 Mapping Process

84. XMLSecurity-84 CSE 5810 Mapping Process

85. XMLSecurity-85 CSE 5810 Mapping Process

86. XMLSecurity-86 CSE 5810 LBAC Mapping Statements

87. XMLSecurity-87 CSE 5810 Mapping Process

88. XMLSecurity-88 CSE 5810 Mapping Process

89. XMLSecurity-89 CSE 5810 DAC Delegation Mapping Statements

90. XMLSecurity-90 CSE 5810 Mapping Process

91. XMLSecurity-91 CSE 5810 Mapping Process

92. XMLSecurity-92 CSE 5810 Authorizations Mapping Statements

93. XMLSecurity-93 CSE 5810 Mapping Process

94. XMLSecurity-94 CSE 5810 Mapping Process

95. XMLSecurity-95 CSE 5810 High-level Mapping Algorithm

96. XMLSecurity-96 CSE 5810 Mapping Algorithm Pseudo-code

97. XMLSecurity-97 CSE 5810 Resulting XACML Policy Omitted due to length. 6 Elisa 5 Physician el-3 Past Medical History insert write Secret Secret 6 Elisa 2 Physician 30 Samantha 6 Elisa 4 Schema 4 4,2 Carol Smith Health Record

98. XMLSecurity-98 CSE 5810 Secure Information Engineering   Over the past five years, major focus has been on extending UML with new diagrams  Supports secure software engineering for RBAC, MAC, and DAC   From a functional perspective  A framework of composable security features was defined (Jaime)   From a collaboration perspective  A framework for secure, obligated, coordinated, and dynamic collaboration was developed (Solomon)   From an information perspective  A framework for tree-structured document security was developed (Alberto)

99. XMLSecurity-99 CSE 5810 Secure Software Engineering

100. XMLSecurity-100 CSE 5810 Secure Information Engineering Process

101. XMLSecurity-101 CSE 5810 Secure Information Engineering Process

102. XMLSecurity-102 CSE 5810 Secure Information Engineering Process (1) Main Security Design of the Application (2) Initial Information Security Design (2.1) Define Document Schema Class Diagram (DSCD) (2.2) Define Information Security Requirements and User Diagram (UD) AB «element» ContinuityOfCareRecord «complexType» «sequence» «element» Version «element» CCRDocumentObjectID «element» Language «element» DateTime «element» Body «constraint» maxOccurs=“2” «element» Patient «complexType» «sequence» «element» ActorID «complexType» «sequence» «constraint» minOccurs=“0” «element» Payers «complexType» «sequence» «constraint» minOccurs=“unbounded” «element» Payer «constraint» minOccurs=“0” «element» AdvanceDirectives «complexType» «sequence» «constraint» minOccurs=“unbounded” «element» AdvanceDirective «constraint» minOccurs=“0” «element» Support «complexType» «sequence» «constraint» minOccurs=“unbounded” «element» SupportProvider «constraint» minOccurs=“0” «element» FunctionalStatus «complexType» «sequence» «constraint» minOccurs=“unbounded” «element» Function «constraint» minOccurs=“0” «element» Problems «complexType» «sequence» «constraint» minOccurs=“unbounded” «element» Problem «constraint» minOccurs=“0” «element» FamilyHistory «complexType» «sequence» «constraint» minOccurs=“unbounded” «element» FamilyProblemHistory DSCD A UD «User» Elisa «RoleAssignment» «DRSD» Physician «User» Leroy «RoleAssignment» «DRSD» Nurse «User» Brock «RoleAssignment» «DRSD» Psychiatrist «User» Jenkins «RoleAssignment» «SOD» «LBAC» C «LBAC» TS «LBAC» S «LBAC» S «CLRAssignment» «ME» B

103. XMLSecurity-103 CSE 5810 Secure Information Engineering Process

104. XMLSecurity-104 CSE 5810 Secure Information Engineering Process

105. XMLSecurity-105 CSE 5810 Prototype for Enforcing Generated Policies

106. XMLSecurity-106 CSE 5810 Enforcing RBAC read access modes

107. XMLSecurity-107 CSE 5810 Enforcing RBAC write access modes

108. XMLSecurity-108 CSE 5810 Enforcing LBAC read and write

109. XMLSecurity-109 CSE 5810 Enforcing Delegations

110. XMLSecurity-110 CSE 5810 What about Authorizations?  Authorizations over schemas and instances are verified before permissions  For RBAC, this is part of the process that determines if the role is authorized  If the user/role is not authorized, then the permission is not performed  For LBAC, this is part of the process that determines if the user is authorized  If the user/role is not authorized, the operation is not performed

111. XMLSecurity-111 CSE 5810 Conclusion and Contributions   Presented a Security Framework  Addressed the Issue of Providing Information Security in Systems with Tree-Structured Documents  Utilize Security Policies defined after the different Access control models  Support for RBAC, LBAC and DAC   Not enough to utilize the security requirements of the newly developed system  Security Definitions and Requirements of Constituent Systems must be Considered

112. XMLSecurity-112 CSE 5810 Ongoing Research and Future Directions   Non-orthogonal RBAC and LBAC  Clearance assigned to both users and roles   Support of other access control models  ABAC (Attribute-Based Access Control)  Support of Compartments for RBAC   UML Profile for other specialized document formats  JSON  RDF serializations  OWL  Automatic Creation of DSCD   Policy generation in other languages and more efficient algorithm  Deployable to databases  Development Framework Policies  Decoupled systems from a security architecture  Generate XACML directly from the model  Skip UML altogether

113. XMLSecurity-113 CSE 5810 Conclusion and Contributions   Security Model  RBAC (roles, permissions)  LBAC (sensitivities, read/write features)  DAC (delegations) and Authorizations   UML Security Extensions for UML  DSCD, DRSD (for RBAC), SID, LSID (for LBAC), UD, DD (delegations), AD (authorizations)   Schema targeting XACML Policy Generation  Automatic Policy Generation  Mapping Statements  Generation Algorithm   Secure Information Engineering  Development Cycle

114. XMLSecurity-114 CSE 5810 Publications to Date   Published / Accepted  Demurjian, S., De la Rosa Algarín, A., Bi, J., Berhe, S., Agresta, T., Wang, W., Blechner, M. (2014). A Viewpoint of Security for Digital Health Care: What's There? What Works? What's Needed? (Accepted) To appear in International Journal of Privacy and Health Information Management.  Pavlich-Mariscal, J. A., Berhe, S., De la Rosa Algarín, A. and Demurjian, S. A. (2014). An Integrated Secure Software Engineering Approach for Functional, Collaborative, and Information Concerns. (Accepted) To appear in Handbook of Research on Emerging Advancements and Technologies in Software Engineering, IGI Global.  Saripalle, R., Demurjian, S. A., De la Rosa Algarín, A. and Blechner, M. (2013). A Software Engineering Process for Ontology Design and Development through Extensions to OMD and OWL. (Accepted) To appear in International Journal of Web Semantics and Information Systems.  De la Rosa Algarín, A., Ziminski, T. B., Demurjian, S. A., Rivera Sánchez, Y. K. and Kuykendall, R. (2013). Generating XACML Enforcement Policies for Role-Based Access Control of XML Documents. (WEBIST 2013 Selected Papers) (Accepted) To appear in Lecture Notes in Business Information Processing (LNBIP), Springer-Verlag.  De la Rosa Algarín, A. and Demurjian, S. A. (2013). An Approach to Facilitate Security Assurance for Information Sharing and Exchange in Big Data Applications. Emerging Trends in Information and Communication Technologies Security, pp. 65-83. Elsevier (Kaufman). Editors: Babak Akhgar and Hamid R. Arabnia.  Demurjian, S., De la Rosa Algarín, A. and Saripalle, R. K. (2013). Information Models for Granular Computing. Encyclopedia of Complexity and Systems Science, Springer. Editor-in-Chief: R. Meyers, Granular Computing Section, T. Y. Lin (ed.); revision and substantial update of June 2009 article Springer, submitted April 2013, see here for Encyclopedia and here for article.  De la Rosa Algarín, A., Demurjian, S. A., Ziminski, T. B., Rivera Sánchez, Y. K. and Kuykendall, R. (2013). Securing XML with Role-Based Access Control: Case Study in Health Care. Architectures and Protocols for Secure Information Technology (APSIT), pp. 334-365, IGI Global. Editors: Antonio Ruiz Martínez, Fernando Pereñíguez García, and Rafael Marín López.  De la Rosa Algarín, A., Ziminski, T. B., Demurjian, S. A., Kuykendall, R. and Rivera Sánchez, Y. (2013). Defining and Enforcing XACML Role-Based Security Policies within an XML Security Framework. Proceedings of 9th International Conference on Web Information Systems and Technologies (WEBIST 2013) (pp. 16-25), doi:10.5220/0004366200160025  De la Rosa Algarín, A., Demurjian, S. A., Berhe, S. and Pavlich-Mariscal, J. (2012). A Security Framework for XML Schemas and Documents for Healthcare. Proceedings of 2012 International Workshop on Biomedical and Health Informatics (BHI 2012) (pp. 782-789), doi:10.1109/BIBMW.2012.6470239  Ziminski, T. B., De la Rosa Algarín, A., Saripalle, R., Demurjian, S. A. and Jackson, E. (2012). SMARTSync: Towards Patient-Driven Medication Reconciliation Using the SMART Framework. Proceedings of 2012 International Workshop on Biomedical and Health Informatics (BHI 2012) (pp. 806-813), doi:10.1109/BIBMW.2012.6470243   In Review  De la Rosa Algarín, A. and Demurjian, S. (2014). UML Extensions to Model and Enforce LBAC and RBAC on XML Documents. Submitted to PST 2014.