The increased awareness of the importance of data protection has made access control a relevant component of current data management systems. Moreover, emerging applications and data models call for flexible and expressive access control models. This has led to an extensive research activity that has resulted in the definition of a variety of access control models that differ greatly with respect to the access control policies they support. Thus, the need arises for developing tools for reasoning about the characteristics of these models. These tools should support users in the tasks of model specification, analysis of model properties, and authorization management. For example, they must be able to identify inconsistencies in the model specification and must support the administrator in comparing the expressive power of different models. In this paper, we make a first step in this direction by proposing a formal framework for reasoning about access control models. The framework we propose is based on a logical formalism and is general enough to model discretionary, mandatory, and role-based access control models. Each instance of the proposed framework corresponds to a C-Datalog program, interpreted according to a stable model semantics. In the paper, besides giving the syntax and the formal semantics of our framework, we show some examples of its application. Additionally, we present a number of dimensions along which access control models can be analyzed and compared. For each dimension, we show decidability results and we present some examples of its application.

The ability to rapidly locate useful on-line services (e.g. software applications, software components, process models, or service organizations), as opposed to simply useful documents, is becoming increasingly critical in many domains. Current service retrieval technology is, however, notoriously prone to low precision. This paper describes a novel service retrieval approached based on the sophisticated use of process ontologies. Our preliminary evaluations suggest that this approach offers qualitatively higher retrieval precision than existing (keyword and tablebased) approaches without sacrificing recall and computational tractability/scalability.

rewrite specified system parts. E FHGJILKNMPORQTSILUVMWG At the last graph grammar conference in Williamsburg four years ago, Blostein stated a number of requirements for the industrial use of graph grammars and graph rewrite systems as a design and implementation means, cf. [BFG96]. They should be less difficult to learn. They should be expressive. It must be possible to use them for fractions of a software system (in order to get started). Even applied to larger fractions, they should work seamlessly with standard system parts. Their execution should be fast and environments are needed. During the last four years theory, implementation and application of graph grammars and graph rewrite systems improved a lot. In theory, the expressive power of most ap- proaches was increased by attribute conditions, negative application conditions, general constraints, and control structures [Roz97]. Graph grammar and graph rewriting environments emerged and improved, me

Abstract not found

USer Interface eXtensible Markup Language (USIXML) consists of a User Interface Description Language (UIDL) allowing designers to apply a multi-path development of user interfaces. In this development paradigm, a user interface can be specified and produced at and from different, and possibly multiple, levels of abstraction while maintaining the mappings between these levels if required. Thus, the development process can be initiated from any level of abstraction and proceed towards obtaining one or many final user interfaces for various contexts of use at other levels of abstraction. In this way, the model-to-model transformation which is the cornerstone of Model-Driven Architecture (MDA) can be supported in multiple configurations, based on composition of three basic transformation types: abstraction, reification, and translation.

The UML meta model [3] captures the abstract syntax...

In this paper we introduce a static analysis technique for graph transformation systems. We present an algorithm which, given a graph transformation system and a start graph, produces a nite structure consisting of a hypergraph decorated with transitions (Petri graph) which can be seen as an approximation of the Winskel style unfolding of the graph transformation system. The fact that any reachable graph has an homomorphic image in the Petri graph and the additional causal information provided by transitions allow us to prove several interesting properties of the original system. As an application of the proposed technique we show how it can be used to verify the absence of deadlocks in an innite-state Dining Philosophers system.

In object-oriented software modeling using the Unified Modeling Language (UML) different aspects of a system are represented by different diagram types. Static structure is modeled by UML class diagrams and interaction between different model components is modeled by UML interaction diagrams, i.e. by sequence diagrams or collaboration diagrams. Hence the complete description of a model consists of several diagrams of different diagram types. Therefore consistency of diagrams and consistency between different diagram types is an important issue. In this paper, consistency analysis between class and sequence diagrams based on attributed typed graphs and their transformation is described. More precisely, class diagrams are translated into an attributed typed graph called class graph and the multiplicity adornments into application constraints called multiplicity constraints. Sequence diagrams are represented by a graph grammar called interaction graph grammar. The consistency checking comprises existence, visibility and multiplicity checking. For consistency analysis consistency checking techniques of the algebraic theory of graph grammars using algebraic specifications for the attribute components are used to develop an algorithm which allows us to analyse and check this kind of consistency.

The VIATRA (VIsual Automated model TRAnsformations) framework is the core of a transformation-based verification and validation environment for improving the quality of systems designed using the Unified Modeling Language by automatically checking consistency, completeness, and dependability requirements. In the current paper, we present an overview of (i) the major design goals and decisions, (ii) the underlying formal methodology based on metamodeling and graph transformation (iii) the software architecture based upon the XMI standard, (iv) and several benchmark applications of the VIATRA framework.

This paper describes two examples: Sect. 2 shows the behaviour of a circular buffer and Sect. 3 the concurrent invocation of a list append method. In both cases the behaviour is defined by a graph grammar, but to provide some intuition, Fig. 1 approximately describes the behaviour, using Java code. We conclude in Sect. 4 with a summary of tool design, implementation and planned future extensions