ABSTRACT
Domain-specific languages (DSLs) are small languages tailored to narrow domains. Their purpose is to cope with the needs of domain experts, who might not have a software engineering background. In previous work, we proposed the novel notion of Active DSLs, which are graphical DSLs extended to benefit from mobility using geolocation and interactions with external services and devices. Active DSLs are the central component of a mobile collaborative appl called DSL-comet.
Modelling using DSLs can be done collaboratively by a group of stakeholders, and the levels of required confidentiality and integrity may vary across modelling artefacts. While preventing the access to protected data has been tackled for DSLs used on static environments like laptops and desktop computers, it has not been envisioned for modelling on mobile devices. The latter poses further challenges as access permissions may depend not just on user profiles but also on conditions that only make sense in mobility, such as geolocation or information retrieved from nearby sensors.
Embracing the approach of Active DSLs, we propose an annotation meta-model to provide fine-grained role-based access control to any domain meta-model, hence enabling model element protection when collaborating in mobility. The paper describes our current implementation and our envisioned low-code solution, which includes a cloud-based textual editor to define role hierarchies and permissions for the domain meta-models.
- Nelson Baloian, Gustavo Zurita, Flávia Maria Santoro, Renata Mendes de Araujo, S. Wolfgan, D. Machado, and José A. Pino. 2011. A collaborative mobile approach for business process elicitation. In CSCWD. IEEE, 473--480.Google Scholar
- Barbara Rita Barricelli, Fabio Cassano, Daniela Fogli, and Antonio Piccinno. 2019. End-user development, end-user programming and end-user software engineering: A systematic mapping study. J. Syst. Softw. 149 (2019), 101--137.Google ScholarCross Ref
- Gábor Bergmann, Csaba Debreceni, István Rath, and Dániel Varró. 2016. Query-based access control for secure collaborative modeling using bidirectional transformations*. In Models. acm, 351--361.Google Scholar
- Gábor Bergmann, Csaba Debreceni, István Ráth, and Dániel Varró. 2017. Towards efficient evaluation of rule-based permissions for fine-grained access control in collaborative modeling. In COMMitMDE@MoDELS (CEUR Workshop Proceedings, Vol. 2019). CEUR-WS.org, 135--144.Google Scholar
- Lorenzo Bettini. 2016. Implementing domain-specific languages with Xtext and Xtend. Packt Publishing Ltd.Google Scholar
- Marco Brambilla, Jordi Cabot, and Manuel Wimmer. 2017. Model-Driven Software Engineering in Practice, Second Edition. Morgan & Claypool Publishers.Google Scholar
- Frank Budinsky, Stephen A. Brodsky, and Ed Merks. 2003. Eclipse Modeling Framework. Pearson Education.Google Scholar
- Stefano Ceri, Florian Daniel, Maristella Matera, and Federico Michele Facca. 2007. Model-driven development of context-aware Web applications. ACM Trans. Internet Techn. 7, 1 (2007), 2.Google ScholarDigital Library
- Sylvain Degrandsart, Serge Demeyer, Jan Van den Bergh, and Tom Mens. 2014. A transformation-based approach to context-aware modelling. Software and Systems Modeling 13, 1 (2014), 191--208.Google ScholarDigital Library
- Sebastian Döweling, Tarik Tahiri, Benedikt Schmidt, Alexander Nolte, and Mohammadreza Khalilbeigi. 2013. Collaborative business process modeling on interactive tabletops. In ECIS. 29.Google Scholar
- David F. Ferraiolo and D. Richard Kuhn. 1992. Role-Based Access Controls. In NCSC. 554--563.Google Scholar
- Mirco Franzago, Davide Di Ruscio, Ivano Malavolta, and Henry Muccini. 2018. Collaborative model-driven software engineering: A classification framework and a research map. IEEE Trans. Software Eng. 44, 12 (2018), 1146--1175.Google ScholarDigital Library
- Jesús Gallardo, Crescencio Bravo, and Miguel A. Redondo. 2012. A model-driven development method for collaborative modeling tools. J. Netw. Comput. Appl. 35, 3 (2012), 1086--1105.Google ScholarDigital Library
- Steven Kelly and Juha-Pekka Tolvanen. 2008. Domain-specific modeling - Enabling full code generation. Wiley.Google Scholar
- A. J. Ko, Robin Abraham, Laura Beckwith, Alan F. Blackwell, Margaret M. Burnett, Martin Erwig, Christopher Scaffidi, Joseph Lawrance, Henry Lieberman, Brad A. Myers, Mary Beth Rosson, Gregg Rothermel, Mary Shaw, and Susan Wiedenbeck. 2011. The state of the art in end-user software engineering. ACM Comput. Surv. 43, 3 (2011), 21:1--21:44.Google Scholar
- Remo Lemma, Michele Lanza, and Andrea Mocci. 2015. CEL: Touching software modeling in essence. In SANER. IEEE Computer Society, 439--448.Google Scholar
- Marjan Mernik, Jan Heering, and Anthony M. Sloane. 2005. When and how to develop domain-specific languages. ACM Comput. Surv. 37, 4 (2005), 316--344.Google ScholarDigital Library
- Sara Pérez-Soler, Esther Guerra, and Juan de Lara. 2018. Collaborative modeling and group decision making using chatbots in social networks. IEEE Software 35, 6 (2018), 48--54.Google ScholarCross Ref
- Michiel Renger, Gwendolyn L. Kolfschoten, and Gert-Jan de Vreede. 2008. Challenges in collaborative modelling: a literature review and research agenda. Int. J. Simul. Process. Model. 4, 3/4 (2008), 248--263.Google ScholarCross Ref
- Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, and Charles E. Youman. 1996. Role-based access control models. IEEE Computer 29, 2 (1996), 38--47.Google ScholarDigital Library
- Sigrid Schefer-Wenzl and Mark Strembeck. 2013. Modelling context-aware RBAC models for mobile business processes. Int. J. Wirel. Mob. Comput. 6, 5 (2013), 448--462. Google ScholarDigital Library
- Douglas C. Schmidt. 2006. Guest editor's introduction: Model-driven engineering. IEEE Computer 39, 2 (Feb. 2006), 25--31.Google ScholarDigital Library
- Alberto Sebastián-Lombrańa, Esther Guerra, and Juan de Lara. 2020. Positioning-based domain-specific modelling through mobile devices. In SEAA. to appear.Google Scholar
- Ronny Seiger, Maria Gohlke, and Uwe Aßmann. 2019. Augmented reality-based process modelling for the Internet of Things with HoloFlows. In EMMSAD (LNBIP, Vol. 352). Springer, 115--129.Google ScholarCross Ref
- Eugene Syriani, Hans Vangheluwe, Raphael Mannadiar, Conner Hansen, Simon Van Mierlo, and Hüseyin Ergin. 2013. AToMPM: A web-based modeling environment. In Demos/Posters/StudentResearch@MoDELS (CEUR Workshop Proceedings, Vol. 1115). CEUR-WS.org, 21--25.Google Scholar
- Chantal Taconet and Zakia Kazi-Aoul. 2010. Building Context-Awareness Models for Mobile Applications. J. Digit. Inf. Manag. 8, 2 (2010), 78--87.Google Scholar
- The Eclipse Foundation. CDO. 2020. https://www.eclipse.org/cdo/.Google Scholar
- The Eclipse Foundation. EMF.cloud. 2020. https://www.eclipse.org/emfcloud/.Google Scholar
- The Eclipse Foundation. Sirius. 2020. https://eclipse.org/sirius.Google Scholar
- Massimo Tisi, Jean-Marie Mottu, Dimitrios S. Kolovos, Juan de Lara, Esther Guerra, Davide Di Ruscio, Alfonso Pierantonio, and Manuel Wimmer. 2019. Lowcomote: Training the next generation of experts in scalable low-code engineering platforms. In STAF (Co-Located Events) (CEUR Workshop Proceedings, Vol. 2405). CEUR-WS.org, 73--78.Google Scholar
- Ash Turner. 2020. How many smartphones are in the world? https://www.bankmycell.com/blog/how-many-phones-are-in-the-world.Google Scholar
- Diego Vaquero-Melchor, Antonio Garmendia, Esther Guerra, and Juan de Lara. 2016. Domain-specific modelling using mobile devices. In ICSOFT, Revised Selected Papers (CCIS, Vol. 743). Springer, 221--238.Google Scholar
- Diego Vaquero-Melchor, Antonio Garmendia, Esther Guerra, and Juan de Lara. 2016. Towards enabling mobile domain-specific modelling. In ICSOFT. SciTePress, 117--122.Google Scholar
- Diego Vaquero-Melchor, Javier Palomares, Esther Guerra, and Juan de Lara. 2017. Active domain-specific languages: Making every mobile user a modeller. In MoDELS. IEEE Computer Society, 75--82.Google Scholar
- Markus Voelter, Sebastian Benz, Christian Dietrich, Birgit Engelmann, Mats Helander, Lennart C. L. Kats, Eelco Visser, and Guido Wachsmuth. 2013. DSL Engineering - Designing, Implementing and Using Domain-Specific Languages. dslbook.org. http://www.dslbook.orgGoogle Scholar
- WebGME. 2020. https://webgme.org.Google Scholar
- Y Wu. 2016. Global smartphone user penetration forecast by 88 countries: 2007-2022. Wireless Smartphone Strategies Services (2016).Google Scholar
- Dustin Wüest, Norbert Seyff, and Martin Glinz. 2019. FlexiSketch: a lightweight sketching and metamodeling approach for end-users. Software and Systems Modeling 18, 2 (2019), 1513--1541.Google ScholarDigital Library
Index Terms
- Towards access control for collaborative modelling apps
Recommendations
Configuring role-based access control to enforce mandatory and discretionary access control policies
Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general ...
Delegation in role-based access control
User delegation is a mechanism for assigning access rights available to one user to another user. A delegation can either be a grant or transfer operation. Existing work on delegation in the context of role-based access control models has extensively ...
Towards Attribute-Centric Access Control: an ABAC versus RBAC argument
Recent developments in attribute-based access control have fueled the conventional debate regarding the pros and cons of Attributes-based access control ABAC versus Role-based access control RBAC. However, existing arguments have been primarily focused ...
Comments