You are required to read and agree to the below before accessing a full-text version of an article in the IDE article repository.

The full-text document you are about to access is subject to national and international copyright laws. In most cases (but not necessarily all) the consequence is that personal use is allowed given that the copyright owner is duly acknowledged and respected. All other use (typically) require an explicit permission (often in writing) by the copyright owner.

For the reports in this repository we specifically note that

  • the use of articles under IEEE copyright is governed by the IEEE copyright policy (available at http://www.ieee.org/web/publications/rights/copyrightpolicy.html)
  • the use of articles under ACM copyright is governed by the ACM copyright policy (available at http://www.acm.org/pubs/copyright_policy/)
  • technical reports and other articles issued by M‰lardalen University is free for personal use. For other use, the explicit consent of the authors is required
  • in other cases, please contact the copyright owner for detailed information

By accepting I agree to acknowledge and respect the rights of the copyright owner of the document I am about to access.

If you are in doubt, feel free to contact webmaster@ide.mdh.se

Access Granted - Carefully: Securing Model Information in Collaborative Modeling

Fulltext:


Authors:

Malvina Latifaj, Federico Ciccozzi, Antonio Cicchetti

Research groups:

Industrial Software Engineering
Automated Software language and SOftware engineering

Publication Type:

Journal article

Venue:

Journal of Systems and Software

Abstract

The collaborative nature of model-driven software engineering introduces significant challenges in safeguarding the confidentiality and integrity of the collaborative model. Existing access control mechanisms often rely on transient, virtual views lacking persistence and fine-grained permissions, making them unsuitable for scenarios requiring offline collaboration and leading to potential security breaches and user frustration. This work describes a dual-layered approach leveraging role-based access control policies to enhance security in collaborative modeling environments. The first layer utilizes multi-view modeling techniques to create materialized view models tailored to specific user roles, thereby restricting unnecessary access to the entire model. The second layer refines access at the individual element level within these view models, establishing fine-grained permissions enforced by model editors. This proactive enforcement prevents unauthorized actions before they occur, improving user experience and efficiency. The proposed approach, implemented as an Eclipse plugin and demonstrated through an illustrative example, ensures the confidentiality and integrity of shared model data by granting stakeholders access only to information relevant to their specific responsibilities and expertise. By filtering out irrelevant data, the approach also mitigates information overload, enabling stakeholders to concentrate on task-relevant aspects of the model, thereby potentially improving collaborative efficiency and effectiveness.

Bibtex

@article{Latifaj7267,
author = {Malvina Latifaj and Federico Ciccozzi and Antonio Cicchetti},
title = {Access Granted - Carefully: Securing Model Information in Collaborative Modeling},
volume = {161},
pages = {1--44},
month = {September},
year = {2025},
journal = {Journal of Systems and Software},
url = {http://www.es.mdu.se/publications/7267-}
}