Nächste Termine

participating entities often change and a lot of data exchange happens with external organizations such as suppliers or producers which brings concern about unauthorized data access. This creates the need for access control systems to be able to handle such a combination of a highly dynamic system and the arising concern about the security of data. In many situations the decision for access control depends on the context information of the requester. Another problem of dynamic system is that the manual development of access policies can be time consuming and expensive. Approaches using automated policy generation have shown to reduce this effort. In this master thesis we introduce a concept which combines context based model-driven security with automated policy generation and evaluate if it is a suitable option for the creation of access control systems and if it can reduce the effort in policy generation. The approach makes use of usage and misusage diagrams which are on a high architectural abstraction level to derive and combine access policies for data elements which are located on a lower abstraction level.

LogMeIn Inc. is a global company offering Software-as-a-Service solutions for remote collaboration and IT management. An example product is GoToMeeting which allows to create and join virtual meeting rooms.

This Master’s Thesis presents the JoinTracer approach which enables the telemetry-data-based traceability of GoToMeeting join-flows of the GoToMeeting architecture. The approach combines new mechanics and already existing traceability techniques from different traceability communities to leverage synergies and to enable the traceability of individual join-flows. In this work, the JoinTracer approach is designed and implemented as well as evaluated regarding the functionality, performance and acceptance. The results are discussed to analyze the future development and the applicability of this approach to other contexts as well.