📊 Model: (AccessControl-ABAC-no-violation)

Available Online

This model is available to view using the online editor!

Open In Online Editor

🔗 Link to Original Paper/Article

View SourceOpen Example Model in Example Models Bundle

📝 Short Description

The case is about a banking system deployed in the USA and Asia. Clerks can register customers, look them up and determine a credit line for them. Managers can do everything Clerks can do but can also register celebrities or move customers between regions.

🔤 Abbreviations

None.

📖 Extensive Description

The Clerk US can register regular customers by customer_details. These customers are stored in the Customer Storage and can be found by customer_name. The Manager located in the US can Register Celebrity into a seperate Celebrity Customer Storage. Neither Clerk can access this data. The Manager can also change the customer location from USA to Asia via the node Move Customer. The customer is fetched by customer_name and stored into a Customer Storage with the changed DataOrigin label. Now, the Clerk Asia is able to find this customer.

🏷️ Label Description

🗂️ Data Labels:

• DataOrigin: Shows the originating region of a customer. This can be either USA or Asia.
• DataStatus: This differentiates between Customer and Celebrity.

🏷️ Node Labels:

• NodeRole: This label designates an actor as Clerk or Manager.
• NodeLocation: Shows the location of a clerk or manager in the banking system. This can be either USA or Asia.

⚠️ Constraints

Security

Clerks are not supposed to be able to access Celebrity customer data. - Security: data DataStatus.Celebrity neverFlows vertex NodeRole.Clerk

🚨 Violations

None.