An Aspect-Oriented Model Transformation to Weave Security using CVL

In this paper, we combine the Common Variability Language (CVL) and the ATL Transformation Language to customize and incorporate a generic security model into any application that requires security. Security spans a large set of concerns such as integrity, encryption or authentication, among others, and each concern needs to be incorporated into the base application in a different way and at different points of the application. We propose a set of weaving patterns using model transformations in ATL to automatically weave the security concerns with the base application in an aspect-oriented way. Since different applications require different security requirements, the security model needs to be customized before its incorporation into the application. We resolve the variability of the security properties and implement the weaving process in CVL. We use an e-voting case study to illustrate our proposal using the CVL approach.