Establishing Role-based Access Control in Viewpoint-oriented Variability Management

Process roles are used to structure complex engineering processes in single sys-tems development for many years. Typically, each role has specific responsi-bilities from which certain information demands originate. In the engineering of variable software, role-specific information demands affect variability in-formation. To control the access to the variability information, we suggest us-ing the concepts of an explicit access control model. We integrate an access control model and a variability modeling language on a conceptual level. Ad-ditionally, we extend the variability modeling language by formally defined operations. Based on this extension, we propose a formal integration of an ac-cess control model and the variability modeling language. Our solution allows to explicitly define access control to variability information on a formal basis.