Large-scale model-driven system engineering projects are carried out collaboratively.
Engineering artifacts stored in model repositories are developed in either offline
(checkout-modify-commit) or online (GoogleDoc-style) scenarios. Complex systems frequently
integrate models and components developed by different teams, vendors and suppliers.
Thus confidentiality and integrity of design artifacts need to be protected by access
We propose a technique for secure collaborative modeling where (1) fine-grained access
control for models can be defined by model queries, and (2) such access control policies
are strictly enforced by bidirectional model transformations. Each collaborator obtains
a filtered local copy of the model containing only those model elements which they
are allowed to read; write access control policies are checked on the server upon
submitting model changes. We illustrate the approach and carry out an initial scalability
assessment using a case study of the MONDO EU project.