Filters








14,523 Hits in 2.6 sec

Usability of Security Specification Approaches for UML Design: A Survey

Chamseddine Talhi, D. Mouheb, V. Lima, Mourad Debbabi, L. Wang, M. Pourzandi
2009 Journal of Object Technology  
Extending the UML meta-language or creating new meta-languages for security specification are also covered by this study.  ...  Since it is the de facto language for software specification and design, UML is the target language used by almost all state of the art contributions handling security at specification and design level  ...  The security properties are first extracted from natural language standards and documents, and integrated into UML diagrams as stereotypes in a UML profile.  ... 
doi:10.5381/jot.2009.8.6.a1 fatcat:kwkvejot5nfsrp26suryx57vsy

A Framework for Composable Security Definition, Assurance, and Enforcement [chapter]

J. A. Pavlich-Mariscal, S. A. Demurjian, L. D. Michel
2006 Lecture Notes in Computer Science  
security assurance, and should result in a reduction of the security defects in the final system.  ...  To achieve separation of concerns at the modeling level, concern-specific languages are defined to capture alternative security concerns.  ...  Design a means to integrate the Security Concern Models into a design model (UML) to capture security requirements as part of the software process.  ... 
doi:10.1007/11663430_41 fatcat:5qq2qwufn5ca7lir3jyoshaoo4

Towards a Business Process-Driven Framework for Security Engineering with the UML [chapter]

José L. Vivas, José A. Montenegro, Javier López
2003 Lecture Notes in Computer Science  
A challenging task in security engineering concerns the specification and integration of security with other requirements at the top level of requirements engineering.  ...  In this paper, based on experience drawn from an ongoing work within the CASENET project [1], we propose a UML-based business process-driven framework for the development of security-critical systems.  ...  However, UML is considered to be attractive to a broader community with less critical security requirements.  ... 
doi:10.1007/10958513_29 fatcat:xcw3kgmsx5hmbgat4aoocqdjwi

Modeling and verifying security protocols using UML 2

Sandra Smith, Alain Beaulieu, W. Greg Phillips
2011 2011 IEEE International Systems Conference  
Security protocols must be designed to ensure the integrity of electronic communications between participants.  ...  We present our research to investigate the use of UML 2 to model, verify and validate security protocols.  ...  combined with design modeling languages other than UML [11] .  ... 
doi:10.1109/syscon.2011.5929088 fatcat:pt2fznehzbfxpp3lcfrtjc3vde

The CORAS Tool for Security Risk Analysis [chapter]

Fredrik Vraalsen, Folker den Braber, Mass Soldal Lund, Ketil Stølen
2005 Lecture Notes in Computer Science  
The CORAS Tool for model-based security risk analysis supports documentation and reuse of risk analysis results through integration of different risk analysis and software development techniques and tools  ...  To satisfy these requirements, the tool provides an integration layer with a defined API which can be used by other tools to integrate with the CORAS tool.  ...  Introduction The CORAS framework for UML-based security risk analysis, in the following referred to as security analysis, consists of among other things a methodology, a language, and a tool.  ... 
doi:10.1007/11429760_30 fatcat:7t6kg2ymybd6xexygqrn7nmpqm

A Qualitative Study of Domain Specific Languages for Model Driven Security

Muhammad Qaiser Saleem
2014 Research Journal of Applied Sciences Engineering and Technology  
Over the past decade, many researchers are trying to address these limitations of the general purpose modeling languages and come up with several Domain Specific Modeling Languages for Model Driven Security  ...  Currently available general purpose modeling languages like UML do not have capability to model the security objectives along the system models.  ...  This in turn necessitated bridging the gap between security modelling languages and design modelling languages, leading to the notion of security-design modelling languages, such as the Secure UML (Basin  ... 
doi:10.19026/rjaset.7.703 fatcat:isqkbqltozdyzkyshn525qvdwe

SecureSOA Modelling Security Requirements for Service-Oriented Architectures

Michael Menzel, Christoph Meinel
2010 2010 IEEE International Conference on Services Computing  
This paper introduces our security design language Se-cureSOA that enables the definition of these security requirements.  ...  Security requirements are codified in Web Service policies that control the service's behavior in terms of secure interactions with other participants in an SOA.  ...  A security modelling language can be defined once with certain extension points and can then be integrated into different design modelling languages for service-based systems.  ... 
doi:10.1109/scc.2010.63 dblp:conf/IEEEscc/MenzelM10 fatcat:iy6l3wbs2rczzggrglrqu2ttay

Aspect-Oriented Modeling for Representing and Integrating Security Concerns in UML [chapter]

D. Mouheb, C. Talhi, M. Nouh, V. Lima, M. Debbabi, L. Wang, M. Pourzandi
2010 Studies in Computational Intelligence  
To this end, we present in this paper an aspect-oriented modeling approach for specifying and integrating security solutions into UML design models.  ...  Security is a challenging task in software engineering.  ...  This project aims at providing an end-to-end framework for secure software development that starts from specifying the needed security requirements on UML models and ends with generating secure code.  ... 
doi:10.1007/978-3-642-13273-5_13 fatcat:3dwc7yow6fhjbcuc4vcw5tqq2e

Advances in Model-Driven Security [chapter]

Levi Lúcio, Qin Zhang, Phu H. Nguyen, Moussa Amrani, Jacques Klein, Hans Vangheluwe, Yves Le Traon
2014 Advances in Computers  
As a response to this need, Model-Driven Security has emerged in the early 2000s as a specialized Model-Driven Engineering approach for supporting the development of security-critical systems.  ...  This chapter provides a broad view of Model-Driven Security and is intended as an introduction to Model-Driven Security for students, researchers and practitioners.  ...  Model composition based on annotated models is used to integrate Sectet-Uml models with the dynamic security requirement expressions Sectet-Pl in order to form a platform-independent application model  ... 
doi:10.1016/b978-0-12-800162-2.00003-8 fatcat:rgwilxfhzbg3niqfozkglu355u

Critical Systems Development Using Modeling Languages (CSDUML'04): Current Developments and Future Challenges (Report on the Third International Workshop) [chapter]

Jan Jürjens, Eduardo B. Fernandez, Robert B. France, Bernhard Rumpe, Constance Heitmeyer
2005 Lecture Notes in Computer Science  
We give a short report on the contributions to and some discussions made and conclusions drawn at the Third International Workshop on Critical Systems Development Using Modeling Languages (CSDUML'04).  ...  We would also like to thank the UML'04 conference chair Ana Moreira (New University of Lisbon), the workshop chair Ambrosio Toval (University of Murcia), the local arrangements chair Isabel Sofia Brito  ...  Other workshop participants suggested that with UML as a family of languages, at least a core of UML might be defined in a precise way.  ... 
doi:10.1007/978-3-540-31797-5_9 fatcat:3nzd3oirjjcrpbre6tuy7axrja

Weaving security aspects into UML 2.0 design models

Djedjiga Mouheb, Chamseddine Talhi, Vitor Lima, Mourad Debbabi, Lingyu Wang, Makan Pourzandi
2009 Proceedings of the 13th workshop on Aspect-oriented modeling - AOM '09  
Security plays a predominant role in software engineering.  ...  First, we present the security design weaving approach, as well as the UML profile needed for specifying security aspects.  ...  Existing approaches on integrating security concerns into UML design mostly focus on specifying security requirements and sometimes analyzing UML models against the specified requirements (a more detailed  ... 
doi:10.1145/1509297.1509300 fatcat:hvl7kjm2pjgbrpbjll5wbbqj4y

Integrity and Confidentiality Annotations for Service Interfaces in SoaML Models

Bernhard Hoisl, Stefan Sobernig
2011 2011 Sixth International Conference on Availability, Reliability and Security  
Corresponding object nodes integrate their security modelling language (SecureUML) of Pins (e.g., AnInParam1) held by the first and the last with a custom defined process language.  ...  UML class models provide a structural view tectures,” Transactions on Pattern Languages of Program- on a SOA, with stereotypes representing selected security ming, vol. 1, pp. 136–  ... 
doi:10.1109/ares.2011.105 dblp:conf/IEEEares/HoislS11 fatcat:7upyyresmbdkzf4sz6vpbcaplu

Agent's Security During Communication in Mobile Agents System

Chadha Zrari, Hela Hachicha, Khaled Ghedira
2015 Procedia Computer Science  
Nevertheless, the integration of security properties in all phases of software development can provide more secure mobile agents based systems.  ...  Security is a very important concept in the growth and the development of the mobile agent technology. However, in most of researches, security properties are envisaged in the implementation phase.  ...  SecureUML The SecureUML profile 13 is a modeling language that defines a vocabulary to annotate UML-based models with relevant information for access control.  ... 
doi:10.1016/j.procs.2015.08.100 fatcat:f3r27cxqtveffhny5k4ao3mhrq

Model driven security for process-oriented systems

David Basin, Jürgen Doser, Torsten Lodderstedt
2003 Proceedings of the eighth ACM symposium on Access control models and technologies - SACMAT '03  
We present an application to constructing systems from process models, where we combine a UML-based process design language with a security modeling language for formalizing access control requirements  ...  In our specialization, a designer builds a system model along with security requirements, and automatically generates from this a complete, congured security infrastructure.  ...  With respect to (1), we present the security modeling language SecureUML and show how to integrate it with UML process models.  ... 
doi:10.1145/775412.775425 dblp:conf/sacmat/BasinDL03 fatcat:43lilkzvljbqxmbl5ghhlt6c34

Model driven security for process-oriented systems

David Basin, Jürgen Doser, Torsten Lodderstedt
2003 Proceedings of the eighth ACM symposium on Access control models and technologies - SACMAT '03  
We present an application to constructing systems from process models, where we combine a UML-based process design language with a security modeling language for formalizing access control requirements  ...  In our specialization, a designer builds a system model along with security requirements, and automatically generates from this a complete, congured security infrastructure.  ...  With respect to (1), we present the security modeling language SecureUML and show how to integrate it with UML process models.  ... 
doi:10.1145/775423.775425 fatcat:jwdp223vejblvm5wqcexce3sgq
« Previous Showing results 1 — 15 out of 14,523 results