Weaving security aspects into UML 2.0 design models

Djedjiga Mouheb, Chamseddine Talhi, Vitor Lima, Mourad Debbabi, Lingyu Wang, Makan Pourzandi
2009 Proceedings of the 13th workshop on Aspect-oriented modeling - AOM '09  
Security plays a predominant role in software engineering. Nowadays, security solutions are generally added to existing software either as an afterthought, or manually injected into software applications. However, given the complexity and pervasiveness of today's software systems, the current practices might not be completely satisfactory. In most cases, security features remain scattered and tangled throughout the entire software, resulting in complex applications that are hard to understand
more » ... d maintain. In this paper, we propose an aspect-oriented modeling approach to systematically integrate security solutions into software during the early phases of the software development life cycle. First, we present the security design weaving approach, as well as the UML profile needed for specifying security aspects. Then, we illustrate the approach through an example for injecting the design-level security aspects into base models.
doi:10.1145/1509297.1509300 fatcat:hvl7kjm2pjgbrpbjll5wbbqj4y