Using Model Driven Security Approaches in Web Application Development [chapter]

Christoph Hochreiner, Zhendong Ma, Peter Kieseberg, Sebastian Schrittwieser, Edgar Weippl
2014 Lecture Notes in Computer Science  
With the rise of Model Driven Engineering (MDE) as a software development methodology, which increases productivity and, supported by powerful code generation tools, allows a less error-prone implementation process, the idea of modeling security aspects during the design phase of the software development process was first suggested by the research community almost a decade ago. While various approaches for Model Driven Security (MDS) have been proposed during the years, it is still unclear, how
more » ... these concepts compare to each other and whether they can improve the security of software projects. In this paper, we provide an evaluation of current MDS approaches based on a simple web application scenario and discuss the strengths and limitations of the various techniques, as well as the practicability of MDS for web application security in general.
doi:10.1007/978-3-642-55032-4_42 fatcat:szqgmait2fefrl62v34n635jfm