Empirical studies of software engineering: a roadmap
Proceedings of the Conference on The Future of Software Engineering
Secure systems development based on the common criteria: the PalME project
Proceedings of the 10th ACM SIGSOFT symposium on Foundations of software engineering
Sound methods and effective tools for model-based security engineering with UML
Proceedings of the 27th international conference on Software engineering
Secure Software Development by Example
IEEE Security and Privacy
Security Analysis of Crypto-based Java Programs using Automated Theorem Provers
ASE '06 Proceedings of the 21st IEEE/ACM International Conference on Automated Software Engineering
Model-Based Security Engineering of Distributed Information Systems Using UMLsec
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Tools for secure systems development with UML
International Journal on Software Tools for Technology Transfer (STTT)
Model-based security engineering for real
FM'06 Proceedings of the 14th international conference on Formal Methods
Editorial: Model-Driven Development for secure information systems
Information and Software Technology
Tools for Traceability in Secure Software Development
ASE '08 Proceedings of the 2008 23rd IEEE/ACM International Conference on Automated Software Engineering
Analysis of Secure Mobile Grid Systems: A systematic approach
Information and Software Technology
Automated analysis of permission-based security using UMLsec
FASE'08/ETAPS'08 Proceedings of the Theory and practice of software, 11th international conference on Fundamental approaches to software engineering
Development of distributed mobile learning systems
CSECS '10 Proceedings of the 9th WSEAS international conference on Circuits, systems, electronics, control & signal processing
Automated security hardening for evolving UML models
Proceedings of the 33rd International Conference on Software Engineering
Systematic design of secure Mobile Grid systems
Journal of Network and Computer Applications
Security policy foundations in context UNITY
Proceedings of the 7th International Workshop on Software Engineering for Secure Systems
A conceptual meta-model for secured information systems
Proceedings of the 7th International Workshop on Software Engineering for Secure Systems
Model-Driven security policy deployment: property oriented approach
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Tools for traceable security verification
VoCS'08 Proceedings of the 2008 international conference on Visions of Computer Science: BCS International Academic Conference
Secure by Design: Developing Secure Software Systems from the Ground Up
International Journal of Secure Software Engineering
Not Ready for Prime Time: A Survey on Security in Model Driven Development
International Journal of Secure Software Engineering
| Hi-index | 0.00 |
Mobile communication systems are increasingly used in companies. In order to make these applications secure, the security analysis has to be an integral part of the system design and IT management process for such mobile communication systems. This work presents the experiences and results from the security analysis of a mobile system architecture at a large German telecommunications company, by making use of an approach to Model-based Security Engineering that is based on the UML extension UMLsec. The focus lies on the security mechanisms and security policies of the mobile applications which were analyzed using the UMLsec method and tools. Main results of the paper include a field report on the employment of the UMLsec method in an industrial telecommunications context as well as indications of its benefits and limitations.