Model-based security analysis for mobile communications

  • Authors:
  • Jan Jürjens;Joerg Schreck;Peter Bartmann

  • Affiliations:
  • The Open University, Milton Keynes, United Kingdom;O2 (Germany), Munich, Germany;University of Augsburg, Augsburg, Germany

  • Venue:
  • Proceedings of the 30th international conference on Software engineering
  • Year:
  • 2008

Quantified Score

Hi-index 0.00

Visualization

Abstract

Mobile communication systems are increasingly used in companies. In order to make these applications secure, the security analysis has to be an integral part of the system design and IT management process for such mobile communication systems. This work presents the experiences and results from the security analysis of a mobile system architecture at a large German telecommunications company, by making use of an approach to Model-based Security Engineering that is based on the UML extension UMLsec. The focus lies on the security mechanisms and security policies of the mobile applications which were analyzed using the UMLsec method and tools. Main results of the paper include a field report on the employment of the UMLsec method in an industrial telecommunications context as well as indications of its benefits and limitations.