Automated analysis of security-design models

Authors:
David Basin;Manuel Clavel;Jürgen Doser;Marina Egea
Affiliations:
Information Security Group, ETH Zurich, Zürich, Switzerland;IMDEA Software Institute, Madrid, Spain and Computer Science Department, Universidad Complutense de Madrid, Madrid, Spain;Information Security Group, ETH Zurich, Zürich, Switzerland;Computer Science Department, Universidad Complutense de Madrid, Madrid, Spain
Venue:
Information and Software Technology
Year:
2009

Citing 12
Cited 14

Proposed NIST standard for role-based access control

ACM Transactions on Information and System Security (TISSEC)
Towards Development of Secure Systems Using UMLsec

FASE '01 Proceedings of the 4th International Conference on Fundamental Approaches to Software Engineering
Experience with Embedding Hardware Description Languages in HOL

Proceedings of the IFIP TC10/WG 10.2 International Conference on Theorem Provers in Circuit Design: Theory, Practice and Experience
Role-Based Authorization Constraints Specification Using Object Constraint Language

WETICE '01 Proceedings of the 10th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
UMLsec: Extending UML for Secure Systems Development

UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Model driven security for process-oriented systems

Proceedings of the eighth ACM symposium on Access control models and technologies
MDA Explained: The Model Driven Architecture: Practice and Promise

MDA Explained: The Model Driven Architecture: Practice and Promise
Using Aspects to Design a Secure System

ICECCS '02 Proceedings of the Eighth International Conference on Engineering of Complex Computer Systems
The Object Constraint Language: Getting Your Models Ready for MDA

The Object Constraint Language: Getting Your Models Ready for MDA
Model driven security: From UML models to access control infrastructures

ACM Transactions on Software Engineering and Methodology (TOSEM)
Specification and validation of authorisation constraints using UML and OCL

ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
A metamodel-based approach for analyzing security-design models

MODELS'07 Proceedings of the 10th international conference on Model Driven Engineering Languages and Systems

From Access Control Policies to an Aspect-Based Infrastructure: A Metamodel-Based Approach

Models in Software Engineering
Extending access control models with break-glass

Proceedings of the 14th ACM symposium on Access control models and technologies
Lightweight modeling and analysis of security concepts

ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
A decade of model-driven security

Proceedings of the 16th ACM symposium on Access control models and technologies
Validation of security policies by the animation of Z specifications

Proceedings of the 16th ACM symposium on Access control models and technologies
A transformation contract to generate aspects from access control policies

Software and Systems Modeling (SoSyM)
Modeling norms in multi-agent systems with NormML

COIN@AAMAS'10 Proceedings of the 6th international conference on Coordination, organizations, institutions, and norms in agent systems
Validation of security-design models using Z

ICFEM'11 Proceedings of the 13th international conference on Formal methods and software engineering
Idea: towards architecture-centric security analysis of software

ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Automatic generation of smart, security-aware GUI models

ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
On the specification, verification and implementation of model transformations with transformation contracts

SBMF'11 Proceedings of the 14th Brazilian conference on Formal Methods: foundations and Applications
Evaluation of the Pattern-based method for Secure Development (PbSD): A controlled experiment

Information and Software Technology
Comprehensive two-level analysis of role-based delegation and revocation policies with UML and OCL

Information and Software Technology
Specifying model changes with UMLchange to support security verification of potential evolution

Computer Standards & Interfaces

Quantified Score

Hi-index	0.00

Visualization

Abstract

We have previously proposed SecureUML, an expressive UML-based language for constructing security-design models, which are models that combine design specifications for distributed systems with specifications of their security policies. Here, we show how to automate the analysis of such models in a semantically precise and meaningful way. In our approach, models are formalized together with scenarios that represent possible run-time instances. Queries about properties of the security policy modeled are expressed as formulas in UML's Object Constraint Language. The policy may include both declarative aspects, i.e., static access-control information such as the assignment of users and permissions to roles, and programmatic aspects, which depend on dynamic information, namely the satisfaction of authorization constraints in a given scenario. We show how such properties can be evaluated, completely automatically, in the context of the metamodel of the security-design language. We demonstrate, through examples, that this approach can be used to formalize and check non-trivial security properties. The approach has been implemented in the SecureMOVA tool and all of the examples presented have been checked using this tool.