Using Z: specification, refinement, and proof
Using Z: specification, refinement, and proof
The Object-Z specification language
The Object-Z specification language
COM revisited: tool-assisted modelling of an architectural framework
SIGSOFT '00/FSE-8 Proceedings of the 8th ACM SIGSOFT international symposium on Foundations of software engineering: twenty-first century applications
Communications of the ACM
Dynamic Logic
Extending standard UML with model composition semantics
Science of Computer Programming - Special issue on unified modeling language (UML 2000)
I3E '02 Proceedings of the IFIP Conference on Towards The Knowledge Society: E-Commerce, E-Business, E-Government
Using Alloy and UML/OCL to Specify Run-Time Configuration Management: A Case Study
Workshop of the pUML-Group held together with the «UML»2001 on Practical UML-Based Rigorous Development Methods - Countering or Integrating the eXtremists
Exploring the Design of an Intentional Naming Scheme with an Automatic Constraint Analyzer
ASE '00 Proceedings of the 15th IEEE international conference on Automated software engineering
Some Shortcomings of OCL, the Object Constraint Language of UML
TOOLS '00 Proceedings of the Technology of Object-Oriented Languages and Systems (TOOLS 34'00)
Using Aspects to Design a Secure System
ICECCS '02 Proceedings of the Eighth International Conference on Engineering of Complex Computer Systems
A UML-Based Pattern Specification Technique
IEEE Transactions on Software Engineering
Automating commutativity analysis at the design level
ISSTA '04 Proceedings of the 2004 ACM SIGSOFT international symposium on Software testing and analysis
Aspect-Oriented Analysis and Design
Aspect-Oriented Analysis and Design
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
Software Abstractions: Logic, Language, and Analysis
Software Abstractions: Logic, Language, and Analysis
Model driven development of secure XML databases
ACM SIGMOD Record
Modular architecture for a toolset supporting OCL
UML'00 Proceedings of the 3rd international conference on The unified modeling language: advancing the standard
Verification of object-oriented software: The KeY approach
Verification of object-oriented software: The KeY approach
Secure Systems Development with UML
Secure Systems Development with UML
Model-Driven analysis and synthesis of concrete syntax
MoDELS'06 Proceedings of the 9th international conference on Model Driven Engineering Languages and Systems
A model transformation semantics and analysis methodology for SecureUML
MoDELS'06 Proceedings of the 9th international conference on Model Driven Engineering Languages and Systems
Aspect-Oriented risk driven development of secure applications
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Bridging grammarware and modelware
MoDELS'05 Proceedings of the 2005 international conference on Satellite Events at the MoDELS
MDA and analysis of web applications
TEAA'05 Proceedings of the 31st VLDB conference on Trends in Enterprise Application Architecture
Ensuring spatio-temporal access control for real-world applications
Proceedings of the 14th ACM symposium on Access control models and technologies
From UML to Alloy and back again
Proceedings of the 6th International Workshop on Model-Driven Engineering, Verification and Validation
Moving from Requirements to Design Confronting Security Issues: A Case Study
OTM '09 Proceedings of the Confederated International Conferences, CoopIS, DOA, IS, and ODBASE 2009 on On the Move to Meaningful Internet Systems: Part II
Analysis of Secure Mobile Grid Systems: A systematic approach
Information and Software Technology
Aspect weaver: a model transformation approach for UML models
Proceedings of the 2010 Conference of the Center for Advanced Studies on Collaborative Research
A tool-supported method for the design and implementation of secure distributed applications
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
An aspect oriented model of efficient and secure card-based payment system
Proceedings of the 2011 International Conference on Communication, Computing & Security
A conceptual meta-model for secured information systems
Proceedings of the 7th International Workshop on Software Engineering for Secure Systems
From UML to alloy and back again
MODELS'09 Proceedings of the 2009 international conference on Models in Software Engineering
Threat scenario-based security risk analysis using use case modeling in information systems
Security and Communication Networks
Behavioral singletons to consistently handle global states of security patterns
DAIS'12 Proceedings of the 12th IFIP WG 6.1 international conference on Distributed Applications and Interoperable Systems
Compositional verification of application-level security properties
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
| Hi-index | 0.00 |
We propose a methodology, based on aspect-oriented modeling (AOM), for incorporating security mechanisms in an application. The functionality of the application is described using the primary model and the attacks are specified using aspects. The attack aspect is composed with the primary model to obtain the misuse model. The misuse model describes how much the application can be compromised. If the results are unacceptable, then some security mechanism must be incorporated into the application. The security mechanism, modeled as security aspect, is composed with the primary model to obtain the security-treated model. The security-treated model is analyzed to give assurance that it is resilient to the attack.