Sound methods and effective tools for model-based security engineering with UML
Proceedings of the 27th international conference on Software engineering
Information flow property preserving transformation of UML interaction diagrams
Proceedings of the eleventh ACM symposium on Access control models and technologies
Tools for model-based security engineering
Proceedings of the 28th international conference on Software engineering
Performance analysis of security aspects in UML models
WOSP '07 Proceedings of the 6th international workshop on Software and performance
Model-Based Security Engineering of Distributed Information Systems Using UMLsec
ICSE '07 Proceedings of the 29th international conference on Software Engineering
Computer-aided Support for Secure Tropos
Automated Software Engineering
Tools for model-based security engineering: models vs. code
Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering
Journal of Theoretical and Applied Electronic Commerce Research
Secure information systems engineering: a manifesto
International Journal of Electronic Security and Digital Forensics
Barbed Model--Driven Software Development: A Case Study
Electronic Notes in Theoretical Computer Science (ENTCS)
Rubacon: automated support for model-based compliance engineering
Proceedings of the 30th international conference on Software engineering
From security patterns to implementation using petri nets
Proceedings of the fourth international workshop on Software engineering for secure systems
Do secure information system design methods provide adequate modeling support?
Information and Software Technology
Proceedings of the 4th ACM workshop on Quality of protection
Model-based Security Testing Using UMLsec
Electronic Notes in Theoretical Computer Science (ENTCS)
Model-Based Run-Time Checking of Security Permissions Using Guarded Objects
Runtime Verification
An aspect-oriented methodology for designing secure applications
Information and Software Technology
A model-based aspect-oriented framework for building intrusion-aware software systems
Information and Software Technology
XRound: A reversible template language and its application in model-based security analysis
Information and Software Technology
Editorial: Model-Driven Development for secure information systems
Information and Software Technology
Web Services-Based Security Requirement Elicitation
IEICE - Transactions on Information and Systems
Architectural Refinement and Notions of Intransitive Noninterference
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
Transformation of Type Graphs with Inheritance for Ensuring Security in E-Government Networks
FASE '09 Proceedings of the 12th International Conference on Fundamental Approaches to Software Engineering: Held as Part of the Joint European Conferences on Theory and Practice of Software, ETAPS 2009
Modeling and analysis of security trade-offs - A goal oriented approach
Data & Knowledge Engineering
CAiSE '09 Proceedings of the 21st International Conference on Advanced Information Systems Engineering
Automated Security Verification for Crypto Protocol Implementations: Verifying the Jessie Project
Electronic Notes in Theoretical Computer Science (ENTCS)
Towards a Modernization Process for Secure Data Warehouses
DaWaK '09 Proceedings of the 11th International Conference on Data Warehousing and Knowledge Discovery
Computer Standards & Interfaces
Generating formal specifications for security-critical applications - A model-driven approach
IWSESS '09 Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems
Resolving least privilege violations in software architectures
IWSESS '09 Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems
An Aspect-Oriented Approach for Software Security Hardening: from Design to Implementation
Proceedings of the 2009 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the Eighth SoMeT_09
Measuring the interplay of security principles in software architectures
ESEM '09 Proceedings of the 2009 3rd International Symposium on Empirical Software Engineering and Measurement
Security Analysis of a Biometric Authentication System Using UMLsec and JML
MODELS '09 Proceedings of the 12th International Conference on Model Driven Engineering Languages and Systems
Moving from Requirements to Design Confronting Security Issues: A Case Study
OTM '09 Proceedings of the Confederated International Conferences, CoopIS, DOA, IS, and ODBASE 2009 on On the Move to Meaningful Internet Systems: Part II
ER '09 Proceedings of the 28th International Conference on Conceptual Modeling
Applying a UML Extension to Build Use Cases Diagrams in a Secure Mobile Grid Application
ER '09 Proceedings of the ER 2009 Workshops (CoMoL, ETheCoM, FP-UML, MOST-ONISW, QoIS, RIGiM, SeCoGIS) on Advances in Conceptual Modeling - Challenging Perspectives
Foundations for Designing Secure Architectures
Electronic Notes in Theoretical Computer Science (ENTCS)
Automated verification of security pattern compositions
Information and Software Technology
Analysis of Secure Mobile Grid Systems: A systematic approach
Information and Software Technology
Model driven development of secure XML data warehouses: a case study
Proceedings of the 2010 EDBT/ICDT Workshops
Mal-activity diagrams for capturing attacks on business processes
REFSQ'07 Proceedings of the 13th international working conference on Requirements engineering: foundation for software quality
Verifying smart card applications: an ASM approach
IFM'07 Proceedings of the 6th international conference on Integrated formal methods
Maintaining information flow security under refinement and transformation
FAST'06 Proceedings of the 4th international conference on Formal aspects in security and trust
A goal oriented approach for modeling and analyzing security trade-offs
ER'07 Proceedings of the 26th international conference on Conceptual modeling
Automated analysis of permission-based security using UMLsec
FASE'08/ETAPS'08 Proceedings of the Theory and practice of software, 11th international conference on Fundamental approaches to software engineering
Security requirements engineering framework for software product lines
Information and Software Technology
A comparison of software design security metrics
Proceedings of the Fourth European Conference on Software Architecture: Companion Volume
Proceedings of the 3rd international conference on Security of information and networks
Analyzing security architectures
Proceedings of the IEEE/ACM international conference on Automated software engineering
Tool support for code generation from a UMLsec property
Proceedings of the IEEE/ACM international conference on Automated software engineering
Information systems security criticality and assurance evaluation
AST/UCMA/ISA/ACN'10 Proceedings of the 2010 international conference on Advances in computer science and information technology
Automated detection of least privilege violations in software architectures
ECSA'10 Proceedings of the 4th European conference on Software architecture
Towards the secure modelling of OLAP users behaviour
SDM'10 Proceedings of the 7th VLDB conference on Secure data management
Semantics of UML models for dynamic behavior: a survey of different approaches
MBEERTS'07 Proceedings of the 2007 International Dagstuhl conference on Model-based engineering of embedded real-time systems
Lightweight modeling and analysis of security concepts
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
A tool-supported method for the design and implementation of secure distributed applications
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Modeling process-related RBAC models with extended UML activity models
Information and Software Technology
Security services architecture for Secure Mobile Grid Systems
Journal of Systems Architecture: the EUROMICRO Journal
Component-oriented verification of noninterference
Journal of Systems Architecture: the EUROMICRO Journal
Automated security hardening for evolving UML models
Proceedings of the 33rd International Conference on Software Engineering
A practical formal model for safety analysis in capability-based systems
TGC'05 Proceedings of the 1st international conference on Trustworthy global computing
Supporting requirements engineers in recognising security issues
REFSQ'11 Proceedings of the 17th international working conference on Requirements engineering: foundation for software quality
Systematic development of UMLsec design models based on security requirements
FASE'11/ETAPS'11 Proceedings of the 14th international conference on Fundamental approaches to software engineering: part of the joint European conferences on theory and practice of software
Towards transformation guidelines from secure tropos to misuse cases (position paper)
Proceedings of the 7th International Workshop on Software Engineering for Secure Systems
Validation of security policies by the animation of Z specifications
Proceedings of the 16th ACM symposium on Access control models and technologies
A transformation contract to generate aspects from access control policies
Software and Systems Modeling (SoSyM)
A framework to support alignment of secure software engineering with legal regulations
Software and Systems Modeling (SoSyM)
Challenges in model-based evolution and merging of access control policies
Proceedings of the 12th International Workshop on Principles of Software Evolution and the 7th annual ERCIM Workshop on Software Evolution
Tool support for UML-based specification and verification of role-based access control properties
Proceedings of the 19th ACM SIGSOFT symposium and the 13th European conference on Foundations of software engineering
Towards systematic integration of quality requirements into software architecture
ECSA'11 Proceedings of the 5th European conference on Software architecture
Orchestrating security and system engineering for evolving systems
ServiceWave'11 Proceedings of the 4th European conference on Towards a service-based internet
Validation of security-design models using Z
ICFEM'11 Proceedings of the 13th international conference on Formal methods and software engineering
Towards a MOF/QVT-Based domain architecture for model driven security
MoDELS'06 Proceedings of the 9th international conference on Model Driven Engineering Languages and Systems
A model transformation semantics and analysis methodology for SecureUML
MoDELS'06 Proceedings of the 9th international conference on Model Driven Engineering Languages and Systems
A graphical approach to risk identification, motivated by empirical investigations
MoDELS'06 Proceedings of the 9th international conference on Model Driven Engineering Languages and Systems
Model-based security engineering with UML: introducing security aspects
FMCO'05 Proceedings of the 4th international conference on Formal Methods for Components and Objects
Aspect-Oriented risk driven development of secure applications
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Stepwise development of secure systems
SAFECOMP'06 Proceedings of the 25th international conference on Computer Safety, Reliability, and Security
Capturing security requirements in business processes through a UML 2.0 activity diagrams profile
CoMoGIS'06 Proceedings of the 2006 international conference on Advances in Conceptual Modeling: theory and practice
SecTOOL: supporting requirements engineering for access control
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
End-to-end integrated security and performance analysis on the DEGAS choreographer platform
FM'05 Proceedings of the 2005 international conference on Formal Methods
Towards a comprehensive framework for secure systems development
CAiSE'06 Proceedings of the 18th international conference on Advanced Information Systems Engineering
Tools for secure systems development with UML: security analysis with ATPs
FASE'05 Proceedings of the 8th international conference, held as part of the joint European Conference on Theory and Practice of Software conference on Fundamental Approaches to Software Engineering
Model-Based security engineering with UML
Foundations of Security Analysis and Design III
Security and trust requirements engineering
Foundations of Security Analysis and Design III
For-LySa: UML for authentication analysis
GC'04 Proceedings of the 2004 IST/FET international conference on Global Computing
A practical application of our MDD approach for modeling secure XML data warehouses
Decision Support Systems
Modeling social and individual trust in requirements engineering methodologies
iTrust'05 Proceedings of the Third international conference on Trust Management
Dynamic secure aspect modeling with UML: from models to code
MoDELS'05 Proceedings of the 8th international conference on Model Driven Engineering Languages and Systems
Choreographing security and performance analysis for web services
EPEW'05/WS-FM'05 Proceedings of the 2005 international conference on European Performance Engineering, and Web Services and Formal Methods, international conference on Formal Techniques for Computer Systems and Business Processes
Model-based security engineering for real
FM'06 Proceedings of the 14th international conference on Formal Methods
Component-based development of dependable systems with UML
Component-Based Software Development for Embedded Systems
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
Using dependent CORAS diagrams to analyse mutual dependency
CRITIS'07 Proceedings of the Second international conference on Critical Information Infrastructures Security
Model-Driven security policy deployment: property oriented approach
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Formal verification of application-specific security properties in a model-driven approach
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
Engineering self-protection for autonomous systems
FASE'06 Proceedings of the 9th international conference on Fundamental Approaches to Software Engineering
Software architecture description and UML
UML'04 Proceedings of the 2004 international conference on UML Modeling Languages and Applications
Tools for critical systems development with UML (tool demo)
UML'04 Proceedings of the 2004 international conference on UML Modeling Languages and Applications
Software architecture description and UML
UML Modeling Languages and Applications
Tools for critical systems development with UML (tool demo)
UML Modeling Languages and Applications
Tools for traceable security verification
VoCS'08 Proceedings of the 2008 international conference on Visions of Computer Science: BCS International Academic Conference
TAM2: automated threat analysis
Proceedings of the 27th Annual ACM Symposium on Applied Computing
Security and safety of assets in business processes
Proceedings of the 27th Annual ACM Symposium on Applied Computing
An advanced approach for modeling and detecting software vulnerabilities
Information and Software Technology
Classification and trend analysis of UML books (1997---2009)
Software and Systems Modeling (SoSyM)
Behavioral singletons to consistently handle global states of security patterns
DAIS'12 Proceedings of the 12th IFIP WG 6.1 international conference on Distributed Applications and Interoperable Systems
Non-interference on UML state-charts
TOOLS'12 Proceedings of the 50th international conference on Objects, Models, Components, Patterns
Towards model-driven development of access control policies for web applications
Proceedings of the Workshop on Model-Driven Security
Security asset elicitation for collaborative models
Proceedings of the Workshop on Model-Driven Security
Taxonomy of quality metrics for assessing assurance of security correctness
Software Quality Control
Assimilating and Optimizing Software Assurance in the SDLC: A Framework and Step-Wise Approach
International Journal of Secure Software Engineering
JavaSPI: A Framework for Security Protocol Implementation
International Journal of Secure Software Engineering
Not Ready for Prime Time: A Survey on Security in Model Driven Development
International Journal of Secure Software Engineering
Modelling Security Using Trust Based Concepts
International Journal of Secure Software Engineering
SETER: Towards Architecture-Model Based Security Engineering
International Journal of Secure Software Engineering
Compositional verification of application-level security properties
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
ICT-EurAsia'13 Proceedings of the 2013 international conference on Information and Communication Technology
Modeling test cases for security protocols with SecureMDD
Computer Networks: The International Journal of Computer and Telecommunications Networking
Software and Systems Modeling (SoSyM)
Securing business processes using security risk-oriented patterns
Computer Standards & Interfaces
| Hi-index | 0.00 |
The correct development of security-critical computer systems is as vital as it is difficult. This book presents the extension UMLsec of the Unified Modeling Language for secure systems development. The book is written in a way which keeps the first part (ch 1-5), describing UMLsec and ist use, accessible to anyone with an interest in computer security and a basic background on object-oriented systems. It can also be used as part of a general course on applying UML or on computer security. The second part (ch 6-9) is about the mathematical tools needed to use the UMLsec approach to verify UML specifications against security requirements and assumes some familarity with precise methods of system development. A practically relevant example is used throughout the book to demonstrate the presented methods.