UMLintr: A UML Profile for Specifying Intrusions
ECBS '06 Proceedings of the 13th Annual IEEE International Symposium and Workshop on Engineering of Computer Based Systems
Software Abstractions: Logic, Language, and Analysis
Software Abstractions: Logic, Language, and Analysis
An aspect-oriented methodology for designing secure applications
Information and Software Technology
A model-based aspect-oriented framework for building intrusion-aware software systems
Information and Software Technology
Hi-index | 0.00 |
We propose an aspect oriented model of a secure online credit card payment system based on Efficient and Secure Card-based Payment System (ESCPS). The basic idea behind this work is to present a design that addresses the possible attack aspects and the attack detection aspect which are woven inside ESCPS. The design clearly shows how the protocol behaves when the application is under man-in-the middle attack during the purchase phase of the protocol. We then analyze our design by using Alloy Analyzer to automatically verify the security aspect at the Merchant Financial Institution. The results produce no counter example for a reasonably large scope of model elements.