The UML as a formal modeling notation
Computer Standards & Interfaces - Special issue on semantics in specifications
Specification and development of interactive systems: focus on streams, interfaces, and refinement
Specification and development of interactive systems: focus on streams, interfaces, and refinement
Towards Development of Secure Systems Using UMLsec
FASE '01 Proceedings of the 4th International Conference on Fundamental Approaches to Software Engineering
Control Flow versus Logic: A Denotational and a Declarative Model for Guarded Horn Clauses
MFCS '89 Proceedings on Mathematical Foundations of Computer Science 1989
Formal Eavesdropping and Its Computational Interpretation
TACS '01 Proceedings of the 4th International Symposium on Theoretical Aspects of Computer Software
UMLsec: Extending UML for Secure Systems Development
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
CAV '02 Proceedings of the 14th International Conference on Computer Aided Verification
Deriving security requirements from crosscutting threat descriptions
Proceedings of the 3rd international conference on Aspect-oriented software development
Sound methods and effective tools for model-based security engineering with UML
Proceedings of the 27th international conference on Software engineering
Code Security Analysis of a Biometric Authentication System Using Automated Theorem Provers
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Security Analysis of Crypto-based Java Programs using Automated Theorem Provers
ASE '06 Proceedings of the 21st IEEE/ACM International Conference on Automated Software Engineering
Secure Systems Development with UML
Secure Systems Development with UML
29 new unclarities in the semantics of UML 2.0 state machines
ICFEM'05 Proceedings of the 7th international conference on Formal Methods and Software Engineering
A fully abstract semantics for UML components
FMCO'04 Proceedings of the Third international conference on Formal Methods for Components and Objects
Dynamic secure aspect modeling with UML: from models to code
MoDELS'05 Proceedings of the 8th international conference on Model Driven Engineering Languages and Systems
A transformation contract to generate aspects from access control policies
Software and Systems Modeling (SoSyM)
Hi-index | 0.00 |
Developing security-critical systems is difficult and there are many well-known examples of security weaknesses exploited in practice. Thus a sound methodology supporting secure systems development is urgently needed. Our aim is to aid the difficult task of developing security-critical systems in a formally based approach using the notation of the Unified Modeling Language. We present the extension UMLsec of UML that allows one to express security-relevant information within the diagrams in a system specification. UMLsec is defined in form of a UML profile using the standard UML extension mechanisms. In particular, the associated constraints give criteria to evaluate the security aspects of a system design, by referring to a formal semantics of a simplified fragment of UML. In this tutorial exposition, we concentrate on an approach to develop and analyze security-critical specifications and implementations using aspect-oriented modeling.