SecureUML: A UML-Based Modeling Language for Model-Driven Security
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
UMLsec: Extending UML for Secure Systems Development
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Design and verification of secure systems
SOSP '81 Proceedings of the eighth ACM symposium on Operating systems principles
Security Requirement with a UML 2.0 Profile
ARES '06 Proceedings of the First International Conference on Availability, Reliability and Security
Wireshark & Ethereal Network Protocol Analyzer Toolkit (Jay Beale's Open Source Security)
Wireshark & Ethereal Network Protocol Analyzer Toolkit (Jay Beale's Open Source Security)
QEMU, a fast and portable dynamic translator
ATEC '05 Proceedings of the annual conference on USENIX Annual Technical Conference
Architecture-based refinements for secure computer systems design
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Validate, simulate, and implement ARINC653 systems using the AADL
Proceedings of the ACM SIGAda annual international conference on Ada and related technologies
Architectural Modeling to Verify Security and Nonfunctional Behavior
IEEE Security and Privacy
Hi-index | 0.00 |
Safety-critical systems are used in many domains (military, avionics, aerospace, etc.) and handle critical data in hostile environments. To prevent data access by unauthorized subjects, they must protect and isolate information so that only allowed entities can read or write information. However, because of their increased number of functionalities, safety-critical systems design becomes more complex; this increases difficulties in the design and the verification of security functions and potential error in their implementation. The multiple independent levels of security (MILS) approach introduces rules and guidelines for the design of secure systems. It isolates data according to their security levels, reducing system complexity to ease development. However, there is no approach addressing the whole development of MILS systems from high-level specification (application components with their security levels) to the final implementation (code that executes application functions and provide security mechanisms). This paper presents a complete development approach for the design, verification and implementation of MILS architectures. It aims at providing a complete framework to build secure applications based on MILS guidelines. We describe security concerns using a modeling language, verify security requirements and automatically implement the system code generation techniques and a MILS-compliant operating system that provides security functions. Copyright © 2012 John Wiley & Sons, Ltd.