SecureUML: A UML-Based Modeling Language for Model-Driven Security
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Security Patterns: Integrating Security and Systems Engineering
Security Patterns: Integrating Security and Systems Engineering
Model-based security analysis in seven steps --- a guided tour to the CORAS method
BT Technology Journal
Tool support for the rapid composition, analysis and implementation of reactive services
Journal of Systems and Software
Improving the Classification of Security Patterns
DEXA '09 Proceedings of the 2009 20th International Workshop on Database and Expert Systems Application
Automated Encapsulation of UML Activities for Incremental Development and Verification
MODELS '09 Proceedings of the 12th International Conference on Model Driven Engineering Languages and Systems
APWeb'08 Proceedings of the 10th Asia-Pacific web conference on Progress in WWW research and development
Secure Systems Development with UML
Secure Systems Development with UML
A tool-supported method for the design and implementation of secure distributed applications
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Reactive semantics for distributed UML activities
FMOODS'10/FORTE'10 Proceedings of the 12th IFIP WG 6.1 international conference and 30th IFIP WG 6.1 international conference on Formal Techniques for Distributed Systems
Compositional verification of application-level security properties
ESSoS'13 Proceedings of the 5th international conference on Engineering Secure Software and Systems
Hi-index | 0.00 |
Building secure systems is a difficult job for most engineers since it requires in-depth understanding of security aspects. This task, however, can be assisted by capturing security knowledge in a particular domain and reusing the knowledge when designing applications. We use this strategy and employ an information security ontology to represent the security knowledge. The ontology is associated with system designs which are modelled in collaborative building blocks specifying the behaviour of several entities. In this paper, we identify rules to be applied to the elements of collaborations in order to identify security assets present in the design. Further, required protection mechanisms are determined by applying a reasoner to the ontology and the obtained assets. We exemplify our approach with a case study from the smart metering domain.