The inductive approach to verifying cryptographic protocols
Journal of Computer Security
The Haskell: The Craft of Functional Programming
The Haskell: The Craft of Functional Programming
Towards Development of Secure Systems Using UMLsec
FASE '01 Proceedings of the 4th International Conference on Fundamental Approaches to Software Engineering
Breaking and Fixing the Needham-Schroeder Public-Key Protocol Using FDR
TACAs '96 Proceedings of the Second International Workshop on Tools and Algorithms for Construction and Analysis of Systems
The Quest for Correct Systems: Model Checking of Diagrams and Datatypes
APSEC '99 Proceedings of the Sixth Asia Pacific Software Engineering Conference
Traffic Lights - An AutoFocus Case Study
CSD '98 Proceedings of the 1998 International Conference on Application of Concurrency to System Design
Tool Supported Specification and Simulation of Distributed Systems
PDSE '98 Proceedings of the International Symposium on Software Engineering for Parallel and Distributed Systems
What do we mean by entity authentication?
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Modelling audit security for Smart-Card payment schemes with UML-SEC
Sec '01 Proceedings of the 16th international conference on Information security: Trusted information: the new decade challenge
Secure systems development based on the common criteria: the PalME project
Proceedings of the 10th ACM SIGSOFT symposium on Foundations of software engineering
Secure systems development based on the common criteria: the PalME project
ACM SIGSOFT Software Engineering Notes
Specification-Based Test Generation for Security-Critical Systems Using Mutations
ICFEM '02 Proceedings of the 4th International Conference on Formal Engineering Methods: Formal Methods and Software Engineering
UMLsec: Extending UML for Secure Systems Development
UML '02 Proceedings of the 5th International Conference on The Unified Modeling Language
Formally Testing Fail-Safety of Electronic Purse Protocols
Proceedings of the 16th IEEE international conference on Automated software engineering
The CORAS methodology: model-based risk assessment using UML and UP
UML and the unified process
Sound development of secure service-based systems
Proceedings of the 2nd international conference on Service oriented computing
Hi-index | 0.00 |
There is a strong demand for techniques to aid development and modelling of security critical systems. Based on general security evaluation criteria, we show how to extend the system structure diagrams of the CASE tool AutoFocus (which are related to UML-RT collaboration diagrams) to allow modelling of security critical systems, in particular concerning components and channels. Both high-level and low-level models of systems are supported, and the notion of security patterns is introduced to provide generic solutions for security requirements. We explain our approach on the example of an electronic purse card system.