A calculus for access control in distributed systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Communications of the ACM
The Unified Modeling Language reference manual
The Unified Modeling Language reference manual
Inside Java 2 platform security architecture, API design, and implementation
Inside Java 2 platform security architecture, API design, and implementation
Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
Trust in Cyberspace
Towards Development of Secure Systems Using UMLsec
FASE '01 Proceedings of the 4th International Conference on Fundamental Approaches to Software Engineering
Specification-Based Testing of Firewalls
PSI '02 Revised Papers from the 4th International Andrei Ershov Memorial Conference on Perspectives of System Informatics: Akademgorodok, Novosibirsk, Russia
Modelling Audit Security for Smart-Cart Payment Schemes with UML-SEC
IFIP/Sec '01 Proceedings of the IFIP TC11 Sixteenth Annual Working Conference on Information Security: Trusted Information: The New Decade Challenge
Inductive Analysis of the Internet Protocol TLS (Transcript of Discussion)
Proceedings of the 6th International Workshop on Security Protocols
Security Modelling for Electronic Commerce: The Common Electronic Purse Specifications
I3E '01 Proceedings of the IFIP Conference on Towards The E-Society: E-Commerce, E-Business, E-Government
On the security of 3GPP networks
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Using UMLsec and goal trees for secure systems development
Proceedings of the 2002 ACM symposium on Applied computing
Hi-index | 0.00 |
In practice, security of computer systems is compromised most often not by breaking dedicated mechanisms (such as security protocols), but by exploiting vulnerabilities in the way they are employed. Towards a solution of this problem we aim to encapsulate rules of prudent security engineering in sucha way that a system specification formulated in (a formal core of) the Unified Modeling Language (UML, the industrystandard in object-oriented modelling) can be evaluated wrt. these rules, violations be indicated and suggestions for modifications be derived.