Download:
|
by Jan Jurjens, Guido Wimmel
http://www4.in.tum.de/~juerjens/papers/omg03.ps
Add To MetaCart
Abstract:
Since the connection of computers over the Internet and the expansion of distributed systems, they are confronted with more and more attacks. To counteract this circumstance, we have to consider security requirements from the beginning of the system development. In early phases of system development, it is common to use a twopart process for the elaboration of the application core and the functional specification in use cases. In this paper, we show an extension of this process for security-critical systems. We show a methodical concept for the development of security-critical systems and the modelling of security aspects in the application core with an extension of the Unified Modelling Language, here UMLsec. Furthermore, we introduce security use cases for the development of security aspects in conjunction with behavioural modelling. 1
Citations
|
424
|
The Unified Software Development Process
– Jacobson, Booch, et al.
- 1999
|
|
402
|
Objects, Components, and Frameworks With UML: The Catalysis Approach
– D'Souza, Wills
- 1998
|
|
297
|
UML Distilled: Applying the Standard Object Modeling Language
– Fowler, Scott
- 1997
|
|
70
|
Object-oriented Software Engineering: a Use-Case Driven Approach
– Jacobson
- 1992
|
|
69
|
Secure System Development with UML
– Jurjens
- 2005
|
|
63
|
UMLsec: Extending UML for secure systems development
– Jürjens
- 2002
|
|
44
|
Gunnar Övergaard, Object-Oriented Software Engineering—A Use Case Driven Approach
– Jacobson, Christerson, et al.
- 1992
|
|
35
|
The Rational Unified Process: An Introduction, Second Edition
– Kruchten
- 2001
|
|
12
|
Principles for Secure Systems Design
– Jürjens
- 2002
|
|
11
|
Software Engineering
– Somerville
- 2001
|
|
8
|
UML’04 satellite workshop proceedings
– Jürjens, Rumpe, et al.
- 2004
|
|
5
|
Integrating access control design into the software development process
– Brose, Koch, et al.
- 2002
|
|
4
|
An Integrated Approach to Use Case Based Development
– Breu
- 2002
|
|
3
|
Extending use cases and interaction diagrams to develop system architecture requirements
– Fernandez, Hawkins
- 1997
|
|
3
|
UML 2002 - The Unified Modeling Language, volume 2460
– J'ez'equel, Cook, et al.
- 2002
|
|
2
|
Security and Design Based on a General Conceptual Security Model and UML
– Blobel, Pharow, et al.
- 1999
|
|
2
|
Techniken und Methodik des objektorientierten Entwurfs -- Ein integrierter Ansatz
– Konzepte
- 1998
|
|
2
|
UML for the design of secure databases: Integrating security levels, user roles, and constraints in the database design process. 2002
– Fernandez-Medina, Martnez, et al.
|
