Developing Secure Software Using UML Patterns

نویسندگان

  • Holger Schmidt
  • Maritta Heisel
چکیده

This chapter presents a security engineering process based on UML security problem frames and concretized UML security problem frames. Both kinds of frames constitute patterns for analyzing security problems and associated solution approaches. They are arranged in a pattern system that makes dependencies between them explicit. The authors describe step-by-step how the pattern system can be used to analyze a given security problem and how solution approaches can be found. Then, solution approaches are specified by generic security components and generic security architectures, which constitute architectural patterns. Finally, the generic security components and the generic security architecture that composes them are refined, and the result is a secure software product built from existing and/or tailor-made security components.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

UMLsec: Extending UML for Secure Systems Development

Developing secure-critical systems is difficult and there are many well-known examples of security weaknesses exploited in practice. Thus a sound methodology supporting secure systems development is urgently needed. Our aim is to aid the difficult task of developing security-critical systems in an approach based on the notation of the Unified Modeling Language. We present the extension UMLsec o...

متن کامل

Towards the integration of security patterns in UML component-based applications

In software engineering, design patterns are considered effective tools for the reuse of specific information. They are widely used today to provide architects and designers with reusable design knowledge. This paper is about the use of patterns in secure systems and software engineering, in particular in model based engineering. In this paper, we are proposing a model-based methodology for sec...

متن کامل

Developing Reliable yet Flexible Software through If-Then Model Transformation Rules

Developing reliable yet flexible software is a hard problem. Although modeling methods enjoy a lot of advantages, the exclusive use of just one of them, in many cases, may not guarantee the development of reliable and flexible software. Formal modeling methods ensure reliability because they use a rigorous approach to software development. However, lack of knowledge and high cost practically fo...

متن کامل

Specification and Instantiation of Domain Specific Patterns based on UML

Domain-specific design patterns provide for architecture reuse of reoccurring design problems in a specific software domain. They capture domain knowledge and design expertise needed for developing applications. Moreover, they accelerate software development since the design of a new application consists in adapting existing patterns, instead of modeling one from the beginning. However, some pr...

متن کامل

Realizing the Potential of Attack Patterns for Secure Software Development

A critical challenge in secure cyberspace is engineering more secure software. To address this challenge, it is important to integrate security-related activities and deliverables to each of the phases of software development life cycle (SDLC). To develop secure software, software developers need to think like an attacker. Attack patterns are a mechanism that captures the attacker’s perspective...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2016