Enhancing UML to Model Custom Security Aspects

نویسندگان

  • Jaime Pavlich-Mariscal
  • Laurent Michel
  • Steven Demurjian
چکیده

Despite its widespread usage, the Unified Modeling Language (UML) specification still lacks formal, explicit, support for access control. This paper proposes an approach to model security as a separate concern by augmenting UML with separate and new diagrams for role-based, discretionary, and mandatory access controls; collectively, these diagrams provide visual access-control aspects. Individually, each of these diagrams contain a set of security features that augment UML with security capabilities. The intent is to provide designers with a broad set of security features, where they can select only the features needed by their application, merge them into UML, and utilize the custom result to model security aspects. This paper presents a set of features extracted from role-based, discretionary, and mandatory access control, demonstrates their composition into a customizable security model in UML (including a formal basis), and illustrates the approach via a university application.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Aspect Oriented UML to ECORE Model Transformation

With the emerging concept of model transformation, information can be extracted from one or more source models to produce the target models. The conversion of these models can be done automatically with specific transformation languages. This conversion requires mapping between both models with the help of dynamic hash tables. Hash tables store reference links between the elements of the source...

متن کامل

Quantitative evaluation of software security: an approach based on UML/SecAM and evidence theory

Quantitative and model-based prediction of security in the architecture design stage facilitates early detection of design faults hence reducing modification costs in subsequent stages of software life cycle. However, an important question arises with respect to the accuracy of input parameters. In practice, security parameters can rarely be estimated accurately due to the lack of sufficient kn...

متن کامل

Modeling security requirements for context aware system using UML

Modeling in general is “an abstract representation of a specification, design or system from a particular point of view”. System modeling is ”a technique to express, visualise, analyse and transform the architecture of a system”. The Unified Modeling Language (UML) is “a language for specifying, visualising, constructing, and documenting the artefacts of a software-intensive system as well as f...

متن کامل

Model-to-model Transformation Approach for Systematic Integration of Security Aspects into Uml 2.0 Design Models

Model-to-Model Transformation Approach for Systematic Integration of Security Aspects into UML 2.0 Design Models

متن کامل

Performance analysis of security aspects by weaving scenarios extracted from UML models

Aspect-Oriented Modeling (AOM) allows software designers to describe features that address pervasive concerns separately as aspects, and to systematically incorporate the features into a UML design model using model composition techniques. The goal of this paper is to analyze the performance effects of different security features that may be represented as aspect models. This is part of a large...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2007