Model-Based Security Engineering with UML: Introducing Security Aspects

Developing security-critical systems is difficult and there are many well-known examples of security weaknesses exploited in practice. Thus a sound methodology supporting secure systems development is urgently needed. Our aim is to aid the difficult task of developing security-critical systems in a formally based approach using the notation of the Unified Modeling Language. We present the extension UMLsec of UML that allows one to express security-relevant information within the diagrams in a system specification. UMLsec is defined in form of a UML profile using the standard UML extension mechanisms. In particular, the associated constraints give criteria to evaluate the security aspects of a system design, by referring to a formal semantics of a simplified fragment of UML. In this tutorial exposition, we concentrate on an approach to develop and analyze security-critical specifications and implementations using aspect-oriented modeling.

[1]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .

[2]  Bernhard Rumpe,et al.  The UML as a formal modeling notation , 1998, Comput. Stand. Interfaces.

[3]  Manfred Broy,et al.  Specification and development of interactive systems: focus on streams, interfaces, and refinement , 2001 .

[4]  Frank S. de Boer,et al.  Object Connectivity and Full Abstraction for a Concurrent Calculus of Classes , 2004, ICTAC.

[5]  Martín Abadi,et al.  Formal Eavesdropping and Its Computational Interpretation , 2001, TACS.

[6]  Ketil Stølen,et al.  STAIRS - Steps to Analyze Interactions with Refinement Semantics , 2003, UML.

[7]  Gerard J. Holzmann,et al.  Abstracting C with abC , 2002, CAV.

[8]  Jan Jürjens,et al.  UMLsec: Extending UML for Secure Systems Development , 2002, UML.

[9]  Jan Jürjens,et al.  Towards Development of Secure Systems Using UMLsec , 2001, FASE.

[10]  Iulian Ober,et al.  Validation of UML Models via a Mapping to Communicating Extended Timed Automata , 2004, SPIN.

[11]  Bashar Nuseibeh,et al.  Deriving security requirements from crosscutting threat descriptions , 2004, AOSD '04.

[12]  Jan Jürjens Sound methods and effective tools for model-based security engineering with UML , 2005, ICSE '05.

[13]  Frank S. de Boer,et al.  Control Flow versus Logic: A Denotational and a Declarative Model for Guarded Horn Clauses , 1989, MFCS.

[14]  Jan Jürjens Code security analysis of a biometric authentication system using automated theorem provers , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[15]  Jan Jürjens,et al.  Security Analysis of Crypto-based Java Programs using Automated Theorem Provers , 2006, 21st IEEE/ACM International Conference on Automated Software Engineering (ASE'06).

[16]  Yuri Gurevich Invited Talk: ASM Formalware in the Software Engineering Cycle , 2000, AMAST.

[17]  Jan Jürjens,et al.  Dynamic secure aspect modeling with UML: from models to code , 2005, MoDELS'05.

[18]  Egon Börger,et al.  Abstract State Machines , 2003 .

[19]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[20]  Manfred Broy,et al.  Specification and Development of Interactive Systems , 2001, Monographs in Computer Science.

[21]  Frank S. de Boer,et al.  A Fully Abstract Semantics for UML Components , 2004, FMCO.

[22]  R. France,et al.  Aspect-oriented approach to early design modelling , 2004, IEE Proc. Softw..

[23]  Susanne Graf,et al.  Model Checking Software , 2004, Lecture Notes in Computer Science.

[24]  Willem P. de Roever,et al.  29 New Unclarities in the Semantics of UML 2.0 State Machines , 2005, ICFEM.