A Comparison of SecureUML and UMLsec for Role-based Access Control

Nowadays security has become an important aspect in information systems engineering. A mainstream method for information system security is Role-based Access Control (RBAC), which restricts system access to authorised users. Recently different authors have proposed a number of modelling languages (e.g., abuse cases, misuse cases, secure i*, secure Tropos, and KAOS extensions to security) that facilitate the documentation and analysis of security aspects. However it is unclear if these languages support the full spectrum of RBAC specification needs. In this paper we selected two security modelling languages, namely SecureUML and UMLsec. Based on the literature study and on the running example we systematically investigate how these languages could be used for RBAC. Our observations indicate that, although both approaches originate from the de-facto industry standard UML, they are not competitors. Rather they complement each other: SecureUML helps defining static RBAC aspects; UMLsec is recommended for dynamic RBAC analysis. Hopefully our study will help practitioners to understand these two approaches better, especially when selecting them for modelling purposes. We also believe that the combination of both approaches would ease secure information system development.

[1]  Guttorm Sindre,et al.  Mal-Activity Diagrams for Capturing Attacks on Business Processes , 2007, REFSQ.

[2]  Eric S. K. Yu,et al.  A Goal Oriented Approach for Modeling and Analyzing Security Trade-Offs , 2007, ER.

[3]  Charles Ashbacher,et al.  The Object Constraint Language Second Edition, Getting Your Models Ready for MDA, by Jos Warmer and Anneke Kleppe. , 2003 .

[4]  John P. McDermott,et al.  Using abuse case models for security requirements analysis , 1999, Proceedings 15th Annual Computer Security Applications Conference (ACSAC'99).

[5]  Bashar Nuseibeh,et al.  Using abuse frames to bound the scope of security problems , 2004, Proceedings. 12th IEEE International Requirements Engineering Conference, 2004..

[6]  Bashar Nuseibeh,et al.  Security patterns: comparing modeling approaches , 2010 .

[7]  Nicolas Mayer,et al.  Model-based Management of Information System Security Risk , 2012 .

[8]  David Basin,et al.  Model driven security: From UML models to access control infrastructures , 2006, TSEM.

[9]  Haralambos Mouratidis,et al.  Analysing Security Requirements of Information Systems Using Tropos , 2003, ICEIS.

[10]  John Krogstie,et al.  Information Systems Engineering: Conceptual Modeling in a quality perspective , 2003 .

[11]  Jan Jürjens Using UMLsec and goal trees for secure systems development , 2002, SAC '02.

[12]  David A. Basin,et al.  SecureUML: A UML-Based Modeling Language for Model-Driven Security , 2002, UML.

[13]  Andreas L. Opdahl,et al.  Eliciting security requirements with misuse cases , 2004, Requirements Engineering.

[14]  Jan Jürjens,et al.  Secure systems development with UML , 2004 .

[15]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[16]  Axel van Lamsweerde,et al.  Elaborating security requirements by construction of intentional anti-models , 2004, Proceedings. 26th International Conference on Software Engineering.

[17]  Martin S. Feather,et al.  Requirements and Specification Exemplars , 1997, Automated Software Engineering.

[18]  John Mylopoulos,et al.  Modeling security requirements through ownership, permission and delegation , 2005, 13th IEEE International Conference on Requirements Engineering (RE'05).

[19]  W. Caelli,et al.  Information Security Handbook , 1991 .