SecureUML: A UML-based modeling language for model-driven security. We present a modeling language for the model-driven development of secure, distributed systems based on the Unified Modeling Language (UML). Our approach is based on role-based access control with additional support for specifying authorization constraints. We show how UML can be used to specify information related to access control in the overall design of an application and how this information can be used to automatically generate complete access control infrastructures. Our approach can be used to improve productivity during the development of secure distributed systems and the quality of the resulting systems.
Keywords for this software
References in zbMATH (referenced in 12 articles , 1 standard article )
Showing results 1 to 12 of 12.
- Fabian, Benjamin; Gürses, Seda; Heisel, Maritta; Santen, Thomas; Schmidt, Holger: A comparison of security requirements engineering methods (2010)
- Gunawan, Linda Ariani; Herrmann, Peter; Kraemer, Frank Alexander: Towards the integration of security aspects into system development using collaboration-oriented models (2010)
- Siveroni, Igor; Zisman, Andrea; Spanoudakis, George: A UML-based static verification framework for security (2010)
- Brucker, Achim D.; Wolff, Burkhart: Semantics, calculi, and analysis for object-oriented specifications (2009)
- Jürjens, Jan: A domain-specific language for cryptographic protocols based on streams (2009)
- Breu, Ruth; Popp, Gerhard; Alam, Muhammad: Model based development of access policies (2007)
- Jürjens, Jan; Shabalin, Pasha: Tools for secure systems development with UML (2007)
- Klarl, Heiko: Modellgetriebene, mustergestützte sicherheit in serviceorientierten architekturen (2007)
- Shin, Michael E.; Gomaa, Hassan: Software requirements and architecture modeling for evolving non-secure applications into secure applications (2007)
- Koch, Manuel; Parisi-Presicce, Francesco: UML specification of access control policies and their formal verification (2006)
- Thion, Romuald; Coulondre, Stéphane: Integration of access control in information systems: from role engineering to implementation (2006)
- Lodderstedt, Torsten; Basin, David; Doser, Jürgen: SecureUML: A UML-based modeling language for model-driven security (2002)