Modeling Input Validation in UML

March 26-March 28

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ASWEC.2008.30

19th Australian Conference on Softwar ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Pedram Hayati Articles by Nastaran Jafari Articles by S. Mohammad Rezaei Articles by Saeed Sarenche Articles by Vidyasagar Potdar

	ASCII Text	x
	Pedram Hayati, Nastaran Jafari, S. Mohammad Rezaei, Saeed Sarenche, Vidyasagar Potdar, "Modeling Input Validation in UML," Australian Software Engineering Conference, pp. 663-672, 19th Australian Conference on Software Engineering (aswec 2008), 2008.

	BibTex	x
	@article{ 10.1109/ASWEC.2008.30, author = {Pedram Hayati and Nastaran Jafari and S. Mohammad Rezaei and Saeed Sarenche and Vidyasagar Potdar}, title = {Modeling Input Validation in UML}, journal ={Australian Software Engineering Conference}, volume = {0}, year = {2008}, issn = {1530-0803}, pages = {663-672}, doi = {http://doi.ieeecomputersociety.org/10.1109/ASWEC.2008.30}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Australian Software Engineering Conference TI - Modeling Input Validation in UML SN - 1530-0803 SP663 EP672 A1 - Pedram Hayati, A1 - Nastaran Jafari, A1 - S. Mohammad Rezaei, A1 - Saeed Sarenche, A1 - Vidyasagar Potdar, PY - 2008 KW - Software engineering KW - Software security KW - Input validation KW - Unified Modeling Language KW - Object Constraint Language VL - 0 JA - Australian Software Engineering Conference ER -

Security is an integral part of most software systems but it is not considered as an explicit part in the development process yet. Input validation is the most critical part of software security that is not covered in the design phase of software development life-cycle resulting in many security vulnerabilities. Our objective is to extend UML to new integrated framework for model driven security engineering leading to ideal way to design more secure software. Input validation in UML has not been addressed previously, hence we incorporate input validation into UML diagrams such as use case, class, sequence and activity. This approach has some advantages such as preventing from common input tampering attacks, having both security and convenience in software at high level of abstraction and ability of solving the problem of weak security background for developers.

Index Terms:

Software engineering, Software security, Input validation, Unified Modeling Language, Object Constraint Language

Citation:

Pedram Hayati, Nastaran Jafari, S. Mohammad Rezaei, Saeed Sarenche, Vidyasagar Potdar, "Modeling Input Validation in UML," aswec, pp.663-672, 19th Australian Conference on Software Engineering (aswec 2008), 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.