Security Consistency in UML Designs

Chicago, Illinois September 17-September 21

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/COMPSAC.2006.76

30th Annual International Computer So ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Orest Pilskalns Articles by Daniel Williams Articles by Damir Aracic Articles by Anneliese Andrews

	ASCII Text	x
	Orest Pilskalns, Daniel Williams, Damir Aracic, Anneliese Andrews, "Security Consistency in UML Designs," Computer Software and Applications Conference, Annual International, vol. 1, pp. 351-358, 30th Annual International Computer Software and Applications Conference (COMPSAC'06), 2006.

	BibTex	x
	@article{ 10.1109/COMPSAC.2006.76, author = {Orest Pilskalns and Daniel Williams and Damir Aracic and Anneliese Andrews}, title = {Security Consistency in UML Designs}, journal ={Computer Software and Applications Conference, Annual International}, volume = {1}, year = {2006}, issn = {0730-3157}, pages = {351-358}, doi = {http://doi.ieeecomputersociety.org/10.1109/COMPSAC.2006.76}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Software and Applications Conference, Annual International TI - Security Consistency in UML Designs SN - 0730-3157 SP351 EP358 A1 - Orest Pilskalns, A1 - Daniel Williams, A1 - Damir Aracic, A1 - Anneliese Andrews, PY - 2006 KW - null VL - 1 JA - Computer Software and Applications Conference, Annual International ER -

Orest Pilskalns, Washington State University, USA

Daniel Williams, Washington State University, USA

Damir Aracic, Washington State University, USA

Anneliese Andrews, University of Denver, USA

Security attacks continually threaten distributed systems, disrupting both individuals and organizations economically and physically. In the software lifecycle, early detection and correction of security flaws in the design phase can reduce overall costs associated with maintenance. Current software development methodologies such as the Model Driven Architecture rely on quality Unified Modeling Language (UML) design models. Often these models are complex and consist of many structural and behavioral views. This can lead to inconsistencies between views. Existing approaches remedy many of these inconsistencies but do not address security consistency across design views. This paper presents an approach to detecting and resolving security faults in UML designs. The approach defines the notion of security inconsistency in designs, analyzes UML views for security inconsistencies, and generates a set of recommended design changes that include Object Constraint Language (OCL) expressions. The OCL can be used as a test oracle in both the design and implementation phases of the software lifecycle.

Citation:

Orest Pilskalns, Daniel Williams, Damir Aracic, Anneliese Andrews, "Security Consistency in UML Designs," compsac, vol. 1, pp.351-358, 30th Annual International Computer Software and Applications Conference (COMPSAC'06), 2006

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.