Model-driven Security: from Theory to Application

As a specialization of model-driven architecture, model-driven security (MDS) is an approach that uses models to capture and represent a system’s architecture and security requirements in software development. Through layers of abstraction, system designers and developers can leverage simple and abstract models to design large and complex systems and generate system artifacts such as security policies or application code from automated model transformations. Regarded as a promising approach to reduce complexity and increase efficiency in the design and development of security-critical software systems, MDS has attracted a great amount of interests in academia and industry. Nevertheless, most existing work concentrates on how to model system and security requirements and how to generate system artifacts. The practicability of MDS has not yet been fully assessed. In a recent pilot project, we have applied MDS to the design and development of Web services for an actual e-Government system in Austria. Our work shows that despite extensive research work, several aspects of MDS need to be adapted and further developed such that one can benefit from such an approach in practice. Our work to address these aspects provides a realistic assessment and valuable insights on the application of MDS to Web services in the real