Model-Based Security Engineering: Managed Co-evolution of Security Knowledge and Software Models

نویسندگان

  • Jens Bürger
  • Jan Jürjens
  • Thomas Ruhroth
  • Stefan Gärtner
  • Kurt Schneider
چکیده

We explain UMLsec and associated techniques to incorporate security aspects in model-based development. Additionally, we show how UMLsec can be used in the context of software evolution. More precisely, we present the SecVolution approach which supports monitoring changes in external security knowledge sources (such as compliance regulations or security databases) in order to react to security related modification and to support the associated co-evolution of the UMLsec models.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Quantitative evaluation of software security: an approach based on UML/SecAM and evidence theory

Quantitative and model-based prediction of security in the architecture design stage facilitates early detection of design faults hence reducing modification costs in subsequent stages of software life cycle. However, an important question arises with respect to the accuracy of input parameters. In practice, security parameters can rarely be estimated accurately due to the lack of sufficient kn...

متن کامل

Towards Maintaining Long-Living Information Systems by Incorporating Security Knowledge

Modern information systems are increasingly complex and need to operate in evolving environments. As a consequence, systems must co-evolve to keep up-todate with their environments. This is especially important for security properties, since changes and patches tend to compromise them. We propose a security assessment approach for natural language requirements for systematic co-evolution. Our e...

متن کامل

Evolution of Security Engineering Artifacts: A State of the Art Survey

Security is an important quality aspect of modern open software systems. However, it is challenging to keep such systems secure because of evolution. Security evolution can only be managed adequately if it is considered for all artifacts throughout the software development lifecycle. This article provides state of the art on the evolution of security engineering artifacts. The article covers th...

متن کامل

Formal approach on modeling and predicting of software system security: Stochastic petri net

To evaluate and predict component-based software security, a two-dimensional model of software security is proposed by Stochastic Petri Net in this paper. In this approach, the software security is modeled by graphical presentation ability of Petri nets, and the quantitative prediction is provided by the evaluation capability of Stochastic Petri Net and the computing power of Markov chain. Each...

متن کامل

Designing a career path model based on knowledge management model in Mazandaran Social Security Organization

Background and Aim: Knowledge management is the cycle of discovery, production, storage, distribution, and practical application of knowledge in the organization. Occurs. Work experiences, social groups, and outcomes that determine the path to progress may be limited (in the form of a profession or organization) or broad (the path to progress in society in a wide range of different professions ...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2013