Designing System Security with UML Misuse Deployment Diagrams

Designing System Security with UML Misuse Deployment Diagrams

Useful enhancements to UML for security exist, including for the requirements and analysis/design stages: notably misuse case diagrams/descriptions, mis-sequence diagrams, UMLpac, and security patterns. These all consider security attacks on software functionality. This paper considers the system ar...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Hauptverfasser: Lincke, S. J., Knautz, T. H., Lowery, M. D.
Format: Tagungsbericht
Sprache:eng
Schlagworte:
audit
Electronic mail
Materials
Misuse case
secure UML
Security
security planning
Servers
Software
software architecture
UML deployment diagram
Unified modeling language
Web sites
Online-Zugang:Volltext bestellen
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:Useful enhancements to UML for security exist, including for the requirements and analysis/design stages: notably misuse case diagrams/descriptions, mis-sequence diagrams, UMLpac, and security patterns. These all consider security attacks on software functionality. This paper considers the system architecture when analyzing security. The advantage of the proposed misuse deployment diagram is that in distributed processing (e.g., client/server) where you put your defense software is as important as having it. This new diagram gives a bird's eye view of possible security attacks, and the security defenses or layers to mitigate them. This technique can be used in more than software development, since it may be used in audit, testing, security planning, and security education.
DOI:10.1109/SERE-C.2012.12