Jan Jürjens
ABSTRACT
We present tools to support model-based security engineering at both the model and the code level. In the approach supported by these tools, one firstly specifies the security-critical part of the system (e.g. a crypto protocol) using the UML security extension UMLsec. The models are automatically verified for security properties using automated theorem provers. These are implemented within a framework that supports implementing verification routines, based on XMI output of the diagrams from UML CASE tools. Advanced users can use this open-source framework to implement verification routines for the constraints of self-defined security requirement
In a second step, one verifies that security-critical parts of the model are correctly implemented in the code (which might be a legacy implementation), and applies security hardening transformations where that is not the case. This is supported by tools that (1) establish traceability through refactoring scripts and (2) modularize security hardening advices through aspect-oriented programming. The proposed method has been applied to an open-source implementation of a cryptographic protocol implementation (Jessie) in Java to build up traceability mappings and security aspects. In that application, we found a security weakness which could be fixed using our approach. The resulting refactoring scripts and security aspects have found reusability in the Java Secure Socket Extension (JSSE) library
- B. Best, J. Jürjens, and B. Nuseibeh. Model-based security engineering of distributed information systems using UMLsec. In ICSE 2007, pages 581--590. ACM, 2007. Google Scholar
Digital Library
- J. Jürjens. UMLsec webpage, 2002-07. Accessible at http://www.umlsec.org.Google Scholar
- J. Jürjens. Secure Systems Development with UML. Springer, 2004. Google ScholarDigital Library
- J. Jürjens. Code security analysis of a biometric authentication system using automated theorem provers. In 21st Annual Computer Security Applications Conference (ACSAC 2005). IEEE, 2005. Google ScholarDigital Library
- J. Jürjens. Sound methods and effective tools for model-based security engineering with UML. In 27th International Conference on Software Engineering (ICSE 2005). IEEE, 2005. Google ScholarDigital Library
- J. Jürjens. Security analysis of crypto-based Java programs using automated theorem provers. In S. Easterbrook and S. Uchitel, editors, 21st IEEE/ACM International Conference on Automated Software Engineering (ASE 2006). ACM, 2006. Google ScholarDigital Library
Index Terms
- Tools for model-based security engineering: models vs. code
Recommendations
Tools for model-based security engineering
ICSE '06: Proceedings of the 28th international conference on Software engineeringWe present tool-support for checking UML models and C code against security requirements. A framework supports implementing verification routines, based on XMI output of the diagrams from UML CASE tools, and on control flow generated from the C code. ...
Sound methods and effective tools for model-based security engineering with UML
ICSE '05: Proceedings of the 27th international conference on Software engineeringDeveloping security-critical systems is difficult and there are many well-known examples of security weaknesses exploited in practice. Thus a sound methodology supporting secure systems development is urgently needed.We present an extensible ...
An approach and tool for synchronous refactoring of UML diagrams and models using model-to-model transformations
WRT '12: Proceedings of the Fifth Workshop on Refactoring ToolsWhen refactorings are applied to software models that are specified using the Unified Modeling Language (UML), the actual model and the graphical presentation of the model using a diagram need to be distinguished. While UML refactoring tools exist, they ...
Comments