ABSTRACT
In model-driven development, system designs are specified using graphical modeling languages like UML and system artifacts such as code and configuration data are automatically generated from the models. Model-driven security is a specialization of this paradigm, where system designs are modeled together with their security requirements and security infrastructures are directly generated from the models. Over the past decade, we have explored different facets of model-driven security. This research includes different modeling languages, code generators, model analysis tools, and even model transformations. For example, in multi-tier systems, we used model transformations to transform a security policy, formulated for a system's data model, to a security policy governing the behavior of the system's graphical user interface. In this paper, we survey progress made, tool support, and case studies, which attest to the flexibility and power of such a multi-faceted approach to building secure systems.
- G.-J. Ahn and M. E. Shin. UML-based representation of role-based access control. In Proceedings of the 9th IEEE International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE'00), pages 195--200. IEEE Computer Society, June 2000. Google ScholarDigital Library
- G. J. Ahn and M. E. Shin. Role-based authorization constraints specification using object constraint language. In Proceedings of the 10th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE'01), pages 157--162. IEEE Computer Society, 2001. Google ScholarDigital Library
- M. Alam, M. Hafner, and R. Breu. Constraint based role based access control in the SECTET framework: A model-driven approach. Journal of Computer Security, 16(2):223--260, 2008. Google ScholarDigital Library
- M. Alam, J. Seifert, and X. Zhang. A model-driven framework for trusted computing based systems. In Proceedings of the 11th IEEE International Enterprise Distributed Object Computing Conference (EDOC'07), pages 75--87. IEEE Computer Society, 2007. Google ScholarDigital Library
- D. Basin, M. Clavel, J. Doser, and M. Egea. A metamodel-based approach for analyzing security-design models. In G. Engels, B. Opdyke, D. Schmidt, and F. Weil, editors, Proceedings of the 10th International Conference on Model Driven Engineering Languages and Systems (MODELS '07), volume 4735 of LNCS, pages 420--435. Springer-Verlag, 2007. Google ScholarDigital Library
- D. Basin, M. Clavel, J. Doser, and M. Egea. Automated analysis of security-design models. Information and Software Technology, 51(5):815--831, 2009. Google ScholarDigital Library
- D. Basin, M. Clavel, M. Egea, and M. Schlapfer. Automatic generation of smart, security-aware GUI models. In F. Massacci, D. S. Wallach, and N. Zannone, editors, Proceedings of the 2nd International Symposium on Engineering Secure Software and Systems (ESSoS'10), volume 5965 of LNCS, pages 201--217, Pisa, Italy, 2010. Springer. Google ScholarDigital Library
- D. Basin, J. Doser, and T. Lodderstedt. Model driven security for process-oriented systems. In Proceedings of the 8th ACM Symposium on Access Control Models and Technologies (SACMAT '03), pages 100--109. ACM Press, 2003. Google ScholarDigital Library
- D. Basin, J. Doser, and T. Lodderstedt. Model driven security: From UML models to access control infrastructures. ACM Transactions on Software Engineering and Methodology, 15(1):39--91, 2006. Google ScholarDigital Library
- D. Basin, H. Kuruma, K. Miyazaki, K. Takaragi, and B. Wolff. Verifying a signature architecture: A comparative case study. Formal Aspects of Computing, 19(1):63--91, March 2007. Google ScholarCross Ref
- R. Breu, G. Popp, and M. Alam. Model based development of access policies. International Journal on Software Tools for Technology Transfer, 5:457--470, 2007. Google ScholarDigital Library
- C. Burt, B. Bryant, R. Raje, A. Olson, and M. Auguston. Model driven security: Unification of authorization models for fine-grain access control. In Proceedings of the 7th International Enterprise Distributed Object Computing Conference (EDOC'03), pages 159--172. IEEE Computer Society, 2003. Google ScholarDigital Library
- M. Clavel, M. Egea, and M. A. G. de Dios. Building an efficient component for OCL evaluation. Electronic Communications of the EASST, 15, 2008.Google Scholar
- M. Clavel, M. Egea, and M. A. G. de Dios. Checking unsatisfiability for OCL constraints. Electronic Communications of the EASST, 24, 2009.Google Scholar
- M. Clavel, V. Silva, C. Braga, and M. Egea. Model-driven security in practice: An industrial experience. In I. Schieferdecker and A. Hartman, editors, Proceedings of 4th European Conference on Model Driven Architecture-Foundations and Applications (ECMDA-FA '08) - Industrial Track, volume 5095 of LNCS, pages 327--338, Berlin-Germany, 2008. Springer-Verlag. Google ScholarDigital Library
- N. Damianou, N. Dulay, E. Lupu, and M. Sloman. The Ponder policy specification language. In M. Sloman, J. Lobo, and E. C. Lupu, editors, Policies for Distributed Systems and Networks (POLICY '01), volume 1995 of LNCS, pages 18--38, Bristol-United Kingdom, 2001. Springer-Verlag. Google ScholarDigital Library
- C. Dania and M. Egea. The MySQL4OCL code generator, 2010. http://www.bm1software.com/mysql-ocl/.Google Scholar
- M. A. G. de Dios, C. Dania, M. Schlapfer, D. Basin, M. Clavel, and M. Egea. SSG: A model-based development environment for smart, security-aware GUIs. In Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering, volume 2, pages 311--312, Cape Town-South Africa, 2010. ACM. Google ScholarDigital Library
- B. Dutertre and L. Moura. Yices: An SMT solver. http://yices.csl.sri.com/, 2008.Google Scholar
- Eclipse Model to Model (M2M) Project. The operational QVT transformation engine. http://www.eclipse.org/modeling/m2m/, 2011.Google Scholar
- Eclipse Model to Text (M2T) Project. The Java emitter template (JET) framework for code generation. http://www.eclipse.org/modeling/m2t/, 2011.Google Scholar
- M. Egea, C. Dania, and M. Clavel. MySQL4OCL: A stored procedure-based MySQL code generator for OCL. Electronic Communications of the EASST, 36, 2010.Google Scholar
- E. Fernandez-Medina, J. Trujillo, and M. Piattini. Model driven multidimensional modeling of secure data warehouses. European Journal of Information Systems, pages 374--389, 2007.Google ScholarCross Ref
- E. Fernández-Medina, J. Trujillo, R. Villarroel, and M. Piattini. Developing secure data warehouses with a UML extension. Information Systems, 32:826--856, September 2007. Google ScholarDigital Library
- K. Fisler, S. Krishnamurthi, L. Meyerovich, and M. Tschantz. Verification and change-impact analysis of access-control policies. In Proceedings of the 27th International Conference on Software Engineering (ICSE'05), pages 196--205. ACM, 2005. Google ScholarDigital Library
- J. Fox and J. Jürjens. Introducing security aspects with model transformations. In Proceedings of the 12th IEEE International Conference on the Engineering of Computer-Based Systems (ECBS'05), pages 543--549, Washington, DC, USA, 2005. IEEE Computer Society. Google ScholarDigital Library
- C. Haley, J. Moffet, R. Laney, and B. Nuseibeh. A framework for security requirements engineering. In Proceedings of the 2006 Software Engineering for Secure Systems Workshop (SESS'06), pages 35--42, New York, USA, 2006. ACM. Google ScholarDigital Library
- R. Hubert. Convergent Architecture: Building Model Driven J2EE Systems with UML. John Wiley & Sons, 2001. Google ScholarDigital Library
- J. Jürjens. UMLsec: Extending UML for secure systems development. In J. M. Jézéquel, H. Hussmann, and S. Cook, editors, Proceedings of the 5th International Conference on the Unified Modeling Language (UML'02), volume 2460 of LNCS, pages 412--425. Springer-Verlag, 2002. Google ScholarDigital Library
- G. Klein et al. sel4: formal verification of an OS kernel. In Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles, SOSP '09, pages 207--220, New York, NY, USA, 2009. ACM. Google ScholarDigital Library
- T. Lodderstedt. Model Driven Security, from UML Models to Access Control Architectures. PhD thesis, Unversity of Freiburg, Germany, 2003.Google Scholar
- T. Lodderstedt, D. Basin, and J. Doser. SecureUML: A UML-based modeling language for model-driven security. In J.-M. Jézéquel, H. Hussmann, and S. Cook, editors, Proceedings of the 5th international Conference on the Unified Modeling Language: Model Engineering, Concepts, and Tools (UML'02), volume 2460 of LNCS, pages 426--441. Springer-Verlag, 2002. Google ScholarDigital Library
- F. Marschall and P. Braun. Model transformations for the MDA with BOTL. Technical report, University of Twente, 2003.Google Scholar
- F. Marschall and P. Braun. Bidirectional object oriented transformation language (BOTL). http://sourceforge.net/projects/botl/, 2005.Google Scholar
- Object Management Group. Model driven architecture guide v. 1.0.1. Technical report, OMG, 2003. OMG document available at http://www.omg.org/cgi-bin/doc?omg/03-06-01.Google Scholar
- Object Management Group. Object Constraint Language specification Version 2.2, February 2010. OMG document available at http://www.omg.org/spec/OCL/2.2.Google Scholar
- M. Schlapfer, M. Egea, D. Basin, and M. Clavel. Automatic generation of security-aware GUI models. In A. Bagnato, editor, Proceegings of the 1st European Workshop on Security in Model Driven Arquitecture (SEC-MDA'09), pages 42--56, Enschede, the Netherlands, 2009. CTIT Workshop Proceedings WP09-06.Google Scholar
- K. Sohr, G. J. Ahn, M. Gogolla, and L. Migge. Specification and validation of authorisation constraints using UML and OCL. In S. di Vimercati, P. Syverson, and D. Gollmann, editors, Proceedings of the 10th European Symposium on Research in Computer Security (ESORICS '05), volume 3679 of LNCS, pages 64--79. Springer-Verlag, 2005. Google ScholarDigital Library
- K. Sohr, T. Mustafa, X. Bao, and G.-J. Ahn. Enforcing role-based access control policies in web services with UML and OCL. In Proceedings of the 24th Annual Computer Security Applications Conference (ACSAC'08), pages 257--266, Washington DC, USA, 2008. IEEE Computer Society. Google ScholarDigital Library
- B. Vela, E. Fernandez-Medina, E. Marcos, and M. Piattini. Model driven development of secure XML databases. ACM Sigmod Record, 35(3):22--27, 2006. Google ScholarDigital Library
- D. von Oheimb and V. Lotz. Formal security analysis with interacting state machines. In D. Gollmann, G. Karjoth, and M. Waidner, editors, Proceedings of the 7th European Symposium on Research in Computer Security (ESORICS'02), volume 2502 of Lecture Notes in Computer Science, pages 212--228. Springer Berlin / Heidelberg, 2002. Google ScholarDigital Library
- H. Wang, Y. Zhang, J. Cao, and J. Yang. Specifying role-based access constraints with object constraint language. In Proceedings of the 6th Asia-Pacific Web Conference (APWeb '04), volume 3007 of LNCS, pages 687--696. Springer-Verlag, 2004.Google ScholarCross Ref
- C. Wolter, M. Menzel, A. Schaad, P. Miseldine, and C. Meinel. Model-driven business process security requirement specification. Journal of Systems Architecture, 55(4):211--223, 2009. Google ScholarDigital Library
- A. Yie, R. Casallas, D. Deridder, and R. V. D. Straeten. Multi-step concern refinement. In Proceedings of the 2008 AOSD workshop on Early Aspects (EA-AOSD'08), pages 1--8, New York, NY, USA, 2008. ACM. Google ScholarDigital Library
- N. Zhang, M. Ryan, and D. Guelev. Evaluating access control policies through model checking. Information Security, pages 446--460, 2005. Google ScholarDigital Library
- N. Zhang, M. Ryan, and D. Guelev. Synthesising verified access control systems through model checking. Journal of Computer Security, 16(1):1--61, 2008. Google ScholarDigital Library
Index Terms
A decade of model-driven security
Recommendations
Transformation techniques in the model-driven development process of UWE
ICWE '06: Workshop proceedings of the sixth international conference on Web engineeringDevelopment of Web software is still an inefficient and error-prone process. We need integrated techniques and tool support for automated generation of Web systems. The goal of model-driven development (MDD) is to tackle these problems introducing a ...
Managing embedded systems complexity with aspect-oriented model-driven engineering
Model-driven engineering addresses issues of platform heterogeneity and code quality through the use of high-level system models and subsequent automatic transformations. Adoption of the model-driven software engineering paradigm for embedded systems ...
A Model-Driven Approach for Code Generation for Web-based Information Systems Built with Frameworks
WebMedia '17: Proceedings of the 23rd Brazillian Symposium on Multimedia and the WebIn the field of Web Engineering, there are several methods proposed for the development of Web-based information systems (WISs). FrameWeb is a method that aims to develop WISs that use certain types of frameworks in their architecture, proposing models ...
Comments