Developing secure-critical systems is difficult and there are many well-known examples of security weaknesses exploitedin practice. Thus a sound methodology supporting secure systems development is urgently needed. Our aim is to aid the difficult task of developing security-critical systems in an approach basedon the notation of the UnifiedModeling Language. We present the extension UMLsec of UML that allows to express security-relevant information within the diagrams in a system specification. UMLsec is defined in form of a UML profile using the standard UML extension mechanisms. In particular, the associatedconstraints give criteria to evaluate the security aspects of a system design, by referring to a formal semantics of a simplifiedfragment of UML. We demonstrate the concepts with examples. © Springer-Verlag Berlin Heidelberg 2002.
CITATION STYLE
Jürjens, J. (2002). UMLsec: Extending UML for secure systems development. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2460 LNCS, pp. 412–425). Springer Verlag. https://doi.org/10.1007/3-540-45800-x_32
Mendeley helps you to discover research relevant for your work.