In this paper we report on our experience on using the so-called model-driven security approach in an MDA industrial project. In model-driven security, "designers specify system models along with their security requirements and use tools to automatically generate system architectures from the models." Our report includes a discussion of the languages that we used to model both the functional and the security system's requirements, as well as a description of the transformation function that we developed to build from the security-design models the system's access control infrastructure. The report concludes with the lessons about the feasibility and practical industrial relevance of the model-driven security approach that we learned from this experience. © 2008 Springer-Verlag Berlin Heidelberg.
CITATION STYLE
Clavel, M., Da Silva, V., Braga, C., & Egea, M. (2008). Model-driven security in practice: An industrial experience. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5095 LNCS, pp. 326–337). Springer Verlag. https://doi.org/10.1007/978-3-540-69100-6_22
Mendeley helps you to discover research relevant for your work.