Verification and trade-off analysis of security properties in UML system models

IEEE Transactions on Software Engineering

Volumn 36, Issue 3, 2010, Pages 338-356

  Georg, Geri ^a   Anastasakis, Kyriakos ^b   Bordbar, Behzad ^b   Houmb, Siv Hilde ^c   Ray, Indrakshi ^a   Toahchoodee, Manachai ^a  

^a Department of Computer Science   (United States)

^b UNIVERSITY OF BIRMINGHAM   (United Kingdom)

^c Telenor GBDR ^*  (Norway)

Author keywords

Aspect oriented modeling (AOM); Bayesian belief network (BBN); Security analysis; Trade off analysis

Indexed keywords

ALLOY ANALYZERS; ASPECT-ORIENTED; ASPECT-ORIENTED MODELING; BAYESIAN BELIEF NETWORKS; BUDGET CONSTRAINT; FORMAL SECURITY; NON-TRIVIAL TASKS; POTENTIAL ATTACK; PROJECT CONSTRAINTS; RISK-DRIVEN DEVELOPMENT; SECURE SYSTEM; SECURITY ANALYSIS; SECURITY BREACHES; SECURITY MECHANISM; SECURITY PROPERTIES; SECURITY SOLUTIONS; SYSTEM DESIGN; SYSTEM DESIGNERS; SYSTEM MODELS; SYSTEM RISK; SYSTEM SECURITY; TIME-TO-MARKET; TRADE-OFF ANALYSIS;

COMMERCE; ELECTRIC NETWORK TOPOLOGY; KNOWLEDGE BASED SYSTEMS; MACHINE DESIGN; MODEL STRUCTURES; SECURITY SYSTEMS;

BAYESIAN NETWORKS;

EID: 77953120075     PISSN: 00985589     EISSN: None     Source Type: Journal    
DOI: 10.1109/TSE.2010.36     Document Type: Article

References (51)

1. ISO 14508, Common Criteria for Information Technology Security Evaluation, in Version 3.1, Revision 2, 2007.
2. ISO 14508-14514, Common Methodology for Information Technology Security Evaluation: Evaluation Methodology, in Version 3.1, Revision 2, 2007.
3. AS/NZS, Australian/New Zealand Standard for Risk Management AS/ NZS 4360:2004, ANZ Standard, ed., 2004.
4. AS/NZS, Australian/New Zealand Standard HB 436:2004 Risk Management Guidelines-Companion to AS/NZS 4360:2004, ANZ Standard, ed., 2004.
5. S.H. Houmb, "Decision Support for Choice of Security Solution: The Aspect-Oriented Risk Driven Development (AORDD) Framework," Dept. of Math. Sciences, Norwegian Univ. of Science and Technology, 2007.
6. S.H. Houmb et al., "Cost-Benefit Trade-Off Analysis Using BBN for Aspect-Oriented Risk-Driven Development," Proc. IEEE Int'l Conf. Eng. Complex Computer Systems, pp. 195-204, 2005.
7. S.H. Houmb et al., "An Integrated Security Verification and Security Solution Design Trade-Off Analysis Approach," Integrating Security and Software Eng.: Advances and Future Vision, H. Mouratidis and P. Giorgini, eds., IGI Global, 2007.
8. OMG, Unified Modeling Language: Superstructure Version 2.1.2 Formal/07/11/02, 2002.
9. ISO/IEC 13335-5, Information Technology-Guidelines for Management of IT Security, 2001
10. 1CORAS, IST-2000-25031, 2003.
11. K. Stølen et al., "Model Based Risk Assessment in a Component- Based Software Engineering Process: The CORAS Approach to Identify Security Risks," Business Component-Based Software Eng., F. Barbier, ed., pp. 189-207, Kluwer, 2002.
12. R. France et al., "A UML-Based Pattern Specification Technique," IEEE Trans. Software Eng., vol.30, no.3, pp. 193-206, Mar. 2004.
13. R. France et al., "Aspect-Oriented Approach to Design Modeling," IEE Proc. Software, vol.151, no.4, pp. 173-186, 2004.
14. G. Georg, J. Bieman, and R. France, "Using Alloy and UML/OCL to Specify Run-Time Configuration Management: A Case Study," Proc. Workshop pUML-Group Held Together with the UML, A. Evans et al., eds., pp. 128-141, 2001.
15. G. Georg et al., "An Aspect-Oriented Methodology for Designing Secure Applications," Information and Software Technology, vol.51, no.5, pp. 846-864, 2009.
16. G. Straw et al., "Model Composition Directives," The Unified Modelling Language: Modelling Languages and Applications (UML), T. Baar et al., eds., pp. 84-97, Springer, 2004.
17. Alloy, http://alloy.mit.edu, 2009.
18. D. Jackson, Software Abstractions: Logic, Lanaguage, and Analysis. MIT Press, 2006.
19. B.D. Finetti, Theory of Probability, vols. 1 and 2. John Wiley and Sons, 1973.
20. F. Jensen, An Introduction to Bayesian Network. UCL Press, 1996.
21. J. Pearl, Probabilistic Reasoning in Intelligent Systems. Cambridge Univ. Press, 1998.
22. B.A. Gran, "The Use of Bayesian Belief Networks for Combining Disparate Sources of Information in the Safety Assessment of Software Based System," Dept. of Math. Science, Norwegian Univ. of Science and Technology, 2002.
23. SERENE, SERENE: Safety and Risk Evaluation Using Bayesian Nets, p. ESPIRIT Framework IV nr. 22187, 1999.
24. OMG, XML Metadata Interchange (XMI) V2.0 Formal/05-05-101, 2005.
25. OMG, Object Constraint Language Version 2.0 Formal/06/05/01, 2006.
26. ArgoUML, http://argouml.tigris.org, 2009.
27. K. Anastasakis et al., "UML2Alloy: A Challenging Model Transformation," Proc. 10th Int'l Conf. Model Driven Eng. Languages and Systems, G. Engels et al., eds., pp. 436-450, 2007.
28. B. Bordbar and K. Anastasakis, "UML2ALLOY: A Tool for Light- Weight Modelling of Discrete Event System," Proc. Int'l Conf. Applied Computing, N. Guimarães and P.T. Isaías, eds., pp. 209-216, 2005.
29. P. Ziemann and M. Gogolla, "An Extension of OCL with Temporal Logic," Proc. Workshop Critical Systems Development with UML, J. Jürjens, ed., pp. 53-62, 2002.
30. HUGIN, Hugin Expert A/S, 2007.
31. T. Dimitrakos et al., "Integrating Model-Based Security Risk Management into Ebusiness Systems Development: The CORAS Approach," Proc. IFIP Conf. E-Commerce, E-Business, E-Government, J. Monteiro, P. Swatman, and L. Tavares, eds., pp. 159-175, 2002.
32. T. Wu, "The Secure Remote Password Protocol," Proc Internet Soc. Network and Distributed System Security Symp., pp. 97-111, 1998.
33. T. Wu, The SRP Authentication and Key Exchange Systems, N.W. Group, ed., 2000.
34. TLSWG, SSL 3.0 Specification, 1996.
35. G. Georg et al., Security Property Verification and Trade-Off Analysis Using UML. Colorado State Univ., 2008.
36. M. Vaziri and D. Jackson, "Some Shortcomings of OCL, the Object Constraint Language of UML," Proc. Int'l Conf. Technology of Object-Oriented Languages and Systems, Q. Li et al., eds., pp. 555- 562, 2000.
37. E. Torlak et al., Knowledge Flow Analysis for Security Protocols. Computer Science and Artificial Intelligence Laboratory, MIT, 2005.
38. R.M. Needham and M.D. Schroeder, "Using Encryption for Authentication in Large Networks of Computers," Comm. ACM, vol.21, no.12, pp. 993-999, 1978.
39. B. Littlewood et al., "Towards Operational Measures of Computer Security," J. Computer Security, vol.2, nos. 2/3, pp. 211-230, 1993.
40. R. Kazman, M. Klein, and P. Clements, "ATAM: Method for Architecture Evaluation," Technical Report CMU/SEI-2000-TR- 004, Carnegie Mellon Univ./Software Eng. Inst., 2000.
41. R. Kazman, J. Asundi, and M. Klein, "Making Architecture Design Decisions: An Economic Approach," Technical Report CMU/SEI- 2002-TR-035, Carnegie Mellon Univ./Software Eng. Inst., 2002.
42. M. Daneva, "Applying Real Options Thinking to Information Security in Networked Organizations," CTIT Report TR-CTIT-06-11, Univ. of Twente, 2006.
43. M. Benaroch, "Managing Information Technology Investment Risk: A Real Options Perspective," J. Management Information Systems, vol.19, no.2, pp. 43-84, 2002.
44. W. Sonnenreich, J. Albanese, and B. Stout, "Return on Security Investment (ROSI)-A Practical Quantitative Model," J. Research and Practice in Information Technology, vol.38, no.1, pp. 45-56, 2006.
45. B. Barber and J. Davey, "The Use of the CCTA Risk Analysis and Management Methodology CRAMM in Health Information Systems," Proc. Medical Informatics Conf., K.C. Lun et al., eds., pp. 1589-1593, 1992.
46. ISO/IEC, Information Technology-Code of Practice for Information Security Management, 2000.
47. T. Massoni, R. Gheyi, and P. Borba, "A UML Class Diagram Analyzer," Proc. Int'l Workshop Critical Systems Development with UML at UML, pp. 100-114, 2004.
48. G. Lowe, "Breaking and Fixing the Needham-Schröeder Public- Key Protocol Using FDR," Proc. Int'l Conf. Tools and Algorithms for Construction and Analysis of Systems, T. Margaria and B. Steffen, eds., pp. 147-166, 1996. (Pubitemid 126050413)
49. M. Gogolla, J. Bohling, and M. Richters, "Validating UML and OCL Models in USE by Automatic Snapshot Generation," Software and System Modeling, vol.4, no.4, pp. 386-398, 2005.
50. D. Basin, J. Doser, and T. Lodderstedt, "Model Driven Security: From UML Models to Access Control Infrastructures," ACM Trans. Software Eng. and Methodology, vol.15, no.1, pp. 39-91, 2006.
51. D. Basin et al., "Automated Analysis of Security-Design Models," Information and Software Technology, vol.51, no.5, pp. 815-831, 2009.