Tools for model-based security engineering: Models vs. code

ASE'07 - 2007 ACM/IEEE International Conference on Automated Software Engineering

Volumn , Issue , 2007, Pages 545-546

  Jürjens, Jan ^a   Yu, Yijun ^a  

^a OPEN UNIVERSITY   (United Kingdom)

Author keywords

code analysis; model based software engineering; refactoring; security; security hardening; UML; verification framework

Indexed keywords

ASPECT-ORIENTED PROGRAMMING; AUTOMATED THEOREM PROVER; CASE TOOLS; CODE ANALYSIS; CRITICAL PARTS; CRYPTOGRAPHIC PROTOCOLS; CRYPTOPROTOCOLS; MODEL-BASED; OPEN SOURCE FRAMEWORKS; OPEN SOURCE IMPLEMENTATION; REFACTORINGS; SECURE SOCKETS; SECURITY ENGINEERING; SECURITY HARDENING; SECURITY PROPERTIES; SECURITY REQUIREMENTS; SECURITY WEAKNESS; VERIFICATION FRAMEWORK; VERIFICATION ROUTINES;

AUTOMATION; COMPUTER AIDED SOFTWARE ENGINEERING; COMPUTER SOFTWARE SELECTION AND EVALUATION; COMPUTER SYSTEMS PROGRAMMING; CRYPTOGRAPHY; HARDENING; MODELS; NETWORK SECURITY; REUSABILITY; SECURITY SYSTEMS; VERIFICATION;

NETWORK PROTOCOLS;

EID: 77953981798     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1321631.1321736     Document Type: Conference Paper

References (6)

1. B. Best, J. Jürjens, and B. Nuseibeh. Model-based security engineering of distributed information systems using UMLsec. In ICSE 2007, pages 581-590. ACM, 2007.
2. J. Jürjens. UMLsec webpage, 2002-07. Accessible at http://www.umlsec.org.
3. J. Jürjens. Secure Systems Development with UML. Springer, 2004.
4. J. Jürjens. Code security analysis of a biometric authentication system using automated theorem provers. In 21st Annual Computer Security Applications Conference (ACSAC 2005). IEEE, 2005.
5. J. Jürjens. Sound methods and effective tools for model-based security engineering with UML. In 27th International Conference on Software Engineering (ICSE 2005). IEEE, 2005.
6. J. Jürjens. Security analysis of crypto-based Java programs using automated theorem provers. In S. Easterbrook and S. Uchitel, editors, 21st IEEE/ACM International Conference on Automated Software Engineering (ASE 2006). ACM, 2006.