Model-based security engineering

被引:0
|
作者
Juerjens, Jan [1 ]
机构
[1] Tech Univ Munich, Dept Informat, D-8000 Munich, Germany
来源
SIGMAP 2006: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SIGNAL PROCESSING AND MULTIMEDIA APPLICATIONS | 2006年
关键词
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
The current state of the art in security-critical software is far from satisfactory: New security vulnerabilities are discovered on an almost daily basis. To improve this situation, we develop techniques and tools that perform an automated analysis of software artefacts for security requirements (such as secrecy, integrity, and authenticity). These artefacts include specifications in the Unified Modeling Language (UML), annotated source code, and run-time data such as security permissions. The security analysis techniques make use of model-checkers and automated theorem provers for first-order logic. We give examples for security flaws found in industrial software using our tools.
引用
收藏
页码:IS23 / IS29
页数:7
相关论文
共 50 条
  • [1] Model-based security engineering
    Juerjens, Jan
    [J]. ICE-B 2006: Proceedings of the International Conference on e-Business, 2006, : IS23 - IS29
  • [2] Model-based security engineering
    Juerjens, Jan
    [J]. SECRYPT 2006: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY, 2006, : IS23 - IS29
  • [3] Model-based security engineering
    Juerjens, Jan
    [J]. WINSYS 2006: Proceedings of the International Conference on Wireless Information Networks and Systems, 2006, : IS23 - IS29
  • [4] Model-based security engineering with UML
    Jürjens, J
    [J]. FOUNDATIONS OF SECURITY ANALYSIS AND DESIGN III, 2005, 3655 : 42 - 77
  • [5] Model-based security engineering for real
    Juerjens, Jan
    [J]. FM 2006: FORMAL METHODS, PROCEEDINGS, 2006, 4085 : 600 - 606
  • [6] WorSE: A Workbench for Model-based Security Engineering
    Amthor, Peter
    Kuehnhauser, Winfried E.
    Poelck, Anja
    [J]. COMPUTERS & SECURITY, 2014, 42 : 40 - 55
  • [7] Security & Safety by Model-based Requirements Engineering
    Japs, Sergej
    [J]. 2020 28TH IEEE INTERNATIONAL REQUIREMENTS ENGINEERING CONFERENCE (RE'20), 2020, : 422 - 427
  • [8] Model-based security engineering with UML:: Introducing security aspects
    Juerjens, Jan
    [J]. FORMAL METHODS FOR COMPONENTS AND OBJECTS, 2006, 4111 : 64 - 87
  • [9] Towards Language Support for Model-based Security Policy Engineering
    Amthor, Peter
    Schlegel, Marius
    [J]. PROCEEDINGS OF THE 17TH INTERNATIONAL JOINT CONFERENCE ON E-BUSINESS AND TELECOMMUNICATIONS (SECRYPT), VOL 1, 2020, : 513 - 521
  • [10] Model-based security testing Deriving test models from artefacts of security engineering
    Lunkeit, Armin
    Schieferdecker, Ina
    [J]. 2018 IEEE 11TH INTERNATIONAL CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION WORKSHOPS (ICSTW), 2018, : 244 - 251
12345