Towards a Model-driven based Security Framework

被引：0

作者：

Abdallah, Rouwaida ^{[1
]}

Yakymets, Nataliya ^{[1
]}

Lanusse, Agnes ^{[1
]}

机构：

[1] CEA, LIST, Lab Model Driven Engn Embedded Syst, Gif Sur Yvette, France

来源：

MODELSWARD 2015 PROCEEDINGS OF THE 3RD INTERNATIONAL CONFERENCE ON MODEL-DRIVEN ENGINEERING AND SOFTWARE DEVELOPMENT | 2015年

关键词：

Security; Model-driven; UML Profiles; EBIOS; Attack Trees; Papyrus Tool;

D O I：

暂无

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

In this paper, we propose a model-driven framework for security analysis. We present a security analysis process that begins from the design phase of the system architecture then allows performing several security analysis methods. Our approach presents mainly two advantages: First, it allows the traceability of the security analysis methods with the system architecture. Second, this framework can include several security analysis methods. Moreover it allows information reuse which is complicated when we use separate methods dedicated tools. Thus, we can have more consistent and accurate security analysis results for a system. We chose to implement two methods: A qualitative method named EBIOS which is simple and helps to identify areas of focus within the system. Then, to get more accurate results, we implement a quantitative method, the Attack trees. Attack trees can be automatically generated from the Ebios analysis phase and can be completed later on to get more specific results.

引用

页码：639 / 645

页数：7

共 50 条

[31] A model-driven choreography conceptual framework
Arroyo, Sinuhe
Duke, Alistair
Lopez-Cobo, Jos-Manuel
Sicilia, Miguel-Angel
[J]. COMPUTER STANDARDS & INTERFACES, 2007, 29 (03) : 325 - 334
[32] Towards model-driven unit testing
Engels, Gregor
Gueldali, Baris
Lohmann, Marc
[J]. MODELS IN SOFTWARE ENGINEERING, 2007, 4364 : 182 - +
[33] Evolution of a Model-driven Process Framework
Padua, Wilson
[J]. ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, 2016, 321 : 41 - 65
[34] A Model-driven testing Framework Based on requirement for embedded software
Lei, Haishen
Wang, Yichen
[J]. PROCEEDINGS OF 2016 11TH INTERNATIONAL CONFERENCE ON RELIABILITY, MAINTAINABILITY AND SAFETY (ICRMS'2016): INTEGRATING BIG DATA, IMPROVING RELIABILITY & SERVING PERSONALIZATION, 2016,
[35] AN AUTOMATED MODEL-DRIVEN TESTING FRAMEWORK For Model-Driven Development and Software Product Lines
Lamancha, Beatriz Perez
Polo Usaola, Macario
Piattini, Mario
[J]. ENASE 2010: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON EVALUATION OF NOVEL APPROACHES TO SOFTWARE ENGINEERING, 2010, : 112 - 121
[36] Model-driven and component-based framework for scientific applications
Ait Wakrime, Abderrahim
Ouhammou, Yassine
Bouichou, Milouda
[J]. INTERNATIONAL JOURNAL OF MODELING SIMULATION AND SCIENTIFIC COMPUTING, 2024,
[37] Model-Driven Architectural Framework towards Safe and Secure Nuclear Power Reactors
Ouni, Bassem
Aussagues, Christophe
Dhouib, Saadia
Mraidha, Chokri
[J]. SENSORS, 2021, 21 (15)
[38] A Model-Driven Approach for the German Health Telematics Architectural Framework and the Related Security Infrastructure
Blobel, Bernd
Pharow, Peter
[J]. CONNECTING MEDICAL INFORMATICS AND BIO-INFORMATICS, 2005, 116 : 391 - 396
[39] Model-driven security in practice: An industrial experience
Clavel, Manuel
da Silva, Viviane
Braga, Christiano
Egea, Marina
[J]. MODEL DRIVEN ARCHITECTURE - FOUNDATIONS AND APPLICATIONS, PROCEEDINGS, 2008, 5095 : 326 - +
[40] ModelSec: A Generative Architecture for Model-Driven Security
Sanchez, Oscar
Molina, Fernando
Garcia-Molina, Jesus
Toval, Ambrosio
[J]. JOURNAL OF UNIVERSAL COMPUTER SCIENCE, 2009, 15 (15) : 2957 - 2980

← 1 2 3 4 5 →