Title :
Security Consistency in UML Designs
Author :
Orest Pilskalns;Daniel Williams;Damir Aracic;Anneliese Andrews
Author_Institution :
Washington State University, USA
Abstract :
Security attacks continually threaten distributed systems, disrupting both individuals and organizations economically and physically. In the software lifecycle, early detection and correction of security flaws in the design phase can reduce overall costs associated with maintenance. Current software development methodologies such as the model driven architecture rely on quality Unified Modeling Language (UML) design models. Often these models are complex and consist of many structural and behavioral views. This can lead to inconsistencies between views. Existing approaches remedy many of these inconsistencies but do not address security consistency across design views. This paper presents an approach to detecting and resolving security faults in UML designs. The approach defines the notion of security inconsistency in designs, analyzes UML views for security inconsistencies, and generates a set of recommended design changes that include Object Constraint Language (OCL) expressions. The OCL can be used as a test oracle in both the design and implementation phases of the software life-cycle
Keywords :
"Security","Unified modeling language","Software maintenance","Phase detection","Costs","Programming","Computer architecture","Fault detection","Life testing","Software testing"
Conference_Titel :
Computer Software and Applications Conference, 2006. COMPSAC ´06. 30th Annual International
Print_ISBN :
0-7695-2655-1
Electronic_ISBN :
0730-3157
DOI :
10.1109/COMPSAC.2006.76