Title :
Designing System Security with UML Misuse Deployment Diagrams
Author :
Lincke, Susan J. ; Knautz, Timothy H. ; Lowery, Misty D.
Author_Institution :
Comput. Sci. Dept., Univ. of Wisconsin-Parkside, Kenosha, WI, USA
Abstract :
Useful enhancements to UML for security exist, including for the requirements and analysis/design stages: notably misuse case diagrams/descriptions, mis-sequence diagrams, UMLpac, and security patterns. These all consider security attacks on software functionality. This paper considers the system architecture when analyzing security. The advantage of the proposed misuse deployment diagram is that in distributed processing (e.g., client/server) where you put your defense software is as important as having it. This new diagram gives a bird´s eye view of possible security attacks, and the security defenses or layers to mitigate them. This technique can be used in more than software development, since it may be used in audit, testing, security planning, and security education.
Keywords :
Unified Modeling Language; security of data; UML misuse deployment diagrams; UMLpac; distributed processing; missequence diagrams; notably misuse case descriptions; notably misuse case diagrams; security attacks; security patterns; software functionality; system security; Electronic mail; Materials; Security; Servers; Software; Unified modeling language; Web sites; Misuse case; UML deployment diagram; audit; secure UML; security planning; software architecture;
Conference_Titel :
Software Security and Reliability Companion (SERE-C), 2012 IEEE Sixth International Conference on
Conference_Location :
Gaithersburg, MD
Print_ISBN :
978-1-4673-2670-4
DOI :
10.1109/SERE-C.2012.12
