Loading…
Security-critical system development with extended use cases
Due to increasing interconnection, IT systems are confronted with more and more attacks. To address this problem, we have to consider security requirements from the beginning of the system development. In early phases of system development, it is common to use a hybrid system view which is based on...
Saved in:
Main Authors: | , , , |
---|---|
Format: | Conference Proceeding |
Language: | English |
Subjects: | |
Online Access: | Request full text |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Summary: | Due to increasing interconnection, IT systems are confronted with more and more attacks. To address this problem, we have to consider security requirements from the beginning of the system development. In early phases of system development, it is common to use a hybrid system view which is based on an object oriented modeling of the application core and the specification of use cases. We present an extension of this process for security-critical systems. We show a methodical approach for the development of security-critical systems and the modeling of security aspects in the application core with an extension of the Unified Modeling Language for secure systems development, UMLsec. Furthermore, we introduce security use cases for the development of security aspects in conjunction with behavioral modeling. |
---|---|
DOI: | 10.1109/APSEC.2003.1254403 |