International Conference on Fundamental Approaches to Software Engineering

FASE 2008: Fundamental Approaches to Software Engineering pp 292-295

Automated Analysis of Permission-Based Security Using UMLsec

  • Jan Jürjens
  • Jörg Schreck
  • Yijun Yu
Conference paper

DOI: 10.1007/978-3-540-78743-3_21

Volume 4961 of the book series Lecture Notes in Computer Science (LNCS)

Abstract

To guarantee the security of computer systems, it is necessary to define security permissions to restrict the access to the systems’ resources. These permissions enforce certain restrictions based on the workflows the system is designed for. It is not always easy to see if workflows and the design of the security permissions for the system fit together. We present research towards a tool which supports embedding security permissions in UML models and model-based security analysis by providing consistency checks. It also offers an automated analysis of underlying mechanisms for managing security-critical permissions using Prolog resp. automated theorem provers for first-order logic.

Download to read the full conference paper text

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Jan Jürjens
    • 1
  • Jörg Schreck
    • 2
  • Yijun Yu
    • 1
  1. 1.Computing DepartmentThe Open University, GB 
  2. 2.O2Munich(Germany)