A Model Transformation Semantics and Analysis Methodology for SecureUML
SecureUML is a security modeling language for formalizing access control requirements in a declarative way. It is equipped with a uml notation in terms of a uml profile, and can be combined with arbitrary design modeling languages. We present a semantics for SecureUML in terms of a model transformation to standard uml/ocl. The transformation scheme is used as part of an implementation of a tool chain ranging from front-end visual modeling tools over code-generators to the interactive theorem proving environment hol-ocl. The methodological consequences for an analysis of the generated ocl formulae are discussed.
Unable to display preview. Download preview PDF.
- 1.Basin, D., Doser, J., Lodderstedt, T.: Model driven security: from UML models to access control infrastructures. ACM Trans. Softw. Eng. Methodol. 15(1) (2006)Google Scholar
- 2.Brucker, A.D., Doser, J., Wolff, B.: A model transformation semantics and analysis methodology for SecureUML. Tech. Rep. 524, ETH Zürich (2006)Google Scholar
- 4.Brucker, A.D., Wolff, B.: The HOL-OCL book. Tech. Rep. 525, ETH Zürich (2006)Google Scholar
- 6.Jürjens, J.: Secure Systems Development with UML. Springer, Heidelberg (2004)Google Scholar
- 7.Koch, M., Parisi-Presicce, F.: Access control policy specification in UML. In: Critical Systems Development with UML, pp. 63–78 (2001), TUM-I0208Google Scholar
- 11.UML 2.0 OCL specification (2003), Available as ptc/2003-10-14Google Scholar