Comparison and Assessment of Security Modeling Approaches in Terms of the QoP-ML

  • Katarzyna Mazur
  • Bogdan Ksiezopolski
Part of the Communications in Computer and Information Science book series (CCIS, volume 448)


Nowadays, security has become one of the most mandatory essences in the development and functioning of many software systems. For the reason of complexity of designing secure systems, distinct approaches that allow developers to focus on particular properties of the system of importance for their purpose are proposed. The majority of them are model-oriented since modeling helps show relationships between processes and can be used to predict the effects of changes in the land use. In the article we present and discuss PL/SQL, SecureUML and UMLsec in terms of the Quality of Protection modeling language (QoP-ML). We focus on their capabilities to model relevant information during various phases of security analysis. To assess and compare miscellaneous modeling systems we use a systematic methodology to point out their promiscuous aspects in context of the QoP-ML.


security modeling model-driven engineering model-driven security quality of protection 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Basin, D., Doser, J., Lodderstedt, T.: Model Driven Security: from UML Models to Access Control Infrastructure. ACM Transactions on Software Engineering and Methodology (TOSEM) 15(1), 39–91 (2006)CrossRefGoogle Scholar
  2. 2.
    Feuerstein, S., Pribly, B.: Oracle PL/SQL Programming, 4th edn. O’Reilly Media Inc. (2005)Google Scholar
  3. 3.
    Gasevic, D., Djuric, D., Devedzic, V.: Model Driven Engineering and Ontology Development. Springer, Heidelberg (2006)Google Scholar
  4. 4.
    Jurjens, J.: Secure Systems Development with UML. Springer, Heidelberg (2005)Google Scholar
  5. 5.
    Ksiezopolski, B., Kotulski, Z.: On scalable security model for sensor networks protocols. In: 22nd CIB-W78 Conference Information Technology in Construction, Dresden, pp. 463–469 (2005)Google Scholar
  6. 6.
    Ksiezopolski, B., Kotulski, Z.: Adaptable security mechanism for the dynamic environments. Computers & Security 26, 246–255 (2007)CrossRefGoogle Scholar
  7. 7.
    Ksiezopolski, B., Kotulski, Z., Szalachowski, P.: On QoP method for ensuring availability of the goal of cryptographic protocols in the real-time systems. In: Conference: European Teletraffic Seminar (2011)Google Scholar
  8. 8.
    Ksiezopolski, B.: QoP-ML: Quality of protection modeling language for cryptographic protocols. Computers & Security 31(4), 569–596 (2012)CrossRefGoogle Scholar
  9. 9.
    Lodderstedt, T., Basin, D., Doser, J.: SecureUML: A UML-Based Modeling Language for Model-Driven Security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  10. 10.
    Matulevičius, R., Lakk, H., Lepmets, M.: An Approach to Assess and Compare Quality of Security Models. ComSIS 8(2), Special Issue (2011)Google Scholar
  11. 11.
    Szalachowski, P., Ksiezopolski, B., Kotulski, Z.: On authentication method impact upon data sampling delay in wireless sensor networks. In: Kwiecień, A., Gaj, P., Stera, P. (eds.) CN 2010. CCIS, vol. 79, pp. 280–289. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  12. 12.
    The official web page of the QoP-ML project,

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Katarzyna Mazur
    • 1
  • Bogdan Ksiezopolski
    • 1
    • 2
  1. 1.Institute of Computer ScienceMaria Curie-Sklodowska UniversityLublinPoland
  2. 2.Polish-Japanese Institute of Information TechnologyWarsawPoland

Personalised recommendations