Encapsulating Rules of Prudent Security Engineering

(Position Paper)
  • Jan Jürjens
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2467)


In practice, security of computer systems is compromised most often not by breaking dedicated mechanisms (such as security protocols), but by exploiting vulnerabilities in the way they are employed. Towards a solution of this problem we aim to encapsulate rules of prudent security engineering in such a way that a system specification formulated in (a formal core of) the Unified Modeling Language (UML, the industry-standard in object-oriented modelling) can be evaluated wrt. these rules, violations be indicated and suggestions for modifications be derived.


Security Protocol Security Mechanism Statechart Diagram Access Control Rule Requirement Vers 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    M. Abadi. Security protocols and their properties. In F. Bauer and R. Steinbrueggen, editors, Foundations of Secure Computation. IOS Press, 2000.Google Scholar
  2. 2.
    M. Abadi, Michael Burrows, Butler Lampson, and Gordon Plotkin. A calculus for access control in distributed systems. ACM Transactions on Programming Languages and Systems, 15(4):706–734, 1993.CrossRefGoogle Scholar
  3. 3.
    R. Anderson. Why cryptosystems fail. Communications of the ACM, 37(11):32–40, November 1994.Google Scholar
  4. 4.
    R. Anderson. Security Engineering: A Guide to Building Dependable Distributed Systems. Wiley, 2001.Google Scholar
  5. 5.
    CEPSCO. Common Electronic Purse Specifications, 2001. Business Requirements vers. 7.0, Functional Requirements vers. 6.3, Technical Specification vers. 2.3, available from
  6. 6.
    Dieter Gollmann. On the verification of cryptographic protocols-a tale of two committees. In Workshop on Security Architectures and Information Flow, volume 32 of Electronical Notes in Theoretical Computer Science, 2000.Google Scholar
  7. 7.
    Li Gong. Java™ Security Architecture (JDK1.2). doc.html, October 2 1998.
  8. 8.
    Li Gong. Inside Java 2 Platform Security-Architecture, API Design, and Implementation. Addison-Wesley, 1999.Google Scholar
  9. 9.
    H. Hußmann, editor. Fundamental Approaches to Software Engineering (FASE/ETAPS, International Conference), volume 2029 of LNCS. Springer, 2001.Google Scholar
  10. 10.
    Jan Jürjens. Developing secure systems with UMLsec — from business processes to implementation. In VIS 2001. Vieweg-Verlag, 2001. To appear.Google Scholar
  11. 11.
    Jan Jürjens. Modelling audit security for smart-card payment schemes with UMLsec. In P. Paradinas, editor, IFIP/SEC 2001-16th International Conference on Information Security. Kluwer, 2001.Google Scholar
  12. 12.
    Jan Jürjens. Secure Java development with UMLsec. 2001. Submitted.Google Scholar
  13. 13.
    Jan Jürjens. Towards development of secure systems using UMLsec. In [9], 2001.CrossRefGoogle Scholar
  14. 14.
    Jan Jürjens and Guido Wimmel. Security modelling for electronic commerce: The Common Electronic Purse Specifications. In First IFIP conference on e-commerce, e-business, and e-government (I3E). Kluwer, 2001.Google Scholar
  15. 15.
    Jan Jürjens and Guido Wimmel. Specification-based testing of firewalls. In Andrei Ershov 4th International Conference “Perspectives of System Informatics” (PSI’01), LNCS. Springer, 2001. To be published.Google Scholar
  16. 16.
    L. Paulson. Inductive analysis of the Internet protocol TLS (transcript of discussion). In B. Christianson, B. Crispo, W.S. Harbison, and M. Roe, editors, Security Protocols-6th International Workshop, number 1550 in LNCS, page 13 ff., Cambridge, UK, April 1998.CrossRefGoogle Scholar
  17. 17.
    R. Pooley and P. King. The unified modeling language and performance engineering. IEE Proceedings-Software, 146(1):2–10, 1999.CrossRefGoogle Scholar
  18. 18.
    J. Rumbaugh, I. Jacobson, and G. Booch. The Unified Modeling Language Reference Manual. Addison-Wesley, 1999.Google Scholar
  19. 19.
    F. Schneider, editor. Trust in Cyberspace. National Academy Press, 1999.Google Scholar
  20. 20.
    J. Saltzer and M. Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 63(9):1278–1308, September 1975.Google Scholar
  21. 21.
    M. Walker. On the security of 3GPP networks. In Advances in Cryptology-EUROCRYPT, volume 1807 of LNCS. Springer, 2000.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2002

Authors and Affiliations

  • Jan Jürjens
    • 1
  1. 1.Computing LaboratoryUniversity of OxfordGB

Personalised recommendations