Model-Based Security Engineering: Managed Co-evolution of Security Knowledge and Software Models

  • Jens Bürger
  • Jan Jürjens
  • Thomas Ruhroth
  • Stefan Gärtner
  • Kurt Schneider
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8604)


We explain UMLsec and associated techniques to incorporate security aspects in model-based development. Additionally, we show how UMLsec can be used in the context of software evolution. More precisely, we present the SecVolution approach which supports monitoring changes in external security knowledge sources (such as compliance regulations or security databases) in order to react to security related modification and to support the associated co-evolution of the UMLsec models.


Access Control Security Requirement Security Level Access Control Policy Information Security Management 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Alam, M., Hafner, M., Breu, R.: Model-Driven Security Engineering for Trust Management in SECTET. Journal of Software 2(1) (February 2007)Google Scholar
  2. 2.
    AlHogail, A., Berri, J.: Enhancing it security in organizations through knowledge management. In: 2012 International Conference on Information Technology and e-Services (ICITeS), pp. 1–6. IEEE (2012)Google Scholar
  3. 3.
    Anderson, R.J.: Security engineering - a guide to building dependable distributed systems, 2nd edn. Wiley (2008)Google Scholar
  4. 4.
    Anquetil, N., de Oliveira, K.M., de Sousa, K.D., Batista Dias, M.G.: Software maintenance seen as a knowledge management issue. Information and Software Technology 49(5), 515–529 (2007)CrossRefGoogle Scholar
  5. 5.
    Basin, D.A., Doser, J., Lodderstedt, T.: Model driven security: From UML models to access control infrastructures. ACM Trans. Softw. Eng. Methodol. 15(1), 39–91 (2006)CrossRefGoogle Scholar
  6. 6.
    Belsis, P., Kokolakis, S., Kiountouzis, E.: Information systems security from a knowledge management perspective. Information Management & Computer Security 13(3), 189–202 (2005)CrossRefGoogle Scholar
  7. 7.
    Blanco, C., Lasheras, J., Valencia-Garc, R., Fern, E., Toval, A., Piattini, M.: A Systematic Review and Comparison of Security Ontologies. In: 2008 Third International Conference on Availability, Reliability and Security, vol. 1(1), pp. 813–820 (March 2008)Google Scholar
  8. 8.
    Brose, G., Koch, M., Löhr, K.-P.: Integrating Access Control Design into the Software Development Process. In: Integrated Design and Process Technology, IDPT (2002)Google Scholar
  9. 9.
    Bundesamt für Sicherheit in der Informationstechnik (BSI). IT-Grundschutz-catalogues (2013),
  10. 10.
    Bundesministerium des Inneren. Bundesdatenschutzgesetz. Bundesgesetzblatt,
  11. 11.
    CARiSMA project homepage,
  12. 12.
    Dhillon, G., Torkzadeh, G.: Value-focused assessment of information system security in organizations. Information Systems Journal 16(3), 293–314 (2006)CrossRefGoogle Scholar
  13. 13.
    Eloff, M.M., von Solms, S.H.: Information Security Management: A Hierarchical Framework for Various Approaches. Computers & Security 19(3), 243–256 (2000)CrossRefGoogle Scholar
  14. 14.
    Fenz, S., Ekelhart, A.: Formalizing information security knowledge. In: Proceedings of the 4th International Symposium on Information, Computer, and Communications Security (ASIACCS), p. 183. ACM Press, New York (2009)Google Scholar
  15. 15.
    Fernández-Medina, E., Jürjens, J., Trujillo, J., Jajodia, S.: Model-driven development for secure information systems. Information & Software Technology 51(5), 809–814 (2009)CrossRefGoogle Scholar
  16. 16.
    Gärtner, S., Ruhroth, T., Bürger, J., Schneider, K., Jürjens, J.: Maintaining Requirements for Long-Living Software Systems by Incorporating Security Knowledge. In: Proc. of the 22nd International Conference on Requirement Engineering (2014)Google Scholar
  17. 17.
    Graham-Cumming, J.: Some laws of non-interference (CSP algebra). In: Computer Security Foundations Workshop, pp. 22–33. IEEE Computer Society Press (1992)Google Scholar
  18. 18.
    Herold, S., et al.: CoCoME - the common component modeling example. In: Rausch, A., Reussner, R., Mirandola, R., Plášil, F. (eds.) The Common Component Modeling Example. LNCS, vol. 5153, pp. 16–53. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  19. 19.
    Höhn, S., Jürjens, J.: Rubacon: Automated support for model-based compliance engineering. In: International Conference on Software Engineering (ICSE), pp. 875–878. ACM (2008)Google Scholar
  20. 20.
    Houmb, S.H., Georg, G., Jürjens, J., France, R.B.: An integrated approach to security verification and security solution design trade-off analysis. In: Mouratidis, H. (ed.) Integrating Security and Software Engineering: Advances and Future Vision, pp. 190–219. Idea Group (August 2006), Invited chapterGoogle Scholar
  21. 21.
    Houmb, S.H., Georg, G., France, R.B., Bieman, J.M., Jürjens, J.: Cost-benefit trade-off analysis using BBN for aspect-oriented risk-driven development. In: 10th International Conference on Engineering of Complex Computer Systems (ICECCS 2005), Shanghai, China, June 16-20, pp. 195–204. IEEE Computer Society (2005)Google Scholar
  22. 22.
    Jayaraman, K., Lewandowski, G.: Enforcing request integrity in web applications. In: Data and Applications Security, vol. 14, pp. 225–240 (2010)Google Scholar
  23. 23.
    Jürjens, J.: Secure information flow for concurrent processes. In: Palamidessi, C. (ed.) CONCUR 2000. LNCS, vol. 1877, pp. 395–409. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  24. 24.
    Jürjens, J.: Modelling audit security for smart-card payment schemes with UMLsec. In: Dupuy, M., Paradinas, P. (eds.) Trusted Information: The New Decade Challenge. IFIP, vol. 65, pp. 93–108. Kluwer Academic Publishers (2001), Proceedings of the 16th International Conference on Information Security (SEC 2001)Google Scholar
  25. 25.
    Jürjens, J.: Model-based security engineering with UML. In: Aldini, A., Gorrieri, R., Martinelli, F. (eds.) FOSAD 2004/2005. LNCS, vol. 3655, pp. 42–77. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  26. 26.
    Jürjens, J.: Secure Systems Development with UML. Springer (2005)Google Scholar
  27. 27.
    Jürjens, J.: Model-based security testing using UMLsec. Electronic Notes in Theoretical Computer Science 220(1), 93–104 (2008)CrossRefGoogle Scholar
  28. 28.
    Jürjens, J., Wimmel, G.: Formally testing fail-safety of electronic purse protocols. In: 16th International Conference on Automated Software Engineering (ASE 2001), pp. 408–411. IEEE Computer Society (2001)Google Scholar
  29. 29.
    Jürjens, J., Wimmel, G.: Security modelling for electronic commerce: The Common Electronic Purse Specifications. In: Schmid, B., Stanoevska-Slabeva, K., Tschammer, V. (eds.) Towards the E-Society: E-Commerce, E-Business, and E-Government. IFIP, vol. 74, pp. 489–506. Kluwer Academic Publishers (2001), First IFIP Conference on E-Commerce, E-Business, and E-Government (I3E 2001)Google Scholar
  30. 30.
    Kesh, S., Ratnasingam, P.: A knowledge architecture for IT security. Communications of the ACM 50(7) (2007)Google Scholar
  31. 31.
    Kritzinger, E., Smith, E.: Information security management: An information security retrieval and awareness model for industry. Computers & Security 27(5-6), 224–231 (2008)CrossRefGoogle Scholar
  32. 32.
    Lehman, M.M.: Programs, life cycles, and laws of software evolution. Proceedings of the IEEE 68(9), 1060–1076 (1980)CrossRefGoogle Scholar
  33. 33.
    Mantel, H.: Possibilistic definitions of security – an assembly kit. In: Proceedings of the IEEE Computer Security Foundations Workshop, Cambridge, UK, July 3-5, pp. 185–199. IEEE Computer Society (2000)Google Scholar
  34. 34.
    Mantel, H.: A Uniform Framework for the Formal Specification and Verification of Secure Information Flow. PhD thesis, Saarland University, Saarbrücken, Germany (2003)Google Scholar
  35. 35.
    McCullough, D.: Noninterference and the composability of security properties. In: IEEE Symposium on Security and Privacy, pp. 177–186 (April 1988)Google Scholar
  36. 36.
    Miede, A., Nedyalkov, N., Gottron, C., König, A., Repp, N., Steinmetz, R.: A Generic Metamodel for IT Security Attack Modeling for Distributed Systems. In: 2010 International Conference on Availability, Reliability and Security (ARES), pp. 430–437 (2010)Google Scholar
  37. 37.
    Oechslin, P.: Making a faster cryptanalytic time-memory trade-off. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 617–630. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  38. 38.
    W3C OWL Working Group. OWL 2 Web Ontology Language: Document Overview. W3C Recommendation (October 27, 2009),
  39. 39.
    Protégé project homepage,
  40. 40.
    Raskin, V., Hempelmann, C.F., Triezenberg, K.E., Nirenburg, S.: Ontology in information security: a useful theoretical foundation and methodological tool. In: Proceedings of the 2001 Workshop on New Security Paradigms, pp. 53–59. ACM, New York (2001)Google Scholar
  41. 41.
    Ray, I., France, R.B., Li, N., Georg, G.: An aspect-based approach to modeling access control concerns. Information & Software Technology 46(9), 575–587 (2004)CrossRefGoogle Scholar
  42. 42.
    Schneider, K., Knauss, E., Houmb, S., Islam, S., Jürjens, J.: Enhancing Security Requirements Engineering by Organizational Learning. Requirements Engineering Journal (REJ), Special Issue on REFSQ 2012 (2012)Google Scholar
  43. 43.
    Schneider, K., Stapel, K., Knauss, E.: Beyond Documents: Visualizing Informal Communication. In: Proceedings of Third International Workshop on Requirements Engineering Visualization (REV 2008), Barcelona, Spain (November 2008)Google Scholar
  44. 44.
    Sowa, J.F.: Knowledge representation: logical, philosophical, and computational foundations, vol. 3(1). MIT Press (2000)Google Scholar
  45. 45.
    Swiderski, F., Snyder, W.: Threat Modeling. Microsoft Press Corp. (2004)Google Scholar
  46. 46.
    The MITRE Corporation. Vulnerability Summary for CVE-2000-1001 (2001)Google Scholar
  47. 47.
    The MITRE Corporation. Common Vulnerabilities and Exposures (2013)Google Scholar
  48. 48.
    Tsoumas, B., Gritzalis, D.: Towards an Ontology-based Security Management. In: Proceedings of the 20th International Conference on Advanced Information Networking and Applications (AINA), vol. 1, pp. 985–992. IEEE (2006)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2014

Authors and Affiliations

  • Jens Bürger
    • 1
  • Jan Jürjens
    • 3
  • Thomas Ruhroth
    • 1
  • Stefan Gärtner
    • 2
  • Kurt Schneider
    • 2
  1. 1.Technische Universität DortmundGermany
  2. 2.Leibniz Universität HannoverGermany
  3. 3.Technische Universität Dortmund and Fraunhofer ISSTGermany

Personalised recommendations