Security Analysis of a Biometric Authentication System Using UMLsec and JML

  • John Lloyd
  • Jan Jürjens
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5795)


Quality assurance for security-critical systems is particularly challenging: many systems are developed, deployed, and used that do not satisfy their security requirements. A number of software engineering approaches have been developed over the last few years to address this challenge, both in the context of model-level and code-level security assurance. However, there is little experience so far in using these approaches in an industrial context, the challenges and benefits involved and the relative advantages and disadvantages of different approaches. This paper reports on experiences from a practical application of two of these security assurance approaches. As a representative of model-based security analysis, we considered the UMLsec approach and we investigated the JML annotation language as a representative of a code-level assurance approach. We applied both approaches to the development and security analysis of a biometric authentication system and performed a comparative evaluation based on our experiences.


Security analysis JML UMLsec biometric authentication 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Jürjens, J.: Secure Systems Development with UML. Springer, Heidelberg (2005)zbMATHGoogle Scholar
  2. 2.
    Viti, C., Bistarelli, S.: Study and development of a remote biometric authentication protocol, Technical Report IIT B4-04/2003, Consiglio Nazionale delle Ricerche,Istituto di Informatica e Telematica (September 2003) Google Scholar
  3. 3.
    Grünbauer, J., Hollmann, H., Jürjens, J., Wimmel, G.: Modelling and Verification of Layered Security Protocols: A Bank Application. In: Anderson, S., Felici, M., Littlewood, B. (eds.) SAFECOMP 2003. LNCS, vol. 2788, pp. 116–129. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  4. 4.
    Deubler, M., Grünbauer, J., Jürjens, J., Wimmel, G.: Sound Development of Secure Service-based Systems. In: 2nd International Conference on Service Oriented Computing (ICSOC 2004), pp. 115–124. ACM, New York (2004)Google Scholar
  5. 5.
    Best, B., Jürjens, J., Nuseibeh, B.: Model-based Security Engineering of Distributed Information Systems using UMLsec. In: 29th International Conference on Software Engineering (ICSE 2007), pp. 581–590. ACM, New York (2007)CrossRefGoogle Scholar
  6. 6.
    Houmb, S., Georg, G., France, R., Bieman, J., Jürjens, J.: Cost-Benefit Trade-Off Analysis Using BBN for Aspect-Oriented Risk-Driven Development, Engineering of Complex Computer Systems. In: 10th IEEE International Conference on Engineering of Complex Computer Systems (ICECCS 2005), pp. 195–204 (2005)Google Scholar
  7. 7.
    Leavens, G., Cheon, Y.: Design by Contract with JML (2006),
  8. 8.
    Leavens, G., Baker, A., Ruby, C.: JML: A Notation for Detailed Design. In: Behavioral Specifications of Businesses and Systems, ch. 12, pp. 175–188. Kluwer, Dordrecht (1999)CrossRefGoogle Scholar
  9. 9.
    Leavens, G., Baker, A., Ruby, C.: Preliminary Design of JML: A Behavioural Interface Specification Language for Java. ACM SIGSOFT Software Engineering Notes 31(3) (May 2006)Google Scholar
  10. 10.
    Leavens, G., Poll, E., Clifton, C., Cheon, Y., Ruby, C., Cok, D., Muller, P., Kiniry, J., Chalin, P.: JML Reference Manual, DRAFT, Release 1.210, 2007/7/01 Ames, Iowa State UniversityGoogle Scholar
  11. 11.
    Schmidt, R.: Modellbasierte Sicherheitsanalyse mit UMLsec: ein Biometrisches Zugangskontrollsystem (Model-based Security Analysis with UMLsec: a Biometric Access Control System) Ludwig-Maxim. Univ. München (2004)Google Scholar
  12. 12.
    Jürjens, J.: Model-based Security Engineering with UML. In: Aldini, A., Gorrieri, R., Martinelli, F. (eds.) FOSAD 2005. LNCS, vol. 3655, pp. 42–77. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  13. 13.
    Agarwal, P., Rubio-Medrano, C., Cheon, Y., Teller, P.: A Formal Specification in JML of the Java Security Package. Computer, Information, and Systems Sciences and Engineering, December 4–14 (2006)Google Scholar
  14. 14.
    Warnier, M.: Language Based Security for Java and JML, PhD thesis, Radboud University Nijmegen (2006)Google Scholar
  15. 15.
    Glass, R.: Inspections - Some Surprising Findings. Commun. ACM 42(4), 17–19 (1999)CrossRefGoogle Scholar
  16. 16.
    Burdy, L., Cheon, Y., Cok, D., Ernst, M., Kiniry, J., Leavens, G., Rustan, K., Leino, M., Poll, E.: An overview of JML tools and applications. STTT 7(3), 212–232 (2005)CrossRefGoogle Scholar
  17. 17.
    JML common tools, December 10 (2007),
  18. 18.
    Yu, Y., Jürjens, J., Mylopoulos, J.: Application of Traceability to Maintenance of Secure Software. In: Int. Conf. for Software Maintenance (ICSM). IEEE, Los Alamitos (2008)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • John Lloyd
    • 1
  • Jan Jürjens
    • 2
  1. 1.Atos OriginUK
  2. 2.Open University (UK) and Microsoft ResearchCambridgeUK

Personalised recommendations