MDSE@R: Model-Driven Security Engineering at Runtime

  • Mohamed Almorsy
  • John Grundy
  • Amani S. Ibrahim
Part of the Lecture Notes in Computer Science book series (LNCS, volume 7672)


New security threats arise frequently and impact on enterprise software security requirements. However, most existing security engineering approaches focus on capturing and enforcing security requirements at design time. Many do not address how a system should be adapted to cope with new unanticipated security requirements that arise at runtime. We describe a new approach - Model Driven Security Engineering at Runtime (MDSE@R) - enabling security engineers to dynamically specify and enforce system security requirements based on current needs. We introduce a new domain-specific visual language to model customer security requirements in a given application. Moreover, we introduce a new UML profile to help capturing system architectural characteristics along with security specifications mapped to system entities. Our MDSE@R toolset supports refinement and merger of these visual models and uses model-driven engineering to take the merged model and specify security controls to be enforced on the target system components. A combination of interceptors (via generated configurations) and injected code (using aspect-oriented programming) are used to integrate the specified security controls within the target system. We describe MDSE@R, give an example of using it in securing an ERP system, describe its implementation, and discuss an evaluation of applying MDSE@R on a set of open source applications.


Security engineering model-driven engineering domain-specific visual languages aspect-oriented programming 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Anderson, R.: What is Security Engineering? In: Security Engineering: A Guide to Building Dependable Distributed Systems, 2nd edn., pp. 3–12. Wiley and Sons, Indianapolis (2001)Google Scholar
  2. 2.
    Phan, T., Han, J., et al.: SOABSE: An approach to realizing business-oriented security requirements with Web Service security policies. In: Proc. Int. Conf. on Service-Oriented Computing and Applications, Taipei, Taiwan, pp. 1–10 (2009)Google Scholar
  3. 3.
    Jürjens, J.: Towards Development of Secure Systems Using UMLsec. In: Hussmann, H. (ed.) FASE 2001. LNCS, vol. 2029, pp. 187–200. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  4. 4.
    Mouratidis, H., Jurjens, J.: From goal-driven security requirements engineering to secure design. Int. Journal of Intelligent Systems 25, 813–840 (2010)CrossRefGoogle Scholar
  5. 5.
    Sanchez-Cid, F., Mana, A.: SERENITY Pattern-Based Software Development Life-Cycle. In: Proc. 19th Int. Workshop on Database and Expert Systems Application, Italy, pp. 305–309 (2008)Google Scholar
  6. 6.
    Guo, J., Yuan, J., Johnson, R.: Pre-patched software. In: Proc. 4th USENIX Conf. on Hot Topics in Security, Canada, p. 6 (2009)Google Scholar
  7. 7.
    Morin, B., Barais, O., et al.: Taming Dynamically Adaptive Systems using models and aspects. In: Proc. 31st IEEE Int. Conf. on Software Engineering, Vancouver, BC, pp. 122–132 (2009)Google Scholar
  8. 8.
    Mouelhi, T., Fleurey, F., Baudry, B., Le Traon, Y.: A Model-Based Framework for Security Policy Specification, Deployment and Testing. In: Czarnecki, K., Ober, I., Bruel, J.-M., Uhl, A., Völter, M. (eds.) MODELS 2008. LNCS, vol. 5301, pp. 537–552. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  9. 9.
    Hafner, M., Memon, M., et al.: SeAAS - A Reference Architecture for Security Services in SOA. Journal of Universal Computer Science 15, 2916–2936 (2009)Google Scholar
  10. 10.
    Morin, B., Mouelhi, T., et al.: Security-driven model-based dynamic adaptation. In: Proc. 25th Int. Conf. on Automated Software Engineering, Belgium, pp. 205–214 (2010)Google Scholar
  11. 11.
    Lamsweerde, A., Brohez, S., et al.: System Goals to Intruder Anti-Goals: Attack Generation and Resolution for Security Requirements Engineering. In: Proc. RE 2003 Workshop on Requirements for High Assurance Systems, Monterey, pp. 49–56 (2003)Google Scholar
  12. 12.
    Liu, L., Eric, S., et al.: Secure!’*: Engineering Secure Software Systems through Social Analysis. Int. Journal of Software and Informatics 3, 89–120 (2009)Google Scholar
  13. 13.
    Mouratidis, H., Giorgini, P.: Secure Tropos: A security-oriented Extension of the Tropos Methodology. Int. Journal of SW Eng. and Knowledge Engineering 17, 285–309 (2007)CrossRefGoogle Scholar
  14. 14.
    Sindre, G., Opdahl, A.: Eliciting security requirements with misuse cases. Journal RE 10, 34–44 (2005)Google Scholar
  15. 15.
    Lodderstedt, T., Basin, D., Doser, J.: SecureUML: A UML-Based Modeling Language for Model-Driven Security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002)Google Scholar
  16. 16.
    Almorsy, M., Grundy, J., Ibrahim, A.S.: Supporting Automated Vulnerability Analysis using Formalized Vulnerability Signatures. In: Proc. 27th Int. Conf. on Automated Software Engineering, Essen, Germany (2012)Google Scholar
  17. 17.
    Almorsy, M., Grundy, J., Ibrahim, A.S.: Supporting Automated Software Re-Engineering Using Re-Aspects. In: Proc. 27th Int. Conf. on Automated Software Engineering, Essen, Germany (2012)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2012

Authors and Affiliations

  • Mohamed Almorsy
    • 1
  • John Grundy
    • 1
  • Amani S. Ibrahim
    • 1
  1. 1.Centre for Computing & Engineering Software SystemsSwinburne University of TechnologyMelbourneAustralia

Personalised recommendations