Designing System Security with UML Misuse Deployment Diagrams

Author

Lincke, Susan J. ; Knautz, Timothy H. ; Lowery, Misty D.

Author_Institution

Comput. Sci. Dept., Univ. of Wisconsin-Parkside, Kenosha, WI, USA

fYear

2012

fDate

20-22 June 2012

Firstpage

57

Lastpage

61

Abstract

Useful enhancements to UML for security exist, including for the requirements and analysis/design stages: notably misuse case diagrams/descriptions, mis-sequence diagrams, UMLpac, and security patterns. These all consider security attacks on software functionality. This paper considers the system architecture when analyzing security. The advantage of the proposed misuse deployment diagram is that in distributed processing (e.g., client/server) where you put your defense software is as important as having it. This new diagram gives a bird´s eye view of possible security attacks, and the security defenses or layers to mitigate them. This technique can be used in more than software development, since it may be used in audit, testing, security planning, and security education.

Keywords

Unified Modeling Language; security of data; UML misuse deployment diagrams; UMLpac; distributed processing; missequence diagrams; notably misuse case descriptions; notably misuse case diagrams; security attacks; security patterns; software functionality; system security; Electronic mail; Materials; Security; Servers; Software; Unified modeling language; Web sites; Misuse case; UML deployment diagram; audit; secure UML; security planning; software architecture;

fLanguage

English

Publisher

ieee

Conference_Titel

Software Security and Reliability Companion (SERE-C), 2012 IEEE Sixth International Conference on

Conference_Location

Gaithersburg, MD

Print_ISBN

978-1-4673-2670-4

Type

conf

DOI

10.1109/SERE-C.2012.12

Filename

6258451