UML extension for secure object flow
Provides modeling support for confidentiality and integrity properties of object flows at the PIM level.
Specurity Aspects
Specification Elements
Name
Description
Defines security information for data.
Defines security properties that the object tokens communicated between two actions have to be secured.
Defines security properties of an action that stores object tokens.
Defines security properties that have to hold when activities provide object tokens.
Specifies whether invocation data flows of the interface must be secure object flows or not.
Specifies security properties of sending pins.
Specifies security properties of receiving pins.
Security Aspects
Secure Object Flows
Ensures the confidentiality and integrity of important objects.- Specification Elements:
- SecureActivityParameterNode
- SecureDataStoreNode
- SecureObjectFlows
- SecurePin
- SecureInterface
- SecureReceivePin
- SecureSendPin
- Threats:
- Information Disclosure
- Tampering with Data
Specification Elements
SecureObjectFlows
Defines security information for data.- Applies to:
- Data
SecurePin
Defines security properties that the object tokens communicated between two actions have to be secured.- Applies to:
- Activity
SecureDataStoreNode
Defines security properties of an action that stores object tokens.- Applies to:
- Activity
SecureActivityParameterNode
Defines security properties that have to hold when activities provide object tokens.- Applies to:
- Activity
SecureInterface
Specifies whether invocation data flows of the interface must be secure object flows or not.- Applies to:
- Entity
SecureSendPin
Specifies security properties of sending pins.- Applies to:
- Activity
SecureReceivePin
Specifies security properties of receiving pins.- Applies to:
- Activity