SecDSVL Metamodel

A comprehensive Security Domain Specific Visual Language (SecDSVL), which enables capturing of key security details to support enterprise systems security management process.
Specurity Aspects
Name
Description
Description of security requirements and how they are achieved.
Specification Elements
Name
Description
Security requirements describe the actions to be taken by enterprise security engineers in order to mitigate or avoid identified threats. For each specified security objective and identified security risk, we may define a set of security requirements, e.g., 'the system should not grant access to a resource X unless the user is authorized by the user name and password'.
Security administrators specify security controls that realize security services specified in the security architecture model. These security controls are captured in a security controls model. This model covers security controls location, configuration parameters, etc.
A security architecture model includes identifying security zones (domain) in the enterprise operational environment including uncontrolled, controlled, restricted, and managed zones.
Security architects define security services that will be deployed or used in every zone. These include authentication, authorization, cryptography, audit, etc.
Security objectives are captured in a security objectives model. Availability, integrity, confidentiality, and accountability are key security objective categories.
Enterprise assets, i.e., information system, physical asset or business value, are captured using an asset model, detailed descriptions of IT Assets are captured in UML models.
Inherent flaws that can be exploited by threat agents, such as input validation (e.g., SQL injection), output validation (cross-site scripting), processing (race conditions), or hosting service-related vulnerabilities such as cross-site request forgery (CSRF)..
Represents a risk that threats a security objective together with its impact and likelihood. Risk details are captured in a security risk model.
Threat agent might exploit inherent security flaws.
The threat of a threat agent to exploit vulnerabilities.
A concrete sequence of actions realizing a threat.

  • Security Aspects

    Specification Elements

    • SecurityRequirement

      Security requirements describe the actions to be taken by enterprise security engineers in order to mitigate or avoid identified threats. For each specified security objective and identified security risk, we may define a set of security requirements, e.g., 'the system should not grant access to a resource X unless the user is authorized by the user name and password'.
      Applies to:

    • SecurityControl

      Security administrators specify security controls that realize security services specified in the security architecture model. These security controls are captured in a security controls model. This model covers security controls location, configuration parameters, etc.
      Applies to:
      Activity
      Data

    • SecurityZone

      A security architecture model includes identifying security zones (domain) in the enterprise operational environment including uncontrolled, controlled, restricted, and managed zones.
      Applies to:
      Entity
      Component
      Node

    • SecurityService

      Security architects define security services that will be deployed or used in every zone. These include authentication, authorization, cryptography, audit, etc.
      Applies to:
      Activity
      Entity

    • SecurityObjective

      Security objectives are captured in a security objectives model. Availability, integrity, confidentiality, and accountability are key security objective categories.
      Applies to:

    • IT Asset

      Enterprise assets, i.e., information system, physical asset or business value, are captured using an asset model, detailed descriptions of IT Assets are captured in UML models.
      Applies to:
      Entity
      Data
      Node
      Component

    • SecurityVulnerability

      Inherent flaws that can be exploited by threat agents, such as input validation (e.g., SQL injection), output validation (cross-site scripting), processing (race conditions), or hosting service-related vulnerabilities such as cross-site request forgery (CSRF)..
      Applies to:
      Activity
      Component
      Connection
      ControlFlow
      Data
      Entity
      InformationFlow
      Node
      State

    • SecurityRisk

      Represents a risk that threats a security objective together with its impact and likelihood. Risk details are captured in a security risk model.
      Applies to:

    • ThreatAgent

      Threat agent might exploit inherent security flaws.
      Applies to:
      Entity

    • SecurityThreat

      The threat of a threat agent to exploit vulnerabilities.
      Applies to:

    • SecurityAttack

      A concrete sequence of actions realizing a threat.
      Applies to: