SecureMDD
Use cases capture the functional and security requirements of a system. Class diagrams model the static view of an application. Sequence and activity diagrams describe the dynamic aspects of the system. Deployment diagrams define the system structure. They also describe how attackers can affect and interfere with communication between authentic components or use fake components, e.g., to attempt to pay with a forged copycard. This information is later needed for verification.
Specurity Aspects
Specification Elements
Name
Description
A string that cannot be guessed by an attacker.
A cryptographic key.
A number that is generated for a specific use.
A terminal to insert a smartcard.
Represents a smartcard.
Represents data that is not intended to be used by any cryptographic function.
Represents data that is intended to be encrypted.
Represents data that will be signed.
Represents data that will be hashed.
Represents message types that will be exchanged during a protocol run.
An association holding hashed data.
Security Aspects
Specification Elements
Secret
A string that cannot be guessed by an attacker.- Applies to:
- Data
Key
A cryptographic key.- Applies to:
- Data
Nonce
A number that is generated for a specific use.- Applies to:
- Data
Terminal
A terminal to insert a smartcard.- Applies to:
- Entity
Smartcard
Represents a smartcard.- Applies to:
- Entity
NonCryptographicData
Represents data that is not intended to be used by any cryptographic function.- Applies to:
- Data
PlainData
Represents data that is intended to be encrypted.- Applies to:
- Data
SignData
Represents data that will be signed.- Applies to:
- Data
HashData
Represents data that will be hashed.- Applies to:
- Data
Message
Represents message types that will be exchanged during a protocol run.- Applies to:
- InformationFlow
- Entity
hashed
An association holding hashed data.- Applies to:
- Data