SecureUML

A modeling language for the model-driven development of secure, distributed systems based on the Unified Modeling Language (UML).
Specurity Aspects
Name
Description
Access control conditions that refer to the state of a system, e.g., the state of a protected resource, parameter values, date or time.
Specification Elements
Name
Description
Annotates a UML class with a specific role
Identifies a UML class as a user
Defines which action a role may perform for an model element or set of resources

  • Security Aspects

    • Role-based access control

      Access control conditions that refer to the state of a system, e.g., the state of a protected resource, parameter values, date or time.
      Specification Elements:
      Permission
      Role
      User
      Threats:
      Spoofing
      Tampering with Data
      Information Disclosure

    Specification Elements

    • Role

      Annotates a UML class with a specific role
      Applies to:
      Entity

    • User

      Identifies a UML class as a user
      Applies to:
      Entity

    • Permission

      Defines which action a role may perform for an model element or set of resources
      Applies to:
      Activity