[an error occurred while processing this directive] An error occured whilst processing this directive

Theory Seminar


Secure Systems Design with UML

Jan Jürjens

University of Oxford

4pm Tuesday 26 June 2001
Room 2511, JCMB, King's Buildings


Abstract

Designing security-critical systems correctly is very difficult. Many published designs of system components (such as security protocols) have been found to contain flaws (often years later).

We propose to use a fragment of UML together with a formal semantics to specify security-critical systems precisely and to evaluate the specification wrt security requirements.

Benefits of the approach include: - security requirements or assumptions on system components can be expressed conveniently using the UML extension mechanisms - through its different kinds of diagrams UML offers views on different security-relevant aspects of the system (e.g. physical layer, security management) - UML is more widely used by developers than "traditional" formal specification languages.

In this talk I give an overview of the work along these lines presented at FASE'01, IFIP SEC'01, IWSecP'01 and VIS'01.

Martin Grohe
Monday 18 June 2001
An error occured whilst processing this directive