loading
Papers Papers/2022 Papers Papers/2022

Research.Publish.Connect.

Paper

Paper Unlock

Author: Jan Jürjens

Affiliation: University of Koblenz-Landau / Fraunhofer ISST, Germany

Abstract: Security certification of complex systems requires a high amount of effort. As a particular challenge, today's systems are increasingly long-living and subject to continuous change. After each change of some part of the system, the whole system needs to be re-certified from scratch (since security properties are not in general modular), which is usually far too much effort. There has been recent work to address this challenge in the context of a line of work which develops approaches and tools for Model-based Security Engineering, making use of established modeling notations such as the Unified Modeling Language (UML). From that work, this talk presents a tool-supported approach for security certification that minimizes the amount of effort necessary in the case of re-certification after change. It is based on results that determine under which conditions change preserves security properties (for example in the context of structuring techniques such as refinement or architectural pri nciples such as modularization). The approach supports an automated difference-based security analysis, at the level of design models as well as the implementation code (using static security analysis or run-time verification). It has been applied e.g. to cryptographic protocols, distributed security infrastructures, and identity management systems, and there are empirical results comparing it to classical techniques for security certification. In the outlook, we briefly present current research directions, such as applying the approach to the security certification of the Industrial Data Space (currently in development by Fraunhofer and a consortium of more than 20 companies, see http://www.industrialdataspace.org/en). (More)

CC BY-NC-ND 4.0

Sign In Guest: Register as new SciTePress user now for free.

Sign In SciTePress user: please login.

PDF ImageMy Papers

You are not signed in, therefore limits apply to your IP address 3.144.233.150

In the current month:
Recent papers: 100 available of 100 total
2+ years older papers: 200 available of 200 total

Paper citation in several formats:
Jürjens, J. (2016). 15 Years of Model-Based Security Engineering with UML - Supporting Secure Evolution. In Proceedings of the Sixth International Symposium on Business Modeling and Software Design - BMSD; ISBN 978-989-758-190-8, SciTePress, pages 5-6. DOI: 10.5220/0006221500050006

@conference{bmsd16,
author={Jan Jürjens.},
title={15 Years of Model-Based Security Engineering with UML - Supporting Secure Evolution},
booktitle={Proceedings of the Sixth International Symposium on Business Modeling and Software Design - BMSD},
year={2016},
pages={5-6},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006221500050006},
isbn={978-989-758-190-8},
}

TY - CONF

JO - Proceedings of the Sixth International Symposium on Business Modeling and Software Design - BMSD
TI - 15 Years of Model-Based Security Engineering with UML - Supporting Secure Evolution
SN - 978-989-758-190-8
AU - Jürjens, J.
PY - 2016
SP - 5
EP - 6
DO - 10.5220/0006221500050006
PB - SciTePress

- Science and Technology Publications, Lda.
RESOURCES

Proceedings

Papers

Authors

Ontology

CONTACTS

Science and Technology Publications, Lda
Avenida de S. Francisco Xavier, Lote 7 Cv. C,
2900-616 Setúbal, Portugal.

Phone: +351 265 520 185 (National fixed network call)
Fax: +351 265 520 186
Email: info@scitepress.org

EXTERNAL LINKS

PRIMORIS

INSTICC

SCITEVENTS

CROSSREF

PROCEEDINGS SUBMITTED FOR INDEXATION BY:

dblp

Ei Compendex

SCOPUS

Semantic Scholar

Google Scholar

Microsoft Academic