Stateful Design for Secure Information Systems

Thuong Doan, Laurent D. Michel, Steven A. Demurjian, T. C. Ting



The unified modeling language (UML) has gained wide acceptance for the design of component-based applications via diagrams (e.g., use-case, class, sequence, activity, etc.) for representing functional requirements. However, UML is lacking in its ability to model security requirements, an increasing need in today's applications. This paper presents and explains techniques that support stateful application design for secure information systems, extending the abilities of UML with role-based access control and mandatory access con- trol. From a security-assurance perspective, we track all of the states of a design to insure that a new state (created from a prior state) is always free of security inconsistencies, with respect to the privileges of users (playing roles) against the application's components. This paper examines the theory of our approach, along with its realization as part of the software process and as incorporated into Borland's UML tool Together Control Center.


  1. K. Alghathbar and D. Wijesekera. AuthUML: A Three-phased Framework to model Secure Use Cases. Proc. of the Workshop on Formal Methods in Security Engineering: From Specifications to Code, Washington D.C., 2003.
  2. K. Alghathbar and D. Wijesekera. Consistent and Complete Access Control Policies in Use Cases. Proc. of UML 2003, San Francisco, CA, LNCS, 2003.
  3. D. Bell and L. La Padula. Secure Computer Systems: Mathematical Foundations Model. M74-244, Mitre, 1975.
  4. E. Bertino et al. A Logical Framework for Reasoning about Access Control. ACM Trans. on Info. and System Security, 6(1), Feb. 2003, pp. 71-127.
  5. K. Biba. Integrity Considerations for Secure Computer Systems. TR-3153, Mitre, 1977.
  6. G. Booch, et al. The Unified Modeling Language User Guide. Addison Wesley, 1999.
  7. S. Demurjian, et al. A User Role-Based Security Model for a Distributed Environment. Research Advances in Database and Information Systems Security, J. Therrien (ed.), Kluwer, 2001.
  8. T. Doan, et al. RBAC/MAC Security for UML. Proc. of the 18th Annual IFIP WG 11.3 Working Conf. on Data and Applications Security. Sitges, Spain, 2004.
  9. T. Doan, et al. “MAC and UML for Secure Software Design”. Proc. of the 2nd ACM Wksp. on Formal Methods in Security Engineering (FMSE'04). Washington D.C., 2004.
  10. T. Doan, et al. UML Design with Security Integration as First Class Citizen. Proc. of the 3rd Intl. Conf. on Computer Science, Software Engineering, Information Technology, eBusiness, and Applications (CSITeA'04). Cairo, Egypt, 2004.
  11. P. Epstein and R. Sandhu. Towards A UML Based Approach to Role Engineering. Proc. of the 4th ACM Wksp. on Role-based Access Control, 1999.
  12. D. F. Ferraiolo, et al. Proposed NIST standard for role-based access control. ACM Trans. on Information and System Security, 4 (3) August 2001.
  13. S. Jajodia et al.. Flexible Support for Multiple Access Control Policies. ACM Trans. on Database Systems, 26(2) June 2001, pp. 214-260.
  14. J. Jürjens. UMLsec: Extending UML for Secure Systems Development. Proc. of UML 2002, Dresden, LNCS, 2002.
  15. T. Lodderstedt, D. Basin and J. Doser. SecureUML: A UML-Based Modeling Language for Model-Driven Security. Proc. of UML 2002, Dresden, LNCS, 2002.
  16. OMG. OMG-Unified Modeling Language, v.1.5. UML Resource Page, March 2003 (
  17. S. Osborn, et al. Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies. ACM Trans. on Info. and System Security. 3(2), 2000.
  18. G. Pernul, et al. The Entity-Relationship Model for Multilevel Security. Proc. of the 12th International Conference on Entity-Relationship Approach, Dallas, Texas, 1993.
  19. G. Pernul, A M. Tjoa, W. Winiwarter. Modelling Data Secrecy and Integrity. Data and Knowledge Engineering, 26(3), 1998.
  20. I. Ray, et al. Using Parameterized UML to Specify and Compose Access Control Models. Proc. of the 6th IFIP Working Conf. on Integrity & Internal Control in Info. Systems, 2003.
  21. M. Shin and G. Ahn. UML-Based Representation of Role-Based Access Control. Proc. of the 9th Intl. Wksp. on Enabling Technologies: Infrastructure for Collaborative Enterprises, 2000.
  22. G. W. Smith. Modelling Security Relevant Data Semantics. IEEE Trans. on Software Engineering, 17(11), 1991.
  23. T.C. Ting. A User-Role Based Data Security Approach. Database Security: Status and Prospects, C. Landwehr (ed.), North-Holland, 1988.

Paper Citation

in Harvard Style

Doan T., D. Michel L., A. Demurjian S. and C. Ting T. (2005). Stateful Design for Secure Information Systems . In Proceedings of the 3rd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2005) ISBN 972-8865-25-2, pages 277-286. DOI: 10.5220/0002563802770286

in Bibtex Style

author={Thuong Doan and Laurent D. Michel and Steven A. Demurjian and T. C. Ting},
title={Stateful Design for Secure Information Systems},
booktitle={Proceedings of the 3rd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2005)},

in EndNote Style

JO - Proceedings of the 3rd International Workshop on Security in Information Systems - Volume 1: WOSIS, (ICEIS 2005)
TI - Stateful Design for Secure Information Systems
SN - 972-8865-25-2
AU - Doan T.
AU - D. Michel L.
AU - A. Demurjian S.
AU - C. Ting T.
PY - 2005
SP - 277
EP - 286
DO - 10.5220/0002563802770286