AUTOMATED THREAT IDENTIFICATION FOR UML

George Yee; Xingli Xie; Shikharesh Majumdar

doi:10.5220/0002996005210527

AUTOMATED THREAT IDENTIFICATION FOR UML

George Yee, Xingli Xie, Shikharesh Majumdar

2010

Abstract

In tandem with the growing important roles of software in modern society is the increasing number of threats to software. Building software systems that are resistant to these threats is one of the greatest challenges in information technology. Threat identification methods for secure software development can be found in the literature. However, none of these methods has involved automatic threat identification based on analyzing UML models. Such an automated approach should offer benefits in terms of speed and accuracy when compared to manual methods, and at the same time be widely applicable due to the ubiquity of UML. This paper addresses this shortcoming by proposing an automated threat identification method based on parsing UML diagrams.

Download

Paper Citation

in Harvard Style

Yee G., Xie X. and Majumdar S. (2010). AUTOMATED THREAT IDENTIFICATION FOR UML . In Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010) ISBN 978-989-8425-18-8, pages 521-527. DOI: 10.5220/0002996005210527

in Bibtex Style

@conference{secrypt10,
author={George Yee and Xingli Xie and Shikharesh Majumdar},
title={AUTOMATED THREAT IDENTIFICATION FOR UML},
booktitle={Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010)},
year={2010},
pages={521-527},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0002996005210527},
isbn={978-989-8425-18-8},
}

in EndNote Style

TY - CONF
JO - Proceedings of the International Conference on Security and Cryptography - Volume 1: SECRYPT, (ICETE 2010)
TI - AUTOMATED THREAT IDENTIFICATION FOR UML
SN - 978-989-8425-18-8
AU - Yee G.
AU - Xie X.
AU - Majumdar S.
PY - 2010
SP - 521
EP - 527
DO - 10.5220/0002996005210527