Towards a Model-driven based Security Framework

Rouwaida Abdallah; Nataliya Yakymets; Agnes Lanusse

doi:10.5220/0005368706390645

Towards a Model-driven based Security Framework

Rouwaida Abdallah, Nataliya Yakymets, Agnes Lanusse

2015

Abstract

In this paper, we propose a model-driven framework for security analysis. We present a security analysis process that begins from the design phase of the system architecture then allows performing several security analysis methods. Our approach presents mainly two advantages: First, it allows the traceability of the security analysis methods with the system architecture. Second, this framework can include several security analysis methods. Moreover it allows information reuse which is complicated when we use separate methods dedicated tools. Thus, we can have more consistent and accurate security analysis results for a system. We chose to implement two methods: A qualitative method named EBIOS which is simple and helps to identify areas of focus within the system. Then, to get more accurate results, we implement a quantitative method, the Attack trees. Attack trees can be automatically generated from the Ebios analysis phase and can be completed later on to get more specific results.

Download

Paper Citation

in Harvard Style

Abdallah R., Yakymets N. and Lanusse A. (2015). Towards a Model-driven based Security Framework . In Proceedings of the 3rd International Conference on Model-Driven Engineering and Software Development - Volume 1: SPIE, (MODELSWARD 2015) ISBN 978-989-758-083-3, pages 639-645. DOI: 10.5220/0005368706390645

in Bibtex Style

@conference{spie15,
author={Rouwaida Abdallah and Nataliya Yakymets and Agnes Lanusse},
title={Towards a Model-driven based Security Framework},
booktitle={Proceedings of the 3rd International Conference on Model-Driven Engineering and Software Development - Volume 1: SPIE, (MODELSWARD 2015)},
year={2015},
pages={639-645},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005368706390645},
isbn={978-989-758-083-3},
}

in EndNote Style

TY - CONF
JO - Proceedings of the 3rd International Conference on Model-Driven Engineering and Software Development - Volume 1: SPIE, (MODELSWARD 2015)
TI - Towards a Model-driven based Security Framework
SN - 978-989-758-083-3
AU - Abdallah R.
AU - Yakymets N.
AU - Lanusse A.
PY - 2015
SP - 639
EP - 645
DO - 10.5220/0005368706390645