Secure Software Architecture Description using UML Jan Jürjens Competence Center for IT Security Software & Systems Engineering TU Munich, Germany



Similar documents
Model-based Security Analysis for Mobile Communications

Traceability for Maintenance of Secure Software Systems

Incorporating database systems into a secure software development methodology

Model-based Quality Assurance of Automotive Software

Model-driven secure system development framework

Secure Document Circulation Using Web Services Technologies

Security and Compliance in Clouds: Challenges and Solutions

Cryptography and Network Security: Summary

Towards Modeling and Transformation of Security Requirements for Service-oriented Architectures

Secure Database Development

Brainloop Cloud Security

Systematization of Knowledge Lessons Learned From SSL/TLS Attacks

Attestation and Authentication Protocols Using the TPM

Understanding Digital Certificates and Secure Sockets Layer (SSL)

Lesson 10: Attacks to the SSL Protocol

Chapter 9 Key Management 9.1 Distribution of Public Keys Public Announcement of Public Keys Publicly Available Directory

SERENITY Pattern-based Software Development Life-Cycle

Authenticated Encryption: Relations among Notions and Analysis of the Generic Composition Paradigm By Mihir Bellare and Chanathip Namprempre

Model-Based Development of Security-Critical Systems. Guido Oliver Wimmel

Cryptography and Network Security

Chapter 17. Transport-Level Security

Principles of Computer Security. Dr George Danezis

CS 356 Lecture 28 Internet Authentication. Spring 2013

Information Security at ETH Zurich Institute of Information Security at ETH Zurich Zurich Information Security and Privacy Center

Security und Compliance in Clouds

Soran University Faculty of Science and Engineering Computer Science Department Information Security Module Specification

Virtual Private Networks Solutions for Secure Remote Access. White Paper

Server-Assisted Generation of a Strong Secret from a Password

True Identity solution

SAP SECURITY AND AUTHORIZATIONS - RISK MANAGEMENT AND COMPLIANCE WITH LEGAL REGULATIONS IN THE SAP ENVIRONMENT

INFORMATION SUPPLEMENT. Migrating from SSL and Early TLS. Version 1.0 Date: April 2015 Author: PCI Security Standards Council

Spirent Abacus. SIP over TLS Test 编 号 版 本 修 改 时 间 说 明

SSL/TLS: The Ugly Truth

Summary of Results. NGINX SSL Performance

S E C U R I T Y A S S E S S M E N T : B o m g a r B o x T M. Bomgar. Product Penetration Test. September 2010

Web Security: Encryption & Authentication

Design Principles for Protection Mechanisms. Security Principles. Economy of Mechanism. Least Privilege. Complete Mediation. Economy of Mechanism (2)

Cryptography and Network Security Chapter 1

FINAL DoIT v.8 APPLICATION SECURITY PROCEDURE

End-to-End Security in Wireless Sensor Networks (WSNs) Talk by Claudio Anliker Supervised by Dr. Corinna Schmitt University of Zurich

Network Test Labs (NTL) Software Testing Services for igaming

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Introduction to Security and PIX Firewall

TELNET CLIENT 5.0 SSL/TLS SUPPORT

Network Security Course Specifications

Industrial case study: Zero defect secure software for the National Security Agency

3.2: Transport Layer: SSL/TLS Secure Socket Layer (SSL) Transport Layer Security (TLS) Protocol

Web Security Considerations

Message Authentication Code

Electronic Voting Protocol Analysis with the Inductive Method

Recommended IP Telephony Architecture

Common security requirements Basic security tools. Example. Secret-key cryptography Public-key cryptography. Online shopping with Amazon

S E C U R I T Y A S S E S S M E N T : B o m g a r A p p l i a n c e s

IP Security. Ola Flygt Växjö University, Sweden

A Simulation Game for Teaching Secure Data Communications Protocols

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

Embedding Trust into Cars Secure Software Delivery and Installation

ADAPTIVE AUTHENTICATION ADAPTER FOR JUNIPER SSL VPNS. Adaptive Authentication in Juniper SSL VPN Environments. Solution Brief

A Survey on Requirements and Design Methods for Secure Software Development*

Open Thunderbird. To set up an account in Thunderbird, from the Tools menu select Account Settings; choose account; then click Next.

Smart Card Application Development Using Java

IBX Business Network Platform Information Security Controls Document Classification [Public]

BoardNox. Secure file sharing solution for Executive Committees and Boards of Directors.

Designing and Coding Secure Systems

Contents at a Glance. 1 Introduction Basic Principles of IT Security Authentication and Authorization in

Software Requirements. Specification. Day Health Manager. for. Version 1.1. Prepared by 4yourhealth 2/10/2015

Lecture 9 - Message Authentication Codes

TLS/SSL in distributed systems. Eugen Babinciuc

Representing XML Schema in UML A Comparison of Approaches

Patterns for Secure Boot and Secure Storage in Computer Systems

Generating Aspect Code from UML Models

Copyright Telerad Tech RADSpa. HIPAA Compliance

Compter Networks Chapter 9: Network Security

Principles of Network Security

Information and Communications Technology Courses at a Glance

PCI-DSS and Application Security Achieving PCI DSS Compliance with Seeker

Cryptography and Network Security Chapter 14. Key Distribution. Key Management and Distribution. Key Distribution Task 4/19/2010

Deriving Secure Network Protocols for Enterprise Services Architectures

Development Processes (Lecture outline)

SAP WEB DISPATCHER Helps you to make decisions on Web Dispatcher implementation

Online Voting Project. New Developments in the Voting System an Consequently Implemented Improvements in the Representation of Legal Principles.

A methodology for secure software design

Industrial Network Security for SCADA, Automation, Process Control and PLC Systems. Contents. 1 An Introduction to Industrial Network Security 1

White paper. Why Encrypt? Securing without compromising communications

Using a VPN with Niagara Systems. v0.3 6, July 2013

TOP SECRETS OF CLOUD SECURITY

Transcription:

Secure Software Architecture Description using UML Jan Jürjens Competence Center for IT Security Software & Systems Engineering TU Munich, Germany juerjens@in.tum.de http://www.umlsec.org

Problems, Causes Many flaws found in designs of security-critical system architectures, sometimes years after publication or use. Main reason: Security often compromised by circumventing security mechanisms within the architecture. Jan Jürjens, TU Munich: Secure Software Architecture Description using UML 2

Proposed Solution Increase security of architectures with bounded investment in time, costs (crucial for industry). Consider architectural design artefacts arising in industrial development of security-critical systems (e.g. UML models). Tool-supported theoretically sound efficient automated security analysis. Model-based Security Engineering Jan Jürjens, TU Munich: Secure Software Architecture Description using UML 3

Model-based Security Engineering Combined strategy: Analyze models automatically against security requirements. Generate code (or tests) from models automatically. Generate models from code to get changes (or analyze legacy systems). Goal: model-based = sourcebased. Requirements Analyze Codegen. Testgen. Models Code Modelgen./ Reverse E. Idea notation-independent. Here: use UML. Jan Jürjens, TU Munich: Secure Software Architecture Description using UML 4

Why UML? Seemingly de-facto standard in industrial modeling. Large number of developers trained in UML. Increasingly used as architecture description language (ADL). Relatively precisely defined (given the user community). Many tools in development (also for codegeneration, testing, reverse engineering, simulation, transformation). Jan Jürjens, TU Munich: Secure Software Architecture Description using UML 5

UMLsec: Goals Extension for secure systems development. evaluate UML specifications for weaknesses in design encapsulate established rules of prudent secure engineering as checklist make available to developers not specialized in secure systems consider security requirements from early design phases, in system context make certification cost-effective Jan Jürjens, TU Munich: Secure Software Architecture Description using UML 6

UMLsec: How Recurring security requirements, adversary scenarios, concepts offered as stereotypes with tags on component-level. Use associated constraints to verify specifications using automated theorem provers and indicate possible weaknesses. Ensures that UML specification provides desired level of security requirements. Link to code via round-trip engineering etc. Jan Jürjens, TU Munich: Secure Software Architecture Description using UML 7

Secure Architecture Patterns Architectural design patterns (Buschmann et al. 1996). Apply to security. Example: Architecural primitive: Secure channel. Define a secure channel abstraction. Define concrete secure channel (protocol). Show simulates the abstraction. Give conditions under which it is secure to substitute channel abstractions by concrete protocols. Jan Jürjens, TU Munich: Secure Software Architecture Description using UML 8

Secure Channel Pattern: Problem To keep d secret, must be sent encrypted. Jan Jürjens, TU Munich: Secure Software Architecture Description using UML 9

Secure Channel Pattern: (Toy) Solution Exchange certificate and send encrypted data over Internet. Jan Jürjens, TU Munich: Secure Software Architecture Description using UML 10

Here: Bank application Security analysis of web-based banking application, to be put to commercial use (clients fill out and sign digital order forms). Layered security protocol (first layer: SSL protocol, second layer: client authentication protocol) Security requirements: confidentiality authenticity Jan Jürjens, TU Munich: Secure Software Architecture Description using UML 11

Further Applications to Architectures Secure Architectural Design Principles by Saltzer, Schroeder Variant of the Internet security protocol TLS (SSL) Common Electronic Purse Specification Biometric authentication protocol for German Telekom Analysis of SAP access control configurations for German bank Telematic automobile emergency application of German car company Electronic signature architecture of German insurance company Electronic purse for Oktoberfest Jan Jürjens, TU Munich: Secure Software Architecture Description using UML 12

Jan Jürjens, TU Munich: Secure Software Architecture Description using UML 13

Conclusions Model-based Secure Software Architectures using UML: formally based approach automated tool support industrially used notation integrated approach (source-code, configuration data) Jan Jürjens, TU Munich: Secure Software Architecture Description using UML 14

Resources Jan Jürjens, Secure Systems Development with UML, Springer 04 Tutorials: e.g. WICSA 04. Nov.: SISBD (Malaga), ISSRE (Rennes). Spring School: May 2005, Carlos IV Univ. Madrid Workshops: WITS05@POPL05, CSDUML05 More information (papers, slides, tool etc.): http://www.umlsec.org Jan Jürjens, TU Munich: Secure Software Architecture Description using UML 15

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information