Go home now Header Background Image
Search
Submission Procedure
share: |
Special Issues
Submission Procedure
Aims and Scope
Board of Editors
What's New
 
Follow us
 
Articles by Topics
Articles by Author
Geographical Mashup
List of Topics
 
Printed Publications
 
Volume 26 (2020)
Volume 25 (2019)
Volume 24 (2018)
Volume 23 (2017)
Volume 22 (2016)
Volume 21 (2015)
Volume 20 (2014)
Volume 19 (2013)
Volume 18 (2012)
Volume 17 (2011)
Volume 16 (2010)
Volume 15 (2009)
Issue 1
Issue 2
Issue 3
Issue 4
Issue 5
Issue 6
Issue 7
Issue 8
Issue 9
Issue 10
Issue 11
Issue 12
Issue 13
Issue 14
Issue 15
Issue 16
Issue 17
Issue 18
Volume 14 (2008)
Volume 13 (2007)
Volume 12 (2006)
Volume 11 (2005)
Volume 10 (2004)
Volume 9 (2003)
Volume 8 (2002)
Volume 7 (2001)
Volume 6 (2000)
Volume 5 (1999)
Volume 4 (1998)
Volume 3 (1997)
Volume 2 (1996)
Volume 1 (1995)
Volume 0 (1994)
 
Collection of other papers
Volume 15 / Issue 15

available in:   PDF (870 kB) PS (2 MB)
 
get:  
Similar Docs BibTeX   Write a comment
  
get:  
Links into Future
 
DOI:   10.3217/jucs-015-15-2957

 

ModelSec: A Generative Architecture for Model-Driven Security

Óscar Sánchez (University of Murcia, Spain)

Fernando Molina (University of Murcia, Spain)

Jesús García-Molina (University of Murcia, Spain)

Ambrosio Toval (University of Murcia, Spain)

Abstract: Increasingly, the success of software systems depends largely on how their security requirements are satisfied. However, developers are challenged in implementing these requirements, mainly because of the gap between the specification and implementation, and the technical complexities of the current software infrastructures. Recently, Model-Driven Security has emerged as a new software development area aimed at overcoming these difficulties. This new paradigm takes advantage of the benefits of the model driven software development techniques for modeling and implementing security concerns. Following this trend, this paper proposes a model driven security approach named ModelSec that offers a generative architecture for managing security requirements, from the requirement elicitation to the implementation stage. This architecture automatically generates security software artifacts (e.g. security rules) by means of a model transformation chain composed of two-steps. Firstly, a security infrastructure dependent model is derived from three models, which express the security restrictions, the design decisions and the information needed on the target platform. Then, security software artifacts are produced from the previously generated model. A Domain-Specific Language for security requirements management has been built, which is based on a metamodel specifically designed for this purpose. An application example that illustrates the approach and the Eclipse tools implemented to support it are also shown.

Keywords: model driven engineering, model driven security, requirements engineering, requirements metamodelling

Categories: D.2.1