A modular meta-model for security solutions
Paper in proceedings, 2017
Designing a secure software system requires the ability to represent and reason about a wide variety of security concerns. Existing modelling representations lack a comprehensive set of security building blocks or lack support for composition or refinement of the design under consideration. We propose a new modular metamodel for representing these security designs. This model supports both composition for more complex solutions and representing different levels of abstraction to model the underlying details. This meta-model can subsequently be used for the construction of security solutions, supporting a wide range of mechanisms on a wide variety of abstraction levels, thereby providing a foundation for the security-by-design approach. © 2017 ACM.