Bridging model-based and language-based security
Paper i proceeding, 2003

We present a way to support the development of software applications that takes into account confidentiality issues, and how the developed code can be automatically verified. We use the Unified Modelling Language (UML) together with annotations to permit confidentiality to be considered during the whole development process from requirements to code. We have provided support for software development using UML diagrams so that the code produced can be be validated by a language-based checker, in our case Jif (Java information flow). We demonstrate that the combination of model-based and language-based security is compelling.

Författare

Rogardt Heldal

Chalmers, Institutionen för datavetenskap

Computer Security - ESORICS 2003, 8th European Symposium on Research in Computer Security, Gjøvik, Norway, October 13-15. Proceedings. Lecture Notes in Computer Science

Vol. 2808 235-252

Ämneskategorier

Data- och informationsvetenskap

ISBN

3-540-20300-1