UMLSec. IS 2620 Developing Secure Systems Courtesy of Jan Jürjens , who developed UMLsec. Lecture 12. Critical/High assurance Systems Development. High quality development of critical systems (dependable, security-critical, real-time,...) is difficult .
Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.
IS 2620 Developing Secure SystemsCourtesy of Jan Jürjens, who developed UMLsec
No coherent and complete methodology to ensure security in the construction of large general-purpose systems exists …
Simulates power outages and 911 emergency telephone overloads in Washington, D.C..
– Needham-Schroeder protocol (1978)
– attacks found 1981 (Denning, Sacco), 1995 (Lowe)
“Those who think that their problem can be solved by simply applying cryptography don`t understand cryptography and don`t understand their problem” (Lampson, Needham).
Exploit information spreads quickly.
Consider critical properties
High Assurance/Secure design by model analysis.
High Assurance/Secure implementation by test generation.
Unified Modeling Language (UML):
For each component or
A special case of
“Pay” may be «provable»
<<secure dependency>>provided ?
Violates<<secure dependency>> : Randomgeneratorand<<call>>dependency do not givesecurity level forrandom()tokey generator.
Formalize by referring to formal behavioral semantics.
<<no down–flow>>provided ?
Assumption: A does not know data being protected
Variant of TLS (INFOCOM`99):
<<data security>>against default adversary provided ?
slot could be “between 1 and 2PM