A framework for software security in UML with assurance

Date of Completion

January 2008


Computer Science




Software security is becoming increasingly invasive in all aspects of a software application but the inclusion of security in software development has often been an afterthought and delayed to latter stages of the software development life cycle instead of performed from the beginning of the design phase. That practice may result in serious and costly aftermaths. Unified Modeling Language (UML) is a well-known language for specifying, visualizing, constructing and documenting software artifacts but lacks the facilities to directly integrate security features into the UML diagrams and a mechanism of analysis and verification of secure designs at the design phase. To support the security integration at the design phase and overcome the shortfalls of UML in terms of security assurance, this dissertation provides a practical approach with a formal underpinning to incorporate and maintain security features during an application's requirement and design phases of the software process via UML. Specifically, this dissertation includes a three-component framework consisting of: (i). UML Extended with Security Capabilities - This aspect of our work integrates the security requirements and design into the software process by augmenting UML requirements definition (use case diagram) and design (class and sequence diagrams) with visual and non-visual security extensions and constraints for RBAC, MAC, and lifetimes. The intent is to provide the means for stakeholders to define, verify, analyze, evolve, etc., the security requirements as an application is created and modified in UML; (ii). Persistent and Dynamic State Capturing and Maintenance - UML plus security extensions as realized within a formal functional model provides the means to define and maintain a design state. Our approach tracks the content of design for an application (security and non-security) and all actions taken by stakeholders as part of the process. Our work provides the specification of design actions as (meta-)functions on the current state and a design element to generate a new state (as a state function); and (iii). Security Assurance via Constraint Checking - This final component of our work involves the ability to offer a degree of security conformity assurance via the checking of security constraints as an application's design are created and changed over time. To accomplish this, we define the concept of a security conforming design state and two modes of checking: design-time (instantly check whenever the designer draws a new design element or edits an existing design element in the UML design) and post-design (execute the checks across all design elements at once after the designer has reached a milestone or version in an application's UML design). Therefore, our approach specifies a new direction of semi-automatic tracking, checking, and maintaining the security conformity status of a UML design that improves the integrity of the software application in terms of security concerns. ^