Login | Register

Dynamic matching and weaving semantics for executable UML models

Title:

Dynamic matching and weaving semantics for executable UML models

Ziarati, Raha (2012) Dynamic matching and weaving semantics for executable UML models. Masters thesis, Concordia University.

[img]
Preview
Text (application/pdf)
Ziarati_MASc_S2013.pdf - Accepted Version
1MB

Abstract

To develop more secure software, security concerns should be considered as an essential part of all phases of software development lifecycle. It has been observed that incorporation of security concerns after the completion of software development may result in conflicts between functional and security requirements and leads to severe
security vulnerabilities. On the other hand, security is a crosscutting concern and consequently the integration of security solutions at the software design phase may
result in scattering and tangling of security features throughout the entire design. Therefore, in the case of large scale software (e.g., hundreds of UML classes), the
resulting UML design models may become more complex and difficult to understand. Moreover, adding security manually is tedious and may lead to additional security flaws.
Aspect-Oriented Modeling is an appropriate approach to systematically integrate security at the design phase as it allows the separation of crosscutting concerns from the core functionality. In this research work, we provide formal semantics for aspect matching and weaving on executable UML models, particularly for activity diagrams. The semantics is based on a defunctionalized continuation-passing style since it provides a concise and elegant description of aspect-oriented mechanisms. In addition, we have extended our framework and provided semantics for control and data flow pointcuts as these pointcuts are beneficial from a security perspective and are used to detect vulnerabilities related to information flow.

Divisions:Concordia University > Gina Cody School of Engineering and Computer Science > Concordia Institute for Information Systems Engineering
Item Type:Thesis (Masters)
Authors:Ziarati, Raha
Institution:Concordia University
Degree Name:M.A. Sc.
Program:Information Systems Security
Date:October 2012
Thesis Supervisor(s):Debbabi, Mourad and Wang, Lingyu
ID Code:974888
Deposited By: RAHA ZIARATI
Deposited On:07 Jun 2013 14:46
Last Modified:18 Jan 2018 17:39
All items in Spectrum are protected by copyright, with all rights reserved. The use of items is governed by Spectrum's terms of access.

Repository Staff Only: item control page

Downloads per month over past year

Back to top Back to top