Applications
The UMLsec approach has been used in a number of
industrial applications, which are documented in the
following publications (see the Further Literature link for
downloads):
- J. Jürjens, J. Schreck, P. Bartmann: Model-based
Security Analysis for Mobile Communications: An Industrial
Application of UMLsec. 30th International Conference on
Software Engineering (ICSE 2008), ACM, 2008. Documents an
application of UMLsec at O2 (Germany).
- B. Best, Jan Jürjens, and B. Nuseibeh: Model-based
Security Engineering of Distributed Information Systems
using UMLsec 29th International Conference on Software
Engineering (ICSE 2007), ACM, 2007, pp. 581-590. Documents
an application of UMLsec at BMW (Munich).
- Jan Jürjens: Model-based Security
Engineering for Real (Industry Day Invited Paper). 14th
International Symposium on Formal Methods (FM 2006), volume
4085 of Lecture Notes in Computer Science, Springer, 2006,
pp. 600-606. Overview over Model-based Security Engineering
and industrial applications.
- J. Jürjens. Code Security Analysis of a
Biometric Authentication System Using Automated Theorem
Provers. In 21st Annual Computer Security Applications
Conference (ACSAC 2005) IEEE, 2005, pp. 138-149. Documents
an application of UMLsec at a major German
telecommunications company.
- J. Jürjens. Developing High-Assurance Secure
Systems with UML: An Electronic Purchase Protocol. In Eighth
IEEE International Symposium on High Assurance Systems
Engineering (HASE 2004), IEEE, 2004, pp. 231-240. Documents
an application of UMLsec at a the Common Electronic Purse
Specifications developed by Visa International and other
companies (purchase transaction). (Described in more detail
in the book.)
- J. Grünbauer, H. Hollmann, J. Jürjens, and
G. Wimmel. Modelling and Verification of Layered Security
Protocols: A Bank Application. In 22nd International
Conference on Computer Safety, Reliability and Security
(SAFECOMP 2003), volume 2788 of Lecture Notes in Computer
Science, Springer, 2003, pp. 116-129. Documents an
application of UMLsec at a the German bank HypoVereinsbank.
- J. Jürjens. Modelling Audit Security for
Smart-card Payment Schemes with UMLsec. In Trusted
Information: The New Decade Challenge. International
Federation for Information Processing (IFIP), Kluwer
Academic Publishers, 2001, pp. 93-108. Proceedings of SEC
2001 - 16th International Conference on Information
Security. Documents an application of UMLsec at a the Common
Electronic Purse Specifications developed by Visa
International and other companies (load transaction).
(Described in more detail in the book.)
- M. Reininger. End-to-End Security in einem
Rückversicherungsunternehmen, externer Zugriff auf
interne Netze, 2006. Documents an application of UMLsec at a
the German reinsurance company Munich Re.
- J. Bobinger. Sicherer Einsatz elektronischer
Unterschriften im Versicherungswesen, 2005. Documents an
application of UMLsec at a the German insurance company
Allianz.
- M. Busch. Anpassung und Anwendung strukturierter
Methoden zur IT-Sicherheitsrisikoanalyse, 2005. Documents an
application of UMLsec at a the German chip manufacturer
Infineon.
- M. Raith. Modellbasierte Sicherheitsanalyse eines
Bezahlungssystemes, 2005. Documents an application of UMLsec
at a a German smart-card application provider.
- R. Rumm. Sicherheitsanalyse komplexer
Telematiksysteme am Beispiel der elektronischen
Gesundheitskarte, 2004. Documents an application of UMLsec
at the smart-card based German health-card developed by the
German government.
|