Excerpts
First 20 Pages
Amazon "Search Inside"
Table of Contents (as .pdf file)
-
Foreword
-
Preface
Part I Prologue
-
Introduction
- Overview
- Outline
- How to Use this Book
-
Walk-through: Using UML for Security
- Security Requirements Capture with Use Case Diagrams
- Secure Business Processes with Activity Diagram
- Physical Security Using Deployment Diagrams
- Security-Critical Interaction with Sequence Diagrams
- Secure States Using Statechart Diagrams
-
Background
- Security Engineering
- Unified Modeling Language
- Analyzing UML Models
Part II Developing Secure Systems
-
Model-based Security Engineering with UML
- UMLsec Profile
- Design Principles for Secure Systems
- Applying Security Patterns
- Notes
- Discussion
-
Applications
- Secure Channels
- A Varian of the Internet Protocol TLS
- Comon Electronic Purse Specifications
- Developing Secure Java Programs
- Further Applications
- Notes
- Discussion
Part III Tool Support
-
Tool support for UMLsec
- Extending UML CASE Tools with Analsis Tools
- Automated Tools for UMLsec
- Linking Models to Rumtime Data: SAP R/3 Permissions
- Linking Models to Code
- Notes
- Diskussion
-
Formal Foundation
- UML Machines
- UML Machines Systems
- Refinement
- Rely-Guarantee Specifications
- Reasoning About Security Properties
- Notes
- Discussion
-
Formal Systems Development with UML
- Formal Semantics for a Fragment of UML
- Development with UML
- Notes
- Discussion
Part IV Epilogue
-
Further Material
- More on the UMLsec Approach
- Other Approaches to Security Engineering
-
Outlook
Part V Appendices
-
Towards UML 2.0
-
The Semantics of UML Machine Rules
-
Proofs
- UML Machines
- Refinement
- Rely-Guarantee Specifications
- Reasoning About Security Properties
- Formal Systems Development with UML
- Secure Channels
- A Variant of the Internet Protocol TLS
- Common Electronic Purse Specifications