Modeling input validation in UML
Security is an integral part of most software systems but it is not considered as an explicit part in the development process yet. Input validation is the most critical part ofsoftware security that is not covered in the design phase of software development life-cycle resulting in many security vuln...
| Main Authors: | , , , , |
|---|---|
| Other Authors: | |
| Format: | Conference Paper |
| Published: |
IEEE Computer Society
2008
|
| Online Access: | http://hdl.handle.net/20.500.11937/10625 |
| _version_ | 1848747585099005952 |
|---|---|
| author | Hayati, P. Jafari, N. Rezaei, S. M. Sarenche, S. Potdar, Vidyasagar |
| author2 | Farookh Hussain |
| author_facet | Farookh Hussain Hayati, P. Jafari, N. Rezaei, S. M. Sarenche, S. Potdar, Vidyasagar |
| author_sort | Hayati, P. |
| building | Curtin Institutional Repository |
| collection | Online Access |
| description | Security is an integral part of most software systems but it is not considered as an explicit part in the development process yet. Input validation is the most critical part ofsoftware security that is not covered in the design phase of software development life-cycle resulting in many security vulnerabilities. Our objective is to extend UML to new integrated jramework for model driven security engineering leading to ideal way to design more secure software. Input validation in UML has not been addressed previously, hence we incorporate input validation into UML diagrams such as use case, class, sequence and activity. This approach has some advantages such as preventing jrom common input tampering attacks, having both security and convenience in software at high level of abstraction and ability of solving the problem ofweak security backgroundfor developers. |
| first_indexed | 2025-11-14T06:51:29Z |
| format | Conference Paper |
| id | curtin-20.500.11937-10625 |
| institution | Curtin University Malaysia |
| institution_category | Local University |
| last_indexed | 2025-11-14T06:51:29Z |
| publishDate | 2008 |
| publisher | IEEE Computer Society |
| recordtype | eprints |
| repository_type | Digital Repository |
| spelling | curtin-20.500.11937-106252022-11-21T06:47:03Z Modeling input validation in UML Hayati, P. Jafari, N. Rezaei, S. M. Sarenche, S. Potdar, Vidyasagar Farookh Hussain Elizabeth Chang Security is an integral part of most software systems but it is not considered as an explicit part in the development process yet. Input validation is the most critical part ofsoftware security that is not covered in the design phase of software development life-cycle resulting in many security vulnerabilities. Our objective is to extend UML to new integrated jramework for model driven security engineering leading to ideal way to design more secure software. Input validation in UML has not been addressed previously, hence we incorporate input validation into UML diagrams such as use case, class, sequence and activity. This approach has some advantages such as preventing jrom common input tampering attacks, having both security and convenience in software at high level of abstraction and ability of solving the problem ofweak security backgroundfor developers. 2008 Conference Paper http://hdl.handle.net/20.500.11937/10625 10.1109/ASWEC.2008.4483260 IEEE Computer Society fulltext |
| spellingShingle | Hayati, P. Jafari, N. Rezaei, S. M. Sarenche, S. Potdar, Vidyasagar Modeling input validation in UML |
| title | Modeling input validation in UML |
| title_full | Modeling input validation in UML |
| title_fullStr | Modeling input validation in UML |
| title_full_unstemmed | Modeling input validation in UML |
| title_short | Modeling input validation in UML |
| title_sort | modeling input validation in uml |
| url | http://hdl.handle.net/20.500.11937/10625 |