Abstract
Abstract Security specifications are controls and constraints on the behavior of the software and can be used to develop more secure software from the beginning. Many specification languages have been proposed to represent security specifications. However, all these specification languages are at a higher level of abstraction and can only be used to represent overall business-level design decisions. Such specifications provide guidance to the developers but do not lay out the details of the dynamic behavior that has to be implemented during the coding phase. In this paper, we propose to use UML state machine diagrams to represent detailed dynamic behavior of design-level security specifications. We argue that these behaviors when used by the developer for implementation will enable them to avoid crucial security vulnerabilities.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
