RésuméUMLsec is an extension of UML that allows one to define security-related properties on a set of UML diagrams, as well as to check whether or not the diagrams fulfil those properties. It is a sound and eficient way of making sure that security properties are actually enforced during the software modelling phase.
If a model does not fulfil a UMLsec property, we propose a way of (semi-)automatically modify it in order for the desired property to be correctly enforced.
But still, mistakes can easily arise when translating the UML diagrams to code. Therefore, we propose a way to automatically generate code from the model that will fulfil the same security properties as the model does. We compare the Object-Oriented and the Aspect-Oriented approaches, and select one to be implemented.
|la date de réponse||2009|
|Superviseur||PIERRE-YVES SCHOBBENS (Promoteur)|