Modeling input validation in UML
| dc.contributor.author | Hayati, P. | |
| dc.contributor.author | Jafari, N. | |
| dc.contributor.author | Rezaei, S. M. | |
| dc.contributor.author | Sarenche, S. | |
| dc.contributor.author | Potdar, Vidyasagar | |
| dc.contributor.editor | Farookh Hussain | |
| dc.contributor.editor | Elizabeth Chang | |
| dc.date.accessioned | 2017-01-30T11:19:57Z | |
| dc.date.available | 2017-01-30T11:19:57Z | |
| dc.date.created | 2009-03-23T18:01:07Z | |
| dc.date.issued | 2008 | |
| dc.identifier.citation | Hayati, Pedram and Jafari, Nastaran and Rezaei, S mohammad and Sarenche, Saeed and Potdar, Vidyasagar. 2008. Modeling input validation in UML, in Farookh Hussain and Elizabeth Chang (ed), 19th Australian Software Engineering Conference (ASWEC 2008), Mar 25 2008, pp. 663-672.Perth, Australia: IEEE Computer Society | |
| dc.identifier.uri | http://hdl.handle.net/20.500.11937/10625 | |
| dc.identifier.doi | 10.1109/ASWEC.2008.4483260 | |
| dc.description.abstract |
Security is an integral part of most software systems but it is not considered as an explicit part in the development process yet. Input validation is the most critical part ofsoftware security that is not covered in the design phase of software development life-cycle resulting in many security vulnerabilities. Our objective is to extend UML to new integrated jramework for model driven security engineering leading to ideal way to design more secure software. Input validation in UML has not been addressed previously, hence we incorporate input validation into UML diagrams such as use case, class, sequence and activity. This approach has some advantages such as preventing jrom common input tampering attacks, having both security and convenience in software at high level of abstraction and ability of solving the problem ofweak security backgroundfor developers. | |
| dc.publisher | IEEE Computer Society | |
| dc.title | Modeling input validation in UML | |
| dc.type | Conference Paper | |
| dcterms.source.startPage | 663 | |
| dcterms.source.endPage | 672 | |
| dcterms.source.issn | 15300803 | |
| dcterms.source.title | Proceedings of the 19th Australian software engineering conference (ASWEC 2008) | |
| dcterms.source.series | Proceedings of the 19th Australian software engineering conference (ASWEC 2008) | |
| dcterms.source.conference | 19th Australian Software Engineering Conference (ASWEC 2008) | |
| dcterms.source.conference-start-date | Mar 25 2008 | |
| dcterms.source.conferencelocation | Perth, Australia | |
| dcterms.source.place | Australia | |
| curtin.note |
Copyright © 2008 IEEE | |
| curtin.note |
This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All persons copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder. | |
| curtin.department | Centre for Extended Enterprises and Business Intelligence | |
| curtin.accessStatus | Open access |