security Archive

A UML Profile for Privacy Enforcement

A common problem when modeling software systems is the lack of support to specify how to enforce privacy concerns in data models. In this post, we propose a profile to define and enforce privacy concerns in UML class diagrams. Models annotated with our profile can be used in model-driven methodologies to generate privacy-aware applications.

A watermarking algorithm for models to protect your intellectual property

We propose the integration of digital watermarking techniques in the model-driven engineering development lifecycle as way to protect the intellectual property of your modeling artefacts in collaborative modeling scenarios

SecureMDE : International Workshop on Security for (and by) Model-Driven Engineering

We (Domenico Bianculli, Jordi Cabot and Salvador Martínez)  are organizing the first edition of SecureMDE 2018, 

Model-based Analysis of Java EE Security Configurations

Our work helps security experts to visualize, (automatically) analyse and manipulate web security access-control policies, specially for Java EE

Reverse engineering of database security policies

Automatic extraction of security policies that generates an RBAC security model from an existing database by analyzing its dictionary, views, triggers,...

Enforcing access control with model transformations

Have you ever thought about using model transformations to specify and enforce access-control policies? Check how we do it

Security in Java-based web applications – survey results

Definition of security policies is perceived as an important activity by developers, but at the same time they say it's complex and error prone. Read the full results

A short survey on security aspects in Java-based web applications – Help needed!

Help us (the researchers) to help you by answering this survey so that we can then target our security analysis algorithms to what you need!

Understanding firewall configurations: a vendor-independent access-control security model

Firewalls are a key element in network security. They are in charge of filtering the traffic

Access-control security metamodel for content management systems

Apart from this JSON paper in the main ICWE conference, AtlanMod is presenting the paper Towards

A model-driven approach for the extraction of network access-control policies

(work presented at MDsec’12 co-authored with Salvador Martínez, Joaquin García-Alfaro, Frédéric Cuppens, Nora Cuppens-Boulahia and myself).  Network security

Pin It on Pinterest