1. Trang chủ
  2. » Thể loại khác

Secure systems development with UML ( 2005)

317 25 0

Đang tải... (xem toàn văn)

Tài liệu hạn chế xem trước, để xem đầy đủ mời bạn chọn Tải xuống

THÔNG TIN TÀI LIỆU

Thông tin cơ bản

Định dạng
Số trang 317
Dung lượng 2,35 MB

Các công cụ chuyển đổi và chỉnh sửa cho tài liệu này

Nội dung

delivery due delivered undeliveredBusiness Customer Wait until Deliver Pick up Reclaim Pay Request good {start={Pay}} {stop={Reclaim,Pick up}} Purchase «fair exchange»... receive /return

Trang 1

Jan Jürjens

Secure Systems Development with UML

Trang 3

Library of Congress Control Number: 2004112217

ACM Computing Classification (1998): D.2.2, D.2.4

ISBN 3-540-00701-6 Springer Berlin Heidelberg New York

Jan Jürjens

Dep of Informatics

Software and Systems Engineering

Technische Universität München

Springer is a part of Springer Science+Business Media

Cover design: KünkelLopka, Heidelberg

Production: LE-TeX Jelonek, Schmidt & Vöckler GbR, Leipzig

Typesetting: by the Authors

Printed on acid-free paper 45/3142/YL - 5 4 3 2 1 0

Trang 18

7>-

Trang 33

delivery due delivered undelivered

Business Customer

Wait until

Deliver

Pick up Reclaim

Pay Request good

{start={Pay}} {stop={Reclaim,Pick up}}

Purchase «fair exchange»

Trang 36

money+x wm(x) [money<1000]

rx()/return(false) rm()/return(money)

/money:=0

«no down−flow»

Trang 43

Sender sending

Trang 44

Send

Request Wait

Trang 45

9

Trang 47

n:=n+1 entry/

c

entry/nt:=0 entry/n:=0

i

l entry/

n<limit nt<limit

Trang 49

receive() /return(d’)

transmit(d’) r:

R:Receiver send(d:Data)

«send»

S:Sender sending

Trang 63

!"#   

Trang 69

Business Customer

Wait until

Deliver

Pick up Reclaim

Pay Request good

{start={Pay}} {stop={Reclaim,Pick up}}

Purchase «fair exchange»

Trang 71

{right=(credit approver, authorize credit)}

{role=(supervisor, credit approver)}

obtain details

Trang 73

 89

Trang 75

server machine web server

Trang 76

Key generation «secure dependency»

«critical» {high={random()}}

Trang 78

tls: S :Server

i

C:Client TLS variant «data security» {adversary=default}



9





8

99





8

999

Trang 80

wm(x) money+x /money:=

money+x wm(x) [money<1000]

rx()/return(false) rm()/return(money)

Trang 82

/return [sig=bank slot=true]

[sig=cert] /return

/return [sig=finan limit=true]

ExcGd chkGd()

chkGd() chkGd()

MicroKey: Keys Sign(req:Exp):Exp Read():Exp

ExcData: Exp

[obj=StoFi] /FinGd.chkGd(sig) /return(FinEx)

CheckReq

CheckReq chkGd(sig)

MGdReturn?

FGdReturn?

/return(MicSi) return WaitReq return

Trang 86

receive() /return(d’)

transmit(d’) r:

R:Receiver send(d:Data)

«send»

S:Sender sending

Trang 87

r s

WaitReq

send(d) /request() return(C)

receive() transmit(E)

SecureChannel

R:Receiver S:Sender

Trang 91

receive() /return(d’)

transmit(d’) r:

R:Receiver send(d:Data)

«send»

S:Sender sending

Trang 92

/

Trang 93

r s

WaitReq

send(d) /request() return(C)

receive() transmit(E)

SecureChannel

R:Receiver S:Sender

Trang 96

tls: S :Server

i

C:Client TLS variant «data security» {adversary=default}



9





8

9





8999

Trang 100



8

9





8

999

33

33

Trang 101



Trang 104

Card Issuer Load

Device

Operator System POS

Device

Card

Appl.

PSAM LSAM

Trang 106

Chip Card Reader

Display (Optional)

Key Pad

Receipt Printer (Optional)

Scheme Operating Data

Transaction Data store

Power Supply

Collection Interface

PSAM

POS Terminal Application

Trang 107

«POS device» POS device

Card

C:CEPS

PSAM PSAMapp P:PSAM

P:PSAM D:Display

D:Display C:CEPS P:PSAM

purch.D entry/NT:=NT+1

99





899



Trang 115

Terminal Application Functions

Load Host

Card Issuer

Display/

Cardholder Interface Secure PIN pad

Trang 116

RespC(s3,rc)

hl,h2l) Comp(cep,lda,m,nt,r2l,s3) Load(cep,lda,m,nt,s1,ml,h

ILog

«send»

RespI(cep,nt,sl,hc) RespC(s3,rc)

Trang 119

Fail Load

Trang 122



Trang 129

«send»

hl,h2l) Comp(cep,lda,m,nt,r2l,s3) Load(cep,lda,m,nt,s1,ml,h

Trang 130

RespI Init

Trang 139

)+1      

/return [sig=bank slot=true]

[sig=cert] /return

/return [sig=finan limit=true]

ExcGd chkGd()

chkGd() chkGd()

MicroKey: Keys Sign(req:Exp):Exp Read():Exp

ExcData: Exp

[obj=StoFi] /FinGd.chkGd(sig) /return(FinEx)

CheckReq

CheckReq chkGd(sig)

MGdReturn?

FGdReturn?

/return(MicSi) return WaitReq return

Trang 141

Client Webserver Backend

Trang 146

* ##

Trang 148

M2 M3

M1 M0

Trang 151

l (U ML 1.4 M etam ode l)

4: M yU ml.x mi

Trang 153

Error Analyzer

“uses" data flow

Trang 161

user -name : String

-role_id : int

role -name : String -role_id : int

transaction -name : String

-role_id : int

-transaction_id : int

permission -name : String -role_id : int -transaction_id : int

Trang 162

+name: karen +uid: 502 +role: admins

Trang 163

constraint -element : String -condition : String

contains

0 *

type -PROHIBITION : int = 1

Trang 168

model (CASE tool) create

XML

create rules (GUI)

XML (rules)

analyzer

security−report (format defined

by templates)

SAP

Rule creation Business Application

Trang 181

9:

Trang 186

 

Trang 187

 

 

Trang 220

call(x1) /store(x2) /call(x4)

Trang 225

Wait Send

/transmit(d) send(d)

Trang 247

'#

Trang 256

)##

Trang 273

/

...

ExcGd chkGd()

chkGd() chkGd()

MicroKey: Keys Sign(req:Exp):Exp Read():Exp

ExcData: Exp

[obj=StoFi] /FinGd.chkGd(sig) /return(FinEx)... data-page="220">

call(x1) /store(x2) /call(x4)

Trang 225

Wait Send

/transmit(d) send(d)... data-page="168">

model (CASE tool) create

XML

create rules (GUI)

XML (rules)

analyzer

security−report (format defined

Ngày đăng: 07/09/2020, 14:41

TỪ KHÓA LIÊN QUAN

TÀI LIỆU CÙNG NGƯỜI DÙNG

TÀI LIỆU LIÊN QUAN