2014 23rd Australian Software Engineering Conference (ASWEC) (2014)
Milsons Point, NSW, Australia
April 7, 2014 to April 10, 2014
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ASWEC.2014.18
Enterprise security management requires capturing different security and IT systems' details, analyzing and enforcing these security details, and improving employed security to meet new risks. Adopting structured models greatly helps in simplifying and organizing security specification and enforcement processes. However, existing security models are generally limited to specific security details and do not deliver a comprehensive security model. They also often do not have user-friendly notations, being complicated extensions of existing modeling languages (such as UML). In this paper, we introduce a comprehensive Security Domain Specific Visual Language (SecDSVL), which enables capturing of key security details to support enterprise systems security management process. We discuss our SecDSVL, tool support and the model-based enterprise security management approach it supports, give a usage example, and present evaluation experiments of SecDSVL.
Security, Unified modeling language, Visualization, Color, Shape, Passive optical networks, Analytical models
M. Almorsy and J. Grundy, "SecDSVL: A Domain-Specific Visual Language to Support Enterprise Security Modelling," 2014 23rd Australian Software Engineering Conference (ASWEC), Milsons Point, NSW, Australia, 2014, pp. 152-161.