Utilizing Role Based Modeling Language to Determine a System’s Safety From an Advanced Persistent Threat

Loading...
Thumbnail Image

Authors

Johnson, Andrew

Date of Issue

2019-04-01

Type

thesis

Language

Subject Keywords

Advanced Persistent Threat, APT, Unified Modeling Language, UML, Role Based Modeling Language, RBML, security pattern

Research Projects

Organizational Units

Journal Issue

Other Titles

Abstract

With Advanced Persistent Threats (APTs) becoming a larger threat among the cyber world, it is important that software is designed with security in mind. In order to aide this process, software developers can use security design patterns when creating systems. This helps to ensure that all aspects of a system’s design are concerned with security, because any one point of weakness can still lead to the compromise of the entire system. We propose a method of determining if a system contains a specific security pattern, and we suggest several security patterns which might be helpful in deterring a specific APT. We utilize an algorithm based on graph homomorphism theory that gives a metric for how close a Unified Modeling Language (UML) model is to being a realization of a security pattern, from which it may be verified that a system is indeed a realization of the Role Based Modeling Language (RBML) model of the pattern. We find that our distance metric gives the desired result for several example applications.

Description

Citation

Publisher

License

Journal

Volume

Issue

PubMed ID

DOI

ISSN

EISSN