Date Added: Jan 2012
Developing security-critical systems is difficult and there are many well-known examples of security weaknesses exploited in practice. In particular, so far little research has been performed on the soundly based design of secure architectures, which would be urgently needed to develop secure systems reliably and efficiently. In this paper, the authors sketch some research on a sound methodology supporting secure architecture design. They give an overview over an extension of UML, called UMLsec that allows expressing security-relevant information within the diagrams in an architectural design specification. They define foundations for secure architectural design patterns. They present tool-support which has been developed for the UMLsec secure architecture approach.