Security Analysis of a Biometric Authentication System Using UMLsec and JML

Free registration required

Executive Summary

Quality assurance for security-critical systems is particularly challenging: many systems are developed, deployed, and used that do not satisfy their security requirements. A number of software engineering approaches have been developed over the last few years to address this challenge, both in the context of model-level and code-level security assurance. However, there is little experience so far in using these approaches in an industrial context, the challenges and benefits involved and the relative advantages and disadvantages of different approaches. This paper reports on experiences from a practical application of two of these security assurance approaches.

  • Format: PDF
  • Size: 115.94 KB