Date Added: Oct 2012
Recently security has become one of the major concerns in Information System (IS) development. Different security modeling language or security extension is used to model security features of IS. Mal Activity Diagram (MAD) is used at the design stage to represent security aspect. But it cannot model all the security risk management concepts. Without full coverage of concepts, it is not possible to model an IS efficiently and correctly. In this paper, first the authors propose a meta model for MAD which will help developers or other stakeholders to understand and use MAD correctly. Then, they propose syntactic and semantic extensions of MAD to model all the risk management concepts.