The increasing use of software in all aspects of our lives, e.g. banking, commerce, vehicles, health care and so on, makes software security an extremely important issue. Software security aims at instilling security into software development to ensure continuous, correct functioning also under malicious attacks. As complexity of the software components constantly increases, it also becomes more and more important to put in place tools to automate and help to secure the software.
This book presents a novel approach on how to systematically security-harden the software design models which are expressed in the standard UML language. It combines model-driven engineering and the aspect-oriented paradigm to integrate security practices into the early phases of the software development process. The book builds on the results of 4 years of research by Ericsson Research and Concordia University.