MAC and UML for secure software design

The design of large scale, interacting, software applications is a complex task, with the inclusion of security often delegated to latter stages of the lifecycle. Security must be a first class citizen in this process, at early and all stages of the lifecycle, in support of security policy definition, authorization, authentication, enforcement, and security assurance. One of the dominant players in software design is the unified modeling language, UML, a language for specifying, visualizing, constructing and documenting software artifacts. In UML, diagrams provide alternate perspectives for different stakeholders (e.g., users, designers, software engineers, etc.) and offer complementary representations of different parts of the system. Of particular interest are usecase diagrams for the interaction of users with system components, class diagrams for the static classes and relationships among them, and sequence diagrams for the dynamic behavior of instances of the class diagram. However, UML's support for the definition of security requirements for these diagrams and their constituent elements (e.g., actors, systems, use cases, classes, instances, include/extend/generalize relationships, methods, data, etc.) is lacking. In this paper, we address this issue by incorporating mandatory access control (MAC) into UML use-case, class, and sequence diagrams, providing support for the definition of clearances and classifications for relevant UML elements. In addition, we provide a framework for security assurance