Jan Jürjens - Böcker

?Privacy is a burden for most organizations, the more complex and wider an organization is, the harder to manage and enforce privacy is.GDPR and other regulations on privacy impose strict constraints that must be coherently enforced, considering also privacy needs of organization and their users.

This book constitutes the refereed proceedings of the 6th International Symposium on Engineering Secure Software and Systems, ESSoS 2014, held in Munich, Germany, in February 2014. The 11 full papers presented together with 4 idea papers were carefully reviewed and selected from 55 submissions. The symposium features the following topics: model-based security, formal methods, web and mobile security and applications.

Attacks against computer systems can cause considerable economic or physical damage. High-quality development of security-critical systems is difficult, mainly because of the conflict between development costs and verifiable correctness.Jurjens presents the UML extension UMLsec for secure systems development. It uses the standard UML extension mechanisms, and can be employed to evaluate UML specifications for vulnerabilities using a formal semantics of a simplified fragment of UML. Established rules of security engineering can be encapsulated and hence made available even to developers who are not specialists in security. As one example, Jurjens uncovers a flaw in the Common Electronic Purse Specification, and proposes and verifies a correction.With a clear separation between the general description of his approach and its mathematical foundations, the book is ideally suited both for researchers and graduate students in UML or formal methods and security, and for advanced professionals writing critical applications.

High-quality development of security-critical systems is difficult, mainly because of the conflict between development costs and verifiable correctness.Jürjens presents the UML extension UMLsec for secure systems development.