Fraunhofer-Gesellschaft

Publica

Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten.

Model-based privacy and security analysis with CARiSMA

 
: Ahmadian, A.S.; Peldszus, S.; Ramadan, Q.; Jürjens, J.

:

Bodden, Eric (Ed.); Schäfer, Wilhelm (Ed.); Deursen, Arie van (Ed.); Zisman, Andrea (Ed.):
11th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE 2017). Proceedings : Paderborn, Germany, September 04 - 08, 2017
New York: ACM Press, 2017
ISBN: 978-1-4503-5105-8
pp.989-993
Joint Meeting of the European Software Engineering Conference (ESEC) <11, 2017, Paderborn>
Symposium on the Foundations of Software Engineering (FSE) <2017, Paderborn>
English
Conference Paper
Fraunhofer ISST ()

Abstract
We present CARiSMA, a tool that is originally designed to support model-based security analysis of IT systems. In our recent work, we added several new functionalities to CARiSMA to support the privacy of personal data. Moreover, we introduced a mechanism to assist the system designers to perform a CARiSMA analysis by automatically initializing an appropriate CARiSMA analysis concerning security and privacy requirements. The motivation for our work is Article 25 of Regulation (EU) 2016/679, which requires appropriate technical and organizational controls must be implemented for ensuring that, by default, the processing of personal data complies with the principles on processing of personal data. This implies that initially IT systems must be analyzed to verify if such principles are respected. System models allow the system developers to handle the complexity of systems and to focus on key aspects such as privacy and security. CARiSMA is available at (http://carisma.uml sec.de) and our screen cast at (https://youtu.be/b5zeHig3ARw).

: http://publica.fraunhofer.de/documents/N-470710.html