Zusammenfassung:
Secure web applications are becoming increasingly important due to rising cybercrime as well as the growing awareness of data privacy. Since adding security features to already existing applications can be a very time-consuming task, it is important to take security aspects into account while planning and modeling a web application. In this thesis, the challenges of security in the web and currently existing security and web engineering approaches are investigated in order to create a comprehensive and coherent security modeling technique for web applications.
Web developers should be enabled to model security aspects as authentication, access control and secure connections efficiently. For this purpose, the UML-based Web Engineering (UWE) approach, which has been developed at the Institute of Programming and Software Engineering of the Ludwig-Maximilians-Universität München is enhanced. Despite its seamless integration into UWE, the concept presented here can also be utilized independently for other UML-based modeling techniques.
In order to create a versatile approach, the functionality of the MagicDraw plugin MagicUWE is complemented by appropriate features. A case study of a Hospital Information System verifies the suitability for daily use of the approach as well as of the tool. To this effect, a prototype is not only modeled, but also implemented. Additionally, an address book example presents alternatives regarding the usage of modeling elements.
Download:
BuschDA.pdf