@TechReport{	  basin.ea:model:2003-b,
  abstract	= {We present a new approach to building secure systems. In
		  our approach, which we call model driven security,
		  designers specify system models along with their security
		  requirements and use tools to automatically generate system
		  architectures from the models including complete,
		  configured security infrastructures. Rather than fixing one
		  particular modeling language for this process, we propose a
		  schema for constructing such languages that combines
		  languages for modeling systems with languages for modeling
		  security. We present different instances of this schema,
		  which combine different UML modeling languages with a
		  security modeling language for formalizing access control
		  requirements. From models in these languages, we
		  automatically generate security architectures for
		  distributed applications, built from declarative and
		  programmatic access control mechanisms. The modeling
		  languages and generation process are semantically
		  well-founded and are based on an extension of role-based
		  access control. We have implemented this approach in a
		  UML-based CASE tool and report on experiments.},
  author	= {David Basin and J{\"u}rgen Doser and Torsten Lodderstedt},
  institution	= {ETH Z\"urich},
  language	= {USenglish},
  month		= {July},
  number	= 414,
  pdf		= {papers/2003/414.pdf},
  ps		= {papers/2003/414.ps.gz},
  title		= {Model Driven Security: from {UML} Models to Access Control
		  Infrastructures },
  url		= {http://www.inf.ethz.ch/research/publications/techreports/show?serial=414&lang=en}
		  ,
  year		= 2003,
  user		= {doserj}
}