@InBook{ basin.ea:model:2005-b, abstract = {We present a new approach to building secure systems. In our approach, which we call Model Driven Security, designers specify system models along with their security requirements and use tools to automatically generate system architectures from the models including complete, configured security infrastructures. Rather than fixing one particular modeling language for this process, we propose a general schema for constructing such languages that combines languages for modeling systems with languages for modeling security. We present several instances of this schema that combine (both syntactically and semantically) different UML modeling languages with a security modeling language for formalizing access control requirements. From models in the combined languages, we automatically generate security architectures for distributed applications, built from declarative and programmatic access control mechanisms. We have implemented this approach and report on a case-study with the resulting tool.}, author = {David Basin and J{\"u}rgen Doser and Torsten Lodderstedt}, booktitle = {Engineering Theories of Software Intensive Systems}, chapter = {Part IV}, copyright = {© Springer. Ein Unternehmen von Springer Science+Business Media}, copyrighturl = {http://www.springeronline.com/sgw/cda/frontpage/0,11855,1-40007-22-45855292-detailsPage=ppmmedia\|toc\|toc,00.html} , editor = {Manfred Broy and Johannes Gr\"unbauer and David Harel and Tony Hoare}, isbn = {1-4020-3530-6}, language = {USenglish}, pages = {353--398}, pdf = {papers/2005/marktoberdorf.pdf}, publisher = {Springer}, title = {Model Driven Security}, volume = 195, year = 2005, user = {bgeiser} }