Artificial Intelligence In Microbiology by Dr. Prince C P
MDEML_UMLsec4Edge Extending UMLsec to model data-protection-compliant edge computing systems.pdf
1. UMLsec4Edge: Extending UMLsec to model
data-protection-compliant edge computing systems
Sven Smolka, Jan Laufer, Zoltán Ádám Mann, Klaus Pohl
48th Euromicro Conference Series on Software Engineering and Advanced Applications
5. SOFTWARE SYSTEMS ENGINEERING
Motivation: Information Security
Source: International Organization for Standardization. Information technology –security techniques– information security management systems–
overview and vocabulary. International Organization for Standardization Std, 27(000):2018,2018 5
Data Protection
(e.g., GDPR)
Information Security
(ISO 27000:2018)
Information Security (ISO 27000:2018)
Preservation of:
• confidentiality,
• integrity,
• availability of information
Moreover:
• authenticity,
• accountability,
• non-repudiation,
• reliability
6. SOFTWARE SYSTEMS ENGINEERING
Motivation: Data Protection
European General Data Protection Regulation (GDPR)
Goal: “Protection of natural persons with regard to the
processing of personal data and on the free movement of
such data”
Personal data: “any information relating to an identified or
identifiable natural person” (e.g., name, address, location
data)
GDPR defines data-related roles: Data Subject, Data
Controller, Data Processor, Third Party
GDPR stipulates the need for data protection by design
Source: General Data Protection Regulation, “Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the
protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive
95/46/EC,” Official Journal of the European Union, p. L119, 016.
6
Data Protection
(e.g., GDPR)
Information Security
(ISO 27000:2018)
7. SOFTWARE SYSTEMS ENGINEERING
Motivation: Overview
7
Edge Computing
Data Protection
(e.g., GDPR)
Information Security
(ISO 27000:2018)
Measures
for personal
data
protection
10. SOFTWARE SYSTEMS ENGINEERING
Motivation: The need for Edge Computing
10
Cloud
End devices
Two major problems:
• High communication latencies
• Network bandwidth congestion
Data processing at the edge of the network
(Edge computing)
12. SOFTWARE SYSTEMS ENGINEERING
Motivation: Overview
12
Measures
for personal
data
protection
Data Protection
(e.g., GDPR)
Information Security
(ISO 27000:2018)
Edge nodes
End devices
Cloud
13. SOFTWARE SYSTEMS ENGINEERING
Motivation: Complexity of Edge computing systems
13
Edge nodes
End devices
Cloud
Enforcing Privacy by design is difficult
Edge computing systems are complex:
• Heterogeneous devices and networks
• Unknown & untrusted actors with different
data-related roles
• Resource constrained devices
• Dynamic network structures
• …
14. SOFTWARE SYSTEMS ENGINEERING
Data-protection-related requirements on modeling languages for modeling the static architecture of
edge computing systems [1]:
• (R-1) Network properties
• (R-2) Devices
• (R-3) Actors
• (R-4) Data properties
Motivation: Privacy by design in Edge computing
14
No modeling language which covers all requirements
GDPR requires systems processing personal data to ensure data protection by design
Data protection challenges must be considered already in the static architectural design of the system
Modeling languages are commonly used for the architectural design of a system
15. paluno – The Ruhr Institute for Software Technology
Aim of the paper:
- Create a modeling language which satisfies the
identified four requirements concerning the design of
the architecture of edge computing systems,
accounting for data protection
15
UMLsec4Edge: Extending UMLsec to model data-protection-compliant edge computing systems
16. SOFTWARE SYSTEMS ENGINEERING
Privacy by design in Edge Computing using UMLsec
16
Data-protection-related requirements on modeling languages for modeling the static architecture of
edge computing systems [1]:
• (R-1) Network properties
• (R-2) Devices
• (R-3) Actors
• (R-4) Data properties
Partially fulfilled by UMLsec
Fulfilled by UMLsec
UMLsec is capable of modeling information security aspects for software systems
We identified the UML profile UMLsec as a promising starting point for modeling data protection
concerns in edge computing systems
We have investigated several related works in order to find a modeling language that we can use as
a starting point
17. SOFTWARE SYSTEMS ENGINEERING
17
Research Approach
Creation of the
UML profile
secEdge
Previous work: [1] This work
Application of
UMLsec4Edge
to real-world
use cases
Data protection-related
requirements secEdge UMLsec4Edge UMLsec4Edge deployment &
class diagrams
Integration of the
secEdge profile
into the UMLsec
profile
18. SOFTWARE SYSTEMS ENGINEERING
18
Research Approach
Creation of the
UML profile
secEdge
Previous work: [1] This work
Application of
UMLsec4Edge
to real-world
use cases
Data protection-related
requirements secEdge UMLsec4Edge UMLsec4Edge deployment &
class diagrams
Integration of the
secEdge profile
into the UMLsec
profile
19. SOFTWARE SYSTEMS ENGINEERING
19
Restriction of UMLsec leading to non-fulfilment of the
requirements
Data protection-related
requirement
Restriction of UMLsec leading to non-fulfilment of the requirement
(R-1) Network
properties
Lack of ability to model wireless data transmission
(R-2) Devices Lack of ability to model the threat of unauthorized physical access to device
types in edge computing systems
Lack of ability to model threats between components on the same node
(R-3) Actors Lack of ability to model relationships between actors and data
Lack of ability to model trust relationships between actors
Lack of ability to model actors with multiple data-specific roles
(R-4) Data properties Already covered by UMLsec
We extend UMLsec with
respect to deployment
diagrams
We extend UMLsec with
respect to class diagrams
20. SOFTWARE SYSTEMS ENGINEERING
20
Research Approach
Creation of the
UML profile
secEdge
Previous work: [1] This work
Application of
UMLsec4Edge
to real-world
use cases
Data protection-related
requirements secEdge UMLsec4Edge UMLsec4Edge deployment &
class diagrams
Integration of the
secEdge profile
into the UMLsec
profile
21. SOFTWARE SYSTEMS ENGINEERING
21
Solution provided by UMLsec4Edge to satisfy the
requirements
Data protection-related
requirement
Restriction of UMLsec leading to non-fulfilment of the requirement Solution provided by UMLsec4Edge
Stereotype Tag
(R-1) Network
properties
Lack of ability to model wireless data transmission <<Wireless>>, <<3G>>,
<<4G>>, <<5G>>, <<RFID>>,
<<NFC>>, <<Bluetooth>>,
<<WLAN>>
(R-2) Devices Lack of ability to model the threat of unauthorized physical access to device
types in edge computing systems
<<ComputingContinuumDevice
>>, <<EndDevice>>,
<<EdgeNode>>, <<Cloud>>
Lack of ability to model threats between components on the same node <<internal>>
(R-3) Actors Lack of ability to model relationships between actors and data <<Actor>>,
<<DataTraceability>>
rights,
obligations
Lack of ability to model trust relationships between actors <<Actor>> trusts
Lack of ability to model actors with multiple data-specific roles <<Actor>> roles
(R-4) Data properties
Already covered by UMLsec
23. SOFTWARE SYSTEMS ENGINEERING
23
Research Approach
Creation of the
UML profile
secEdge
Previous work: [1] This work
Application of
UMLsec4Edge
to real-world
use cases
Data protection-related
requirements secEdge UMLsec4Edge UMLsec4Edge deployment &
class diagrams
Integration of the
secEdge profile
into the UMLsec
profile
24. SOFTWARE SYSTEMS ENGINEERING
Example of the restrictions of UMLsec in deployment
diagrams
24
No possibility to define threats emerging from wireless communication types
No possibility to define threats emerging from end
devices, edge nodes and cloud data centers
25. SOFTWARE SYSTEMS ENGINEERING
Example of the restrictions of UMLsec in class diagrams
25
No possibility to model a relationship
between the stored data and actors
No possibility to model that it is an actor with date-
specific roles
26. SOFTWARE SYSTEMS ENGINEERING
UMLsec4Edge overcoming the restrictions in
deployment diagrams
26
Stereotype Threats
<<5G>> {read}
<<Cloud>> {access}
<<EdgeNode>> {access}
<<EndDevice>> {access}
<<internal>> {delete, read, insert}
28. SOFTWARE SYSTEMS ENGINEERING
Conclusion
We presented UMLsec4Edge as an extension to UMLsec
UMLsec4Edge enables modeling of data protection aspects in the static design of edge computing
systems
• Possible to evaluate data protection in edge computing systems at design time
• Possible to identify threats to data protection in edge computing systems
Future work:
• Application of the results of this paper to related domains (e.g., IoT) / additional use cases
• Evaluation of further UMLsec diagram types
• Automated analysis of UMLsec4Edge diagrams using for example the Object Constraint Language
28
More details can be found in the paper
29. Thank you for your attention
Sven Smolka, Jan Laufer, Zoltán Ádám Mann, Klaus Pohl
48th Euromicro Conference Series on Software Engineering and Advanced Applications
30. SOFTWARE SYSTEMS ENGINEERING
Literature
[1] J. Laufer, Z. A. Mann, and A. Metzger, “Modelling data protection in fog computing
systems using UMLsec and SysML-Sec,” in MODELS-C. IEEE, 2021, pp. 777–786.
30