Model driven development holds the promise of reducing system development time and improving the quality of the resulting products. SecureUML is an expressive UML-based language for constructing security-design models. Security design models are models that combine design specifications with specification of their security policies. The security policies might include both declarative aspects and programmatic aspects. Declarative aspects referred to static access control, like the assignment of users and permissions to roles, while programmatic referred to dynamic information, that is, to the satisfaction of authorization constraints in a given instance of a security-design model.

A formal semantic for the security models has been defined, that allow to make well-defined queries on the security-design models in order understand potentially subtle consequences of the policies they define.

During this talk the Secure UML language will be introduced. Also, using a SecureUML modeling tool that we have developed at IMDEA Software, we will show how security-design models can be specified and, more interestingly, how they can be analyzed in a rigorous and automatic way.