DOI: 10.14569/IJACSA.2023.0140671

Proposed Secure Activity Diagram for Software Development

Author 1: Madhuri N. Gedam
Author 2: Bandu B. Meshram

International Journal of Advanced Computer Science and Applications(IJACSA), Volume 14 Issue 6, 2023.

Abstract: Unified Modeling Language (UML) activity diagrams are derived from use case diagrams. It becomes essential to incorporate security features and maintain consistency in the diagrams during analysis phase of Software Development Life Cycle (SDLC). As part of current software development practices, software security must be a constant effort. The activity diagrams are used to model business process. The detailed analysis of activity diagram is done. The challenge lies in viewing the main activity diagram from attacker's perspective and providing defense mechanism to mitigate the attacks. This paper presents an extension of the activity diagram named SecUML3Activity to provide security with Object Constraint Language (OCL) constraints using Five Primary Security Input Validation Attributes (FPSIVA) parameters for input validation. It also proposed three security color code notations and stereotypes in activity diagrams. White color is used to represent activity diagram in normal state. Red color in dotted line is used to represent attack activity components. Blue color with double line is used to represent the defensive activity components. The defense mechanism algorithm against SQL Injection (SQLI) attack, Cross Site Scripting (XSS) attack, DoS/ DDoS attack, access validation attack is provided. The mapping of Secure 3-Use Case diagram with SecUML3Activity diagram is done through mathematical modeling.

Keywords: Unified modeling language; activity diagram; object constraint language; SQL injection; use case diagram

Madhuri N. Gedam and Bandu B. Meshram, “Proposed Secure Activity Diagram for Software Development” International Journal of Advanced Computer Science and Applications(IJACSA), 14(6), 2023. http://dx.doi.org/10.14569/IJACSA.2023.0140671

@article{Gedam2023,
title = {Proposed Secure Activity Diagram for Software Development},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2023.0140671},
url = {http://dx.doi.org/10.14569/IJACSA.2023.0140671},
year = {2023},
publisher = {The Science and Information Organization},
volume = {14},
number = {6},
author = {Madhuri N. Gedam and Bandu B. Meshram}
}


Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

IJACSA

Upcoming Conferences

IntelliSys 2025

28-29 August 2025

Future Technologies Conference 2025

6-7 November 2025

Healthcare Conference 2026

21-22 May 2026

Computing Conference 2026

9-10 July 2026

IntelliSys 2026

3-4 September 2026

Computer Vision Conference 2026

15-16 October 2026