[Impressum] [E-Mail]

Modeling Online-Banking (2)

The next step is to describe the data types and messages with UML class diagrams and the communication structure and attacker capabilities with an UML deployment diagram.

• Classes with the stereotype <<Service>>, <<PC>> or <<User>> describe components. In this example AccountOwner, AccountOwnerPC and Bank. This components have some attributes and use messages to interact with each other. The banks are defined as stateful services. That means that every invoker get a new instance of the service Bank. Each bank has a list of accounts and the invoker created instances of one Bank, access the same list of accounts. This is modelled by the attribute accounts and the stereotype <<static>>. Furthermore, the accounts have to be initialized during the deployment that is defined by the stereotype <<Initialize>>. accounts is a list of key value pairs. This is described by the stereotype <<key>> on the attribute accountNumber of class Account. That means with an accountNumber an Account can be uniquely identified.  The stereotype <<singed>> can  be applied on attributes and describes that the attribute is an signature. This signature can be verified with a public key (see verifyKey in class Bank). Passwords and other secret informations are defined by the data type Secret. An attacker must not lern some secrets.

        

• The attacker capabilities are described in the deployment diagram by the stereotype <<Threat>>. Our attacker model support a full Dolev-Yao attacker who is able to read, send, and suppress messages on the fly, but also an attacker who can also have only a subset of these abilities. The stereotype <<TLS+SSA>> describes that Transport Layer Security with server side authentication will be applied. This will influence the attacker abilities . <<User>> models a human that interacts with a <<PC>>, and we are not really interested in "attacks'' on the communication area between a user and a pc. 

        

• Messages that are exchanged between components (exclude the user messages) are defined as classes that derive from the class Message and messages between an user and a pc are derived from a class with the stereotype Usermessage.

       

Back, Next Step: Detailed model with activity diagrams