WorSE: A Workbench for Model-based Security Engineering

•We propose a tool-supported approach to enhance the quality of security policies.•For this goal, a Workbench for Model-based Security Engineering has been developed.•It implements a uniform method to engineer policy-specific security models.•It allows for detailed model analysis based on this uniform calculus.•It implements a novel method for heuristic safety analysis of access control models.

IT systems with sophisticated security requirements increasingly apply problem-specific security policies for specifying, analyzing, and implementing security properties. Due to their key role for defining and enforcing strategic security concepts, security polices are extremely critical, and quality assets such as policy correctness or policy consistency are essential objectives in policy engineering.This paper argues for a tool-supported policy engineering approach to increase the efficiency and quality of security policy making. The paper's general topic is WorSE, a policy engineering workbench encompassing the automation of engineering steps, pre-built model patterns, integrated plausibility checks, and model analysis tools; the paper especially focuses on tools supporting model engineering and model analysis, and describes their theoretical foundations and practical application.