@InCollection{	  brucker.ea:model:2006,
  abstract	= { SecureUML is a security modeling language for formalizing
		  access control requirements in a declarative way. It is
		  equipped with a \UML notation in terms of a \UML profile,
		  and can be combined with arbitrary design modeling
		  languages. We present a semantics for SecureUML in terms of
		  a model transformation to standard \acs{uml}/\acs{ocl}. The
		  transformation scheme is used as part of an implementation
		  of a tool chain ranging from front-end visual modeling
		  tools over code-generators to the interactive theorem
		  proving environment \holocl. The methodological
		  consequences for an analysis of the generated \OCL formulae
		  are discussed.},
  address	= {Genova},
  author	= {Achim D. Brucker and J{\"u}rgen Doser and Burkhart Wolff},
  booktitle	= {{MoDELS} 2006: Model Driven Engineering Languages and
		  Systems},
  copyright	= {\copyright Springer-Verlag},
  copyrighturl	= {http://dx.doi.org/10.1007/11880240_22},
  editor	= {Oscar Nierstrasz and Jon Whittle and David Harel and
		  Gianna Reggio},
  filelabel	= {Extended Version},
  language	= {USenglish},
  note		= {An extended version of this paper is available as ETH
		  Technical Report, no. 524.},
  pages		= {306--320},
  publisher	= {Springer-Verlag},
  series	= {LNCS 4199},
  title		= {A Model Transformation Semantics and Analysis Methodology
		  for {SecureUML}},
  year		= 2006,
  user		= {wolff}
}