H. Gomaa, M. Shin, "Modeling Complex Systems by Separating Application and Security Concerns", in 9th IEEE International Conference on Engineering Complex Computer Systems (ICECCS 2004), pp. 19-28, 2004.

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/ICECCS.2004.1310900

Abstract 
This paper describes how to model complex applications by modeling application
requirements and designs separately from security requirements and designs using
the UML notation. By careful separation of concerns, the security requirements
are captured in security use cases and encapsulated in security objects
separately from the application requirements and objects. The approach reduces
system complexity caused by mixing security requirements with business
application requirements with the goal of making complex systems more
maintainable. Furthermore, the security use cases and objects can be reused by
other software applications.