Abstract
Context-aware systems are steadily becoming a reality thanks to the advances in wireless communication and sensing technologies that have led to the development of powerful mobile computing devices such as smartphones and tablet computers. These devices are capable of sensing the user's context information and sharing them via wireless links and the Internet, without the user knowledge most of the time, in order to provide the user with personalized information and services anytime anywhere. Guaranteeing the security of the user's context information is paramount for the acceptance and wide adoption of such systems. This paper proposes an extension of the UML class diagram with explicit notations to express the security requirements of context-aware systems. This approach enables the integration of the security requirements together with the functional and context-awareness requirements of the system, at an early stage of the system development lifecycle. The pragmatics of the proposed approach is demonstrated through real-world examples.