Eliciting security requirements with misuse cases

View Related Documents

Book Chapter
Mal-Activity Diagrams for Capturing Attacks on Business Processes
Guttorm Sindre
Lecture Notes in Computer Science, 2007, Volume 4542, Requirements Engineering: Foundation for Software Quality, Pages 355-366
- Download PDF (353.1 KB)
Book Chapter
Security Requirements Elicitation Using Method Weaving and Common Criteria
Motoshi Saeki and Haruhiko Kaiya
Lecture Notes in Computer Science, 2009, Volume 5421, Models in Software Engineering, Pages 185-196
- Download PDF (345.1 KB)
Journal Article
A comparison of security requirements engineering methods
Benjamin Fabian, Seda Gürses, Maritta Heisel, Thomas Santen and Holger Schmidt
Requirements Engineering, 2010, Volume 15, Number 1, Pages 7-40
- Download PDF (1.1 MB)
- View HTML
Journal Article
MOQARE: misuse-oriented quality requirements engineering
Andrea Herrmann and Barbara Paech
Requirements Engineering, 2008, Volume 13, Number 1, Pages 73-86
- Download PDF (369.6 KB)
- View HTML
Book Chapter
A Comparison of Two Approaches to Safety Analysis Based on Use Cases
Tor Stålhane and Guttorm Sindre
Lecture Notes in Computer Science, 2007, Volume 4801, Conceptual Modeling - ER 2007, Pages 423-437
- Download PDF (336.6 KB)
Book Chapter
Building Security Requirements Using State Transition Diagram at Security Threat Location
Seong Chae Seo, Jin Ho You, Young Dae Kim, Jun Yong Choi and Sang Jun Lee, et al.
Lecture Notes in Computer Science, 2005, Volume 3802, Computational Intelligence and Security, Pages 451-456
- Download PDF (341.9 KB)
Book Chapter
Introducing Regulatory Compliance Requirements Engineering
Shahbaz Ali and Jon Hall
2006, ISSE 2006 — Securing Electronic Busines Processes, Part 4, Pages 439-447
- Download PDF (555.8 KB)
Book Chapter
Security Requirements Management in Software Product Line Engineering
Daniel Mellado, Eduardo Fernández-Medina and Mario Piattini
Communications in Computer and Information Science, 1, Volume 48, e-Business and Telecommunications, Part 3, Pages 250-263
- Download PDF (422.2 KB)
Book Chapter
Towards CIM to PIM Transformation: From Secure Business Processes Defined in BPMN to Use-Cases
Alfonso Rodríguez, Eduardo Fernández-Medina and Mario Piattini
Lecture Notes in Computer Science, 2007, Volume 4714, Business Process Management, Pages 408-415
- Download PDF (361.5 KB)
Book Chapter
Defining Security Requirements Through Misuse Actions
Eduardo B. Fernandez, Michael VanHilst, Maria M. Larrondo Petrie and Shihong Huang
IFIP International Federation for Information Processing, 2006, Volume 219, Advanced Software Engineering: Expanding the Frontiers of Software Technology, Pages 123-137
- Download PDF (705.5 KB)

Abstract

Use cases have become increasingly common during requirements engineering, but they offer limited support for eliciting security threats and requirements. At the same time, the importance of security is growing with the rise of phenomena such as e-commerce and nomadic and geographically distributed work. This paper presents a systematic approach to eliciting security requirements based on use cases, with emphasis on description and method guidelines. The approach extends traditional use cases to also cover misuse, and is potentially useful for several other types of extra-functional requirements beyond security.

Keywords Security requirements - Use cases - Scenarios - Extra-functional requirements - Requirements elicitation - Requirements determination - Requirements specification - Requirements analysis

Fulltext Preview

Image of the first page of the fulltext document

Frequently asked questions General info on journals and books Send us your feedback Impressum Contact us

SpringerLink

Eliciting security requirements with misuse cases

View Related Documents

Abstract

Fulltext Preview