Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
IEEESP
2006
2006
Defining Misuse within the Development Process
abstraction a use case model offers makes it an appropriate startingpointforsoftwaresecurityanalysis and design activities. In contrast, a misuse case describes potential system behaviors that a system's stakeholders deem unacceptable. In a misuse case, at least one threat (or, in more common parlance, attacker) serves as an actor. Thus, a misuse case conveys each threat actor's goals in misusing the system. It's important that these misuseseitherrepresenthigh-probability attacks or high-impact events that negatively affect the system's legitimate stakeholders. Misuse cases should be at a level of detail that drives design activities. By considering conceptual attacks, such as types of theft,privacyviolation,anddenialof service, the misuse case prevents modeling analysts from becoming stymied or inappropriately mired in unimportant (at the time) technical details. Like use case models, misuse cases are iteratively refined throughout the software development life cyc...
Real-time TrafficRelated Content
| Added | 12 Dec 2010 |
| Updated | 12 Dec 2010 |
| Type | Journal |
| Year | 2006 |
| Where | IEEESP |
| Authors | Gunnar Peterson, John Steven |
Comments (0)
Researcher Info
|
