This Article 
   
 Share 
   
 Bibliographic References 
   
 Add to: 
 
Digg
Furl
Spurl
Blink
Simpy
Google
Del.icio.us
Y!MyWeb
 
 Search 
   
Defining Misuse within the Development Process
November/December 2006 (vol. 4 no. 6)
pp. 81-84
Gunnar Peterson, Arctec Group
John Steven, Cigital
The software development industry often brings in security at the eleventh hour, right before developers throw the code over the wall--that is, deploy it into production--and ask, "Well, is it secure?" At this point, hilarity--for the objective observers, anyhow--ensues as security personnel work feverishly to shove crypto, firewalls, and all the other mechanisms at their disposal into the most egregious risk areas. This article describes how to create useful misuse cases within the development process, thus avoiding the headaches that can arise toward the end of the cycle.
Index Terms:
misuse cases, use cases, software development life cycle
Citation:
Gunnar Peterson, John Steven, "Defining Misuse within the Development Process," IEEE Security & Privacy, vol. 4, no. 6, pp. 81-84, Nov.-Dec. 2006, doi:10.1109/MSP.2006.149
Usage of this product signifies your acceptance of the Terms of Use.