Using Abuse Case Models for Security Requirements Analysis

A
ACSAC
1999
15th Annual Computer Security Applications Conference (ACSAC '99)
Abstract - Using Abuse Case Models for Security Requirements Analysis

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by John McDermott Articles by Chris Fox

15th Annual Computer Security Applications Conference (ACSAC '99)

Phoenix, Arizona

December 06-December 10

ISBN: 0-7695-0346-2

	ASCII Text	x
	John McDermott, Chris Fox, "Using Abuse Case Models for Security Requirements Analysis," Computer Security Applications Conference, Annual, pp. 55, 15th Annual Computer Security Applications Conference (ACSAC '99), 1999.

	BibTex	x
	@article{ 10.1109/CSAC.1999.816013, author = {John McDermott and Chris Fox}, title = {Using Abuse Case Models for Security Requirements Analysis}, journal ={Computer Security Applications Conference, Annual}, volume = {0}, year = {1999}, issn = {1063-9527}, pages = {55}, doi = {http://doi.ieeecomputersociety.org/10.1109/CSAC.1999.816013}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Security Applications Conference, Annual TI - Using Abuse Case Models for Security Requirements Analysis SN - 1063-9527 SP EP A1 - John McDermott, A1 - Chris Fox, PY - 1999 KW - security KW - requirements KW - use case KW - UML VL - 0 JA - Computer Security Applications Conference, Annual ER -

John McDermott, James Madison University

Chris Fox, James Madison University

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CSAC.1999.816013

The relationships between the work products of a security engineering process can be hard to understand, even for persons with a strong technical background but little knowledge of security engineering. Market forces are driving software practitioners who are not security specialists to develop software that requires security features. When these practitioners develop software solutions without appropriate security-specific processes and models, they sometimes fail to produce effective solutions.We have adapted a proven object-oriented modeling technique, use cases, to capture and analyze security requirements in a simple way. We call the adaptation an abuse case model. Its relationship to other security engineering work products is relatively simple, from a user perspective.

Index Terms:

security, requirements, use case, UML

Citation:

John McDermott, Chris Fox, "Using Abuse Case Models for Security Requirements Analysis," acsac, pp.55, 15th Annual Computer Security Applications Conference (ACSAC '99), 1999

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.