Eliciting Security Requirements by Misuse Cases

	This Article
	Subscribers, please Login Purchase article: $19 PDF IEEE Xplore Subscribers RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by G. Sindre Articles by A. L. Opdahl

37th International Conference on Technology of Object-Oriented Languages and Systems (TOOLS-37'00)

Sydney, Australia

November 20-November 23

ISBN: 0-7695-0918-5

	ASCII Text	x
	G. Sindre, A. L. Opdahl, "Eliciting Security Requirements by Misuse Cases," Technology of Object-Oriented Languages, International Conference on, pp. 120, 37th International Conference on Technology of Object-Oriented Languages and Systems (TOOLS-37'00), 2000.

	BibTex	x
	@article{ 10.1109/TOOLS.2000.891363, author = {G. Sindre and A. L. Opdahl}, title = {Eliciting Security Requirements by Misuse Cases}, journal ={Technology of Object-Oriented Languages, International Conference on}, volume = {0}, year = {2000}, issn = {1530-2067}, pages = {120}, doi = {http://doi.ieeecomputersociety.org/10.1109/TOOLS.2000.891363}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Technology of Object-Oriented Languages, International Conference on TI - Eliciting Security Requirements by Misuse Cases SN - 1530-2067 SP EP A1 - G. Sindre, A1 - A. L. Opdahl, PY - 2000 KW - formal specification; systems analysis; object-oriented programming; security of data; diagrams; security requirements elicitation; misuse cases; use case diagrams; requirements engineering; functional requirement; security requirements; e-commerce; m-commerce; short lead time; use case application VL - 0 JA - Technology of Object-Oriented Languages, International Conference on ER -

G. Sindre, Norwegian University of Science & Technology

A. L. Opdahl, Norwegian University of Science & Technology

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TOOLS.2000.891363

Use case diagrams (L. Jacobson et al., 1992) have proven quite helpful in requirements engineering, both for eliciting requirements and getting a better overview of requirements already stated. However, not all kinds of requirements are equally well supported by use case diagrams. They are good for functional requirements, but poorer at e.g., security requirements, which often concentrate on what should not happen in the system. With the advent of e- and m-commerce applications, security requirements are growing in importance, also for quite simple applications where a short lead time is important. Thus, it would be interesting to look into the possibility for applying use cases on this arena. The paper suggests how this can be done, extending the diagrams with misuse cases. This new construct makes it possible to represent actions that the system should prevent, together with those actions which it should support.

Index Terms:

formal specification; systems analysis; object-oriented programming; security of data; diagrams; security requirements elicitation; misuse cases; use case diagrams; requirements engineering; functional requirement; security requirements; e-commerce; m-commerce; short lead time; use case application

Citation:

G. Sindre, A. L. Opdahl, "Eliciting Security Requirements by Misuse Cases," tools, pp.120, 37th International Conference on Technology of Object-Oriented Languages and Systems (TOOLS-37'00), 2000

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.