Nov. 20, 2000 to Nov. 23, 2000
G. Sindre , Norwegian University of Science & Technology
A. L. Opdahl , Norwegian University of Science & Technology
Use case diagrams (L. Jacobson et al., 1992) have proven quite helpful in requirements engineering, both for eliciting requirements and getting a better overview of requirements already stated. However, not all kinds of requirements are equally well supported by use case diagrams. They are good for functional requirements, but poorer at e.g., security requirements, which often concentrate on what should not happen in the system. With the advent of e- and m-commerce applications, security requirements are growing in importance, also for quite simple applications where a short lead time is important. Thus, it would be interesting to look into the possibility for applying use cases on this arena. The paper suggests how this can be done, extending the diagrams with misuse cases. This new construct makes it possible to represent actions that the system should prevent, together with those actions which it should support.
formal specification; systems analysis; object-oriented programming; security of data; diagrams; security requirements elicitation; misuse cases; use case diagrams; requirements engineering; functional requirement; security requirements; e-commerce; m-commerce; short lead time; use case application
G. Sindre, A. L. Opdahl, "Eliciting Security Requirements by Misuse Cases", TOOLS, 2000, Technology of Object-Oriented Languages, International Conference on, Technology of Object-Oriented Languages, International Conference on 2000, pp. 120, doi:10.1109/TOOLS.2000.891363