Sciweavers

ACSAC
2001
IEEE

Abuse-Case-Based Assurance Arguments

14 years 4 months ago
Abuse-Case-Based Assurance Arguments
This paper describes an extension to abuse-casebased security requirements analysis that provides a lightweight means of increasing assurance in security relevant software. The approach is adaptable to lightweight software development processes but results in a concrete and explicit assurance argument. Like abuse-case-based security requirements analysis, this approach is suitable for use in projects without security experts. When used in this way (without security experts) it will not produce as much assurance as the more traditional alternatives, but arguably give better results than ad hoc consideration of security issues.
John P. McDermott
Added 23 Aug 2010
Updated 23 Aug 2010
Type Conference
Year 2001
Where ACSAC
Authors John P. McDermott
Comments (0)