Sciweavers

ACSAC
1999
IEEE

Using Abuse Case Models for Security Requirements Analysis

14 years 4 months ago
Using Abuse Case Models for Security Requirements Analysis
The relationships between the work products of a security engineering process can be hard to understand, even for persons with a strong technical background but little knowledge of security engineering. Market forces are driving software practitioners who are not security specialists to develop software that requires security features. When these practitioners develop software solutions without appropriate security-specific processes and models, they sometimes fail to produce effective solutions. We have adapted a proven object-oriented modeling technique, use cases, to capture and analyze security requirements in a simple way. We call the adaptation an abuse case model. Its relationship to other security engineering work products is relatively simple, from a user perspective.
John P. McDermott, Chris Fox
Added 02 Aug 2010
Updated 02 Aug 2010
Type Conference
Year 1999
Where ACSAC
Authors John P. McDermott, Chris Fox
Comments (0)