Essential modeling: use cases for user interfaces
interactions
Addendum to the 1997 ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications (Addendum)
Use case and business rules: styles of documenting business rules in use cases
Addendum to the 1997 ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications (Addendum)
Cascaded refactoring for framework
SSR '01 Proceedings of the 2001 symposium on Software reusability: putting software reuse in context
Writing Effective Use Cases
The Rational Unified Process: An Introduction, Second Edition
The Rational Unified Process: An Introduction, Second Edition
Towards an inspection technique for use case models
SEKE '02 Proceedings of the 14th international conference on Software engineering and knowledge engineering
Quality and Understandability of Use Case Models
ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
Guiding Use Case Authoring: Results of an Empirical Study
RE '99 Proceedings of the 4th IEEE International Symposium on Requirements Engineering
Initial Industrial Experience of Misuse Cases in Trade-Off Analysis
RE '02 Proceedings of the 10th Anniversary IEEE Joint International Conference on Requirements Engineering
TOOLS '99 Proceedings of the Technology of Object-Oriented Languages and Systems
Use Cases: Requirements in Context
Use Cases: Requirements in Context
The rational unified process made easy: a practitioner's guide to the RUP
The rational unified process made easy: a practitioner's guide to the RUP
Requirements use case tool (RUT)
OOPSLA '03 Companion of the 18th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Eliciting security requirements with misuse cases
Requirements Engineering
Misuse Cases: Use Cases with Hostile Intent
IEEE Software
Empirical Software Engineering
Comparing risk identification techniques for safety and security requirements
Journal of Systems and Software
Using SMCD to reduce inconsistencies in misuse case models: A subject-based empirical evaluation
Journal of Systems and Software
| Hi-index | 0.00 |
Secure software development should begin at the early stages of the development life cycle. Misuse case modeling is a technique that stems from traditional use case modeling, which facilitates the elicitation and modeling functional security requirements at the requirements phase. Misuse case modeling is an effective vehicle to potentially identify a large subset of these threats. It is therefore crucial to develop high quality misuse case models otherwise end system developed will be vulnerable to security threats. Templates to describe misuse cases are populated with syntax-free natural language content. The inherent ambiguity of syntax-free natural language coupled with the crucial role of misuse case models in development can have a very detrimental effect. This paper proposes a structure that will guide misuse case authors towards developing consistent misuse case models. This paper also presents a process that utilizes this structure to ensure the consistency of misuse case models as they evolve, eliminating potential damages caused by inconsistencies. A tool was developed to provide automation support for the proposed structure and process. The feasibility and application of this approach were demonstrated using two real-world case studies.