Attack net penetration testing
Proceedings of the 2000 workshop on New security paradigms
Security Analysis of Electronic Business Processes
Electronic Commerce Research
Bringing security home: a process for developing secure and usable systems
Proceedings of the 2003 workshop on New security paradigms
EUROMICRO '05 Proceedings of the 31st EUROMICRO Conference on Software Engineering and Advanced Applications
Extending XP practices to support security requirements engineering
Proceedings of the 2006 international workshop on Software engineering for secure systems
A framework for security requirements engineering
Proceedings of the 2006 international workshop on Software engineering for secure systems
Using model-based security analysis in component-oriented system development
Proceedings of the 2nd ACM workshop on Quality of protection
Computer Standards & Interfaces
Science of Computer Programming
Research Directions in Requirements Engineering
FOSE '07 2007 Future of Software Engineering
Computer-aided Support for Secure Tropos
Automated Software Engineering
Aspect-oriented specification of threat-driven security requirements
International Journal of Computer Applications in Technology
Integrating security and usability into the requirements and design process
International Journal of Electronic Security and Digital Forensics
Secure information systems engineering: a manifesto
International Journal of Electronic Security and Digital Forensics
Executable misuse cases for modeling security concerns
Proceedings of the 30th international conference on Software engineering
Computer Standards & Interfaces
Do secure information system design methods provide adequate modeling support?
Information and Software Technology
Multiobjective decision support for defining secure business processes: a case study
International Journal of Business Intelligence and Data Mining
CAiSE '08 Proceedings of the 20th international conference on Advanced Information Systems Engineering
Safety Hazard Identification by Misuse Cases: Experimental Comparison of Text and Diagrams
MoDELS '08 Proceedings of the 11th international conference on Model Driven Engineering Languages and Systems
International Journal of Human-Computer Studies
Experimental comparison of attack trees and misuse cases for security threat identification
Information and Software Technology
Identifying vulnerabilities and critical requirements using criminal court proceedings
Proceedings of the 2009 ACM symposium on Applied Computing
Security Requirements Elicitation Using Method Weaving and Common Criteria
Models in Software Engineering
Modeling and analysis of security trade-offs - A goal oriented approach
Data & Knowledge Engineering
Proceedings of the 4th International Conference on Design Science Research in Information Systems and Technology
Proceedings of the 5th Annual Workshop on Cyber Security and Information Intelligence Research: Cyber Security and Information Intelligence Challenges and Strategies
CAiSE '09 Proceedings of the 21st International Conference on Advanced Information Systems Engineering
On lightweight mobile phone application certification
Proceedings of the 16th ACM conference on Computer and communications security
Integrating security and systems engineering: towards the modelling of secure information systems
CAiSE'03 Proceedings of the 15th international conference on Advanced information systems engineering
A systematic review of security requirements engineering
Computer Standards & Interfaces
Exploring the characteristics of NFR methods: a dialogue about two approaches
REFSQ'07 Proceedings of the 13th international working conference on Requirements engineering: foundation for software quality
A goal oriented approach for modeling and analyzing security trade-offs
ER'07 Proceedings of the 26th international conference on Conceptual modeling
ICACT'10 Proceedings of the 12th international conference on Advanced communication technology
Introducing mitigation use cases to enhance the scope of test cases
IWSEC'10 Proceedings of the 5th international conference on Advances in information and computer security
Experimental threat model reuse with misuse case diagrams
ICICS'10 Proceedings of the 12th international conference on Information and communications security
Using special use cases for security in the software development life cycle
WISA'10 Proceedings of the 11th international conference on Information security applications
Basis for an integrated security ontology according to a systematic review of existing proposals
Computer Standards & Interfaces
Building security requirements using state transition diagram at security threat location
CIS'05 Proceedings of the 2005 international conference on Computational Intelligence and Security - Volume Part II
Deriving implementation-level policies for usage control enforcement
Proceedings of the second ACM conference on Data and Application Security and Privacy
Designing security requirements models through planning
CAiSE'06 Proceedings of the 18th international conference on Advanced Information Systems Engineering
Towards a comprehensive framework for secure systems development
CAiSE'06 Proceedings of the 18th international conference on Advanced Information Systems Engineering
Security and trust requirements engineering
Foundations of Security Analysis and Design III
Modeling social and individual trust in requirements engineering methodologies
iTrust'05 Proceedings of the Third international conference on Trust Management
Applying a security requirements engineering process
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
ICCSA'06 Proceedings of the 2006 international conference on Computational Science and Its Applications - Volume Part III
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
An advanced approach for modeling and detecting software vulnerabilities
Information and Software Technology
Threat scenario-based security risk analysis using use case modeling in information systems
Security and Communication Networks
Point-and-shoot security design: can we build better tools for developers?
Proceedings of the 2012 workshop on New security paradigms
Towards a design theory for educational on-line information security laboratories
ICWL'12 Proceedings of the 11th international conference on Advances in Web-Based Learning
A Unified Use-Misuse Case Model for Capturing and Analysing Safety and Security Requirements
International Journal of Information Security and Privacy
Secure by Design: Developing Secure Software Systems from the Ground Up
International Journal of Secure Software Engineering
Comparing Misuse Case and Mal-Activity Diagrams for Modelling Social Engineering Attacks
International Journal of Secure Software Engineering
The Effect of Firewall Testing Types on Cloud Security Policies
International Journal of Strategic Information Technology and Applications
Countermeasure graphs for software security risk assessment: An action research
Journal of Systems and Software
Comparing attack trees and misuse cases in an industrial setting
Information and Software Technology
| Hi-index | 0.00 |
The relationships between the work products of a security engineering process can be hard to understand, even for persons with a strong technical background but little knowledge of security engineering. Market forces are driving software practitioners who are not security specialists to develop software that requires security features. When these practitioners develop software solutions without appropriate security-specific processes and models, they sometimes fail to produce effective solutions.We have adapted a proven object-oriented modeling technique, use cases, to capture and analyze security requirements in a simple way. We call the adaptation an abuse case model. Its relationship to other security engineering work products is relatively simple, from a user perspective.