Misuse Case-Based Design and Analysis of Secure Software Architecture

Authors:
Joshua J. Pauli;Dianxiang Xu
Affiliations:
Dakota State University, Madison, SD;North Dakota State University, Fargo, ND
Venue:
ITCC '05 Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume II - Volume 02
Year:
2005

Citing 0
Cited 3

Tracking requirements and threats for secure software development

Proceedings of the 46th Annual Southeast Regional Conference on XX
Moving from Requirements to Design Confronting Security Issues: A Case Study

OTM '09 Proceedings of the Confederated International Conferences, CoopIS, DOA, IS, and ODBASE 2009 on On the Move to Meaningful Internet Systems: Part II
Using SMCD to reduce inconsistencies in misuse case models: A subject-based empirical evaluation

Journal of Systems and Software

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents an approach to the architectural design and analysis of secure software systems based on the system requirements elicited in the form of use cases and misuse cases. We identify architectural components and their connections and analyze whether or not a candidate architecture can address security concerns. This provides a smooth transition from requirements specification to high-level design for engineering secure software systems, and greatly improves the traceability of security concerns, which allows a system developer to know what requirement an architectural component references back to. We demonstrate our approach through a case study on a security-intensive hospital information system.