Eliciting security requirements with misuse cases

Use cases have become increasingly common during requirements engineering, but they offer limited support for eliciting security threats and requirements. At the same time, the importance of security is growing with the rise of phenomena such as e-commerce and nomadic and geographically distributed work. This paper presents a systematic approach to eliciting security requirements based on use cases, with emphasis on description and method guidelines. The approach extends traditional use cases to also cover misuse, and is potentially useful for several other types of extra-functional requirements beyond security.

[1]  Paul Jones,et al.  Secrets and Lies: Digital Security in a Networked World , 2002 .

[2]  Nancy R. Mead,et al.  Survivable Network System Analysis: A Case Study , 1999, IEEE Softw..

[3]  Andreas L. Opdahl,et al.  Generalization/specialization as a structuring mechanism for misuse cases , 2002 .

[4]  Ian F. Alexander,et al.  Misuse Cases: Use Cases with Hostile Intent , 2003, IEEE Softw..

[5]  Pekka Abrahamsson,et al.  New directions on agile methods: a comparative analysis , 2003, 25th International Conference on Software Engineering, 2003. Proceedings..

[6]  A. Opdahl,et al.  A Reuse-Based Approach to Determining Secur ity Requirements , 2003 .

[7]  Larry L. Constantine,et al.  Software for Use - A Practical Guide to the Models and Methods of Usage-Centered Design , 1999 .

[8]  Alan M. Davis,et al.  Elicitation technique selection: how do experts do it? , 2003, Proceedings. 11th IEEE International Requirements Engineering Conference, 2003..

[9]  Annie I. Antón,et al.  Goal-based requirements analysis , 1996, Proceedings of the Second International Conference on Requirements Engineering.

[10]  Simson Garfinkel,et al.  UNIX System Security Tools , 1999 .

[11]  Daryl Kulak,et al.  Use cases: requirements in context , 2000, SOEN.

[12]  Matthias Jarke,et al.  Scenario usage in system development: a report on current practice , 1998, Proceedings of IEEE International Symposium on Requirements Engineering: RE '98.

[13]  John Mylopoulos,et al.  Non-Functional Requirements in Software Engineering , 2000, International Series in Software Engineering.

[14]  Anthony Hall,et al.  Seven myths of formal methods , 1990, IEEE Software.

[15]  Klaus Pohl,et al.  The three dimensions of requirements engineering: a framework and its applications , 1994, Inf. Syst..

[16]  Andreas L. Opdahl,et al.  Eliciting security requirements with misuse cases , 2000, Proceedings 37th International Conference on Technology of Object-Oriented Languages and Systems. TOOLS-Pacific 2000.

[17]  Amanda Andress,et al.  Surviving Security: How to Integrate People, Process, and Technology, Second Edition , 2001 .

[18]  Premkumar T. Devanbu,et al.  Software engineering for security: a roadmap , 2000, ICSE '00.

[19]  Susan Lilly,et al.  Use case pitfalls: top 10 problems from real projects using use cases , 1999, Proceedings of Technology of Object-Oriented Languages and Systems - TOOLS 30 (Cat. No.PR00278).

[20]  Robyn R. Lutz,et al.  Engineering for Safety : A Roadmap , 2001 .

[21]  Ken Frazer,et al.  Building secure software: how to avoid security problems the right way , 2002, SOEN.

[22]  Aldo Dagnino,et al.  Deriving Goals from a Use-Case Based Requirements Specification , 2001, Requirements Engineering.

[23]  Shailey Minocha,et al.  CREWS-SAVRE: systematic scenario generation and use , 1998, Proceedings of IEEE International Symposium on Requirements Engineering: RE '98.

[24]  John Mylopoulos,et al.  From object-oriented to goal-oriented requirements analysis , 1999, CACM.

[25]  Bashar Nuseibeh,et al.  Security requirements engineering: when anti-requirements hit the fan , 2002, Proceedings IEEE Joint International Conference on Requirements Engineering.

[26]  Pericles Loucopoulos,et al.  System Requirements Engineering , 1995, System Requirements Engineering.

[27]  Ian F. Alexander,et al.  Initial industrial experience of misuse cases in trade-off analysis , 2002, Proceedings IEEE Joint International Conference on Requirements Engineering.

[28]  Edward G. Amoroso,et al.  Fundamentals of computer security technology , 1994 .

[29]  Ian F. Alexander,et al.  Modelling the Interplay of Conflicting Goals with Use and Misuse Cases , 2002, GBPM.

[30]  Andreas L. Opdahl,et al.  Templates for Misuse Case Description , 2001 .

[31]  Paul A. Swatman,et al.  Managing the RE Process : Lessons from Commercial Practice , 1999 .

[32]  John P. McDermott,et al.  Abuse-case-based assurance arguments , 2001, Seventeenth Annual Computer Security Applications Conference.

[33]  Ian Sommerville,et al.  Requirements Engineering: Processes and Techniques , 1998 .

[34]  Neil A. M. Maiden,et al.  Guiding use case authoring: results of an empirical study , 1999, Proceedings IEEE International Symposium on Requirements Engineering (Cat. No.PR00188).

[35]  John Mylopoulos,et al.  Security and privacy requirements analysis within a social setting , 2003, Proceedings. 11th IEEE International Requirements Engineering Conference, 2003..

[36]  A. Antón,et al.  Strategies for Developing Policies and Requirements for Secure Electronic Commerce Systems , 2000 .

[37]  Donald Firesmith,et al.  Security Use Cases , 2003, J. Object Technol..

[38]  Matthias Jarke,et al.  Scenarios in System Development: Current Practice , 1998, IEEE Softw..

[39]  Joc Sanders,et al.  Software quality - a framework for success in software development and support , 1994 .

[40]  Ivar Jacobson,et al.  Object-oriented software engineering - a use case driven approach , 1993, TOOLS.

[41]  P. Krutchen,et al.  The Rational Unified Process: An Introduction , 2000 .

[42]  Colin Potts,et al.  ScenIC: a strategy for inquiry-driven requirements determination , 1999, Proceedings IEEE International Symposium on Requirements Engineering (Cat. No.PR00188).

[43]  John P. McDermott,et al.  Using abuse case models for security requirements analysis , 1999, Proceedings 15th Annual Computer Security Applications Conference (ACSAC'99).

[44]  James E. Rumbaugh,et al.  Getting Started: Using Use Cases to Capture Requirements , 1994, J. Object Oriented Program..

[45]  Axel van Lamsweerde,et al.  Handling Obstacles in Goal-Oriented Requirements Engineering , 2000, IEEE Trans. Software Eng..

[46]  Ketil Stølen,et al.  Towards a UML Profile for Model-Based Risk Assessment , 2002 .

[47]  Annie I. Antón,et al.  Strategies for Developing Policies and Requirements for Secure and Private Electronic Commerce , 2001, E-Commerce Security and Privacy.

[48]  Colette Rolland,et al.  Guiding Goal Modeling Using Scenarios , 1998, IEEE Trans. Software Eng..

[49]  Colin Potts,et al.  Using schematic scenarios to understand user needs , 1995, Symposium on Designing Interactive Systems.

[50]  Alistair Cockburn,et al.  Writing Effective Use Cases , 2000 .