The Open UniversitySkip to content
 

Introducing abuse frames to analyse security requirements

Lin, Luncheng; Nuseibeh, Bashar; Ince, Darrel; Jackson, Michael and Moffett, Jonathan (2003). Introducing abuse frames to analyse security requirements. In: Proceedings of the 11th International Conference on Requirements Engineering, 8th-12th Sept 2003, Monterey, USA.

URL: http://csdl2.computer.org/comp/proceedings/re/2003...
Google Scholar: Look up in Google Scholar

Abstract

We are developing an approach using Jackson's
Problem Frames to analyse security problems in order to
determine security vulnerabilities. We introduce the
notion of an anti-requirement as the requirement of a
malicious user that can subvert an existing requirement.
We incorporate anti-requirements into so-called abuse
frames to represent the notion of a security threat
imposed by malicious users in a particular problem
context. We suggest how abuse frames can provide a
means for bounding the scope of security problems in
order to analyse security threats and derive security
requirements.

Item Type: Conference Item
Copyright Holders: 2003 IEEE
Academic Unit/Department: Mathematics, Computing and Technology > Computing & Communications
Interdisciplinary Research Centre: Centre for Research in Computing (CRC)
Item ID: 3658
Depositing User: Michelle Bailey
Date Deposited: 30 Jun 2006
Last Modified: 04 May 2011 12:30
URI: http://oro.open.ac.uk/id/eprint/3658
Share this page:

Actions (login may be required)

View Item
Report issue / request change

Policies | Disclaimer

© The Open University   + 44 (0)870 333 4340   general-enquiries@open.ac.uk