The Open UniversitySkip to content
 

Using abuse frames to bound the scope of security problems

Lin, Luncheng; Nuseibeh, Bashar; Ince, Darrel and Jackson, Michael (2004). Using abuse frames to bound the scope of security problems. In: Not Set ed. 12th IEEE International Requirements Engineering Conference (RE'04). IEEE Computer Society, pp. 354–355.

Full text available as:
[img]
Preview
PDF (Not Set) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
Download (82Kb)
URL: http://csdl2.computer.org/persagen/DLAbsToc.jsp?re...
DOI (Digital Object Identifier) Link: http://dx.doi.org/10.1109/ICRE.2004.1335698
Google Scholar: Look up in Google Scholar

Abstract

Security problems arise from the concern for
protecting assets from security threats. In a systems
development process, the security protection of a system
is specified by security requirements, identified from the
analysis of the threats to the system. However, as it is
often not possible to obtain a full system description until
late in the RE process, a security problem often has to be
described in the context of a bounded scope, that is, one
containing only the domains relevant to some part of the
functionality of the full system. By binding the scope of a
security problem, it can be described more explicitly and
precisely, thereby facilitating the identification and
analysis of threats, which in turn drive the elicitation and
elaboration of security requirements. In this poster, we
elaborate on an approach we developed based on abuse
frames and suggest how it can provide a means for
structuring and bounding the scope security problems.

Item Type: Book Chapter
Copyright Holders: 2004 IEEE
Academic Unit/Department: Mathematics, Computing and Technology > Computing & Communications
Interdisciplinary Research Centre: Centre for Research in Computing (CRC)
Item ID: 3662
Depositing User: Michelle Bailey
Date Deposited: 29 Jun 2006
Last Modified: 05 May 2011 10:17
URI: http://oro.open.ac.uk/id/eprint/3662
Share this page:

Actions (login may be required)

View Item
Report issue / request change

Policies | Disclaimer

© The Open University   + 44 (0)870 333 4340   general-enquiries@open.ac.uk