The Open UniversitySkip to content

Using abuse frames to bound the scope of security problems

Lin, Luncheng; Nuseibeh, Bashar; Ince, Darrel and Jackson, Michael (2004). Using abuse frames to bound the scope of security problems. In: ed. 12th IEEE International Requirements Engineering Conference (RE'04). IEEE Computer Society, pp. 354–355.

Full text available as:
PDF (Not Set) - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
Download (84kB)
DOI (Digital Object Identifier) Link:
Google Scholar: Look up in Google Scholar


Security problems arise from the concern for
protecting assets from security threats. In a systems
development process, the security protection of a system
is specified by security requirements, identified from the
analysis of the threats to the system. However, as it is
often not possible to obtain a full system description until
late in the RE process, a security problem often has to be
described in the context of a bounded scope, that is, one
containing only the domains relevant to some part of the
functionality of the full system. By binding the scope of a
security problem, it can be described more explicitly and
precisely, thereby facilitating the identification and
analysis of threats, which in turn drive the elicitation and
elaboration of security requirements. In this poster, we
elaborate on an approach we developed based on abuse
frames and suggest how it can provide a means for
structuring and bounding the scope security problems.

Item Type: Book Section
Copyright Holders: 2004 IEEE
Academic Unit/School: Faculty of Science, Technology, Engineering and Mathematics (STEM) > Computing and Communications
Faculty of Science, Technology, Engineering and Mathematics (STEM)
Research Group: Centre for Research in Computing (CRC)
Item ID: 3662
Depositing User: Michelle Bailey
Date Deposited: 29 Jun 2006
Last Modified: 07 Dec 2018 12:18
Share this page:


Altmetrics from Altmetric

Citations from Dimensions

Download history for this item

These details should be considered as only a guide to the number of downloads performed manually. Algorithmic methods have been applied in an attempt to remove automated downloads from the displayed statistics but no guarantee can be made as to the accuracy of the figures.

Actions (login may be required)

Policies | Disclaimer

© The Open University   contact the OU