Copy the page URI to the clipboard
Lin, Lun-Cheng; Nuseibeh, Bashar; Ince, Darrel; Jackson, Michael and Moffett, Jonathan (2003). Analysing Security Threats and Vulnerabilities Using Abuse Frames. Technical Report 2003/10; Department of Computing, The Open University.
DOI: https://doi.org/10.21954/ou.ro.00016008
Abstract
In this paper, we present an approach using problem frames to analyse security problems in order to determine security threats and vulnerabilities. We use problem frames to capture and bound the base system that is to be protected. We consider threats to this base problem frame from the point of view of the attacker. For each class of threats, their successful realisation is regarded as the anti-requirement in an abuse frame. Anti-requirements are quantified existentially: that is, the attacker succeeds by realising the threat in any one instance. For a threat to be realised, its abuse frame must be composed with the base problem frame in the sense that the asset attacked in the abuse frame must overlap, or be identified with, a domain of the base problem frame. We explain the process of composition and some of its variations. We illustrate and assess our approach using a case study of a medical information system, and suggest how abuse frames can provide a means for bounding the scope of and reasoning about security problems in order to analyse security threats and identify vulnerabilities. We conclude with an agenda for future work.