• DocumentCode
    2360046
  • Title

    Abuse-case-based assurance arguments

  • Author

    McDermott, John

  • Author_Institution
    US Naval Res. Lab., Washington, DC, USA
  • fYear
    2001
  • fDate
    10-14 Dec. 2001
  • Firstpage
    366
  • Lastpage
    374
  • Abstract
    This paper describes an extension to abuse-case-based security requirements analysis that provides a lightweight means of increasing assurance in security relevant software. The approach is adaptable to lightweight software development processes but results in a concrete and explicit assurance argument. Like abuse-case-based security requirements analysis, this approach is suitable for use in projects without security experts. When used in this way (without security experts) it will not produce as much assurance as the more traditional alternatives, but arguably give better results than ad hoc consideration of security issues.
  • Keywords
    security of data; software process improvement; systems analysis; abuse case; assurance; lightweight software development; security relevant software; security requirements analysis; Concrete; Laboratories; Open source software; Productivity; Programming; Security; Software engineering; System testing;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Computer Security Applications Conference, 2001. ACSAC 2001. Proceedings 17th Annual
  • Print_ISBN
    0-7695-1405-7
  • Type

    conf

  • DOI
    10.1109/ACSAC.2001.991553
  • Filename
    991553
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2360046