• DocumentCode
    842799
  • Title

    Defining Misuse within the Development Process

  • Author

    Petersen, G. ; Steven, John

  • Author_Institution
    Arctec Group
  • Volume
    4
  • Issue
    6
  • fYear
    2006
  • Firstpage
    81
  • Lastpage
    84
  • Abstract
    The software development industry often brings in security at the eleventh hour, right before developers throw the code over the wall--that is, deploy it into production--and ask, "Well, is it secure?" At this point, hilarity--for the objective observers, anyhow--ensues as security personnel work feverishly to shove crypto, firewalls, and all the other mechanisms at their disposal into the most egregious risk areas. This article describes how to create useful misuse cases within the development process, thus avoiding the headaches that can arise toward the end of the cycle.
  • Keywords
    Authentication; Authorization; Computer aided software engineering; Computer architecture; Computer security; Data security; Databases; Feedback; Internet; Privacy; misuse cases; software development life cycle; use cases;
  • fLanguage
    English
  • Journal_Title
    Security & Privacy, IEEE
  • Publisher
    ieee
  • ISSN
    1540-7993
  • Type

    jour

  • DOI
    A98FC045-3592-4BC4-8594-082A27164F7C
  • Filename
    4020242
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=842799