Title :
Combining Misuse Cases with Attack Trees and Security Activity Models
Author :
Tndel, I.A. ; Jensen, Jostein ; Rstad, L.
Author_Institution :
Dept. of Software Eng., Safety & Security, SINTEF ICT, Trondheim, Norway
Abstract :
Misuse cases and attack trees have been suggested for security requirements elicitation and threat modeling in software projects. Their use is believed to increase security awareness throughout the software development life cycle. Experiments have identified strengths and weaknesses of both model types. In this paper we present how misuse cases and attack trees can be linked to get a high-level view of the threats towards a system through misuse case diagrams and a more detailed view on each threat through attack trees. Further, we introduce links to security activity descriptions in the form of UML activity graphs. These can be used to describe mitigating security activities for each identified threat. The linking of different models makes most sense when security modeling is supported by tools, and we present the concept of a security repository that is being built to store models and relations such as those presented in this paper.
Keywords :
Unified Modeling Language; diagrams; security of data; software engineering; trees (mathematics); UML activity graphs; attack trees model; case diagrams; misuse cases; security activity descriptions; security activity model; security repository; security requirements elicitation; software development lifecycle; software projects; threat modeling; Best practices; Computer security; Data security; Information security; National security; Programming; Software safety; Statistics; Tree graphs; Unified modeling language; attack tree; misuse case; requirements; security; threat models;
Conference_Titel :
Availability, Reliability, and Security, 2010. ARES '10 International Conference on
Conference_Location :
Krakow
Print_ISBN :
978-1-4244-5879-0
DOI :
10.1109/ARES.2010.101
