Title :
Security metrics to improve misuse case model
Author :
Abdulrazeg, Ala A. ; Norwawi, Norita Md ; Basir, Nurlida
Author_Institution :
Fac. of Sci. & Technol., Univ. Sains Islam Malaysia, Nilai, Malaysia
Abstract :
Assessing security at an early stage of the web application development life cycle helps to design a secure system that can withstand malicious attacks. Measuring security at the requirement stage of the system development life cycle assists in mitigating vulnerabilities and increasing the security of the developed system, which reduces cost and rework. In this paper, we present a security metrics model based on the Goal Question Metric approach, focusing on the design of the misuse case model. The security metrics model assists in examining the misuse case model to discover and fix defects and vulnerabilities before moving to the next stages of system development. The presented security metrics are based on the OWASP top 10-2010, in addition to misuse case modelling antipattern.
Keywords :
Internet; security of data; OWASP top 10-2010; Web application development life cycle; goal question metric approach; malicious attacks; misuse case model design; misuse case model improvement; misuse case modelling antipattern; security metrics model; Authentication; Electromagnetic compatibility; Object oriented modeling; Software; Software measurement; Measurement; Misuse case; Security Metrics; Security Requirements; Web Application Security Risks;
Conference_Titel :
Cyber Security, Cyber Warfare and Digital Forensic (CyberSec), 2012 International Conference on
Conference_Location :
Kuala Lumpur
Print_ISBN :
978-1-4673-1425-1
DOI :
10.1109/CyberSec.2012.6246129