مرکز منطقه ای اطلاع رساني علوم و فناوري

DocumentCode :

2360046

Title :

Abuse-case-based assurance arguments

Author :

McDermott, John

Author_Institution :

US Naval Res. Lab., Washington, DC, USA

fYear :

2001

fDate :

10-14 Dec. 2001

Firstpage :

366

Lastpage :

374

Abstract :

This paper describes an extension to abuse-case-based security requirements analysis that provides a lightweight means of increasing assurance in security relevant software. The approach is adaptable to lightweight software development processes but results in a concrete and explicit assurance argument. Like abuse-case-based security requirements analysis, this approach is suitable for use in projects without security experts. When used in this way (without security experts) it will not produce as much assurance as the more traditional alternatives, but arguably give better results than ad hoc consideration of security issues.

Keywords :

security of data; software process improvement; systems analysis; abuse case; assurance; lightweight software development; security relevant software; security requirements analysis; Concrete; Laboratories; Open source software; Productivity; Programming; Security; Software engineering; System testing;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Computer Security Applications Conference, 2001. ACSAC 2001. Proceedings 17th Annual

Print_ISBN :

0-7695-1405-7

Type :

conf

DOI :

10.1109/ACSAC.2001.991553

Filename :

991553

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2360046