Writing Effective Security Abuse Cases

Thitima Srivratanakul, John Andrew Clark, Fiona Polack

Research output: Book/ReportOther report

Abstract

We grow increasingly dependent on the appropriate operation of computer-based systems. One aspect of such systems is security. As systems become more complex current means of analysis will probably prove ineffective. In the safety domain a variety of analysis techniques has emerged over many years. These have proved surprisingly effective. Since the safety and security domains share many similarities, various authors have suggested that safety techniques might usefully find application in security. This report takes one such technique, HAZOPs, and applies it to one widely used informal design component – UML’s use cases.
Original languageEnglish
PublisherDepartment of Computer Science, University of York
Number of pages52
Publication statusPublished - 2004

Publication series

NameYork Computer Science Technical Report
PublisherDepartment of Computer Science, University of York
No.YCS-2004-375
VolumeYCS

Keywords

  • UML Use Cases
  • HAZOPS
  • Threat Model

Cite this