Reference Hub1
A Unified Use-Misuse Case Model for Capturing and Analysing Safety and Security Requirements

A Unified Use-Misuse Case Model for Capturing and Analysing Safety and Security Requirements

O. T. Arogundade, A. T. Akinwale, Z. Jin, X. G. Yang
Copyright: © 2011 |Volume: 5 |Issue: 4 |Pages: 23
ISSN: 1930-1650|EISSN: 1930-1669|EISBN13: 9781613507582|DOI: 10.4018/jisp.2011100102
Cite Article Cite Article

MLA

Arogundade, O. T., et al. "A Unified Use-Misuse Case Model for Capturing and Analysing Safety and Security Requirements." IJISP vol.5, no.4 2011: pp.8-30. http://doi.org/10.4018/jisp.2011100102

APA

Arogundade, O. T., Akinwale, A. T., Jin, Z., & Yang, X. G. (2011). A Unified Use-Misuse Case Model for Capturing and Analysing Safety and Security Requirements. International Journal of Information Security and Privacy (IJISP), 5(4), 8-30. http://doi.org/10.4018/jisp.2011100102

Chicago

Arogundade, O. T., et al. "A Unified Use-Misuse Case Model for Capturing and Analysing Safety and Security Requirements," International Journal of Information Security and Privacy (IJISP) 5, no.4: 8-30. http://doi.org/10.4018/jisp.2011100102

Export Reference

Mendeley
Favorite Full-Issue Download

Abstract

This paper proposes an enhanced use-misuse case model that allows both safety and security requirements to be captured during requirements elicitation. The proposed model extends the concept of misuse case by incorporating vulnerable use case and abuse case notations and relations that allows understanding and modeling different attackers and abusers behaviors during early stage of system development life cycle and finishes with a practical consistent combined model for engineering safety and security requirements.The model was successfully applied using health care information system gathered through the university of Kansas HISPC project. The authors were able to capture both security and safety requirements necessary for effective functioning of the system. In order to enhance the integration of the proposed model into risk analysis, the authors give both textual and detailed description of the model. The authors compare the proposed approach with other existing methods that identify and analyze safety and security requirements and discovered that it captures more security and safety threats.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.