User menu

Using Special Use Cases for Security in the SoftwareDevelopment Life Cycle

Bibliographic reference Kabasele Tenday, Jean-Marie. Using Special Use Cases for Security in the SoftwareDevelopment Life Cycle.Workshop on Information Security Application - WISA 2010 (South Corea). In: Information Security Applications, Springer-Verlag Berlin Heidelberg2010, p.pp. 122–134
Permanent URL http://hdl.handle.net/2078.1/141115
  1. Al-Azzani, S.: Security Testing - RSMG 2 (2009), http://www.cs.bham.ac.uk
  2. Bettini Claudio, Jajodia Sushil, Sean Wang X., Wijesekera Duminda, Provisions and Obligations in Policy Management and Security Applications, VLDB '02: Proceedings of the 28th International Conference on Very Large Databases (2002) ISBN:9781558608696 p.502-513, 10.1016/b978-155860869-6/50051-2
  3. Devambu, P.T., Stubbelbine, S.: Software engineering for security: a roadmap. In: Future of Software Engineering, Special volume of the Proceedings of the 22nd Int. Conf. on Software Engineering (ICSE 2000), pp. 227–239 (2000)
  4. Firesmith Donald, Security Use Cases., 10.5381/jot.2003.2.3.c6
  5. European Union: Directive 2004/39/EC on The Markets in Financial Instruments Directive (MiFID). Official Journal of the European Union (2004), http://eurlex.europa.eu
  6. European Union : Directive 2005/60/EC on the prevention of the use of the financial system for the purpose of money laundering and terrorist financing; Official Journal of the European Union (2005), http://eurlex.europa.eu
  7. Giorgini, P., Massacci, F., Mylopoulos, J.: Requirement Engineering meets Security: A Case Study on Modelling Secure Electronic Transactions by VISA and Mastercard. In: 22th of International Conference on Conceptual Modeling (2003)
  8. Giorgini Paolo, Massacci Fabio, Zannone Nicola, Security and Trust Requirements Engineering, Foundations of Security Analysis and Design III (2005) ISBN:9783540289555 p.237-272, 10.1007/11554578_8
  9. Jürjens, J.: Modelling audit security for smart-card payment schemes with UMLsec. In: 16th Int. Conf.on Inf. Security (IFIP/SEC 2001). Kluwer AP, Dordrecht (2001)
  10. Jürjens, J.: Towards secure systems development with umlsec. In: FASE/ETAPS 2001. LNCS, vol. 2029, pp. 187–200. Springer, Heidelberg (2001)
  11. Kabasele-Tenday J. -M., Specifying security in a composite system, Lecture Notes in Computer Science (1998) ISBN:9783540643821 p.246-255, 10.1007/bfb0030425
  12. Kalam A.A.E., Baida R.E., Balbiani P., Benferhat S., Cuppens F., Deswarte Y., Miege A., Saurel C., Trouessin G., Organization based access control, 10.1109/policy.2003.1206966
  13. Kalam, E., et al.: Multi-OrBAC: un modèle de contrôle d’accès pour les systèmes multi-organisationnels. Centre pour la Communication Scientifique Directe (2006), http://www.ccsd.cnrs.fr/
  14. van Lamsweerde, A., Letier, E.: Handling Obstacles in Goal-Oriented Requirements Engineering. TSE 26(10), 978–1005 (2000)
  15. van Lamsweerde, A., Brohez, S., De Landtsheer, R.: Janssens. D.: From System Goals to Intruder Anti-Goals: Attack Generation and Resolution for Security Requirements Engineering. In: Proceedings of RHAS 2003, pp. 49–56 (2003)
  16. Leiwo Jussipekka, Zheng Yuliang, A framework for the management of information security, Lecture Notes in Computer Science (1998) ISBN:9783540643821 p.232-245, 10.1007/bfb0030424
  17. Lodderstedt Torsten, Basin David, Doser Jürgen, SecureUML: A UML-Based Modeling Language for Model-Driven Security, ≪UML≫ 2002 — The Unified Modeling Language (2002) ISBN:9783540442547 p.426-441, 10.1007/3-540-45800-x_33
  18. Matulevičius Raimundas, Mayer Nicolas, Mouratidis Haralambos, Dubois Eric, Heymans Patrick, Genon Nicolas, Adapting Secure Tropos for Security Risk Management in the Early Phases of Information Systems Development, Advanced Information Systems Engineering ISBN:9783540695332 p.541-555, 10.1007/978-3-540-69534-9_40
  19. Matulevicius Raimundas, Mayer Nicolas, Heymans Patrick, Alignment of Misuse Cases with Security Risk Management, 10.1109/ares.2008.88
  20. Mayer, N., Heymans, P., Matulevičius, R.: Design of a Modelling Language for Information System Security Risk Management. In: Proceedings of the 1st International Conf. on Research Challenges in Information Science (RCIS 2007), pp. 121–131 (2007)
  21. McDermott, J., Fox, C.: Using Abuse Case Models for Security Requirements Analysis. In: Proc. of ACSAC 1999, pp. 55–66. IEEE Press, Los Alamitos (1999)
  22. Sindre Guttorm, Opdahl Andreas L., Eliciting security requirements with misuse cases, 10.1007/s00766-004-0194-4
  23. Wing, J.M.: A Symbiotic Relationship Between Formal Methods and Security, CMU-CS-98-188, Pittsburgh, PA (1998)