CSCE 548 Secure Software Development Use Cases Misuse Cases

Slides:



Advertisements
Similar presentations
CSCE 522 Building Secure Software. CSCE Farkas2 Reading This lecture – McGraw: Ch. 3 – G. McGraw, Software Security,
Advertisements

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Chapter 1 Principles of Programming and Software Engineering.
1 CS1001 Lecture Overview Object Oriented Design Object Oriented Design.
© 2006 Pearson Addison-Wesley. All rights reserved2-1 Chapter 2 Principles of Programming & Software Engineering.
Basic Concepts The Unified Modeling Language (UML) SYSC System Analysis and Design.
Romaric GUILLERM Hamid DEMMOU LAAS-CNRS Nabil SADOU SUPELEC/IETR.
Principles of Object Technology Module 1: Principles of Modeling.
CSCE 548 Secure Software Development Risk-Based Security Testing.
Information Systems Security Computer System Life Cycle Security.
CSCE 548 Secure Software Development Security Use Cases.
CS 325: Software Engineering April 14, 2015 Software Security Security Requirements Software Security in the Life Cycle.
Karolina Muszyńska. Reverse engineering - looking at the solution to figure out how it works Reverse engineering - breaking something down in order to.
المحاضرة الثالثة. Software Requirements Topics covered Functional and non-functional requirements User requirements System requirements Interface specification.
CSCE 548 Secure Software Development Test 1 Review.
©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 6 Slide 1 Requirements Engineering Processes l Processes used to discover, analyse and.
CSCE 548 Code Review. CSCE Farkas2 Reading This lecture: – McGraw: Chapter 4 – Recommended: Best Practices for Peer Code Review,
Integrating Security Design Into The Software Development Process For E-Commerce Systems By: M.T. Chan, L.F. Kwok (City University of Hong Kong)
Copyright 2002 Prentice-Hall, Inc. Modern Systems Analysis and Design Third Edition Jeffrey A. Hoffer Joey F. George Joseph S. Valacich Chapter 20 Object-Oriented.
Intent Specification Intent Specification is used in SpecTRM
CSCE 548 Secure Software Development Final Exam – Review.
A language to describe software texture in abstract design models and implementation.
1 OCL Tools Supervised by Prof. Daniel Amyot May Khalil Nadia Spido Submitted to Professor Daniel Amyot in partial fulfillment of the requirements for.
CSCE 522 Secure Software Development Best Practices.
1 COMP 350: Object Oriented Analysis and Design Lecture 1Introduction References: Craig Larman Chapter 1.
Secure Systems Research Group - FAU SW Development methodology using patterns and model checking 8/13/2009 Maha B Abbey PhD Candidate.
CSCE 548 Building Secure Software. CSCE Farkas2 Reading This lecture: – McGraw: Chapter 1 – Recommended: CyberInsecurity: The Cost of Monopoly,
CSCE 548 SDLC. CSCE Farkas2 Reading This lecture – The Software Development Life Cycle (SDLC),
CSCE 522 Secure Software Development Best Practices.
PwC New Technologies New Risks. PricewaterhouseCoopers Technology and Security Evolution Mainframe Technology –Single host –Limited Trusted users Security.
CSCE 548 Architectural Risk Analysis. CSCE Farkas2 Reading This lecture: – McGraw: Chapter 5 Next lecture: – Secure Software Construction Jan Jürjens,
CSCE 548 Secure Software Development Security Operations.
MDD approach for the Design of Context-Aware Applications.
Security Patterns Template and Tutorial - Darrell M. Kienzle, Ph.D., Matthew C. Elder, Ph.D., David S. Tyree, James Edwards-Hewitt Presented by Dan Frohlich.
© 2006 Pearson Addison-Wesley. All rights reserved 2-1 Chapter 2 Principles of Programming & Software Engineering.
CSCE 201 Secure Software Development Best Practices.
Formal Specification: a Roadmap Axel van Lamsweerde published on ICSE (International Conference on Software Engineering) Jing Ai 10/28/2003.
Secure Software Development Abuse Cases Chapter 8 Rasool Jalili & M.S. Dousti Dept. of Computer Engineering Fall 2010.
Requirements Analysis
Requirements Analysis
21/1/ Analysis - Model of real-world situation - What ? System Design - Overall architecture (sub-systems) Object Design - Refinement of Design.
© Duminda Wijesekera, 2003 Consistent and Complete Access Control Policies in Use Cases Khaled Alghathbar George Mason University, USA and King Saud University,
Object-Oriented Software Engineering Practical Software Development using UML and Java Modelling with Classes.
By Ramesh Mannava.  Overview  Introduction  10 secure software engineering topics  Agile development with security development activities  Conclusion.
Lecturer: Eng. Mohamed Adam Isak PH.D Researcher in CS M.Sc. and B.Sc. of Information Technology Engineering, Lecturer in University of Somalia and Mogadishu.
1 Ontological Foundations For SysML Henson Graves September 2010.
CSCE 548 Secure Software Development Penetration Testing.
Principles of Programming & Software Engineering
CSCE 548 Secure Software Development Security Operations
Computer Security Introduction
CSCE 548 Secure Software Development Risk-Based Security Testing
Chapter 4 – Requirements Engineering
Chapter 5 – Requirements Engineering
SysML 2.0 Formalism: Requirement Benefits, Use Cases, and Potential Language Architectures Formalism WG December 6, 2016.
SysML v2 Formalism: Requirements & Benefits
Object-Oriented Techniques
Software Security II Karl Lieberherr.
Off-line Risk Assessment of Cloud Service Provider
CSCE 548 Secure Software Development Test 1 Review
Introduction to SysML v.2.0 Metamodel (KerML)
Rational Unified Process
Chapter 19: Building Systems with Assurance
Chapter 20 Object-Oriented Analysis and Design
Chapter 27 Security Engineering
Software Design Lecture : 14.
CSCE 813 Internet Security Fall 2012
Requirements Document
Chapter 2 Process Models
Subject Name: SOFTWARE ENGINEERING Subject Code:10IS51
Presentation transcript:

CSCE 548 Secure Software Development Use Cases Misuse Cases

Reading Required: McGraw: Chapter 8 I. Alexander, Misuse Cases: Use Cases with Hostile Intent, IEEE Software, vol. 20, no. 1, pp. 58-66, Jan./Feb. 2003. http://www.computer.org/portal/web/csdl/doi/10.1109/MS.2003.1159030 Recommended” Pauli and Xu, Misuse Case-Based Design and Analysis of Secure Software Architecture, http://cs.ndsu.edu/~dxu/publications/pauli-xu-ITCC05.pdf Steven and Peterson, Defining Misuse within the Development Process, http://csdl.computer.org/dl/mags/sp/2006/06/j6081.pdf Next lecture: Security Operations CSCE 548 - Farkas

Application of Touchpoints External Review 3. Penetration Testing 1. Code Review (Tools) 6. Security Requirements 4. Risk-Based Security Tests 2. Risk Analysis 7. Security Operations 5. Abuse cases 2. Risk Analysis Requirement and Use cases Architecture and Design Test Plans Code Tests and Test Results Feedback from the Field CSCE 548 - Farkas

Design Flaws 50 % of security problems Need: explicitly identifying risk Quantifying impact: tie technology issues and concerns to business Continuous risk management CSCE 548 - Farkas

Unified Modeling Language Standard way to visualize a system's architectural blueprints High abstraction level Extensible syntax Sufficiently precise semantics Can we express security requirements in UML? CSCE 548 - Farkas

UML Diagrams Source: Wikipedia, http://en.wikipedia.org/wiki/Unified_Modeling_Language CSCE 548 - Farkas

UMLsec Uses extension mechanism of UML and its formal semantics Relies on work providing formal semantics for UML Security considerations: need formal semantics to reason about security requirements CSCE 548 - Farkas

AuthUML Alghathbar and Wijesekera Formal semantics for UML diagrams Horn clauses Additional logic constructs to model Authorization constraints CSCE 548 - Farkas

authUML This unified framework supports Derivation of authorization Verification of consistency of the integrated security policies Resolution of conflicting requirement Application of default policy CSCE 548 - Farkas

Use Case Example CSCE 548 - Farkas Copyright: Alghathbar and Wijesekera

Misuse Cases Software development: making software do something Describe features and functions Everything goes right Need: security, performance, reliability Service level agreement – legal binding How to model non-normative behavior in use cases? Think like a bad guy CSCE 548 - Farkas

Software Vendor Accountability SLA for specific, measurable criteria: Proper implementation of security features Looking for known security flaws and confirming that they are not present Passing third party validation and verification Use of source code analysis tools CSCE 548 - Farkas

Checking for Known Vulnerabilities Need tool Possible attacks and attack types How the software behaves if something goes WRONG What motivates an attacker? CSCE 548 - Farkas

Misuse Cases Extends use case diagrams Represent actions the system should prevent Represent together Desired functionalities Undesired actions Security: emergent property  must be built in from the ground up Making explicit trade offs CSCE 548 - Farkas

Misuse Cases Analyze system design and requirements Assumptions Failure of assumptions Attack patterns Software that is used also going to be attacked What can a bad guy do and how to react to malicious use CSCE 548 - Farkas

Misuse Case Development Team work – software developers and security experts Identifying and documenting threats Creating anti-requirements: how the system can be abused Creating attack model Select attack pattern relevant to the system Include anyone who can gain access to the system CSCE 548 - Farkas

Link to presentation on Ian Alexander’s paper on Misuse Cases: Use Cases with Hostile Intent, perceval.gannon.edu/xu001/teaching/shared/re_eng/slides/misusecase.ppt CSCE 548 - Farkas

Next Class Operational security CSCE 548 - Farkas

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.