Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSCE 548 Secure Software Development Use Cases Misuse Cases

Published byDenis Malone Modified over 6 years ago

Similar presentations

Presentation on theme: "CSCE 548 Secure Software Development Use Cases Misuse Cases"— Presentation transcript:

1 CSCE 548 Secure Software Development Use Cases Misuse Cases

2 Reading Required: McGraw: Chapter 8
I. Alexander, Misuse Cases: Use Cases with Hostile Intent, IEEE Software, vol. 20, no. 1, pp , Jan./Feb Recommended” Pauli and Xu, Misuse Case-Based Design and Analysis of Secure Software Architecture, Steven and Peterson, Defining Misuse within the Development Process, Next lecture: Security Operations CSCE Farkas

3 Application of Touchpoints
External Review 3. Penetration Testing 1. Code Review (Tools) 6. Security Requirements 4. Risk-Based Security Tests 2. Risk Analysis 7. Security Operations 5. Abuse cases 2. Risk Analysis Requirement and Use cases Architecture and Design Test Plans Code Tests and Test Results Feedback from the Field CSCE Farkas

4 Design Flaws 50 % of security problems
Need: explicitly identifying risk Quantifying impact: tie technology issues and concerns to business Continuous risk management CSCE Farkas

5 Unified Modeling Language
Standard way to visualize a system's architectural blueprints High abstraction level Extensible syntax Sufficiently precise semantics Can we express security requirements in UML? CSCE Farkas

6 UML Diagrams Source: Wikipedia,
CSCE Farkas

7 UMLsec Uses extension mechanism of UML and its formal semantics
Relies on work providing formal semantics for UML Security considerations: need formal semantics to reason about security requirements CSCE Farkas

8 AuthUML Alghathbar and Wijesekera Formal semantics for UML diagrams
Horn clauses Additional logic constructs to model Authorization constraints CSCE Farkas

9 authUML This unified framework supports Derivation of authorization
Verification of consistency of the integrated security policies Resolution of conflicting requirement Application of default policy CSCE Farkas

10 Use Case Example CSCE 548 - Farkas Copyright:
Alghathbar and Wijesekera

11 Misuse Cases Software development: making software do something
Describe features and functions Everything goes right Need: security, performance, reliability Service level agreement – legal binding How to model non-normative behavior in use cases? Think like a bad guy CSCE Farkas

12 Software Vendor Accountability
SLA for specific, measurable criteria: Proper implementation of security features Looking for known security flaws and confirming that they are not present Passing third party validation and verification Use of source code analysis tools CSCE Farkas

13 Checking for Known Vulnerabilities
Need tool Possible attacks and attack types How the software behaves if something goes WRONG What motivates an attacker? CSCE Farkas

14 Misuse Cases Extends use case diagrams
Represent actions the system should prevent Represent together Desired functionalities Undesired actions Security: emergent property  must be built in from the ground up Making explicit trade offs CSCE Farkas

15 Misuse Cases Analyze system design and requirements
Assumptions Failure of assumptions Attack patterns Software that is used also going to be attacked What can a bad guy do and how to react to malicious use CSCE Farkas

16 Misuse Case Development
Team work – software developers and security experts Identifying and documenting threats Creating anti-requirements: how the system can be abused Creating attack model Select attack pattern relevant to the system Include anyone who can gain access to the system CSCE Farkas

17 Link to presentation on Ian Alexander’s paper on Misuse Cases: Use Cases with Hostile Intent, perceval.gannon.edu/xu001/teaching/shared/re_eng/slides/misusecase.ppt CSCE Farkas

18 Next Class Operational security CSCE Farkas

Download ppt "CSCE 548 Secure Software Development Use Cases Misuse Cases"

Similar presentations

CSCE 522 Building Secure Software. CSCE 548 - Farkas2 Reading This lecture – McGraw: Ch. 3 – G. McGraw, Software Security,

CSCE 522 Building Secure Software. CSCE Farkas2 Reading This lecture – McGraw: Ch. 3 – G. McGraw, Software Security,
1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.

1 Building with Assurance CSSE 490 Computer Security Mark Ardis, Rose-Hulman Institute May 10, 2004.
Chapter 1 Principles of Programming and Software Engineering.

Chapter 1 Principles of Programming and Software Engineering.
1 CS1001 Lecture 18. 2 Overview Object Oriented Design Object Oriented Design.

1 CS1001 Lecture Overview Object Oriented Design Object Oriented Design.
© 2006 Pearson Addison-Wesley. All rights reserved2-1 Chapter 2 Principles of Programming & Software Engineering.

© 2006 Pearson Addison-Wesley. All rights reserved2-1 Chapter 2 Principles of Programming & Software Engineering.
Basic Concepts The Unified Modeling Language (UML) SYSC 3100 - System Analysis and Design.

Basic Concepts The Unified Modeling Language (UML) SYSC System Analysis and Design.
Romaric GUILLERM Hamid DEMMOU LAAS-CNRS Nabil SADOU SUPELEC/IETR.

Romaric GUILLERM Hamid DEMMOU LAAS-CNRS Nabil SADOU SUPELEC/IETR.
Principles of Object Technology Module 1: Principles of Modeling.

Principles of Object Technology Module 1: Principles of Modeling.
CSCE 548 Secure Software Development Risk-Based Security Testing.

CSCE 548 Secure Software Development Risk-Based Security Testing.
Information Systems Security Computer System Life Cycle Security.

Information Systems Security Computer System Life Cycle Security.
CSCE 548 Secure Software Development Security Use Cases.

CSCE 548 Secure Software Development Security Use Cases.
CS 325: Software Engineering April 14, 2015 Software Security Security Requirements Software Security in the Life Cycle.

CS 325: Software Engineering April 14, 2015 Software Security Security Requirements Software Security in the Life Cycle.
Karolina Muszyńska. Reverse engineering - looking at the solution to figure out how it works Reverse engineering - breaking something down in order to.

Karolina Muszyńska. Reverse engineering - looking at the solution to figure out how it works Reverse engineering - breaking something down in order to.
المحاضرة الثالثة. Software Requirements Topics covered Functional and non-functional requirements User requirements System requirements Interface specification.

المحاضرة الثالثة. Software Requirements Topics covered Functional and non-functional requirements User requirements System requirements Interface specification.
CSCE 548 Secure Software Development Test 1 Review.

CSCE 548 Secure Software Development Test 1 Review.
©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 6 Slide 1 Requirements Engineering Processes l Processes used to discover, analyse and.

©Ian Sommerville 2000 Software Engineering, 6th edition. Chapter 6 Slide 1 Requirements Engineering Processes l Processes used to discover, analyse and.
CSCE 548 Code Review. CSCE 548 - Farkas2 Reading This lecture: – McGraw: Chapter 4 – Recommended: Best Practices for Peer Code Review,

CSCE 548 Code Review. CSCE Farkas2 Reading This lecture: – McGraw: Chapter 4 – Recommended: Best Practices for Peer Code Review,
Integrating Security Design Into The Software Development Process For E-Commerce Systems By: M.T. Chan, L.F. Kwok (City University of Hong Kong)

Integrating Security Design Into The Software Development Process For E-Commerce Systems By: M.T. Chan, L.F. Kwok (City University of Hong Kong)
Copyright 2002 Prentice-Hall, Inc. Modern Systems Analysis and Design Third Edition Jeffrey A. Hoffer Joey F. George Joseph S. Valacich Chapter 20 Object-Oriented.

Copyright 2002 Prentice-Hall, Inc. Modern Systems Analysis and Design Third Edition Jeffrey A. Hoffer Joey F. George Joseph S. Valacich Chapter 20 Object-Oriented.
Intent Specification Intent Specification is used in SpecTRM

Intent Specification Intent Specification is used in SpecTRM

Similar presentations

Ads by Google