Presentation is loading. Please wait.

Presentation is loading. Please wait.

Misuse Cases Claude Turner. Outline Introduction Misuse Cases Example 1 Example 2 Tool Support for Use and Misuse Cases.

Published byBranden Bennett Modified over 8 years ago

Similar presentations

Presentation on theme: "Misuse Cases Claude Turner. Outline Introduction Misuse Cases Example 1 Example 2 Tool Support for Use and Misuse Cases."— Presentation transcript:

1 Misuse Cases Claude Turner

2 Outline Introduction Misuse Cases Example 1 Example 2 Tool Support for Use and Misuse Cases

3 Introduction

4 “Humans have analyzed negative scenarios ever since they first sat around Ice Age campfires debating the dangers of catching wooly rhinoceros: ‘What if it turns and charges us before it falls into the pit?’” Ian Alexander

5 A more recent scenario is ‘What if the hackers launch a denial of service attack?’ Modern systems engineers can employ a misuse case—the negative form of a use case—to document and analyze such scenarios. A misuse case is simply a use case from the point of view of an actor hostile to the system under design.” Ian Alexander

6 Misuse Cases

7 Misuse Case A use case that documents a negative scenario A use case from an attacker’s perspective or from an actor hostile to the system under design. Applies the concept of negative scenario in a use- case context. – A negative scenario is a situation that the system’s owner does not want to occur. – Example: business leaders, game planners, and military tacticians are familiar with the strategy of analyzing their opponents’ best moves as identifiable threats. – In contrast, a use case generally describes behavior the owner wants the system to possess. Represents what if type questions

8 Recursive Misuse and Use Cases Can develop misuse and use cases recursively, going from system to subsystem levels or lower as necessary Lower-level cases can highlight aspects not considered at higher levels, possibly forcing another analysis Approach offers rich possibilities for exploring, understanding, and validating the requirements in any direction

9 Example 1 (Figure 1)

10 Example 1 Like a game (ex. Chess or Draft): “a team’s best strategy consists of thinking ahead to the other team’s best move and acting to block it.” In the figure, use cases appear on the left, and misuse cases are on the right Misuse threat: car theft Use case actor: lawful driver Misuse actor: car thief Risk: driver’s freedom to drive the car if thief can steal it

11 Example 1 Top-level analysis: driver must be able to lock the car (a derived requirement) to mitigate the threat Next-level analysis (thief’s response): if thief breaks the door lock and shorts the ignition, this requires another mitigating approach – such as, locking the transmission Thus, threat and mitigation forms a balanced zigzag.

12 Example 2 (Figure 2)

13 Example 2—Design Tradeoffs (satisfying conflicting user demands) Each design choice opens up new possibilities for both use and misuse Designers must therefore tradeoff one option against the other Example: – Web portal users must be able to access the provided services – Access can be threatened by a variety of security assaults (e.g., sabotage by rogue employees, sophisticated attacks by hackers)

14 Example 2—Design Tradeoffs (usability) Security can threaten system use if it is so strict that it frustrates lawful users (usability) and leads them to seek alternative services But, loose control that are more comfortable for such users invite misuse Figure 2 illustrates these dilemmas by adding “aggravates” and “conflicts with” relationships between cases

15 Usability and Misuse Cases Can also apply misuse case solutions to usability, as when a novice operator confused by the user interface becomes a negative agent

16 Tool Support for Use and Misuse Cases DOORS requirements management tool Scenario Plus (free set of add-ons for doors

17 References Alexander, I. (2003). Misuse Cases: Use Cases with Hostile Intent. IEEE Software, 58-66.

Download ppt "Misuse Cases Claude Turner. Outline Introduction Misuse Cases Example 1 Example 2 Tool Support for Use and Misuse Cases."

Similar presentations

Division of Information Management Engineering User Interface Laboratory 11 Fall 09 Human Interface UI Evaluating Design Proposals for Complex Systems.

Division of Information Management Engineering User Interface Laboratory 11 Fall 09 Human Interface UI Evaluating Design Proposals for Complex Systems.
STRUCTURES & STRATAGIES PRINCIPLES OF PLACE

STRUCTURES & STRATAGIES PRINCIPLES OF PLACE
2009 – E. Félix Security DSL Toward model-based security engineering: developing a security analysis DSML Véronique Normand, Edith Félix, Thales Research.

2009 – E. Félix Security DSL Toward model-based security engineering: developing a security analysis DSML Véronique Normand, Edith Félix, Thales Research.
4 Information Security.

4 Information Security.
Project management Project manager must;

Project management Project manager must;
CSC 593: Secure Software Engineering SeminarSlide #1 Misuse Cases: Use Cases With Hostile Intent Ian Alexander.

CSC 593: Secure Software Engineering SeminarSlide #1 Misuse Cases: Use Cases With Hostile Intent Ian Alexander.
CHAPTER 4 Information Security. Announcements Project 2 – due today before midnight Tuesday Class Quiz 1 – Access Basics Questions/Comments.

CHAPTER 4 Information Security. Announcements Project 2 – due today before midnight Tuesday Class Quiz 1 – Access Basics Questions/Comments.
Instructor: Tasneem Darwish

Instructor: Tasneem Darwish
McGraw-Hill © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 8 Threats and Safeguards Chapter 8 PROTECTING PEOPLE AND INFORMATION Threats.

McGraw-Hill © 2008 The McGraw-Hill Companies, Inc. All rights reserved. Chapter 8 Threats and Safeguards Chapter 8 PROTECTING PEOPLE AND INFORMATION Threats.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
SE 555 Software Requirements & Specification 1 Misuse Cases.

SE 555 Software Requirements & Specification 1 Misuse Cases.
Applied Software Project Management Andrew Stellman & Jennifer Greene Applied Software Project Management Applied Software.

Applied Software Project Management Andrew Stellman & Jennifer Greene Applied Software Project Management Applied Software.
Engineering Secure Software. Lottery Story A Threat We Can’t Ignore  Documented incidents are prevalent Carnegie Melon’s SEI has studied over 700 cybercrimes.

Engineering Secure Software. Lottery Story A Threat We Can’t Ignore  Documented incidents are prevalent Carnegie Melon’s SEI has studied over 700 cybercrimes.
Modern Portfolio Concepts

Modern Portfolio Concepts
Wonga example Register Question- What risks do you think businesses face due to IT developments?

Wonga example Register Question- What risks do you think businesses face due to IT developments?
REMOTE CONTROL CARS Jonathan Chandler CSCE 390 001 April 21, 2011.

REMOTE CONTROL CARS Jonathan Chandler CSCE April 21, 2011.
1 REQUIREMENTS ENGINEERING and SYSTEMS ANALYSIS Elements and Definitions.

1 REQUIREMENTS ENGINEERING and SYSTEMS ANALYSIS Elements and Definitions.
©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.

©Ian Sommerville 2006Software Engineering, 8th edition. Chapter 30 Slide 1 Security Engineering.
Consensus Hunt Game Click here to continue Click here to continue.

Consensus Hunt Game Click here to continue Click here to continue.
1 User Interface Design CIS 375 Bruce R. Maxim UM-Dearborn.

1 User Interface Design CIS 375 Bruce R. Maxim UM-Dearborn.

Similar presentations

Ads by Google