An extended misuse case notation

advertisement
Lillian Røstad, An extended misuse case notation: Including vulnerabilities and the
insider threat, The Twelfth Working Conference on Requirements Engineering:
Foundation for Software Quality (REFSQ'06) 2006.
Summary:
Rostad suggests extending misuse case notation for modeling vulnerabilities as
weaknesses in the system and insider attackers. The extended notation introduces a new
type of actor called insider that has the capabilities and permissions of an authorized actor
who misuses the given permissions. The concept of vulnerability is defined as a weakness
that may be exploited by the misuse. In the extended modeling notation the concept of
vulnerability is expressed a type of use case, with an exploit relationship from the threat
to the vulnerability.
In the example cases presented in [], “enter password” or “enter username” use cases
are highlighted as the vulnerability that the injection attack or overflow attach can
exploit.
Why it is good:
The author asserts that the threat toward a system may only be realized in an attack if
the system contains vulnerabilities that can be exploited, and it is important to consider
the vulnerabilities to identify all possible threats and attacks.
Problems and limitations:
However, the author does not distinguish between the concept to of attack and threat.
In addition, it is not justified why and how vulnerability, as a weakness in the system that
can be exploited, can be modeled as a use case. The examples of vulnerabilities in [] are
ordinary use cases of a system, that bring a vulnerability to the system. In sum, the
semantics of the proposed modeling element as vulnerability is not compatible with the
definition and concept of vulnerability as a weakness. For example, buffer overflow or
password loss are example of vulnerabilities, while in the examples provided in []
vulnerable use cases were modeled instead of weaknesses.
Download
Related flashcards
Create flashcards