MASG: Advanced Misuse Case Analysis Model with Assets and Security Goals

نویسندگان

  • Takao Okubo
  • Kenji Taguchi
  • Haruhiko Kaiya
  • Nobukazu Yoshioka
چکیده

Misuse case model and its development process are useful and practical for security requirements analysis, but they require expertise especially about security assets and goals. To enable inexperienced requirements analysts to elicit and to analyse security requirements, we present an extension of misuse case model and its development process by incorporating new model elements, assets and security goals. We show its effectiveness from the quantitative and qualitative results of a case study. According to the results, we conclude the extension and its process enable inexperienced analysts to elicit security requirements as well as experienced analysts do.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Risk and Business Goal Based Security Requirement and Countermeasure Prioritization

Companies are under pressure to be in control of their assets but at the same time they must operate as efficiently as possible. This means that they aim to implement ―good-enough security‖ but need to be able to justify their security investment plans. Currently companies achieve this by means of checklist-based security assessments, but these methods are a way to achieve consensus without bei...

متن کامل

Exploring the Type of Relationship between Information Security Management and Organizational Culture (Case Study in TAM Iran Khodro Co.)

A culture conducive to information security practice is extremely important for organizations since information has to be critical assets in modern enterprises. Thus for understanding and improving the organizational behavior with regard to information security, enterprises may look into organizational culture and examine how it affects the effectiveness of implementing ISM. This study aims ...

متن کامل

Exploring the Type of Relationship between Information Security Management and Organizational Culture (Case Study in TAM Iran Khodro Co.)

A culture conducive to information security practice is extremely important for organizations since information has to be critical assets in modern enterprises. Thus for understanding and improving the organizational behavior with regard to information security, enterprises may look into organizational culture and examine how it affects the effectiveness of implementing ISM. This study aims ...

متن کامل

Insurer Optimal Asset Allocation in a Small and Closed Economy: The Case of Iran’s Social Security Organization

We seek to determine the optimal amount of the insurer’s investment in all types of assets for a small and closed economy. The goal is to detect the implications and contributions the risk seeker and risk aversion insurer commonly make and the effectiveness in the investment decision. Also, finding the optimum portfolio for each is the main goal of the present study. To this end, we adopted the...

متن کامل

Security design analysis

Risk has always motivated security in general terms; both assurance and IT governance approaches to security begin with a focus on risk, but the connection between risk and technical security is soon lost. As a result it is usually impossible to quantify the value of security features, or give metrics for the value of a security design compared to alternatives. This thesis describes the Securit...

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • JIP

دوره 22  شماره 

صفحات  -

تاریخ انتشار 2014