Abstract
Secure software engineering is concerned with developing software systems that will continue delivering its intended functionality despite a multitude of harmful software technologies that can attack these systems from anywhere and at anytime. Misuse cases and mal-activity diagrams are two techniques to model functional security requirements address security concerns early in the development life cycle. This allows system designers to equip their systems with security mechanisms built within system design rather than relying on external defensive mechanisms. In a model-driven engineering process, misuse cases are expected to drive the construction of mal-activity diagrams. However, a systematic approach to transform misuse cases into mal-activity diagrams is missing. Therefore, this process remains dependent on human skill and judgment, which raises the risk of developing mal-activity diagrams that are inconsistent with the security requirements described in misuse cases, leading to the development of an insecure system. This paper presents an authoring structure for misuse cases and a transformation technique to systematically perform this desired model transformation. A study was conducted to evaluate the proposed technique using 46 attack stories outlined in a book by a former well-known hacker (Mitnick and Simon in The art of deception: controlling the human element of security, Wiley, Indianapolis, 2002). The results indicate that applying the proposed technique produces correct mal-activity diagrams from misuse cases.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Alexander, I.F.: Initial industrial experience of misuse cases in trade-off analysis. In: Proceedings of the 10th Anniversary IEEE International Requirements Engineering Conference, Essen, Germany (2002)
Armour F., Miller G.: Advanced Use Case Modeling. Addison-Wesley, Boston (2000)
Basin D.A., Doser J., Lodderstedt T.: Model driven security: from UML models to access control infrastructures. ACM Trans. Softw. Eng. Methodol. 15(1), 39–91 (2006)
Bittner K., Spence I.: Use Case Modeling. Addison-Wesley, Boston (2002)
Bodden E., Vangheluwe H.: Transforming Timeline Specifications into Automata for Runtime Monitoring. Applications of Graph Transformations with Industrial Relevance. Springer, Berlin (2008)
Brucker, A., Doser, J., Wolff, B.: A model transformation semantics and analysis methodology for SecureUML. In: Proceedings of Model Driven Engineering Languages and Systems. Lecture Notes in Computer Science, vol. 4199, pp. 306–320. Springer, Berlin (2006)
Cockburn A.: Writing Effective Use Cases. Addison-Wesley, Boston (2000)
Constantine L.L.: Essential modeling: use cases for user interfaces. ACM Interact. 2, 34–46 (1995)
Den Braber, F., Dimitrakos, T., Gran, B.A., Stølen, K., Aagedal, J.: Model-based risk management using UML and UP. In: Proceedings of the 13th IRMA International Conference: Issues and Trends of Information Technology Management in Contemporary Organizations, Seattle, Washington (2002)
Fernandes, J.M., Tjell, S., Jørgensen, J.B., Ribeiro, Ó.: Designing tool support for translating use cases and UML 2.0 sequence diagrams into a coloured Petri Net. In: Proceedings of the Sixth International Workshop on Scenarios and State Machines (2007)
Fox, J., Jürjens, J.: Introducing security aspects with model transformation. In: 12th IEEE International Conference and Workshops on the Engineering of Computer-Based Systems (2004)
Giorgini, P., Massacci, F., Mylopoulos, J.: Requirement engineering meets security: a case study on modelling secure electronic transactions by VISA and Mastercard. In: 22nd International Conference on Conceptual Modeling (ER 2003). Lecture Notes in Computer Science, vol. 2813, pp. 263–276. Springer, Berlin (2003)
Giorgini, P., Massacci, F., Mylopoulos, J., Zannone, N.: Modeling security requirements through ownership, permission and delegation. In: Proceedings of the 13th IEEE International Conference on Requirements (2005)
Houmb, S.H., Den Braber, F., Lund, M.S., Stølen, K.: Towards a UML profile for model-based risk assessment. In: Proceedings of the UML’2002 Satellite Workshop on Critical Systems Development (2002)
ISO/IEC 27001:2005 Specification for Information Security Management (2005)
Jürjens J.: Secure Systems Development with UML. Springer, Berlin (2004)
Koch, M., Parisi-Presicce, F.: Access control policy specification in UML. In: Critical Systems Development with UML, pp. 63–78. TUM-I0208 (2001)
Kroll P., Kruchten P.: The Rational Unified Process Made Easy: A Practitioner’s Guide to the RUP. Addison-Wesley, Boston (2003)
Kulak D., Guiney E.: Use Cases: Requirements in Context. Addison-Wesley, Boston (2000)
Lin, L., Nuseibeh, B., Ince, D., Jackson, M.: Using abuse frames to bound the scope of security problems. In: 12th IEEE International Conference on Requirements Engineering, pp. 354–355. IEEE Computer Society (2004)
Massacci F., Mylopoulos J., Zannone N.: Computer-aided support for secure tropos. Autom. Softw. Eng. 14(3), 341–364 (2007)
Mitnick K.D., Simon W.L.: The Art of Deception: Controlling the Human Element of Security. Wiley, Indianapolis (2002)
OMG.: Unified Modeling Language, version 1.5. Object Management Group, Inc. http://www.uml.org . Accessed 21 Nov 2003
Parr, T.: The Definitive ANTLR Reference: Building Domain-Specific Languages (Pragmatic Programmers). Pragmatic Bookshelf (2007)
Patzina, S., Patzina, L.: A case study based comparison of ATL and SDM. In: Proceeding of the 4th International Symposium on Applications of Graph Transformation with Industrial Relevance (2011)
Popp, G., Jürjens, J., Wimmel, G., Breu, R.: Security-critical system development with extended use cases. In: 10th Asia-Pacific Software Engineering Conference. IEEE Computer Society (2003)
Rosenberg D., Scott K.: Use Case Driven Object Modeling with UML. Addison-Wesley, Boston (1999)
Schneider G., Winters J.: Applying Use Cases—A Practical Guide. Addison-Wesley, Boston (1998)
Sindre G., Opdahl A.: Eliciting security requirements with misuse cases. Requir. Eng. J. 10, 34–44 (2005)
Sindre G., Opdahl A.L.: Eliciting Security Requirements by Misuse Cases. TOOLS Pacific 2000. IEEE CS Press, Sydney (2000)
Sindre, G., Opdahl, A. L., Breivik, G.F.: Generalization/specialization as a structuring mechanism for misuse cases. In: Proceedings of the 2nd Symposium on Requirements Engineering for Information Security (SREIS’02), Raleigh, North Carolina (2002)
Sindre, G.: Mal-activity diagrams for capturing attacks on business processes. In: Proceedings of the 13th International Working Conference on Requirements Engineering: Foundation for Software Quality (REFSQ’07) (2007)
Sindre, G., Opdahl, A.L.: Templates for Misuse Case Description. In: Proceedings of the 7th International Workshop on Requirements Engineering: Foundation for Software Quality (REFSQ’01), Interlaken, Switzerland (2001)
The Eclipse Foundation.: ATL—A Model Transformation Technology. http://www.eclipse.org/atl/ . Accessed March 2011
Weidenhaupt K., Pohl K., Jarke M., Haumer P.: Scenario Usage in System Development: A Report on Current Practice. IEEE Softw. 15(2), 34–45 (1998)
Author information
Authors and Affiliations
Corresponding author
Additional information
Communicated by Dr. Andy Schürr and Arend Rensink.
Rights and permissions
About this article
Cite this article
El-Attar, M. From misuse cases to mal-activity diagrams: bridging the gap between functional security analysis and design. Softw Syst Model 13, 173–190 (2014). https://doi.org/10.1007/s10270-012-0240-5
Received:
Revised:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10270-012-0240-5