Many efforts are being made to integrate security into software and software development. I lately read several interesting posts about the subject, two of them from Gunnar Peterson
- In Top Ten Information Security Considerations in Use Case Modeling he discusses ten ways that Use Case models can be developed in a more security-focused way.
In an IEEE Security & Privacy Journal he co-wrote an article on Misuse Cases with John Steven on Defining Misuse in the Development Process.
Here’s in short what is the core idea:
I remembered having seen the idea before, as Richard Claassens, a former collegue and Architect at InfoSupport showed some examples that came from the original ideas behind Misuse Cases came from Guttorm Sindre and Andreas Opdahl.
Here’s a nice example:
Leave a comment