{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,4]],"date-time":"2024-09-04T18:38:42Z","timestamp":1725475122828},"reference-count":23,"publisher":"Springer US","isbn-type":[{"type":"print","value":"9780387348285"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"DOI":"10.1007\/978-0-387-34831-5_10","type":"book-chapter","created":{"date-parts":[[2006,11,29]],"date-time":"2006-11-29T15:04:42Z","timestamp":1164812682000},"page":"123-137","source":"Crossref","is-referenced-by-count":12,"title":["Defining Security Requirements Through Misuse Actions"],"prefix":"10.1007","author":[{"given":"Eduardo B.","family":"Fernandez","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Michael","family":"VanHilst","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Maria M.","family":"Larrondo Petrie","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Shihong","family":"Huang","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","reference":[{"key":"10_CR1","first-page":"58","volume-title":"IEEE Software","author":"I. Alexander","year":"2003","unstructured":"Alexander, I.: Misuse cases: Use cases with hostile intent. In IEEE Software, Vol. 20, No. 1, January\/February 2003, IEEE Computer Society Press, Los Alamitos, California (2003) 58\u201366."},{"key":"10_CR2","doi-asserted-by":"crossref","first-page":"151","DOI":"10.1109\/ICRE.2003.1232746","volume-title":"Proceedings of the 11 th IEEE International Conference on Requirements Engineering (RE\u201903)","author":"L. Liu","year":"2003","unstructured":"Liu, L., Yu, E. and Mylopoulos, J.: Security and privacy requirements analysis within a social setting. In Proceedings of the 11\n                  th\n                  IEEE International Conference on Requirements Engineering (RE\u201903), Monterey, California, 8\u201312 September 2003, IEEE Computer Society Press, Los Alamitos, California (2003) 151\u2013161."},{"key":"10_CR3","first-page":"21","volume-title":"Dr. Dobb\u2019s Journal","author":"B. Schneier","year":"2003","unstructured":"Schneier, B.: Attack Trees: Modeling Security Threats. In Dr. Dobb\u2019s Journal, Vol. 24, No. 12, December 1999, CMP Media LLC, Manhasset, New York, USA (2003) 21\u201329."},{"key":"10_CR4","first-page":"747","volume-title":"IBM Systems Journal","author":"J. J. Whitmore","year":"2001","unstructured":"Whitmore, J. J.: A method for designing secure solutions. In IBM Systems Journal, Vol. 40, No. 3, IBM, Riverton, New Jersey, USA (2001) 747\u2013768. http:\/\/www.research.ibm.com\/journal\/sj"},{"key":"10_CR5","first-page":"63","volume-title":"Computers & Security","author":"A. Zuccato","year":"2004","unstructured":"Zuccato, A.: Holistic security requirement engineering for electronic commerce. In Computers & Security, Vol. 23, No. 1, Elsevier, UK (2004) 63\u201376."},{"key":"10_CR6","volume-title":"Writing secure code","author":"M. Howard","year":"2003","unstructured":"Howard, M., and LeBlanc, D. Writing secure code, (2nd Ed.), Microsoft Press, Redmond, Washington, USA (2003).","edition":"2nd Ed."},{"key":"10_CR7","doi-asserted-by":"publisher","first-page":"120","DOI":"10.1109\/TOOLS.2000.891363","volume-title":"Proceedings of the 37th International Conference on Technology of Object-Oriented Languages and Systems","author":"G. Sindre","year":"2000","unstructured":"Sindre, G. and Opdahl, A.L.: Eliciting Security Requirements by Misuse Cases. In Proceedings of the 37th International Conference on Technology of Object-Oriented Languages and Systems (TOOLS-Pacific 2000), Sydney, Australia, 20\u201323 November 2000 IEEE Press, Los Alamitos, California, USA (2000) 120\u2013131."},{"key":"10_CR8","first-page":"21","volume-title":"Software Engineering Research and Practice: Proceedings of the International Conference on Software Engineering Research and Practice","author":"E. B. Fernandez","year":"2004","unstructured":"Fernandez, E. B.: A methodology for secure software design. In Software Engineering Research and Practice: Proceedings of the International Conference on Software Engineering Research and Practice, SERP\u2019 04, Las Vegas, Nevada, USA, Vol. 1, 21\u201324 June 2004, H. R. Arabnia and H. Reza (eds.), CSREA Press, USA (2004) 130\u2013136."},{"key":"10_CR9","volume-title":"Integrating security and software engineering: Advances and future vision","author":"E. B. Fernandez","year":"2006","unstructured":"Fernandez, E. B., Larrondo-Petrie, M. M., Sorgente, T. and VanHilst M.: A methodology to develop secure systems using patterns. In Integrating security and software engineering: Advances and future vision, H. Mouratidis and P. Giorgini (Eds.), Idea Group, Hershey, Pennsylvania, USA (2006)."},{"key":"10_CR10","volume-title":"Applying UML and Patterns: An Introduction to Object-Oriented Analysis and Design and Iterative Development","author":"C. Larman","year":"2005","unstructured":"Larman, C.: Applying UML and Patterns: An Introduction to Object-Oriented Analysis and Design and Iterative Development (3nd edition.), Prentice-Hall, Englewood Cliffs, New Jersey, USA (2005).","edition":"3nd edition"},{"key":"10_CR11","volume-title":"The Design of Secure Systems","author":"E. B. Fernandez","year":"2007","unstructured":"Fernandez, E. B., Gudes, E. and Olivier, M.: The Design of Secure Systems, Addison-Wesley, Reading, Massachussetts, USA (2007)."},{"key":"10_CR12","first-page":"121","volume-title":"Proceedings of the 2nd ACM Workshop on Role-Based Access Control","author":"E. B. Fernandez","year":"1997","unstructured":"Fernandez, E. B., and Hawkins, J.C.: Determining Role Rights from Use Cases. In Proceedings of the 2nd ACM Workshop on Role-Based Access Control, RBAC\u201997, Fairfax, Virginia, USA, 6\u20137 November 1997, ACM Press, New York, New York, USA (1997) 121\u2013125."},{"key":"10_CR13","volume-title":"The Unified Modeling Language User Guide","author":"G. Booch","year":"2005","unstructured":"Booch, G., Rumbaugh, J. and Jacobson, I.: The Unified Modeling Language User Guide (2nd Ed.), Addison-Wesley, Upper Saddle River, New Jersey, USA (2005).","edition":"2nd Ed."},{"key":"10_CR14","volume-title":"The Account Analysis Pattern","author":"E. B. Fernandez","year":"2002","unstructured":"Fernandez, E. B. and Liu, Y.: The Account Analysis Pattern. In Proceedings of EuroPLoP 2002 (Pattern Languages of Programs), Irsee Germany, 3\u20137 July 2002, Universit\u00e4tsverlag Konstanz, Konstanz, Germany, (2002). http:\/\/www.hillside.net\/patterns\/EuroPLoP2002\/"},{"key":"10_CR15","first-page":"684","volume-title":"IEEE Transactions on Software Engineering","author":"N. G. Leveson","year":"1994","unstructured":"Leveson, N. G., Heimdahl, M. P. E., Hildreth, H. and Reese, J. D.: Requirements specification for process control systems. In IEEE Transactions on Software Engineering, Vol. 20, No 9, September 1994, IEEE Computer Society Press, Los Alamitos, California, USA (1994) 684\u2013707."},{"key":"10_CR16","unstructured":"Cleland-Huang, J., Denne, M., Mahjub, G., and Patel, N.: A goal-oriented approach for mitigating security and continuity risks. In Proceedings. of the IEEE Inernational. Symposium on Secure Software Engineering (ISSSE\u201906), 13\u201315 March 2006, Arlington, Virginia, USA (2006) 167\u2013177."},{"key":"10_CR17","doi-asserted-by":"crossref","first-page":"112","DOI":"10.1145\/976270.976285","volume-title":"Proceedings of the 3 rd. International Conference on Aspect-Oriented Software Development (AOSD\u201904)","author":"C.B. Haley","year":"2004","unstructured":"Haley, C.B., Laney, R.C., and Nuseiben, B.: Deriving security requirements from crosscutting threat descriptions. In Proceedings of the 3\n                  rd. International Conference on Aspect-Oriented Software Development (AOSD\u201904), Lancaster, UK, 22\u201326 March 2004, ACM Press, New York, New York, USA (2004) 112\u2013121."},{"key":"10_CR18","volume-title":"Problem Frames: Analysing and structuring software development problems","author":"M. Jackson","year":"2001","unstructured":"Jackson, M.: Problem Frames: Analysing and structuring software development problems, Addison-Wesley, Reading, Washington, USA (2001)."},{"key":"10_CR19","unstructured":"He, Q. and Anton, A. I.: Deriving access control policies from requirements specifications and database design, North Carolina State University CS Technical Report. TR-2004-24, (2004)."},{"key":"10_CR20","unstructured":"Mouratidis, H., Giorgini, P. and Manson, G.A.: Using security attach scenarios to analyse security during information systems Design. In Proceedings of the 2\n                  nd\n                  International Workshop on Security in Information Systems at ICEIS 2004, Porto, Portugal, April 2004 (2004) 10\u201317."},{"key":"10_CR21","doi-asserted-by":"crossref","first-page":"148","DOI":"10.1109\/ICSE.2004.1317437","volume-title":"Proceedings of the 26 th International Conference on Software Engineering","author":"A. Lamsweerde van","year":"2004","unstructured":"van Lamsweerde, A.: Elaborating security requirements by construction of intentional anti-models. In Proceedings of the 26\n                  th\n                  International Conference on Software Engineering (ICSE\u201904), Edinburgh, UK, 23\u201328 May 2004, IEEE Computer Society Press, Los Alamitos, California, USA (2004) 148\u2013157."},{"key":"10_CR22","unstructured":"Huang, S. and Tilley, A.: Workshop on Graphical Documentation for Programmers: Assessing the Efficacy of UML Diagrams for Program Understanding. Held in conjunction with The 11\n                  th\n                  International Workshop on Program Comprehension, IWPC 2003, 10 May 2003, Portland, Oregon, USA, IEEE Computer Society Press, Los Alamitos, California, USA (2003) 281\u2013282."},{"key":"10_CR23","first-page":"184","volume-title":"Proceedings of the 21 st ACM Annual International Conference on Design of Communication","author":"S. Tilley","year":"2003","unstructured":"Tilley, S., and Huang, S.: A qualitative assessment of the efficacy of UML diagrams as a form of graphical documentation in aiding program understanding. In Proceedings of the 21\n                  st\n                  ACM Annual International Conference on Design of Communication (SIGDOC 2003: 12\u201315 October 2003; San Francisco, California, USA, ACM Press: New York, New York, USA (2003) 184\u2013191."}],"container-title":["IFIP International Federation for Information Processing","Advanced Software Engineering: Expanding the Frontiers of Software Technology"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-0-387-34831-5_10.pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,28]],"date-time":"2021-04-28T01:51:21Z","timestamp":1619574681000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-0-387-34831-5_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[null]]},"ISBN":["9780387348285"],"references-count":23,"URL":"https:\/\/doi.org\/10.1007\/978-0-387-34831-5_10","relation":{},"subject":[]}}