{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,5]],"date-time":"2024-09-05T20:31:43Z","timestamp":1725568303145},"publisher-location":"Berlin, Heidelberg","reference-count":29,"publisher":"Springer Berlin Heidelberg","isbn-type":[{"type":"print","value":"9783642168246"},{"type":"electronic","value":"9783642168253"}],"license":[{"start":{"date-parts":[[2010,1,1]],"date-time":"2010-01-01T00:00:00Z","timestamp":1262304000000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2010]]},"DOI":"10.1007\/978-3-642-16825-3_23","type":"book-chapter","created":{"date-parts":[[2010,11,2]],"date-time":"2010-11-02T13:30:44Z","timestamp":1288704644000},"page":"337-353","source":"Crossref","is-referenced-by-count":2,"title":["Introducing Mitigation Use Cases to Enhance the Scope of Test Cases"],"prefix":"10.1007","author":[{"given":"Lasse","family":"Harjumaa","sequence":"first","affiliation":[]},{"given":"Ilkka","family":"Tervonen","sequence":"additional","affiliation":[]}],"member":"297","reference":[{"issue":"1","key":"23_CR1","doi-asserted-by":"publisher","first-page":"58","DOI":"10.1109\/MS.2003.1159030","volume":"20","author":"I. Alexander","year":"2003","unstructured":"Alexander, I.: Misuse Cases: Use Cases With Hostile Intent. IEEE Software\u00a020(1), 58\u201366 (2003)","journal-title":"IEEE Software"},{"key":"23_CR2","unstructured":"Avizienis, A., Laprie, J.C., Randell, B.: Fundamental Concepts of Dependability. In: Okamoto, E., Pieprzyk, J.P., Seberry, J. (eds.) ISW 2000. LNCS, vol.\u00a01975, pp. 1\u20136. Springer, Heidelberg (2000)"},{"issue":"6","key":"23_CR3","doi-asserted-by":"publisher","first-page":"19","DOI":"10.1109\/MS.2004.30","volume":"21","author":"V. Basili","year":"2004","unstructured":"Basili, V., Donzelli, P., Asgari, S.: A Unified Model of Dependability: Capturing Dependability in Context. IEEE Software\u00a021(6), 19\u201325 (2004)","journal-title":"IEEE Software"},{"issue":"1","key":"23_CR4","first-page":"1","volume":"4","author":"R. Baskerville","year":"1992","unstructured":"Baskerville, R.: The Developmental Duality of Information Systems Security. Journal of Management Systems\u00a04(1), 1\u201312 (1992)","journal-title":"Journal of Management Systems"},{"issue":"4","key":"23_CR5","doi-asserted-by":"publisher","first-page":"375","DOI":"10.1145\/162124.162127","volume":"25","author":"R. Baskerville","year":"1993","unstructured":"Baskerville, R.: Information Systems Security Design Methods: Implications for Information Systems Development. ACM Computing Surveys\u00a025(4), 375\u2013414 (1993)","journal-title":"ACM Computing Surveys"},{"key":"23_CR6","unstructured":"Berger, B.: The Dangers of Use Cases Employed as Test Cases. In: STAR West Conference (2001), http:\/\/www.testassured.com\/docs\/Dangers.htm (referenced 23.11.2007)"},{"key":"23_CR7","doi-asserted-by":"crossref","unstructured":"Best, B., J\u00fcrjens, J.: Model-based Security Engineering of Distributed Information Systems using UMLsec. In: Proceedings of the 29th International Conference on Software Engineering, pp. 581\u2013590 (2007)","DOI":"10.1109\/ICSE.2007.55"},{"key":"23_CR8","unstructured":"Common Vulnerabilities and Exposures. The Standard for Information Security Vulnerability Names (2007), http:\/\/cve.mitre.org\/ (referenced 12.9.2007)."},{"key":"23_CR9","doi-asserted-by":"crossref","unstructured":"Hafiz, M., Adamczyk, P., Johnson, R.E.: Organizing Security Patterns. IEEE Software, 52\u201360 (July\/August 2007)","DOI":"10.1109\/MS.2007.114"},{"key":"23_CR10","volume-title":"Managing Risk: Methods for Software Systems Development","author":"E.M. Hall","year":"1998","unstructured":"Hall, E.M.: Managing Risk: Methods for Software Systems Development. Addison-Wesley, Reading (1998)"},{"key":"23_CR11","unstructured":"Heumann, J.: Generating Test Cases from Use Cases. Journal of Software Testing Professionals\u00a03(2) (2002)"},{"issue":"3","key":"23_CR12","doi-asserted-by":"publisher","first-page":"90","DOI":"10.1109\/MSP.2004.17","volume":"2","author":"P. Hope","year":"2004","unstructured":"Hope, P., McGraw, G., Anton, A.I.: Misuse and Abuse Cases: Getting Past the Positive. IEEE Security & Privacy\u00a02(3), 90\u201392 (2004)","journal-title":"IEEE Security & Privacy"},{"key":"23_CR13","doi-asserted-by":"crossref","unstructured":"J\u00fcrjens, J.: Using UMLsec and Goal Trees for Secure Systems Development. In: Proceedings of the 2002 ACM Symposium on Applied Computing (SAC), pp. 1026\u20131030 (2002)","DOI":"10.1145\/508791.508990"},{"key":"23_CR14","doi-asserted-by":"crossref","unstructured":"J\u00fcrjens, J.: Sound Methods and Effective Tools for Model-based Security Engineering with UML. In: Proceedings of the 27th International Conference on Software Engineering, pp. 322\u2013331 (2005)","DOI":"10.1145\/1062455.1062519"},{"key":"23_CR15","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"426","DOI":"10.1007\/3-540-45800-X_33","volume-title":"\u00abUML\u00bb 2002 - The Unified Modeling Language. Model Engineering, Concepts, and Tools","author":"T. Lodderstedt","year":"2002","unstructured":"Lodderstedt, T., Basin, D., Doser, J.: SecureUML: A UML-Based Modeling Language for Model-Driven Security? In: J\u00e9z\u00e9quel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol.\u00a02460, pp. 426\u2013441. Springer, Heidelberg (2002)"},{"key":"23_CR16","doi-asserted-by":"crossref","unstructured":"McDermott, J., Fox, C.: Using Abuse Case Models for Security Requirements Analysis. Proceedings of the 15th Annual Computer Security Applications Conference, 55\u201364 (1999)","DOI":"10.1109\/CSAC.1999.816013"},{"key":"23_CR17","volume-title":"Integrating Security and Software Engineering: Advances and Future Visions","author":"N.R. Mead","year":"2007","unstructured":"Mead, N.R.: Identifying Security Requirements Using the Security Quality Requirements Engineering (SQUARE) Method. In: Mouraditis, H., Giorgine, P. (eds.) Integrating Security and Software Engineering: Advances and Future Visions. IDEA Group Publishing, London (2007)"},{"key":"23_CR18","doi-asserted-by":"publisher","DOI":"10.4018\/978-1-59904-147-6","volume-title":"Integrating Security and Software Engineering: Advances and Future Visions","author":"H. Mouraditis","year":"2007","unstructured":"Mouraditis, H., Giorgine, P.: Integrating Security and Software Engineering: An Introduction. In: Mouraditis, H., Giorgine, P. (eds.) Integrating Security and Software Engineering: Advances and Future Visions. IDEA Group Publishing, London (2007)"},{"issue":"1","key":"23_CR19","doi-asserted-by":"publisher","first-page":"916","DOI":"10.1016\/j.infsof.2008.05.013","volume":"10","author":"A.L. Opdahl","year":"2009","unstructured":"Opdahl, A.L., Sindre, G.: Experimental comparison of attack trees and misuse cases for security threat identification. Journal of Information and Software Technology\u00a010(1), 916\u2013932 (2009)","journal-title":"Journal of Information and Software Technology"},{"key":"23_CR20","doi-asserted-by":"crossref","unstructured":"Pauli, J., Xu, D.: Integrating Functional and Security Requirements with Use Case Decomposition. In: Proceedings of the 11th International Conference on Engineering of Complex Computer Systems, pp. 57\u201366 (2006)","DOI":"10.1109\/ICECCS.2006.1690355"},{"issue":"5","key":"23_CR21","doi-asserted-by":"publisher","first-page":"81","DOI":"10.1109\/MSP.2004.84","volume":"2","author":"B. Potter","year":"2004","unstructured":"Potter, B., McGraw, G.: Software Security Testing. IEEE Security & Privacy\u00a02(5), 81\u201385 (2004)","journal-title":"IEEE Security & Privacy"},{"key":"23_CR22","doi-asserted-by":"crossref","unstructured":"Sindre, G., Opdahl, A.L.: Eliciting Security Requirements by Misuse Cases. In: Proceedings of 37th International Conference Technology of Object-Oriented Languages and Systems, pp. 120\u2013131 (2000)","DOI":"10.1109\/TOOLS.2000.891363"},{"issue":"9-10","key":"23_CR23","doi-asserted-by":"publisher","first-page":"1035","DOI":"10.1016\/j.infsof.2007.10.011","volume":"50","author":"M. Siponen","year":"2008","unstructured":"Siponen, M., Heikka, J.: Do Secure Information System Design Methods Provide Adequate Modeling Support? Information and Software Technology\u00a050(9-10), 1035\u20131053 (2008)","journal-title":"Information and Software Technology"},{"issue":"1","key":"23_CR24","doi-asserted-by":"publisher","first-page":"20","DOI":"10.1109\/MS.2008.19","volume":"25","author":"I. T\u00f8ndel","year":"2008","unstructured":"T\u00f8ndel, I., Jaatun, M., Meland, P.: Security Requirements for the Rest of Us: A Survey. IEEE Software\u00a025(1), 20\u201327 (2008)","journal-title":"IEEE Software"},{"key":"23_CR25","volume-title":"Building Secure Software - How to avoid security problems the right way.","author":"J. Viega","year":"2004","unstructured":"Viega, J., McGraw, G.: Building Secure Software - How to avoid security problems the right way. Addison-Wesley, Boston (2004)"},{"issue":"4","key":"23_CR26","doi-asserted-by":"publisher","first-page":"308","DOI":"10.1016\/j.cose.2004.09.011","volume":"24","author":"R. Villarroel","year":"2005","unstructured":"Villarroel, R., Fern\u00e1ndez-Medina, E., Piattini, M.: Secure information systems development - a survey and comparison. Journal of Computers & Security\u00a024(4), 308\u2013321 (2005)","journal-title":"Journal of Computers & Security"},{"key":"23_CR27","volume-title":"Integrating Security and Software Engineering: Advances and Future Visions","author":"M. Weiss","year":"2007","unstructured":"Weiss, M.: Modelling Security Patterns using NFR Analysis. In: Mouraditis, H., Giorgine, P. (eds.) Integrating Security and Software Engineering: Advances and Future Visions, IDEA Group Publishing, London (2007)"},{"key":"23_CR28","unstructured":"Wood, D., Reis, J.: Use Case Derived Test Cases. Harris Corporation. In: STAREAST on Software Quality Engineering Conference (1999)"},{"key":"23_CR29","volume-title":"The Art of Software Security Testing","author":"C. Wysopal","year":"2007","unstructured":"Wysopal, C., Nelson, L., Dai Zovi, D., Dustin, E.: The Art of Software Security Testing. Addison-Wesley, Reading (2007)"}],"container-title":["Lecture Notes in Computer Science","Advances in Information and Computer Security"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-642-16825-3_23","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,6,6]],"date-time":"2019-06-06T00:59:59Z","timestamp":1559782799000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-642-16825-3_23"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2010]]},"ISBN":["9783642168246","9783642168253"],"references-count":29,"URL":"https:\/\/doi.org\/10.1007\/978-3-642-16825-3_23","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2010]]}}}