Capturing security requirements through misuse cases

Use cases have become popular for eliciting, communicating and documenting requirements. They support functional requirements well, but provide less support for working with extra-functional requirements, such as security requirements. With the advent of e- and m-commerce applications, such requirements are growing in importance. This paper discusses a conceptual extension of use cases, namely ‘misuse cases’, describing actions that should not be possible in a system. In particular, we discuss templates for their textual description.