Sammendrag
Misuse case analysis is a technique for early elicitation of security-related threats and requirements to planned information systems. After the technique was first proposed in 2000, there have been many follow-up contributions both by the originators and their students and by other researchers. These contributions have focused partly on extensions and adaptations of the technique, and partly on empirical evaluations of its applicability. In this paper we review the work that has been done on misuse cases so far and point to future directions. In addition to the systematic review of previous work, this paper looks further at the possibility to apply misuse cases for other dependability factors in addition to security and safety, providing examples where misuse cases are applied for availability, reliability, and robustness.
Vis fullstendig beskrivelse