Authors:
Mohamed El-Attar
and
Nidal Nasser
Affiliation:
Department of Software Engineering, College of Engineering, Alfaisal University, Riyadh and Saudi Arabia
Keyword(s):
Misuse Case Modeling, Refactoring, Model Transformation, Antipatterns.
Related
Ontology
Subjects/Areas/Topics:
Artificial Intelligence
;
Cross-Feeding between Data and Software Engineering
;
Knowledge Management and Information Sharing
;
Knowledge-Based Systems
;
Model-Driven Engineering
;
Requirements Engineering
;
Software Engineering
;
Software Engineering Methods and Techniques
;
Symbolic Systems
Abstract:
Secure software engineering entails that security concerns needs to be considered from the early phases of development, as early as the requirements engineering phase. Misuse cases is a well-known security analysis and specifications techniques, based on the popular use case modeling technique, that takes place in the requirements engineering phase. Similar to use case modeling, misuse case modellers are prone to committing modeling mistakes and applying antipatterns. As a result, misuse case models need to be analysed to determine if they contain fallacious design decisions. Changes, known as refactoring, to the misuse case diagrams are then required to remedy any design issues and such changes which would normally be manually applied. However, manual application of such changes in misuse case models are prone to human error, further compounding the design issues in a given misuse case model. To this end, this paper presents a model transformation approach to systematically apply ch
anges to misuse case models. A case study related to a book store is presented to illustrate the application and feasibility of the approach.
(More)