MASG: Advanced misuse case analysis model with assets and security goals

Takao Okubo; Kenji Taguchi; Haruhiko Kaiya; Nobukazu Yoshioka

doi:10.2197/ipsjjip.22.536

MASG: Advanced misuse case analysis model with assets and security goals

Takao Okubo, Kenji Taguchi, Haruhiko Kaiya, Nobukazu Yoshioka

Research output: Contribution to journal › Article › peer-review

6 Citations (Scopus)

Abstract

Misuse case model and its development process are useful and practical for security requirements analysis, but they require expertise especially about security assets and goals. To enable inexperienced requirements analysts to elicit and to analyse security requirements, we present an extension of misuse case model and its development process by incorporating new model elements, assets and security goals. We show its effectiveness from the quantitative and qualitative results of a case study. According to the results, we conclude the extension and its process enable inexperienced analysts to elicit security requirements as well as experienced analysts do.

Original language	English
Pages (from-to)	536-546
Number of pages	11
Journal	Journal of information processing
Volume	22
Issue number	3
DOIs	https://doi.org/10.2197/ipsjjip.22.536
Publication status	Published - 2014
Externally published	Yes

Keywords

Misuse case and goal oriented requirements analysis
Requirements analysis
Security

ASJC Scopus subject areas

Computer Science(all)

Access to Document

10.2197/ipsjjip.22.536

Cite this

@article{7474d9d33ef04a098faa6322572bfb89,

title = "MASG: Advanced misuse case analysis model with assets and security goals",

abstract = "Misuse case model and its development process are useful and practical for security requirements analysis, but they require expertise especially about security assets and goals. To enable inexperienced requirements analysts to elicit and to analyse security requirements, we present an extension of misuse case model and its development process by incorporating new model elements, assets and security goals. We show its effectiveness from the quantitative and qualitative results of a case study. According to the results, we conclude the extension and its process enable inexperienced analysts to elicit security requirements as well as experienced analysts do.",

keywords = "Misuse case and goal oriented requirements analysis, Requirements analysis, Security",

author = "Takao Okubo and Kenji Taguchi and Haruhiko Kaiya and Nobukazu Yoshioka",

year = "2014",

doi = "10.2197/ipsjjip.22.536",

language = "English",

volume = "22",

pages = "536--546",

journal = "Journal of information processing",

issn = "0387-5806",

publisher = "Information Processing Society of Japan",

number = "3",

}

TY - JOUR

T1 - MASG

T2 - Advanced misuse case analysis model with assets and security goals

AU - Okubo, Takao

AU - Taguchi, Kenji

AU - Kaiya, Haruhiko

AU - Yoshioka, Nobukazu

PY - 2014

Y1 - 2014

N2 - Misuse case model and its development process are useful and practical for security requirements analysis, but they require expertise especially about security assets and goals. To enable inexperienced requirements analysts to elicit and to analyse security requirements, we present an extension of misuse case model and its development process by incorporating new model elements, assets and security goals. We show its effectiveness from the quantitative and qualitative results of a case study. According to the results, we conclude the extension and its process enable inexperienced analysts to elicit security requirements as well as experienced analysts do.

AB - Misuse case model and its development process are useful and practical for security requirements analysis, but they require expertise especially about security assets and goals. To enable inexperienced requirements analysts to elicit and to analyse security requirements, we present an extension of misuse case model and its development process by incorporating new model elements, assets and security goals. We show its effectiveness from the quantitative and qualitative results of a case study. According to the results, we conclude the extension and its process enable inexperienced analysts to elicit security requirements as well as experienced analysts do.

KW - Misuse case and goal oriented requirements analysis

KW - Requirements analysis

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=84904333130&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=84904333130&partnerID=8YFLogxK

U2 - 10.2197/ipsjjip.22.536

DO - 10.2197/ipsjjip.22.536

M3 - Article

AN - SCOPUS:84904333130

SN - 0387-5806

VL - 22

SP - 536

EP - 546

JO - Journal of information processing

JF - Journal of information processing

IS - 3

ER -

MASG: Advanced misuse case analysis model with assets and security goals

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Cite this