By Topic

Cost-Effective Security

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)

To be successful, application software needs compelling functionality, availability within the right timeframe, and a reasonable price. But equally critical, teams must get nonfunctional characteristics right - performance, scalability, manageability, maintainability, usability, and, of course, security. The authors introduced misuse or abuse cases as counterparts to use cases and explained that although use cases capture functional requirements, abuse cases describes how users can misuse a svstem with malicious intent, thereby identifying additional security requirements. Another prior installment discussed how to fit misuse and abuse cases into the development process by defining who should write them, when to do so, and how to proceed. In this article, we discuss what abuse cases bring to software development in terms of planning. We don't assumes fixed budget is assigned to security measure's but that budgetary constraints apply to the project as a whole. We believe it's reasonable, and often accessary, to trade funtionality against security, so the question isn't how to prioritize security requirements but how to prioritize the development effort across both functional and security requirements.

Published in:

Security & Privacy, IEEE  (Volume:5 ,  Issue: 3 )