Trust Obstacle Mitigation for Database Systems

  • Victor Page
  • Robin Laney
  • Maurice Dixon
  • Charles Haley
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4042)


This paper introduces the Trust Obstacle Mitigation Model (TOMM), which uses the concept of trust assumptions to derive security obstacles, and the concept of misuse cases to model obstacles. The TOMM allows a development team to anticipate malicious behaviour with respect to the operational database application and to document a priori how this malicious behaviour should be mitigated.


Database System Security Requirement Development Team Activity Diagram Malicious Behaviour 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Abiteboul, S., Agrawal, R., Bernstein, P., et al.: The Lowell Database Research Self-Assessment. Communications of the ACM 48(5), 111–118 (2005)CrossRefGoogle Scholar
  2. 2.
    Stallings, W.: Business Data Communications, 5th edn. Pearson Prentice Hall, Upper Saddle River (2005)Google Scholar
  3. 3.
    Page, V., Dixon, M., Bielkowicz, P.: Object-Oriented Graceful Evolution Monitors. In: Konstantas, D., Léonard, M., Pigneur, Y., Patel, S. (eds.) OOIS 2003. LNCS, vol. 2817, pp. 46–59. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  4. 4.
    Anton, A.: Goal Identification and Refinement in the Specification of Software-Based Information Systems. Ph.D. Thesis, College of Computing Georgia Institute of Technology (1997)Google Scholar
  5. 5.
    Lamsweerde, A., Letier, E.: Integrating Obstacles in Goal-Driven Requirements Engineering. In: ICSE 1998 – 20th International Conference on Software Engineering, Kyoto, Japan, pp. 53–62 (1998)Google Scholar
  6. 6.
    Haley, C., Laney, R., Moffett, J., Nuseibeh, B.: The Effect of Trust Assumptions on the Elaboration of Security Requirements. In: Proceedings of the 12th International Requirements Engineering Conference (RE 2004), Kyoto, Japan, pp. 102–111 (2004)Google Scholar
  7. 7.
    Alexander, I.: Misuse Cases: Use Cases with Hostile Intent. IEEE Software 20(1), 58–66 (2003)CrossRefGoogle Scholar
  8. 8.
    Sindre, G., Opdahl, A.: Eliciting Security Requirements by Misuse Cases. In: Proceedings of the 37th International Conference on Technology Object-Oriented Languages and Systems, Sydney, Australia, pp. 120–131 (2000)Google Scholar
  9. 9.
    Jürjens, J.: UMLsec: Extending UML for Secure Systems Development. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 412–425. Springer, Heidelberg (2002)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Victor Page
    • 1
  • Robin Laney
    • 2
  • Maurice Dixon
    • 1
  • Charles Haley
    • 2
  1. 1.Department of Computing, Communications Technology and MathematicsLondon Metropolitan UniversityLondon
  2. 2.Department of ComputingThe Open UniversityMilton Keynes

Personalised recommendations