Moving from Requirements to Design Confronting Security Issues: A Case Study

  • Spyros T. Halkidis
  • Alexander Chatzigeorgiou
  • George Stephanides
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5871)


Since the emergence of software security as a research area, it has been evident that security should be incorporated as early as possible in the software lifecycle. The advantage is that large gains can be achieved in terms of cost and effort compared to the introduction of security as an afterthought. The earliest possible phase to consider possible attacks is during requirements specification. A widely accepted approach to consider security in the requirements is the employment of misuse cases. In this paper we examine a case study to automatically generate a class diagram, based on the use and misuse cases present in the requirements. Particularly, we extend a natural language processing approach to move beyond a general domain model and produce a detailed class diagram. Moreover, security patterns are introduced in appropriate places of the design to confront the documented attacks and protect the threatened resources. Additionally, we perform an experimental study to investigate the tradeoff between the additional effort to mitigate the attacks and the security risk of the resulting system. Finally, the optimization problem of finding the smallest system regarding additional effort given a maximum acceptable risk is established and an appropriate algorithm to solve it is proposed.


Software Security Requirements Specification Misuse Cases Security Patterns Risk Analysis 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Alexander, I.: Misuse Cases: Use Cases with Hostile Intent. IEEE Software, 58–66 (January/February 2003)Google Scholar
  2. 2.
    Allen, J.: Natural Language Understanding. Addison Wesley, Reading (1994)Google Scholar
  3. 3.
    Bikel, D.: Design of a Multi-lingual Parallel-Processing Statistical Parser Engine. In: Proceedings of Human Language Technology Conference, HLT 2002 (2002)Google Scholar
  4. 4.
    Blakley, B., Heath, C., Members of the Open Group Security Forum: Security Design Patterns. Open Group Technical Guide (2004)Google Scholar
  5. 5.
    Braga, A., Rubira, C., Dahab, R.: Tropyc: A Pattern Language for Cryptographic Software. In: Proceedings of the 5th Conference on Pattern Languages of Programming, PLoP 1998 (1998)Google Scholar
  6. 6.
    Caldiera, G., Antoniol, G., Fiutem, R., Lokan, C.: A Definition and Experimental Evaluation of Function Points for Object-Oriented Systems. In: Proceedings of the Fifth International Symposium on Software Metrics-METRICS 1998, pp. 167–178 (1998)Google Scholar
  7. 7., Cross Site Scripting questions and answers,
  8. 8.
    Charniak, E.: Statistical Techniques for Natural Language Parsing. AI Magazine 18(4), 33–44 (1997)Google Scholar
  9. 9.
    Chen, S.-J., Chen, S.-M.: Fuzzy Risk Analysis Based on Similarity Measures of General-ized Fuzzy Numbers. IEEE Transactions on Fuzzy Sets and Systems 11(1) (2003)Google Scholar
  10. 10.
    Collins, M.: A New Statistical Parser Based on Bigram Lexical Dependencies. In: Proceedings of the 34th Annual Meeting of the Association for Computational Linguistics, pp. 184–191 (1996)Google Scholar
  11. 11.
    Costagliola, G., Ferruci, F., Tortora, G., Vitello, G.: Class Point: An Approach for the Size Estimation of Object Oriented Systems. IEEE Transactions on Software Engineering 31(1) (January 2005)Google Scholar
  12. 12.
    Dražan, J.: Natural Language Processing of Textual Use Cases. M.Sc. Thesis, Department of Software Engineering, Faculty of Mathematics and Physics, Charles University in Prague (2005)Google Scholar
  13. 13.
    Fernandez, E.: Metadata and authorization patterns (2000),
  14. 14.
    Friedl, S.: SQL Injection Attacks by Example,
  15. 15.
    Georg, G., Ray, I., Anastasakis, K., Bordbar, B., Toachoodee, M., Humb, S.H.: An Aspect Oriented Methodology for Desigining Secure Applications. Information and Software Technology 51, 846–864 (2009)CrossRefGoogle Scholar
  16. 16.
    Halkidis, S.T., Tsantalis, N., Chatzigeorgiou, A., Stephanides, G.: Architectural Risk Analysis of Software Systems Based on Security Patterns. IEEE Transactions on Depend-able and Secure Computing 5(3), 129–142 (2008)CrossRefGoogle Scholar
  17. 17.
    Harmain, H.M., Gaizauskas, R.: CM-Builder: An Automated NL-based CASE Tool. In: Proceedings of the 15th IEEE International Conference on Automated Software Engineering, pp. 45–53 (2000)Google Scholar
  18. 18.
    Hoglund, G., McGraw, G.: Exploiting Software, How to Break Code. Addison Wesley, Reading (2004)Google Scholar
  19. 19.
    Howard, M., LeBlanc, D.: Writing Secure Code. Microsoft Press, Redmond (2002)Google Scholar
  20. 20.
    Hu, D.: Preventing Cross-Site Scripting Vulnerability. SANS Institute whitepaper (2004)Google Scholar
  21. 21.
    Ilieva, M.G., Ormanijeva, O.: Automatic Transition of Natural Language Software Requirements Specification into Formal Presentation. In: Montoyo, A., Muńoz, R., Métais, E. (eds.) NLDB 2005. LNCS, vol. 3513, pp. 392–397. Springer, Heidelberg (2005)Google Scholar
  22. 22.
    Jűrjens, J.: Secure Systems Development with UML. Springer, Heidelberg (2005)Google Scholar
  23. 23.
    Kienzle, D., Elder, M.: Security Patterns for Web Application Development. Univ. of Virginia Technical Report (2002)Google Scholar
  24. 24.
    Klein, A.: Divide and Conquer., HTTP Response Splitting, Web Cache Poisoning Attacks and Related Topics, Sanctum whitepaper (2004)Google Scholar
  25. 25.
    Kruchten, P.: The Rational Unified Process: An Introduction. Addison Wesley, Reading (2000)Google Scholar
  26. 26.
    van Lamsweerde, A.: Elaborating Security Requirements by Construction of Intentional Anti-Models. In: Proceedings of ICSE 2004, 26th International Conference on Software Engineering, Edinburgh, May 2004, pp. 148–157. ACM-IEEE (2004)Google Scholar
  27. 27.
    van Lamsweerde, A.: Engineering Requirements for System Reliability and Security, in Software System Reliability and Security. In: Broy, M., Grunbauer, J., Hoare, C.A.R. (eds.) NATO Security through Science Series - D: Information and Communication Security, vol. 9, pp. 196–238. IOS Press, Amsterdam (2007)Google Scholar
  28. 28.
    Larman, C.: Applying UML and Patterns: An Introduction to Object-Oriented Analysis and Design and the Unified Process. Prentice-Hall, Englewood Cliffs (2002)Google Scholar
  29. 29.
    Lee Brown, F., Di Vietri, J., Diaz de Villegas, G., Fernandez, E.: The Authenticator Pattern. In: Proceedings of the 6th Conference on Pattern Languages of Programming, PLoP 1999 (1999)Google Scholar
  30. 30.
    Li, L.: A Semi-Automatic Approach to Translating Use Cases to Sequence Diagrams. In: Proceedings of Technology of Object Oriented Languages and Systems, pp. 184–193 (1999)Google Scholar
  31. 31.
    Liu, D., Subramaniam, K., Eberlein, A., Far, B.H.: Natural Language Requirements Analy-sis and Class Model Generation Using UCDA. In: Orchard, B., Yang, C., Ali, M. (eds.) IEA/AIE 2004. LNCS (LNAI), vol. 3029, pp. 295–304. Springer, Heidelberg (2004)Google Scholar
  32. 32.
    Mahmoud, Q.: Security Policy: A Design Pattern for Mobile Java Code. In: Proceedings of the 7th Conference on Pattern Languages of Programming, PLoP 2000 (2000)Google Scholar
  33. 33.
    Lodderstedt, T., Basin, D., Doser, J.: SecureUML: A UML-Based Modeling Language for Model Driven Security. In: Jézéquel, J.-M., Hussmann, H., Cook, S. (eds.) UML 2002. LNCS, vol. 2460, pp. 426–441. Springer, Heidelberg (2002)Google Scholar
  34. 34.
    Marcus, M., Kim, G., Marciniewicz, M.A., MacIntire, R., Bies, A., Ferguson, M., Katz, K., Schasberger, B.: The Penn Treebank: annotating predicate argument structure. In: Proceedings of the 1994 ARPA Human Language Technology Workshop (1994)Google Scholar
  35. 35.
    Martello, X., Toth, P.: Knapsack Problems: Algorithms and Computer Implementations. John Wiley and Sons, Chichester (1990)zbMATHGoogle Scholar
  36. 36.
    McGraw, G.: Software Security, Building Security. Addison Wesley, Reading (2006)Google Scholar
  37. 37.
    Mouratidis, H., Giorgini, P., Manson, G.: An Ontology for Modelling Security: The Tro-pos Approach, in Knowledge-Based Intelligent Information and Engineering Systems. In: Palade, V., Howlett, R.J., Jain, L. (eds.) KES 2003. LNCS, vol. 2773. Springer, Heidelberg (2003)Google Scholar
  38. 38.
    Mouratidis, H., Giorgini, P., Schumacher, M.: Security Patterns for Agent Systems. In: Proceedings of the Eighth European Conference on Pattern Languages of Programs, EuroPLoP 2003 (2003)Google Scholar
  39. 39.
    Overmyer, S.P., Lavoie, B., Owen, R.: Conceptual Modeling through Linguistic Analysis Using LIDA. In: Proceedings of the 23rd International Conference on Software Engineering, pp. 401–410 (2001)Google Scholar
  40. 40.
    Pauli, J.J., Xu, D.: Misuse Case Based Design and Analysis of Secure Software Architecture. In: Proceedings of the International Conference on Information Technology: Coding and Computing (ITCC 2005). IEEE, Los Alamitos (2005)Google Scholar
  41. 41.
    Romanosky, S.: Enterprise Security Patterns. Information Systems Security Association Journal (March 2003)Google Scholar
  42. 42.
    Rosenberg, D., Stephens, M.: Use Case Driven Modeling with UML: Theory and Practice. Apress (2007)Google Scholar
  43. 43.
    Sindre, G., Opdahl, A.L.: Capturing Security Requirements with Misuse Cases. In: Proceedings of the 14th annual Norwegian Informatics Conference, Norway (2001)Google Scholar
  44. 44.
    Sindre, G., Opdahl, A.L.: Eliciting Security Requirements with Misuse Cases. Requirements Engineering 10, 34–44 (2005)CrossRefGoogle Scholar
  45. 45.
    Sindre, G., Opdahl, A.L.: Templates for Misuse Case Description. In: Proceedings of the 7th International Workshop on Requirements Engineering, Foundations for Software Quality, REFSQ 2001 (2001)Google Scholar
  46. 46.
    Spett, K.: Cross-Site Scripting, Are your web applications vulnerable? SPI Labs whitepaperGoogle Scholar
  47. 47.
    SPI Labs, SQL Injection, Are Your Web Applications Vulnerable? SPI Labs whitepaper Google Scholar
  48. 48.
    Spinellis, D.: Code Quality: The Open Source Perspective. Addison Wesley, Reading (2006)Google Scholar
  49. 49.
    Steel, C., Nagappan, R., Lai, R.: Core Security Patterns: Best Practices and Strategies for J2EE. In: Web Services and Identity Management. Prentice Hall, Englewood Cliffs (2006)Google Scholar
  50. 50.
    Viega, J., McGraw, G.: Building Secure Software, How to Avoid Security Problems the Right Way. Addison Wesley, Reading (2002)Google Scholar
  51. 51.
    Weiss, M.: Patterns for Web Applications. In: Proceedings of the 10th Conference on Pattern Languages of Programming, PLoP 2003 (2003)Google Scholar
  52. 52.
    Yoder, J., Barcalow, J.: Architectural Patterns for enabling application security. In: Proceedings of the 4th Conference on Pattern Languages of Programming, PLoP 1997 (1997)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Spyros T. Halkidis
    • 1
  • Alexander Chatzigeorgiou
    • 1
  • George Stephanides
    • 1
  1. 1.Computational Systems and Software Engineering Laboratory, Department of Applied InformaticsUniversity of MacedoniaThessalonikiGreece

Personalised recommendations