Mal-activity diagrams for capturing attacks on business processes

Abstract

Security is becoming an increasingly important issue for IT systems, yet it is often dealt with as separate from mainstream systems and software development and in many cases neglected or addressed post-hoc, yielding costly and unsatisfactory solutions. One idea to improve the focus on security might be to include such concerns into mainstream diagram notations used in information systems analysis, and one existing proposal for this is misuse cases, allowing for representation of attack use cases together with the normal legitimate use cases of a system. While this technique has shown much promise, it is not equally useful for all kinds of attack. In this paper we look into another type of technique Üiat could complement misuse cases for early elicitation of security requirements, namely mal-activity diagrams. These allow the inclusion of hostile activities together with legitimate activities in business process models. Through some examples and a small case study, mal-activity diagrams are shown to have strengths in many aspects where misuse cases have weaknesses. © Springer-Verlag Berlin Heidelberg 2007.