Introducing abuse frames for analysing security requirements

Abstract

We are developing an approach using Jackson's Problem Frames to analyse security problems in order to determine security vulnerabilities. We introduce the notion of an anti-requirement as the requirement of a malicious user that can subvert an existing requirement. We incorporate anti-requirements into so-called abuse frames to represent the notion of a security threat imposed by malicious users in a particular problem context. We suggest how abuse frames can provide a means for bounding the scope of security problems in order to analyse security threats and derive security requirements.