Iqbal Shumaila, Faiz Rizwan Bin, Usman Muhammad, Rehman Shafiq Ur
Department of Computing, Riphah International University, Islamabad, Pakistan.
Department of Computer Science, Fazaia Bilquis College of Education, PAF Base Nur Khan, Air University, Rawalpindi, Pakistan.
PLoS One. 2025 Sep 12;20(9):e0322664. doi: 10.1371/journal.pone.0322664. eCollection 2025.
Software applications are essential for managing daily life activities, including social interactions and business transactions, that significantly increase the need for security in sharing sensitive information. Misuse case modeling is used for identifying and analyzing security requirements in software applications. However, security threats and their corresponding mitigations are inherently cross-cutting concerns. These concerns are scattered and tangled within multiple functional requirements and cannot be modularized using traditional object-oriented techniques. The realization of misuse cases causes crosscutting threats and corresponding mitigations to be scattered and tangled across use cases, resulting in ambiguity, incomplete understanding, and insufficient analysis of security requirements. This study proposes a misuse case modelling method called Aspect-oriented Formalized Misuse Case (AFMUC). It specifies crosscutting security threats separately as an aspect misuse case and integrates them with use cases using an aspect-oriented approach. AFMUC provides structured guidelines and restriction rules for modeling crosscutting security threats and corresponding mitigations using aspect-oriented constructs such as Pointcut, Joinpoint Advice, and Introduction. The aspect threat model is then woven into the base use case model. Similarly, an aspect mitigation model is proposed to specify crosscutting mitigations following the AFMUC restriction rules. The aspect mitigation model is then woven into the base misuse case model. The proposed approach is applied to a case study and evaluated through a controlled experiment involving twenty-four students with a background in information security. The findings indicate that the AFMUC approach is practical and unambiguous for specifying and analyzing crosscutting security requirements. However, some aspect-oriented modeling constructs and restriction rules have been misapplied by students. This shows that while students favored the AFMUC approach, they may have found it challenging to apply the aspect-oriented constructs and restriction rules due to a limited exposure to aspect-oriented modelling.
软件应用程序对于管理日常生活活动至关重要,这些活动包括社交互动和商业交易,这显著增加了共享敏感信息时对安全性的需求。误用案例建模用于识别和分析软件应用程序中的安全需求。然而,安全威胁及其相应的缓解措施本质上是横切关注点。这些关注点分散且交织在多个功能需求中,无法使用传统的面向对象技术进行模块化。误用案例的实现导致横切威胁和相应的缓解措施分散并交织在各个用例中,从而导致安全需求的模糊性、理解不完整和分析不足。本研究提出了一种名为面向方面形式化误用案例(AFMUC)的误用案例建模方法。它将横切安全威胁单独指定为一个方面误用案例,并使用面向方面的方法将它们与用例集成。AFMUC提供了结构化指南和限制规则,用于使用切入点、连接点通知和引入等面向方面的构造对横切安全威胁和相应的缓解措施进行建模。然后将方面威胁模型编织到基本用例模型中。同样,提出了一个方面缓解模型,以按照AFMUC限制规则指定横切缓解措施。然后将方面缓解模型编织到基本误用案例模型中。所提出的方法应用于一个案例研究,并通过一项涉及24名具有信息安全背景的学生的对照实验进行评估。研究结果表明,AFMUC方法在指定和分析横切安全需求方面是实用且明确的。然而,学生们误用了一些面向方面的建模构造和限制规则。这表明,虽然学生们喜欢AFMUC方法,但由于对面向方面建模的接触有限,他们可能发现应用面向方面的构造和限制规则具有挑战性。
