The Unified Modelling Language or UML is considered to be the de-facto standard for modelling information systems today. Despite this, there have been several extensions to the UML. One such extension involves what are called Misuse Case Diagrams, a security-oriented extension to the standard Use Case Diagrams.
The Unified Modelling Language or UML is considered to be the de-facto standard for modelling information systems today. Despite this, there have been several extensions to the UML. One such extension involves what are called Misuse Case Diagrams, a security-oriented extension to the standard Use Case Diagrams.
Security is a major concern for many mission-critical applications. If software were designed correctly the first time, vulnerabilities would not exist. Misuse Case Diagrams are an attempt to solve this problem Your task is to read the case study below, draw a use case diagram of the case study, and then draw a Misuse Case Diagram of the same problem. Before attempting the task, you should read Sindre and Opdahl (2001) to find out about misuse cases, then read Johnstone (2011) to find out how to generate a misuse case diagram with a STRIDE matrix. You should ask questions on the unit discussion board about the assignment in order to clarify ambiguities.
In your Word document include:
• A Use Case Diagram of the Case Study described below;
• A Misuse Case Diagram derived from the above, using the method specified in Johnstone (2011);
• A STRIDE matrix
• A list of misuse cases derived from the above; and
• A list of security use cases derived from the above.
PCN
Case Study
Palladium Chain Nursing (PCN) wish to build a tablet-based app that allows health care professionals (HCPs) to sign up patients on-site. They have commissioned you, as an experienced security requirements engineer, to provide some initial models for their app. On start-up, the tablet performs a self-check to ascertain whether its operating system or the app have been tampered with. If the computed check sum does not match the checksum stored on a smart device that is connected to the tablet prior to start-up, then the tablet powers down again. The app must let an HCP authenticate to the PCN Health Server, where the patient records are also stored. Following authentication, an HCP can be authorised to create, modify or delete a patient record (with an appropriate audit trail). To create a record, the HCP asks the patient salient details and inputs the details into a form generated by the app. Following the creation of a patient record, an HCP can use the app to create a service contract between PCN and the patient. As part of the service contract, the patient’s health insurance fund may be optionally contacted by the app to confirm that the patient has the correct level of health insurance cover to allow him/her to be able to cover the cost of the service contract. To finalise the contract, the patient signs the form on the tablet in the appropriate place on the form. At that point the service contract is considered active once the data captured on the app is sent to the PCN Health Server.
Assignment 2:
Automatically Modelling Security Requirements In Assignment#1, you drew a Misuse Case Diagram by generating candidate misuse cases using a STRIDE matrix. Given that the number of misuse cases could be large, is there a way to automatically generate a complete set of candidate misuse cases from information contained in a Use Case Diagram and/or a STRIDE matrix and then prune them, leaving a smaller set of viable misuse cases?
Key Deliverables You need to submit several deliverables for this assignment in the areas of feasibility (F) requirements (R), project management (PM), design (D), implementation (I) and testing (T).
F – Research on the techniques you could use to solve the problem;
R – A list of the Requirements;
D – A design artifact (e.g., a class diagram);
PM – Minutes of meetings held (template in Appendix 1);
PM – A peer assessment of the contribution of each of your colleagues to the system (this may contribute to your assessment) – template in Appendix 2;
I – The system itself (which need not be fully functional);
I – A ‘readme’ file which will explain how to install, configure and run the system. Note: This document shall be designed to assist your lecturer in assessing your deliverables – it is not intended to be a user manual;
Having Trouble Meeting Your Deadline?
Get your assignment on The Unified Modelling Language or UML is considered to be the de-facto standard for modelling information systems today. Despite this, there have been several extensions to the UML. One such extension involves what are called Misuse Case Diagrams, a security-oriented extension to the standard Use Case Diagrams. completed on time. avoid delay and – ORDER NOW
Our website has a team of professional writers who can help you write any of your homework. They will write your papers from scratch. We also have a team of editors just to make sure all papers are of HIGH QUALITY & PLAGIARISM FREE. To make an Order you only need to click Order Now and we will direct you to our Order Page at Litessays. Then fill Our Order Form with all your assignment instructions. Select your deadline and pay for your paper. You will get it few hours before your set deadline.
Fill in all the assignment paper details that are required in the order form with the standard information being the page count, deadline, academic level and type of paper. It is advisable to have this information at hand so that you can quickly fill in the necessary information needed in the form for the essay writer to be immediately assigned to your writing project. Make payment for the custom essay order to enable us to assign a suitable writer to your order. Payments are made through Paypal on a secured billing page. Finally, sit back and relax.