Abstract  Security  requirements  of  a  software  product  need  to   receive  attention  throughout  its  development  lifecycle.  This  paper  proposes  the  required  notation  and  format  to  represent  security  requirements,  especially  access control  policies  in  use  case  diagram  and  use  case  description.  Such  enhance ments  offer  simple  representation  for  positive  and negative  authorization,  grouping  sensitive  use  cases  that  fo rm  a  critical  business  task,  separation  of  duties  –  both  static  and  dynamic,  least  privilege,  inheritance  of  authorizations,  and   security  state  or  label  for  data  inputted,  stored or  outputted.  Validating  information flow requirements at an early stage pre vents costly fixes that are mandated during later stages of the development  life cycle.   

References

[1] Alghathbar K. and Wijesekera D., Modeling Dynamic Role-Based Access Constraints using UML, in Proceedings of the International Conference on Software Engineering Research and Applications , USA, pp. 1-15, 2003.

[2] Alghathbar K. and Wijesekera D., Validating the Enforcement of Access Control Policies and Separation of Duty Principle in Requirement Engineering, Journal of Information and Software Technology , vol. 49, no. 2, pp. 142- 157, 2007.

[3] Alghathbar K. and Wijesekera D., Consistent and Complete Access Control Policies in Use Cases, in Proceedings of 6 th International Conference on Unified Modeling Language , CA, pp. 44-49, 2003.

[4] Alexander I., Misuse Cases: Use Cases with Hostile Intent , IEEE Software , vol. 20, no. 1, pp. 58-66, 2003.

[5] Booch G. and Rumbaugh J., The Unified Modeling Language User Guide , Addison- Wesley, UK, 1999.

[6] Clark D. and Wilsonv D., A Comparison of Commercial and Military Computer Security Policies, in Proceedings of IEEE Symposium on Security and Privacy , CA, pp. 184-193, 1987.

[7] Cockburn A., Writing Effective use Cases , Addison-Wesley, 2001.

[8] Devanbu P. and Stubblebine S., Software Engineering for Security: A Roadmap, in Proceedings of the Conference on the Future of Software Engineering , USA, pp. 227-239, 2000.

[9] Fernandez E. and Hawkins J., Determining Role Rights from Use Cases, in Proceedings of 2 nd ACM Workshop on Role-Based Access Control , USA, pp. 121-125, 1997.

[10] Fernandez-Medina E., Martinez A., Medina C., and Piattini M., Integrating Multilevel Security in the Database Design Process, in Proceedings of the 6 th Biennial World Conference on the Integrated Design and Process Technology , CA, pp. 255-259, 2002.

[11] Firesmith S., Henderson-Sellers B., and Graham I., OPEN Modeling Language Reference Manual , SIGS Books, USA, 1997.

[12] Fowler M. and Scott K., UML Distilled: A Brief Guide to the Standard Object Modeling Language , Addison-Wesley, UK, 2003.

[13] Jacobson I., Object-Oriented Software Engineering: A Use Case Driven Approval , Addison-Wesley, 1992.

[14] Koch M., Parisi-Presicce A., and Pauls K., Access Control Specification in UML Integrating Security and Software Engineering: Advances and Future Vision IDEA Group Inc, Technical Report , 2006. Representing Access Control Policies in Use Cases 275

[15] Kulak D. and Guiney E., Use Cases: Requirements in Context , ACM Press, 2000.

[16] Matulevicius R., Mayer N., and Heymans P., Alignment of Misuse Cases with Security Risk Management, in Proceedings of the 3 rd International Conference on Availability, Reliability and Security , Spain, pp. 268-372, 2008.

[17] Nuseibeh B. and Easterbrook S., Requirements Engineering: A Roadmap in A Finkelstein , ACM Press, 2000.

[18] Object Management Group, OMG Unified Modeling Language Specification , available at: http://www.uml.org/, last visited 2009.

[19] Okubo T. and Tanaka H., Identifying Security Aspects in Early Development Stages, in Proceedings of the 2008 3 rd International Conference on Availability Reliability and Security , Spain, pp. 742-748, 2008.

[20] Pauli J. and Xu D., Misuse Case-Based Design and Analysis of Secure Software Architecture, in Proceedings of the International Conference on Information Technology: Coding and Computing , USA, pp. 522-526, 2005.

[21] Sandhu S., Coyne J., Feinstein L., and Youman E., Role-Based Access Control Models, Journal of IEEE Computer , vol. 29, no. 2, pp. 3-7, 1996.

[22] Sendall S. and Strohmeier A., Using OCL and UML to Specify System Behavior, in Proceedings of Object Modeling with the OCL , Berlin, pp. 250-279, 2002.

[23] Simon R. and Zurko M., Separation of Duty in Role-Based Environments, in Proceedings of the 10 th Computer Security Foundations Workshop , USA, pp. 562-568, 1997.

[24] Sindre G. and Opdahl A., Eliciting Security Requirements with Misuse Cases, Journal of Requirements Engineering , vol. 10, no. 1, pp. 654-659, 2005.

[25] Sindre G. and Opdahl A., Templates for Misuse Case Description, in Proceedings of the 7 th International Workshop on Requirements Engineering: Foundations for Software Quality , Germany, pp. 77-79, 2002.

[26] Warmer J. and Kleppe A., The Object Constraint Language: Precise Modeling with UML , Addison Wesley, 1999. Khaled Alghathbar PhD, CISSP, CISM, PMP, BS7799 Lead Auditor, is an associate professor and the director of the Centre of Excellence in Information Assurance in King Saud University, Saudi Arabia. He is a security advisor for several government agencies. His main research interest is in information security management, policies and desig n. He received his PhD in Information Technology from George Mason University, USA.