Misuse case modeling for secure e-tendering system by Mohd, Haslina, Muhammad Robie, Mohd Afdhal, Baharom, Fauziah, Nordin, Nazib, Muhd Darus, Norida, Saip, Mohamed Ali, Yasin, Azman, Zainol, Azida, Hashim, Nor Laily

“…This three interrelated attribute (consist of tender phase, threat and security countermeasure) are illustrated in misuse case for better understanding of the risk that may occurs in particular tender phase. …”
Get full text

A secured e-tendering modeling using misuse case approach by Mohd, Haslina, Robie, Muhammad Afdhal Muhammad, Baharom, Fauziah, Muhd Darus, Norida, Saip, Mohamed Ali, Yasin, Azman

“…Major risk factors relating to electronic transactions may lead to destructive impacts on trust and transparency in the process of tendering.Currently, electronic tendering (e-tendering) systems still remain uncertain in issues relating to legal and security compliance and most importantly it has an unclear security framework.Particularly, the available systems are lacking in addressing integrity, confidentiality, authentication, and non-repudiation in e-tendering requirements.Thus, one of the challenges in developing an e-tendering system is to ensure the system requirements include the function for secured and trusted environment.Therefore, this paper aims to model a secured e-tendering system using misuse case approach.The modeling process begins with identifying the e-tendering process, which is based on the Australian Standard Code of Tendering (AS 4120-1994).It is followed by identifying security threats and their countermeasure.Then, the e-tendering was modelled using misuse case approach.The model can contribute to e-tendering developers and also to other researchers or experts in the e-tendering domain.…”

The state of the art on secure software engineering: A systematic mapping study by Khan, Rafiq A., Khan, Siffat U., Muhammad Ilyas, Muhammad Ilyas, Idris, Mohd. Y.

“…The results show that the most frequently used SSE frameworks/models are "Microsoft Software Development Life Cycle (MS-SDL)", "Misuse case modeling", "Abuse case modeling", "Knowledge Acquisition for Automated Specification", "System Security Engineering-Capability Maturity Model (SSE-CMM)"and "Secure Tropos Methodology". …”

Adapting Rational Unified Process (RUP) approach in designing a secure e-Tendering model by Mohd, Haslina, Robie, Muhammad Afdhal Muhammad, Baharom, Fauziah, Muhd Darus, Norida, Saip, Mohamed Ali, Yasin, Azman

“…The e-Tendering design based on the RUP approach can contribute to e-Tendering developers and researchers in e-Tendering domain.In addition, this study also shows that the RUP is one of the best system development methodology that can be used as one of the research methodology in Software Engineering domain related to secured design of any observed application.This methodology has been tested in various studies in certain domains, such as in Simulation-based Decision Support, Security Requirement Engineering, Business Modeling and Secure System Requirement, and so forth.As a conclusion, these studies showed that the RUP one of a good research methodology that can be adapted in any Software Engineering (SE) research domain that required a few artifacts to be generated such as use case modeling, misuse case modeling, activity diagram, and initial class diagram from a list of requirements as identified earlier by the SE researchers…”
Get full text