Misuse Case
What is Misuse Case?
Misuse CaseA negative use case describing interactions a system must prevent, drawn so that legitimate use cases and hostile misuse cases are analyzed together.
Misuse cases extend UML use-case modeling by adding hostile actors and harmful goals that the system must thwart. A misuse case is depicted in the same diagram as the use cases it threatens, with relationships such as 'threatens' or 'mitigates', so that designers can immediately see which security controls neutralize which threats. They are typically captured during early requirements, alongside abuse cases, and converted into testable security requirements. By making negative requirements explicit, misuse cases reduce the chance that security is forgotten as a non-functional concern and they give QA a clear list of attacks to verify against.
● Examples
- 01
Misuse case 'Forge JWT' threatens use case 'Submit order' and is mitigated by 'Verify signature with rotated keys'.
- 02
Misuse case 'Brute-force login' mitigated by rate limiting and account lockout.
● Frequently asked questions
What is Misuse Case?
A negative use case describing interactions a system must prevent, drawn so that legitimate use cases and hostile misuse cases are analyzed together. It belongs to the Application Security category of cybersecurity.
What does Misuse Case mean?
A negative use case describing interactions a system must prevent, drawn so that legitimate use cases and hostile misuse cases are analyzed together.
How do you defend against Misuse Case?
Defences for Misuse Case typically combine technical controls and operational practices, as detailed in the full definition above.
What are other names for Misuse Case?
Common alternative names include: Negative use case.