A System for Managing Security Knowledge using Case Based Reasoning and Misuse Cases
Corrado Aaron Visaggio (University of Sanni, Italy)
Francesca de Rosa (University of Sanni, Italy)
Abstract: Making secure a software system is a very critical purpose, especially because it is very hard to consolidate an exhaustive body of knowledge about security risks and related countermeasures. To define a technological infrastructure for exploiting this knowledge poses many challenges. This paper introduces a system to capture, share and reuse software security knowledge within a Software Organization. The system collects knowledge in the form of misuse cases and makes use of Case Based Reasoning for implementing knowledge management processes.
Keywords: case base reasoning, misuse case, security knowledge management