Added session 2 writeup for lab 1 (collaborative with Márk)
This commit is contained in:
parent
ff46ca5eeb
commit
ecc555f4f4
1
Exercise/Writeup/MisuseCase.svg
Normal file
1
Exercise/Writeup/MisuseCase.svg
Normal file
File diff suppressed because one or more lines are too long
After Width: | Height: | Size: 44 KiB |
@ -25,6 +25,13 @@ User | Use voice chat | Communicate with other users
|
|||||||
User | Fast travel | Quickly get to another location in the virtual space
|
User | Fast travel | Quickly get to another location in the virtual space
|
||||||
User | Give another user an item | Sell/Gift assets
|
User | Give another user an item | Sell/Gift assets
|
||||||
|
|
||||||
|
> As a 'Metaverse user',
|
||||||
|
> I want to add/remove friends (from/to my virtual friend list)
|
||||||
|
> So I can keep track of their activites
|
||||||
|
|
||||||
|
**Integrity** => Befriending strangers => disclosing personal information to strangers (HARM)
|
||||||
|
**ACTION** => Unauthorized access (edit) to FList
|
||||||
|
|
||||||
## Assets
|
## Assets
|
||||||
- User identity
|
- User identity
|
||||||
- User belongings
|
- User belongings
|
||||||
@ -33,6 +40,12 @@ User | Give another user an item | Sell/Gift assets
|
|||||||
- Voice data
|
- Voice data
|
||||||
|
|
||||||
### Harm analysis
|
### Harm analysis
|
||||||
|
|
||||||
|
> "What **HARM** could come to [asset] from an [action] violating a [concern]?"
|
||||||
|
> assets from User Stories
|
||||||
|
> actions yield Avoid goals
|
||||||
|
> concerns from CIA+ principles
|
||||||
|
|
||||||
Action | Asset | Harm
|
Action | Asset | Harm
|
||||||
-- | -- | --
|
-- | -- | --
|
||||||
Steal user credentials | User identity | User information compromised, belongings stolen
|
Steal user credentials | User identity | User information compromised, belongings stolen
|
||||||
@ -41,5 +54,9 @@ Unmute user microphone without consent | Voice data | User privacy compromise
|
|||||||
|
|
||||||
### *'Achieve'* goals
|
### *'Achieve'* goals
|
||||||
- Always use multi-factor authentication for users
|
- Always use multi-factor authentication for users
|
||||||
-
|
|
||||||
|
|
||||||
|
## Use Cases
|
||||||
|
|
||||||
|
Produced using [Lucidchart](https://lucid.app/lucidchart/daccac87-861b-46f9-a0f1-5d13ae90bc02/edit?invitationId=inv_6aea8472-a917-4a59-ad01-afd8f3ca40e5).
|
||||||
|
|
||||||
|
![Use Case / Misuse Case diagram](MisuseCase.svg)
|
||||||
|
Loading…
Reference in New Issue
Block a user