A System for Managing Security Knowledge using Case Based Reasoning and Misuse Cases

Making secure a software system is a very critical purpose, especially because it is very hard to consolidate an exhaustive body of knowledge about security risks and related countermeasures. to define a technological infrastructure for exploiting this knowledge poses many challenges. this paper introduces a system to capture, share and reuse software security knowledge within a software organization. the system collects knowledge in the form of misuse cases and makes use of case based reasoning for implementing knowledge management processes