Bartsch, Steffen (2011)
Practitioners Perspectives on Security in Agile Development.
Vienna, Austria
doi: 10.1109/ARES.2011.82
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
Agile methods are widely employed to develop high-quality software, but theoretical analyses argue that agile methods are inadequate for security-critical projects. However, most agile-developed software today needs to satisfy baseline security requirements, so that we need to focus on how to achieve this this level for typical agile projects. In this paper, we provide insights from the practitioner's perspective on security in agile development and report on exploratory, qualitative findings from interviews. Our findings extend the theoretical prior work and suggest to focus on adequate customer involvement, developer security awareness and expertise, and continuously improving the development process for security.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2011 |
| Autor(en): | Bartsch, Steffen |
| Art des Eintrags: | Bibliographie |
| Titel: | Practitioners Perspectives on Security in Agile Development |
| Sprache: | Englisch |
| Publikationsjahr: | August 2011 |
| Verlag: | IEEE Computer Society |
| Buchtitel: | FARES: 6th International Workshop on Frontiers in Availability, Reliability and Security |
| Veranstaltungsort: | Vienna, Austria |
| DOI: | 10.1109/ARES.2011.82 |
| Kurzbeschreibung (Abstract): | Agile methods are widely employed to develop high-quality software, but theoretical analyses argue that agile methods are inadequate for security-critical projects. However, most agile-developed software today needs to satisfy baseline security requirements, so that we need to focus on how to achieve this this level for typical agile projects. In this paper, we provide insights from the practitioner's perspective on security in agile development and report on exploratory, qualitative findings from interviews. Our findings extend the theoretical prior work and suggest to focus on adequate customer involvement, developer security awareness and expertise, and continuously improving the development process for security. |
| Freie Schlagworte: | Secure Data |
| Fachbereich(e)/-gebiet(e): | 20 Fachbereich Informatik > Theoretische Informatik - Kryptographie und Computeralgebra LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt 20 Fachbereich Informatik > SECUSO - Security, Usability and Society LOEWE > LOEWE-Zentren 20 Fachbereich Informatik LOEWE |
| Hinterlegungsdatum: | 28 Jul 2016 18:35 |
| Letzte Änderung: | 17 Mai 2018 13:02 |
| PPN: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum