TU Darmstadt / ULB / TUbiblio

Practitioners Perspectives on Security in Agile Development

Bartsch, Steffen :
Practitioners Perspectives on Security in Agile Development.
FARES: 6th International Workshop on Frontiers in Availability, Reliability and Security IEEE Computer Society
[Conference or Workshop Item] , (2011)

Abstract

Agile methods are widely employed to develop high-quality software, but theoretical analyses argue that agile methods are inadequate for security-critical projects. However, most agile-developed software today needs to satisfy baseline security requirements, so that we need to focus on how to achieve this this level for typical agile projects. In this paper, we provide insights from the practitioner's perspective on security in agile development and report on exploratory, qualitative findings from interviews. Our findings extend the theoretical prior work and suggest to focus on adequate customer involvement, developer security awareness and expertise, and continuously improving the development process for security.

Item Type: Conference or Workshop Item
Erschienen: 2011
Creators: Bartsch, Steffen
Title: Practitioners Perspectives on Security in Agile Development
Language: English
Abstract:

Agile methods are widely employed to develop high-quality software, but theoretical analyses argue that agile methods are inadequate for security-critical projects. However, most agile-developed software today needs to satisfy baseline security requirements, so that we need to focus on how to achieve this this level for typical agile projects. In this paper, we provide insights from the practitioner's perspective on security in agile development and report on exploratory, qualitative findings from interviews. Our findings extend the theoretical prior work and suggest to focus on adequate customer involvement, developer security awareness and expertise, and continuously improving the development process for security.

Title of Book: FARES: 6th International Workshop on Frontiers in Availability, Reliability and Security
Publisher: IEEE Computer Society
Uncontrolled Keywords: Secure Data
Divisions: Department of Computer Science > Theoretical Computer Science - Cryptography and Computer Algebra
LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
Department of Computer Science > SECUSO - Security, Usability and Society
LOEWE > LOEWE-Zentren
Department of Computer Science
LOEWE
Event Location: Vienna, Austria
Date Deposited: 28 Jul 2016 18:35
DOI: 10.1109/ARES.2011.82
Identification Number: Bartsch11a
Export:

Optionen (nur für Redakteure)

View Item View Item