TU Darmstadt / ULB / TUbiblio

Extending the Agile Development Approach to Develop Acceptably Secure Software

Othmane, Lotfi Ben ; Angin, Pelin ; Weffers, Harold ; Bhargava, Bharat (2014)
Extending the Agile Development Approach to Develop Acceptably Secure Software.
In: IEEE Transactions on Dependable and Secure Computing, 11 (6)
Artikel, Bibliographie

Kurzbeschreibung (Abstract)

The agile software development approach makes developing secure software challenging. Existing approaches for extending the agile development process, which enables incremental and iterative software development, fall short of providing a method for efficiently ensuring the security of the software increments produced at the end of each iteration. This article (a) proposes a method for security reassurance of software increments and demonstrates it through a simple case study, (b) integrates security engineering activities into the agile software development process and uses the security reassurance method to ensure producing acceptably secure—by the business owner—software increments at the end of each iteration, and (c) discusses the compliance of the proposed method with the agile values and its ability to produce secure software increments.

Typ des Eintrags: Artikel
Erschienen: 2014
Autor(en): Othmane, Lotfi Ben ; Angin, Pelin ; Weffers, Harold ; Bhargava, Bharat
Art des Eintrags: Bibliographie
Titel: Extending the Agile Development Approach to Develop Acceptably Secure Software
Sprache: Deutsch
Publikationsjahr: November 2014
Titel der Zeitschrift, Zeitung oder Schriftenreihe: IEEE Transactions on Dependable and Secure Computing
Jahrgang/Volume einer Zeitschrift: 11
(Heft-)Nummer: 6
Zugehörige Links:
Kurzbeschreibung (Abstract):

The agile software development approach makes developing secure software challenging. Existing approaches for extending the agile development process, which enables incremental and iterative software development, fall short of providing a method for efficiently ensuring the security of the software increments produced at the end of each iteration. This article (a) proposes a method for security reassurance of software increments and demonstrates it through a simple case study, (b) integrates security engineering activities into the agile software development process and uses the security reassurance method to ensure producing acceptably secure—by the business owner—software increments at the end of each iteration, and (c) discusses the compliance of the proposed method with the agile values and its ability to produce secure software increments.

Freie Schlagworte: Secure Software Engineering Group;Security;Agile software development, secure software, security assurance cases
ID-Nummer: TUD-CS-2014-1000
Fachbereich(e)/-gebiet(e): LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Fachbereich Informatik > Datenbanken und Verteilte Systeme
20 Fachbereich Informatik > Systemsicherheit
LOEWE > LOEWE-Zentren
20 Fachbereich Informatik
LOEWE
Hinterlegungsdatum: 30 Dez 2016 20:23
Letzte Änderung: 30 Mai 2018 12:53
PPN:
Zugehörige Links:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen