TU Darmstadt / ULB / TUbiblio

Extending the Agile Development Approach to Develop Acceptably Secure Software

Othmane, Lotfi Ben and Angin, Pelin and Weffers, Harold and Bhargava, Bharat (2014):
Extending the Agile Development Approach to Develop Acceptably Secure Software.
In: IEEE Transactions on Dependable and Secure Computing, pp. 497-509, 11, (6), [Article]

Abstract

The agile software development approach makes developing secure software challenging. Existing approaches for extending the agile development process, which enables incremental and iterative software development, fall short of providing a method for efficiently ensuring the security of the software increments produced at the end of each iteration. This article (a) proposes a method for security reassurance of software increments and demonstrates it through a simple case study, (b) integrates security engineering activities into the agile software development process and uses the security reassurance method to ensure producing acceptably secure—by the business owner—software increments at the end of each iteration, and (c) discusses the compliance of the proposed method with the agile values and its ability to produce secure software increments.

Item Type: Article
Erschienen: 2014
Creators: Othmane, Lotfi Ben and Angin, Pelin and Weffers, Harold and Bhargava, Bharat
Title: Extending the Agile Development Approach to Develop Acceptably Secure Software
Language: German
Abstract:

The agile software development approach makes developing secure software challenging. Existing approaches for extending the agile development process, which enables incremental and iterative software development, fall short of providing a method for efficiently ensuring the security of the software increments produced at the end of each iteration. This article (a) proposes a method for security reassurance of software increments and demonstrates it through a simple case study, (b) integrates security engineering activities into the agile software development process and uses the security reassurance method to ensure producing acceptably secure—by the business owner—software increments at the end of each iteration, and (c) discusses the compliance of the proposed method with the agile values and its ability to produce secure software increments.

Journal or Publication Title: IEEE Transactions on Dependable and Secure Computing
Volume: 11
Number: 6
Uncontrolled Keywords: Secure Software Engineering Group;Security;Agile software development, secure software, security assurance cases
Divisions: LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Department of Computer Science > Databases and Distributed Systems
20 Department of Computer Science > System Security Lab
LOEWE > LOEWE-Zentren
20 Department of Computer Science
LOEWE
Date Deposited: 30 Dec 2016 20:23
Identification Number: TUD-CS-2014-1000
Related URLs:
Export:

Optionen (nur für Redakteure)

View Item View Item