Othmane, Lotfi Ben ; Angin, Pelin ; Bhargava, Bharat (2014)
Using Assurance Cases to Develop Iteratively Security Features Using Scrum.
Fribourg, Switzerland
Konferenzveröffentlichung, Bibliographie
Kurzbeschreibung (Abstract)
A security feature is a customer-valued capability of software for mitigating a set of security threats. Incremental development of security features, using the Scrum method, often leads to developing ineffective features in addressing the threats they target due to factors such as incomplete security tests. This paper proposes the use of security assurance cases to maintain a global view of the security claims as the feature is being developed iteratively and a process that enables the incremental development of security features while ensuring the security requirements of the feature are fulfilled.
| Typ des Eintrags: | Konferenzveröffentlichung |
|---|---|
| Erschienen: | 2014 |
| Autor(en): | Othmane, Lotfi Ben ; Angin, Pelin ; Bhargava, Bharat |
| Art des Eintrags: | Bibliographie |
| Titel: | Using Assurance Cases to Develop Iteratively Security Features Using Scrum |
| Sprache: | Englisch |
| Publikationsjahr: | 2014 |
| Buchtitel: | Proc. of the 9th International Conference on Availability, Reliability and Security (ARES) |
| Veranstaltungsort: | Fribourg, Switzerland |
| Zugehörige Links: | |
| Kurzbeschreibung (Abstract): | A security feature is a customer-valued capability of software for mitigating a set of security threats. Incremental development of security features, using the Scrum method, often leads to developing ineffective features in addressing the threats they target due to factors such as incomplete security tests. This paper proposes the use of security assurance cases to maintain a global view of the security claims as the feature is being developed iteratively and a process that enables the incremental development of security features while ensuring the security requirements of the feature are fulfilled. |
| Freie Schlagworte: | Secure Software Engineering Group;Security assurance, Scrum, security features |
| ID-Nummer: | TUD-CS-2014-0865 |
| Fachbereich(e)/-gebiet(e): | LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt 20 Fachbereich Informatik > Datenbanken und Verteilte Systeme LOEWE > LOEWE-Zentren 20 Fachbereich Informatik LOEWE |
| Hinterlegungsdatum: | 30 Dez 2016 20:23 |
| Letzte Änderung: | 30 Mai 2018 12:53 |
| PPN: | |
| Zugehörige Links: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Frage zum Eintrag |
Optionen (nur für Redakteure)
 |
Redaktionelle Details anzeigen |
Drucken
Impressum