TU Darmstadt / ULB / TUbiblio

Using Assurance Cases to Develop Iteratively Security Features Using Scrum

Othmane, Lotfi Ben and Angin, Pelin and Bhargava, Bharat (2014):
Using Assurance Cases to Develop Iteratively Security Features Using Scrum.
In: Proc. of the 9th International Conference on Availability, Reliability and Security (ARES), Fribourg, Switzerland, [Conference or Workshop Item]

Abstract

A security feature is a customer-valued capability of software for mitigating a set of security threats. Incremental development of security features, using the Scrum method, often leads to developing ineffective features in addressing the threats they target due to factors such as incomplete security tests. This paper proposes the use of security assurance cases to maintain a global view of the security claims as the feature is being developed iteratively and a process that enables the incremental development of security features while ensuring the security requirements of the feature are fulfilled.

Item Type: Conference or Workshop Item
Erschienen: 2014
Creators: Othmane, Lotfi Ben and Angin, Pelin and Bhargava, Bharat
Title: Using Assurance Cases to Develop Iteratively Security Features Using Scrum
Language: ["languages_typename_1" not defined]
Abstract:

A security feature is a customer-valued capability of software for mitigating a set of security threats. Incremental development of security features, using the Scrum method, often leads to developing ineffective features in addressing the threats they target due to factors such as incomplete security tests. This paper proposes the use of security assurance cases to maintain a global view of the security claims as the feature is being developed iteratively and a process that enables the incremental development of security features while ensuring the security requirements of the feature are fulfilled.

Title of Book: Proc. of the 9th International Conference on Availability, Reliability and Security (ARES)
Uncontrolled Keywords: Secure Software Engineering Group;Security assurance, Scrum, security features
Divisions: LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Department of Computer Science > Databases and Distributed Systems
LOEWE > LOEWE-Zentren
20 Department of Computer Science
LOEWE
Event Location: Fribourg, Switzerland
Date Deposited: 30 Dec 2016 20:23
Identification Number: TUD-CS-2014-0865
Related URLs:
Export:

Optionen (nur für Redakteure)

View Item View Item