Othmane, Lotfi Ben ; Angin, Pelin ; Weffers, Harold ; Bhargava, Bharat (2014)
Extending the Agile Development Approach to Develop Acceptably Secure Software.
In: IEEE Transactions on Dependable and Secure Computing, 11 (6)
Article
Abstract
The agile software development approach makes developing secure software challenging. Existing approaches for extending the agile development process, which enables incremental and iterative software development, fall short of providing a method for efficiently ensuring the security of the software increments produced at the end of each iteration. This article (a) proposes a method for security reassurance of software increments and demonstrates it through a simple case study, (b) integrates security engineering activities into the agile software development process and uses the security reassurance method to ensure producing acceptably secure—by the business owner—software increments at the end of each iteration, and (c) discusses the compliance of the proposed method with the agile values and its ability to produce secure software increments.
| Item Type: | Article |
|---|---|
| Erschienen: | 2014 |
| Creators: | Othmane, Lotfi Ben ; Angin, Pelin ; Weffers, Harold ; Bhargava, Bharat |
| Type of entry: | Bibliographie |
| Title: | Extending the Agile Development Approach to Develop Acceptably Secure Software |
| Language: | German |
| Date: | November 2014 |
| Journal or Publication Title: | IEEE Transactions on Dependable and Secure Computing |
| Volume of the journal: | 11 |
| Issue Number: | 6 |
| Corresponding Links: | |
| Abstract: | The agile software development approach makes developing secure software challenging. Existing approaches for extending the agile development process, which enables incremental and iterative software development, fall short of providing a method for efficiently ensuring the security of the software increments produced at the end of each iteration. This article (a) proposes a method for security reassurance of software increments and demonstrates it through a simple case study, (b) integrates security engineering activities into the agile software development process and uses the security reassurance method to ensure producing acceptably secure—by the business owner—software increments at the end of each iteration, and (c) discusses the compliance of the proposed method with the agile values and its ability to produce secure software increments. |
| Uncontrolled Keywords: | Secure Software Engineering Group;Security;Agile software development, secure software, security assurance cases |
| Identification Number: | TUD-CS-2014-1000 |
| Divisions: | LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt 20 Department of Computer Science > Databases and Distributed Systems 20 Department of Computer Science > System Security Lab LOEWE > LOEWE-Zentren 20 Department of Computer Science LOEWE |
| Date Deposited: | 30 Dec 2016 20:23 |
| Last Modified: | 30 May 2018 12:53 |
| PPN: | |
| Corresponding Links: | |
| Export: | |
| Suche nach Titel in: | TUfind oder in Google |
 |
Send an inquiry |
Options (only for editors)
 |
Show editorial Details |
Drucken
Impressum