Othmane, Lotfi Ben ; Angin, Pelin ; Bhargava, Bharat (2014)
Using Assurance Cases to Develop Iteratively Security Features Using Scrum.
Fribourg, Switzerland
Conference or Workshop Item, Bibliographie
Abstract
A security feature is a customer-valued capability of software for mitigating a set of security threats. Incremental development of security features, using the Scrum method, often leads to developing ineffective features in addressing the threats they target due to factors such as incomplete security tests. This paper proposes the use of security assurance cases to maintain a global view of the security claims as the feature is being developed iteratively and a process that enables the incremental development of security features while ensuring the security requirements of the feature are fulfilled.
Item Type: | Conference or Workshop Item |
---|---|
Erschienen: | 2014 |
Creators: | Othmane, Lotfi Ben ; Angin, Pelin ; Bhargava, Bharat |
Type of entry: | Bibliographie |
Title: | Using Assurance Cases to Develop Iteratively Security Features Using Scrum |
Language: | English |
Date: | 2014 |
Book Title: | Proc. of the 9th International Conference on Availability, Reliability and Security (ARES) |
Event Location: | Fribourg, Switzerland |
Corresponding Links: | |
Abstract: | A security feature is a customer-valued capability of software for mitigating a set of security threats. Incremental development of security features, using the Scrum method, often leads to developing ineffective features in addressing the threats they target due to factors such as incomplete security tests. This paper proposes the use of security assurance cases to maintain a global view of the security claims as the feature is being developed iteratively and a process that enables the incremental development of security features while ensuring the security requirements of the feature are fulfilled. |
Uncontrolled Keywords: | Secure Software Engineering Group;Security assurance, Scrum, security features |
Identification Number: | TUD-CS-2014-0865 |
Divisions: | LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt 20 Department of Computer Science > Databases and Distributed Systems LOEWE > LOEWE-Zentren 20 Department of Computer Science LOEWE |
Date Deposited: | 30 Dec 2016 20:23 |
Last Modified: | 30 May 2018 12:53 |
PPN: | |
Export: | |
Suche nach Titel in: | TUfind oder in Google |
Send an inquiry |
Options (only for editors)
Show editorial Details |