TU Darmstadt / ULB / TUbiblio

Using Assurance Cases to Develop Iteratively Security Features Using Scrum

Othmane, Lotfi Ben ; Angin, Pelin ; Bhargava, Bharat (2014)
Using Assurance Cases to Develop Iteratively Security Features Using Scrum.
Fribourg, Switzerland
Konferenzveröffentlichung, Bibliographie

Kurzbeschreibung (Abstract)

A security feature is a customer-valued capability of software for mitigating a set of security threats. Incremental development of security features, using the Scrum method, often leads to developing ineffective features in addressing the threats they target due to factors such as incomplete security tests. This paper proposes the use of security assurance cases to maintain a global view of the security claims as the feature is being developed iteratively and a process that enables the incremental development of security features while ensuring the security requirements of the feature are fulfilled.

Typ des Eintrags: Konferenzveröffentlichung
Erschienen: 2014
Autor(en): Othmane, Lotfi Ben ; Angin, Pelin ; Bhargava, Bharat
Art des Eintrags: Bibliographie
Titel: Using Assurance Cases to Develop Iteratively Security Features Using Scrum
Sprache: Englisch
Publikationsjahr: 2014
Buchtitel: Proc. of the 9th International Conference on Availability, Reliability and Security (ARES)
Veranstaltungsort: Fribourg, Switzerland
Zugehörige Links:
Kurzbeschreibung (Abstract):

A security feature is a customer-valued capability of software for mitigating a set of security threats. Incremental development of security features, using the Scrum method, often leads to developing ineffective features in addressing the threats they target due to factors such as incomplete security tests. This paper proposes the use of security assurance cases to maintain a global view of the security claims as the feature is being developed iteratively and a process that enables the incremental development of security features while ensuring the security requirements of the feature are fulfilled.

Freie Schlagworte: Secure Software Engineering Group;Security assurance, Scrum, security features
ID-Nummer: TUD-CS-2014-0865
Fachbereich(e)/-gebiet(e): LOEWE > LOEWE-Zentren > CASED – Center for Advanced Security Research Darmstadt
20 Fachbereich Informatik > Datenbanken und Verteilte Systeme
LOEWE > LOEWE-Zentren
20 Fachbereich Informatik
LOEWE
Hinterlegungsdatum: 30 Dez 2016 20:23
Letzte Änderung: 30 Mai 2018 12:53
PPN:
Export:
Suche nach Titel in: TUfind oder in Google
Frage zum Eintrag Frage zum Eintrag

Optionen (nur für Redakteure)
Redaktionelle Details anzeigen Redaktionelle Details anzeigen