Towards a Secure Agile Software Development Process

被引:0
|
作者
Adelyar, S. Hassan [1 ]
Norta, Alex [2 ]
机构
[1] Tallinn Univ, Inst Informat, Tallinn, Estonia
[2] Tallinn Univ Technol, Dept Informat, Tallinn, Estonia
来源
PROCEEDINGS 2016 10TH INTERNATIONAL CONFERENCE ON THE QUALITY OF INFORMATION AND COMMUNICATIONS TECHNOLOGY (QUATIC) | 2016年
关键词
Agile; Scrum; Extreme-programming; Development-process; Security-challenges; Security-principles;
D O I
10.1109/QUATIC.2016.24
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
Agile methodologies such as scrum and Extreme Programming (XP) are efficient development processes by accepting changes at any phase and delivering software quickly to customers. However, these methodologies have been criticized because of the unavailability of security as an important quality goal of software systems. Although, there are pre-existing research results on this topic, there is no established approach for identifying security challenges of agile practices. Specifically, we analyze agile practices to find the security challenges in customer- and developer activities during software development. Identifying these challenges helps the secure development of software using agile practices. Our case study based results show that a number of developer- and customer activities result in security flaws and vulnerabilities for the software.
引用
收藏
页码:101 / 106
页数:6
相关论文
共 50 条
  • [1] Extending the Agile Development Process to Develop Acceptably Secure Software
    ben Othmane, Lotfi
    Angin, Pelin
    Weffers, Harold
    Bhargava, Bharat
    [J]. IEEE TRANSACTIONS ON DEPENDABLE AND SECURE COMPUTING, 2014, 11 (06) : 497 - 509
  • [2] Towards a Secure SCRUM Process for Agile Web Application Development
    Maier, Patrik
    Ma, Zhendong
    Bloem, Roderick
    [J]. PROCEEDINGS OF THE 12TH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY AND SECURITY (ARES 2017), 2017,
  • [3] A survey on secure metadata of agile software development process using blockchain technology
    Nayaka Sheetakallu Krishnaiah, Parikshith
    Narayan, Dayanand Lal
    Sutradhar, Kartick
    [J]. SECURITY AND PRIVACY, 2024, 7 (02)
  • [4] A survey on secure metadata of agile software development process using blockchain technology
    Krishnaiah, Parikshith Nayaka Sheetakallu
    Narayan, Dayanand Lal
    Sutradhar, Kartick
    [J]. SECURITY AND PRIVACY, 2023,
  • [5] Secure software engineering in devops and agile development
    Jaatun, Martin Gilje
    Cruzes, Daniela Soares
    [J]. CEUR Workshop Proceedings, 2017, 1977
  • [6] Towards Agile Development of Critical Software
    Gorski, Janusz
    Lukasiewicz, Katarzyna
    [J]. SOFTWARE ENGINEERING FOR RESILIENT SYSTEMS, SERENE 2013, 2013, 8166 : 48 - 55
  • [7] Agile Process: An Enhancement to The Process Of Software Development
    Kaur, Ramandeep
    Choudhary, Manmohan
    Mehta, Rahul
    [J]. INTERNATIONAL JOURNAL OF COMPUTER SCIENCE AND NETWORK SECURITY, 2012, 12 (07): : 101 - 105
  • [8] A decade of agile methodologies: Towards explaining agile software development
    Dingsoyr, Torgeir
    Nerur, Sridhar
    Balijepally, VenuGopal
    Moe, Nils Brede
    [J]. JOURNAL OF SYSTEMS AND SOFTWARE, 2012, 85 (06) : 1213 - 1221
  • [9] Use of Software Metrics in Agile Software Development Process
    Padmini, K. V. Jeeva
    Bandara, H. M. N. Dilum
    Perera, Indika
    [J]. 2015 MORATUWA ENGINEERING RESEARCH CONFERENCE (MERCON), 2015, : 312 - 317
  • [10] Exploring Process Debt in Large-Scale Agile Software Development For Secure Telecom Solutions
    Saeeda, Hina
    Ahmad, Muhammad Ovais
    Gustavsson, Tomas
    [J]. PROCEEDINGS OF THE 2024 ACM/IEEE INTERNATIONAL CONFERENCE ON TECHNICAL DEBT, TECHDEBT 2024, 2024, : 11 - 20
12345