Aligning Security Objectives With Agile Software Development

Kalle Rindell, Sami Hyrynsalmi, Ville Leppänen

Tutkimustuotos: KonferenssiartikkeliTieteellinenvertaisarvioitu

11 Sitaatiot (Scopus)
59 Lataukset (Pure)

Abstrakti

Success of the software development process is defined by its ability to transform the business objectives into requirements, and these further into features and functionality. In addition to business objectives, software development also has security objectives requiring security engineering activities. In contrast to the iterative and incremental software development process, software security engineering is defined by sequential life cycle models: security and business objectives are thus implemented using conflicting approaches. To identify the incompatibilities between the methodologies, in this study the security engineering activities are mapped into common agile software development practises, processes and artifacts. Security engineering activities from Microsoft SDL, the ISO Common Criteria and OWASP SAMM security development lifecycle models are mapped into common agile processes, practises and artifacts. The organizational and technical aspects of the mapping are considered primarily from the point of view of achieving the security objectives set for the software engineering process: setting security requirements for design, their implementation and verification, and releasing secure software through efficient software security development process.
AlkuperäiskieliEnglanti
OtsikkoProceedings of the 19th International Conference on Agile Software Development: Companion
KustantajaACM
Sivut1-9
Sivumäärä8
ISBN (painettu)978-1-4503-6422-5
DOI - pysyväislinkit
TilaJulkaistu - 25 toukok. 2018
OKM-julkaisutyyppiA4 Artikkeli konferenssijulkaisussa
TapahtumaInternational Workshop on Secure Software Engineering in DevOps and Agile Development - Porto, Portugali
Kesto: 25 toukok. 2018 → …
Konferenssinumero: 9
http://www.secse.eu/

Workshop

WorkshopInternational Workshop on Secure Software Engineering in DevOps and Agile Development
LyhennettäSecSE 2018
Maa/AluePortugali
KaupunkiPorto
Ajanjakso25/05/18 → …
www-osoite

Julkaisufoorumi-taso

  • Jufo-taso 1

Sormenjälki

Sukella tutkimusaiheisiin 'Aligning Security Objectives With Agile Software Development'. Ne muodostavat yhdessä ainutlaatuisen sormenjäljen.

Siteeraa tätä