Fitting Security into Agile Software Development-Reference-Cited by-同舟云学术

Fitting Security into Agile Software Development

Published:2021 Issue: Volume: Page:1026-1045
ISSN:
Container-title:Research Anthology on Recent Trends, Tools, and Implications of Computer Programming
language:
Short-container-title:

Author:

Rindell Kalle¹,Hyrynsalmi Sami²,Leppänen Ville³

Affiliation:

1. Informaatioteknologian laitos, University of Turku, Turku, Finland

2. Tampere University of Technology, Pori, Finland

3. Department of Information Technology, University of Turku, Turku, Finland

Abstract

Security objectives in software development are increasingly convergent with the business objectives, as requirements for privacy and the cost of security incidents call for more dependable software products. The development of secure software is accomplished by augmenting the software development process with specific security engineering activities. Security engineering, in contrast to the iterative and incremental software development processes, is characterized by sequential life cycle models: the security objectives are thus to be achieved by conflicting approaches. In this study, to identify the incompatibilities between the approaches, the security engineering activities from Microsoft SDL, the ISO Common Criteria and OWASP SAMM security engineering models are mapped into common agile software development processes, practices and artifacts.

Publisher

IGI Global

Reference48 articles.

1. Abrahamsson, P., Salo, O., Ronkainen, J., & Warsta, J. (2002). Agile software development methods - review and analysis. Technical Report 478, VTT Publications.

2. Identification and Evaluation of Security Activities in Agile Projects

3. Agile development with security engineering activities.;D.Baca;Proceedings of the 2011 International Conference on Software and Systems Process, ICSSP ’11,2011

4. Agility in Fours: IT Diffusion, IT Infrastructures, IT Development, and Business

Cited by 5 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Analysis of Strategies for the Integration of Security Practices in Agile Software Development: A Sustainable SME Approach;IEEE Access;2024

2. Enhancing Cyber Security in IoT Systems via Federated Learning;2023 International Conference on Power Energy, Environment & Intelligent Control (PEEIC);2023-12-19

3. loT Security Enhancement: A Cybersecurity Framework;2023 International Conference on Power Energy, Environment & Intelligent Control (PEEIC);2023-12-19

4. An Empirical Investigation of Agile Information Systems Development for Cybersecurity;Information Systems;2022

5. Cybersecurity Model Based on Hardening for Secure Internet of Things Implementation;Applied Sciences;2021-04-06