Building Secure Software Using XP-Reference-Cited by-同舟云学术

Building Secure Software Using XP

Published:2011-07 Issue:3 Volume:2 Page:63-76
ISSN:1947-3036
Container-title:International Journal of Secure Software Engineering
language:en
Short-container-title:

Author:

Al-Ahmad Walid¹

Affiliation:

1. King Saud University, Saudi Arabia

Abstract

Security is an important and challenging aspect that needs to be considered at an early stage during software development. Traditional software development methodologies do not deal with security issues and so there is no structured guidance for security design and development; security is usually an afterthought activity. This paper discusses the integration of XP with security activities based on the CLASP (Comprehensive Lightweight Application Security Process) methodology. This integration will help developers using XP develop secure software by applying security measures in all phases and activities, thereby minimizing the security vulnerabilities exploited by attackers.

Publisher

IGI Global

Subject

General Medicine

Reference25 articles.

1. Assimilating and optimizing software assurance in the SDLC: A framework and step-wise approach.;A.Aderemi;International Journal of Secure Software Engineering,2010

2. The ISDF Framework: Towards Secure Software Development

3. Beznosov, K. (2003). Extreme security engineering: On employing XP practices to achieve 'good enough security' without defining it. In Proceedings of the First ACM Workshop on Business Driven Security Engineering, Fairfax, VA.

4. Boström, G., Wäyrynen, J., & Bodén, M. (2006). Extending XP practices to support security requirements engineering. In Proceedings of the ACM International Workshop on Software Engineering for Secure Systems (pp. 11-18).

5. Computer Emergency Response Team. (2011). CERT statistics. Retrieved from http://www.cert.org/stats/

Cited by 3 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Evolution of secure development lifecycles and maturity models in the context of hosted solutions;Journal of Software: Evolution and Process;2024-07-30

2. FISA-XP;ACM SIGSOFT Software Engineering Notes;2014-06-04

3. Experiences with Threat Modeling on a Prototype Social Network;Information Security in Diverse Computing Environments;2014