Identification and evaluation of security activities in agile projects
2013 (English)Conference paper (Refereed) Published
We compare four high-profile waterfall security-engineering processes (CLASP, Microsoft SDL, Cigital Touchpoints and Common Criteria) with the available preconditions within agile processes. Then, using a survey study, agile security activities are identified and evaluated by practitioners from large companies, e.g. software and telecommunication companies. Those activities are compared and a specific security engineering process is suggested for an agile process setting that can provide high benefit with low integration cost.
Place, publisher, year, edition, pages
Ilulissat, Greenland: Springer , 2013.
Agile Process, Software security, Development Process, Security Engineering
Software Engineering Computer Science
IdentifiersURN: urn:nbn:se:bth-6369DOI: 10.1007/978-3-642-41488-6_10ISI: 000340414300010Local ID: oai:bth.se:forskinfoE828352BEEC6197DC1257C36004339A5ISBN: 978-3-642-41487-9OAI: oai:DiVA.org:bth-6369DiVA: diva2:833867
18th Nordic Conference 2013