Security backlog in scrum security practices

2011 5th Malaysian Conference in Software Engineering, MySEC 2011

Volumn , Issue , 2011, Pages 414-417

  Azham, Zulkarnain ^a   Ghani, Imran ^a   Ithnin, Norafida ^a  

^a UNIVERSITI TEKNOLOGI MALAYSIA   (Malaysia)

Author keywords

Agile Development; scrum; security

Indexed keywords

AGILE DEVELOPMENT; AGILE DEVELOPMENT METHODS; DEVELOPMENT PHASIS; DEVELOPMENT TEAMS; INTEGRATION OF SECURITY; MANAGEMENT ACTIVITIES; RAPID DEVELOPMENT; SCRUM; SECURITY; SECURITY FEATURES; SECURITY PRACTICE; SECURITY RISKS; SOFTWARE DEVELOPMENT LIFE CYCLE; SOFTWARE PRODUCTS;

LIFE CYCLE; RISK MANAGEMENT; SOFTWARE DESIGN;

SECURITY SYSTEMS;

EID: 84857317699     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/MySEC.2011.6140708     Document Type: Conference Paper

References (16)

1. Mikko Siponen, RichardBaskerville and Tapio Kuivalainen, "Integrating Security into Agile Development Methods," Proc. IEEE 38th Hawaii International Conference on System Sciences, 2005, 0-7695-2268-8/05/ 2005.
2. Saltzer, Jerome H. & Schroeder, Michael D. "The Protection of Information in Computer Systems," 1278-1308. Proceedings of the IEEE 63, 9 (September 1975).
3. Gencer Erdogan, Per Hakon Meland, and Derek Mathieson, "Security Testing in Agile Web Application Development - A CAse Study Using the East Methodology," A. Sillitti et al. (Eds.): XP 2010, LNBIP 48, pp. 14-27, 2010. Springer-Verlag Berlin Heidelberg 2010.
4. Ahmed Alnatheer, Andrew M. Gravell and David Argles, "Agile Security Issues: A Research Study," unpublished.
5. Xiaocheng Ge, Richard F. Paige, Fiona Polack, "Extreme Programming Security Practices," G. Concas et al. (Eds.): XP 207, LNCS 4536, pp. 226-230, 2007. Springer-Verlag Berlin Heidelberg 2007.
6. Hossein Keramati, Seyed-Hassan Mirian-Hosseinabadi, "Integrating Software Development Security Activities with Agile Methodologies"978-1- 14244-1968-5/08/2008 IEEE.
7. Viega, John & McGraw, Gary. Building Secure Software: How to Avoid Security Problems the Right Way. Boston, MA: Addison-Wesley, 2002.
8. Anti Vaha-Sipila, "Marrying Scrum and Security," blog, 19 May 2009, http://blog.safecode.org/?p=45.html.
9. Adrian Lane, "FireStarter: Agile Development and Security," blog, 1 Feb.2010,http://securosis.com/blog/agile-development-and-security
10. Kevin Brady, "AGILE/SCRUM Fails to get to grips with Human Psychology,"Aug.2006;http://www.claretyconsulting.com/it/comments/ agile-scrum-fails-to-get-to-grips-with-human-psychology.html
11. Walker Royce, "Improving Software Economics," white paper, IBM, May 2009
12. Sullivan, Security Development Lifecycle for Agile Development, v. 1.0, by Microsoft, June 30. 2003; http://microsoft.com/security/sdl
13. Julia H. Allen, ed., Software Security Engineering: A Guide for Project Manager, Addison wesley Professional, 2008.
14. https://buildsecurityin.us-cert.gov/bsi/articles/knowledge/principles/ 350-BSI.html.
15. Anti Vaha-Sipila, "Secure software development and agile methods - notes,"15Apr.2010, http://confluence.agilefinland.com/display/af/ Secure+software+development+and+agile+methods+-+notes.html
16. "3rd Annual Survey:2008; The State of Agile Development," June-July 2006;httphttp://www.versionone.com/