{"title":"Security backlog in Scrum security practices","authors":"Zulkarnain Azham, I. Ghani, Norafida Ithnin","doi":"10.1109/MYSEC.2011.6140708","DOIUrl":null,"url":null,"abstract":"The rapid development of software nowadays requires the high speed software product delivery by development teams. In order to deliver the product faster, the development teams make a transformation to their conventional software development lifecycle to agile development method which can enable them towards speedy delivery of software coping with the requirements-change phenomenon. In this scenario, one of the most popular techniques in Agile development is the Scrum methodology which has been criticised in term of its security aspect cycle that ignores the security risk management activity. However, the current practices suggest that security should be considered during all stages of the software development life cycle. In order to address the aforementioned issue, this paper proposes the integration of security principles in development phases using scrum and suggests the element of security backlog that can be used as security features analysis and implementation in scrum phases.","PeriodicalId":137714,"journal":{"name":"2011 Malaysian Conference in Software Engineering","volume":"83 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"48","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2011 Malaysian Conference in Software Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MYSEC.2011.6140708","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 48
Abstract
The rapid development of software nowadays requires the high speed software product delivery by development teams. In order to deliver the product faster, the development teams make a transformation to their conventional software development lifecycle to agile development method which can enable them towards speedy delivery of software coping with the requirements-change phenomenon. In this scenario, one of the most popular techniques in Agile development is the Scrum methodology which has been criticised in term of its security aspect cycle that ignores the security risk management activity. However, the current practices suggest that security should be considered during all stages of the software development life cycle. In order to address the aforementioned issue, this paper proposes the integration of security principles in development phases using scrum and suggests the element of security backlog that can be used as security features analysis and implementation in scrum phases.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
