research-article

Agile security issues: an empirical study

Authors:

Ahmed Alnatheer,

Andrew M. Gravell,

David ArglesAuthors Info & Claims

ESEM '10: Proceedings of the 2010 ACM-IEEE International Symposium on Empirical Software Engineering and Measurement

Article No.: 58, Page 1

https://doi.org/10.1145/1852786.1852860

Published: 16 September 2010 Publication History

Get Access

Abstract

In this poster we introduce an ongoing empirical study on the effects of using predominant security issues along with agile methodologies. As part of this empirical study, current security issues related to and applicable to agile methodologies such as Scrum, XP, and FDD and their effects are discussed. The purpose of this poster is to present an introduction to this ongoing effort and to present our analysis of the issues which are important factors in our forthcoming results which underscores the gap in the literature. The analysis will include experiments, semi-structured interviews, and surveys that seek to gather relevant objective and subjective information about projects and experiments in order to arrive at a consensus on which issues need to be included or emphasized as part of agile to provide adequate security assurance.

References

[1]

Viega, J., McGraw, G. 2001. Building secure software: how to avoid security problems the right way, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 2001

Google Scholar

[2]

Beznosov, K. and Kruchten, P. 2005. Towards agile security assurance. Proceedings of the 2004 workshop on New security paradigms - NSPW '04, (2005), 47.

Digital Library

Google Scholar

Cited By

View all

Cruzes DJaatun MOyetoyan TSingh MWilliams LKuhn RXie T(2018)Challenges and approaches of performing canonical action research in software securityProceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security10.1145/3190619.3190634(1-11)Online publication date: 10-Apr-2018
https://dl.acm.org/doi/10.1145/3190619.3190634
Jaatun MCruzes DLuna J(2017)DevOps for Better Software Security in the Cloud Invited PaperProceedings of the 12th International Conference on Availability, Reliability and Security10.1145/3098954.3103172(1-6)Online publication date: 29-Aug-2017
https://dl.acm.org/doi/10.1145/3098954.3103172
Rindell KHyrynsalmi SLeppanen V(2016)Case Study of Security Development in an Agile Environment: Building Identity Management for a Government Agency2016 11th International Conference on Availability, Reliability and Security (ARES)10.1109/ARES.2016.45(556-563)Online publication date: Aug-2016
https://doi.org/10.1109/ARES.2016.45
Show More Cited By

Index Terms

Recommendations

Software security in agile software development: a literature review of challenges and solutions
XP '18: Proceedings of the 19th International Conference on Agile Software Development: Companion

There has been a surge in number of software security threats and vulnerabilities in recent times. At the same time, expectations towards software and data security are growing. Thus there is a need to ensure that security-related tasks are effectively ...
Towards agile security assurance
NSPW '04: Proceedings of the 2004 workshop on New security paradigms

Agile development methodologies are gaining acceptance in the software industry. If they are to be used for constructing security-critical solutions, what do we do about assurance? This paper examines how conventional security assurance suits agile ...
Agile development with security engineering activities
ICSSP '11: Proceedings of the 2011 International Conference on Software and Systems Process

Agile software development has been used by industry to create a more flexible and lean software development process, i.e making it possible to develop software at a faster rate and with more agility during development. There are however concerns that ...

Comments

Information & Contributors

Information

Published In

ESEM '10: Proceedings of the 2010 ACM-IEEE International Symposium on Empirical Software Engineering and Measurement

September 2010

423 pages

ISBN:9781450300391

DOI:10.1145/1852786

General Chair:
Giancarlo Succi
Free University of Bolzano, Italy
,
Program Chairs:
Maurizio Morisio
Politecnico di Torino, Italy
,
Nachi Nagappan
Microsoft Research

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 16 September 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Research-article

Conference

ESEM '10

Sponsor:

SIGSOFT

ESEM '10: 2010 ACM-IEEE International Symposium on Empirical Software Engineering and Measurement

September 16 - 17, 2010

Bolzano-Bozen, Italy

Acceptance Rates

ESEM '10 Paper Acceptance Rate 30 of 102 submissions, 29%;

Overall Acceptance Rate 130 of 594 submissions, 22%

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
689
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)0

Reflects downloads up to 05 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Cruzes DJaatun MOyetoyan TSingh MWilliams LKuhn RXie T(2018)Challenges and approaches of performing canonical action research in software securityProceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security10.1145/3190619.3190634(1-11)Online publication date: 10-Apr-2018
https://dl.acm.org/doi/10.1145/3190619.3190634
Jaatun MCruzes DLuna J(2017)DevOps for Better Software Security in the Cloud Invited PaperProceedings of the 12th International Conference on Availability, Reliability and Security10.1145/3098954.3103172(1-6)Online publication date: 29-Aug-2017
https://dl.acm.org/doi/10.1145/3098954.3103172
Rindell KHyrynsalmi SLeppanen V(2016)Case Study of Security Development in an Agile Environment: Building Identity Management for a Government Agency2016 11th International Conference on Availability, Reliability and Security (ARES)10.1109/ARES.2016.45(556-563)Online publication date: Aug-2016
https://doi.org/10.1109/ARES.2016.45
Rindell KHyrynsalmi SLeppänen V(2015)A comparison of security assurance support of agile software development methodsProceedings of the 16th International Conference on Computer Systems and Technologies10.1145/2812428.2812431(61-68)Online publication date: 25-Jun-2015
https://dl.acm.org/doi/10.1145/2812428.2812431
Ramadani LUtama N(2015)Preliminary Investigation2015 Second International Conference on Computing Technology and Information Management (ICCTIM)10.1109/ICCTIM.2015.7224607(134-139)Online publication date: Apr-2015
https://doi.org/10.1109/ICCTIM.2015.7224607
Felderer MFourneret E(2015)A systematic classification of security regression testing approachesInternational Journal on Software Tools for Technology Transfer (STTT)10.1007/s10009-015-0365-217:3(305-319)Online publication date: 1-Jun-2015
https://dl.acm.org/doi/10.1007/s10009-015-0365-2
Firdaus AGhani IJeong S(2014)Secure Feature Driven Development (SFDD) Model for Secure Software DevelopmentProcedia - Social and Behavioral Sciences10.1016/j.sbspro.2014.03.712129(546-553)Online publication date: May-2014
https://doi.org/10.1016/j.sbspro.2014.03.712
Azham ZGhani IIthnin N(2011)Security backlog in Scrum security practices2011 Malaysian Conference in Software Engineering10.1109/MySEC.2011.6140708(414-417)Online publication date: Dec-2011
https://doi.org/10.1109/MySEC.2011.6140708

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Cited By

Index Terms

Recommendations

Software security in agile software development: a literature review of challenges and solutions

Towards agile security assurance

Agile development with security engineering activities

Comments

Information

Published In

Sponsors

Publisher

Publication History

Permissions

Check for updates

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations