ABSTRACT
The utilization of the Scrum method for software development offers major benefits to its users, such as the process acceleration and resources to deal with the instability of technological environments. Fast customer feedback and support for volatile requirement results in a higher product value, however it hinders the team in dealing appropriately with a critical aspect of every system, which is the information security. Whereas attacks have become more sophisticated that even simpler systems can be potential targets, so it is essential to treat software security within the agile method itself, in order to make it part of the process. Aiming to improve system's quality, reliability, and security, this work proposes an accessory to the Scrum agile method named ScrumS, which adds specific security techniques for a risk analysis project.
- Version One. State of Agile Survey: The State of Agile Development. Version One, 2010.Google Scholar
- Schwaber, K. Agile Project Management with SCRUM. Microsoft Press, 2004. Google ScholarDigital Library
- Azham, Z., Ghani, I., and Ithnin, N. Security Backlog in Scrum Security Practices. Software Engineering (MySEC), Johor Bahru, 2011. DOI=10.1109/MySEC.2011.6140708Google ScholarCross Ref
- Schneier, B. Secrets and Lies: Digital Security in a Networked World. John Wiley & Sons, New York, 2000. Google ScholarDigital Library
- Pinto, N. A. A Process Model for Security Tests Using a Risk Oriented Approach. Brazilian Aeronautics Institute of Technology, Sao Jose dos Campos, Brazil, 2008.Google Scholar
- Viega, J., and McGraw, G. Building Secure Software: How to Avoid Security Problems the Right Way. Addison-Wesley Professional, 2001. Google ScholarDigital Library
- Stoneburner G., Goguen A., and Feringa, A. Risk Management Guide for Information Technology Systems. National Institute of Standards & Technology, Gaithersburg, 2002.Google ScholarCross Ref
- Mougouei, D. et. al. S-Scrum: a Secure Methodology for Agile Development of Web Services. World of Computer Science and Information Technology Journal (WCSIT), 3 (1), 2013, 15--19.Google Scholar
- McGraw, G. Software Security. Security & Privacy, IEEE, 2 (2), 2004, 80--83. DOI=10.1109/MSECP.2004.1281254 Google ScholarDigital Library
- Highsmith, J. Agile Project Management: Creating Innovative Products. Addison-Wesley Professional, 2009, 432. Google ScholarDigital Library
- Pfleeger, C., and Pfleeger S. Security in Computing. Prentice Hall Professional Technical Reference, 2002. Google ScholarDigital Library
- Phan, A. and Phan, P. Scrum in Action: Agile Software Project Management and Development. Novatec, 2011, 287. Google ScholarDigital Library
- Levin, T. et al. Design Principles and Guidelines for Security. Secure Core, 2007.Google Scholar
- Brazilian Ministry of Education. Instrumento de Avaliacao de Cursos de Graduacao Presencial e a Distancia. Inped.gov.br, 2012. http://download.inep.gov.br/educacao_superior/avaliacao_cursos_graduacao/instrumentos/2012/instrumento_com_alteracoes_maio_12.pdf.Google Scholar
- Firesmith, D. Security Use Cases. Journal of Objetct Technology, 2 (3), 2003, 53--6Google ScholarCross Ref
Recommendations
Student scrums (abstract only)
SIGCSE '12: Proceedings of the 43rd ACM technical symposium on Computer Science EducationOver the past ten years Agile software development practices have grown in acceptance and have gained a solid foothold in commercial software development. Our students are entering the workforce with an increasing percentage of companies that are using ...
Challenges Faced While Simultaneously Implementing CMMI and Scrum: A Case Study in the Tax Preparation Software Industry
ITNG '12: Proceedings of the 2012 Ninth International Conference on Information Technology - New GenerationsCMMI certification is a major accomplishment for a software organization, and is often required for an organization to stay competitive. This work is a case study of the challenges faced by a growing tax preparation software company during its attempt ...
The agile requirements refinery: Applying SCRUM principles to software product management
Context: Although agile software development methods such as SCRUM and DSDM are gaining popularity, the consequences of applying agile principles to software product management have received little attention until now. Objective: In this paper, this gap ...
Comments