By the same authors

Agile security using an incremental security architecture

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Author(s)

Department/unit(s)

Publication details

Title of host publicationEXTREME PROGRAMMING AND AGILE PROCESSES IN SOFTWARE ENGINEERING, PROCEEDINGS
DatePublished - 2005
Pages57-65
Number of pages9
PublisherSPRINGER-VERLAG BERLIN
Place of PublicationBERLIN
EditorsH Baumeister, M Marchesi, M Holcombe
Original languageEnglish
ISBN (Print)3-540-26277-6

Abstract

The effective provision of security in an agile development requires a new approach: traditional security practices are bound to equally traditional development methods. However, there are concerns that security is difficult to build incrementally, and can prove prohibitively expensive to refactor. This paper describes how to grow security, organically, within an agile project, by using an incremental security architecture which evolves with the code. The architecture provides an essential bridge between system-wide security properties and implementation mechanisms, a focus for understanding security in the project, and a trigger for security refactoring. The paper also describes criteria that allow implementers to recognize when refactoring is needed, and a concrete example that contrasts incremental and 'top-down' architectures.

Discover related content

Find related publications, people, projects, datasets and more using interactive charts.

View graph of relations