The week's pick
Random Articles
Reseach Article
A Comprehensive Approach for Embodiment of Security Activities with Agile Methodologies
| International Journal of Computer Applications |
| Foundation of Computer Science (FCS), NY, USA |
| Volume 75 - Number 12 |
| Year of Publication: 2013 |
| Authors: Ajay Kumar Rangra, Manik Gupta |
10.5120/13164-0851
|
Ajay Kumar Rangra, Manik Gupta . A Comprehensive Approach for Embodiment of Security Activities with Agile Methodologies. International Journal of Computer Applications. 75, 12 ( August 2013), 23-28. DOI=10.5120/13164-0851
Abstract
Agility among the software is seeking importance during the development phase, as it promotes adaptive planning, incremental and evolutionary development with many other features that are lightweight in nature. Security is one of the major issues in today's highly agile software development industry. More emphasize is on to produce a secure software, so as to minimize the amount of risk and damage caused by the software. Developing secure software with high agile characteristics is always a hard task to do because of heavy weight nature of security activities. This paper proposes a novel approach by which security activities can be integrated with agile activities by calculating the mean agility value of both activities i. e. agile as well as security keeping in mind the factors such as cost, time, recurrence, benefits affecting the agility of the activity. By using fuzzy value compatibility table (FVCT), extend of compatibility of embodiment of both the activities is done with fuzzy values.
References
- Granville G. Miller, "The Characteristics of Agile Software Processes", Proceedings of the 39th Int'l Conf. and Exhibition on Technology of Object-Oriented Languages and Systems (TOOLS'01)"s 1530-2067/01, IEEE 2001.
- Lipner, Steve & Howard, Michael," The Trustworthy Computing Security Development Lifecycle" Microsoft Corporation, March 2005.
- Howard, M. , Lipner, S. , "The Security Development Lifecycle – SDL: A Process for Developing Demonstrably More Secure Software", Microsoft Press, 2006.
- "Manifesto for Agile Software Development," http://www. agilemanifesto. org
- Beznosov and Kruchten," Towards agile security assurance'' NSPW '04 Proceedings of the 2004 workshop on New security paradigms, Pages 47-54, 2004.
- Siponen, M. , Baskerville, R. , Kuivalainen,T, "Integrating security into agile development methods" in proceedings of the 38th Annual Hawaii International, 2005.
- Hossein Keramati, Seyed-Hassan Mirian-Hosseinabadi, "Integrating software development security activities with agile methodologies", IEEE/ACS International Conference on Computer Systems and Applications, AICCSA, 2008.
- Ching-Torng Lin, Hero Chiu, Yi-Hong Tseng, "Agility evaluation using fuzzy logic", International Journal of Production Economics, Volume 101, , Pages 353–368, Issue 2, June 2006.
- Comprehensive, lightweight application security process. http://www. owasp. org, 2006.
- L. A Zadeh,"Fuzzy Sets" Information and Control Volume 8, Issue 3, June 1965, Pages 338–353
- L. A Zadeh,"The Concept of a Linguistic Variable and its Application to Approximate Reasoning-I" Information Sciences Volume 8, Issue 3, 1975, Pages 199–249
- Steven Goldman, Roger Nagel, and Kenneth Preiss, "Agile Competitors and Virtual Organizations", Chapter 3, Van Nostrand Reinhold, 1995.
Index Terms
Keywords