Extreme programming security practices

Authors:
Xiaocheng Ge;Richard F. Paige;Fiona Polack;Phil Brooke
Affiliations:
Department of Computer Science, University of York, UK;Department of Computer Science, University of York, UK;Department of Computer Science, University of York, UK;School of Computing, University of Teesside, UK
Venue:
XP'07 Proceedings of the 8th international conference on Agile processes in software engineering and extreme programming
Year:
2007

Citing 7
Cited 0

Security in computing

Security in computing
Secure Coding: Principles and Practices

Secure Coding: Principles and Practices
Integrating Security into Agile Development Methods

HICSS '05 Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences - Volume 07
Extreme Programming Explained: Embrace Change (2nd Edition)

Extreme Programming Explained: Embrace Change (2nd Edition)
J2ee™ security for servlets, ejbs and web services: applying theory and standards to practice

J2ee™ security for servlets, ejbs and web services: applying theory and standards to practice
Agile security using an incremental security architecture

XP'05 Proceedings of the 6th international conference on Extreme Programming and Agile Processes in Software Engineering
Security planning and refactoring in extreme programming

XP'06 Proceedings of the 7th international conference on Extreme Programming and Agile Processes in Software Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

Current practice suggests that security is considered through all stages of the software development life cycle, and that a risk-based and plan-driven approach is best suited to establish security criteria. Based on experience in applying security practices, this paper proposes two new security practices, security training and a fundamental security architecture, for applying Extreme Programming.