HDM—a model-based approach to hypertext application design
ACM Transactions on Information Systems (TOIS)
Information systems security design methods: implications for information systems development
ACM Computing Surveys (CSUR)
A Practical Guide to Feature-Driven Development
A Practical Guide to Feature-Driven Development
Extending UML for Modeling Web Applications
HICSS '01 Proceedings of the 34th Annual Hawaii International Conference on System Sciences ( HICSS-34)-Volume 3 - Volume 3
The Rational Unified Process: An Introduction
The Rational Unified Process: An Introduction
Beyond Fear: Thinking Sensibly about Security in an Uncertain World
Beyond Fear: Thinking Sensibly about Security in an Uncertain World
Agile security using an incremental security architecture
XP'05 Proceedings of the 6th international conference on Extreme Programming and Agile Processes in Software Engineering
SP 800-30. Risk Management Guide for Information Technology Systems
SP 800-30. Risk Management Guide for Information Technology Systems
Agile framework for globally distributed development environment (the DAD model)
AIC'08 Proceedings of the 8th conference on Applied informatics and communications
Requirement gathering and tracking process for distributed agile based development
AIC'08 Proceedings of the 8th conference on Applied informatics and communications
Security in migratory interactive web applications
Proceedings of the 11th International Conference on Mobile and Ubiquitous Multimedia
Building Secure Software Using XP
International Journal of Secure Software Engineering
Hi-index | 0.00 |
A secure system is one that is protected against specific undesired outcomes.Delivering a secure system, and particularly a secure web application, is not easy.Integrating general-purpose information systems development methods withsecurity development activities could be a useful means to surmount thesedifficulties Agile processes, such as Extreme Programming, are of increasing interest insoftware development. Most significantly for web applications, agile processesencourage and embrace requirements change, which is a desirable characteristicfor web application development.In this paper, we present an agile process to deliver secure web applications.The contribution of the research is not the development of a new method or processthat addresses security concerns. Rather, we investigate general-purpose informationsystemdevelopment methods (e.g., Feature-Driven Development (FDD)) and mature security methods, namely risk analysis, and integrate them to address the development of secure web applications. The key features of our approach are(1) a process capable of dealing with the key challenges of web applicationsdevelopment, namely decreasing life-cycle times and frequently changing requirements; and (2) an iterative approach to risk analysis that integrates security design throughout the development process.