Integration Analysis of Security Activities from the Perspective of Agility

2012 Agile India Pub Date : 2012-02-17 DOI:10.1109/AGILEINDIA.2012.9

S. Sonia, A. Singhal

{"title":"Integration Analysis of Security Activities from the Perspective of Agility","authors":"S. Sonia, A. Singhal","doi":"10.1109/AGILEINDIA.2012.9","DOIUrl":null,"url":null,"abstract":"To combat the increasing trends of security breaches reported nowadays, there is a need to deploy strict security activities with various development methodologies. In the present work we are focusing on an extremely popular agile development Methodology. These methodologies are informal and lightweight in nature having short timescales. But integration of security activities with agile activities always falls short of expectations, as security practices are not able to adapt such characteristics possessed by agile software easily. Therefore a proper integration methodology is required to achieve this aim. Here we propose a novel approach which provides quantitative measure of agility for security activities in terms of real agility degree (RAD). It determines the degree of compatibility of a security activity with agile process. We have also presented a comparative analysis of security activities with each other in context of RAD and risk removal efficiency factor (RREF). RREF is an assessment of how much effective a security activity is for removing the risk. This comparison will assist a developer during software development in deciding which security activity is beneficial than the other for integration.","PeriodicalId":191446,"journal":{"name":"2012 Agile India","volume":"66 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-02-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 Agile India","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/AGILEINDIA.2012.9","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 16

Abstract

To combat the increasing trends of security breaches reported nowadays, there is a need to deploy strict security activities with various development methodologies. In the present work we are focusing on an extremely popular agile development Methodology. These methodologies are informal and lightweight in nature having short timescales. But integration of security activities with agile activities always falls short of expectations, as security practices are not able to adapt such characteristics possessed by agile software easily. Therefore a proper integration methodology is required to achieve this aim. Here we propose a novel approach which provides quantitative measure of agility for security activities in terms of real agility degree (RAD). It determines the degree of compatibility of a security activity with agile process. We have also presented a comparative analysis of security activities with each other in context of RAD and risk removal efficiency factor (RREF). RREF is an assessment of how much effective a security activity is for removing the risk. This comparison will assist a developer during software development in deciding which security activity is beneficial than the other for integration.

查看原文本刊更多论文

敏捷视角下的安全活动集成分析

为了应对目前报告的日益增加的安全漏洞趋势，需要使用各种开发方法部署严格的安全活动。在目前的工作中，我们关注的是一种非常流行的敏捷开发方法。这些方法是非正式的、轻量级的，具有较短的时间尺度。但是，安全活动与敏捷活动的集成总是达不到预期的效果，因为安全实践不能很容易地适应敏捷软件所具有的这些特征。因此，需要一种适当的集成方法来实现这一目标。在这里，我们提出了一种新的方法，该方法根据实际敏捷度(RAD)为安全活动提供了敏捷性的定量度量。它决定了安全活动与敏捷过程的兼容性程度。我们还在RAD和风险消除效率因子(RREF)的背景下对安全活动进行了比较分析。RREF是对安全活动对于消除风险的有效性的评估。这种比较将帮助开发人员在软件开发期间决定哪种安全活动比其他安全活动更有利于集成。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

2012 Agile India

自引率

0.00%

发文量