| Integrating Software Security into Agile-Scrum Method |
|
Ghani, Imran
(Faculty of Computing, Universiti Teknologi Malaysia (UTM))
Azham, Zulkarnain (Faculty of Computing, Universiti Teknologi Malaysia (UTM)) Jeong, Seung Ryul (Graduate School of Business IT, Kookmin University) |
| 1 | Sullivan., "Security Development Lifecycle for Agile Development," Mirosoft, at http://www.blackhat.com/presentations/bh-dc-10/Sullivan_Bryan/BlackHat-DC-2010-Sullivan-SDL-Agile-wp.pdf, 2009. |
| 2 | Gencer, E., "Security Testing of Web Based Applications," Master Thesis Norwegian University of Science and Technology Department of Computer and Information Science, 2009. |
| 3 | Sindre., G, and Opdahl. A., "Capturing security requirements through misuse cases," in Proc. of Proceedings of the 14th Norwegian informatics conference, 2001. |
| 4 | Mullery., G, "CORE: A method for controlled requirements expression," in Proc. of Proceedings of 4th International Conference on Software Engineering. (ICSE-4), pp.126 -135, 1979. |
| 5 | Kang, C., Cohen, G., Hess, A., Novak, E., and Peterson, A., "Feature-oriented domain analysis (FODA) feasibility study," Technical report CMU/SEI-90-TR-21, Software Engineering Institute, Carnegie Mellon University, 1990. |
| 6 | Alnatheer, M., Nelson, K.: A proposed framework for understanding information security culture and practices in the Saudi context. In: Proceedings of the 7th Australian Information Security Management Conference, pp. 6-17. SECAU - Edith Cowan University, Australia, Perth, Australia , 2009. |
| 7 | Vaha-Sipila, A., "Software security in agile product management," http://www.fokkusu.fi/agile-security/Software%20security%20in%20agile%20product%20management.pdf (2011) accessed on May 2013. |
| 8 | Erdogan, G., Meland, P. H. and Mathieson, D., "Security Testing in Agile Web Application Development - A Case Study Using the East Methodology," in Proc. of 11th International Conference XP2010, Vol.48, pp.14-27, 2010. |
| 9 | Brady, K., "AGILE/SCRUM Fails to get to grips with Human Psychology," at http://www.claretyconsulting.com/it/comments/agile-scrum-fails-to-get-to-grips-with-human-psychology.html, 2006. |
| 10 | Mikko, S., Richard, B. and Tapio, k., "Integrating Security into Agile Development Methods," in Proc. of Proceedings of the 38th Hawaii International Conference on System Sciences, 2005. |
| 11 | Anti, V, S., et al., "Secure software development and agile methods - notes," at http://confluence.agilefinland.com/display/af/Secure+software+development+and+agile+methods+-+notes, 2010. |
| 12 | Adrian, L., "FireStarter: Agile Development and Security," at https://securosis.com/blog/agile-development-and-security, 2010. |
| 13 | Zulkarnain Azham., Imran Ghani. and Norafida Ithnin., "Security Backlog in Scrum Security Practicesm," in Proc. of 5th Malaysian Software Engineering Conference, 2011. |
| 14 | McGraw, G., "Software Security: Building Security In," Addison-wesley software security series, 2006. |
| 15 | Checkland, P., "Soft Systems Methodology in Action," Toronto, Ontario, Canada: John Wiley & Sons, 1990. |
| 16 | Wood, J. and Silver, D., "Joint Application Design: How to Design Quality Systems in 40% Less Time," New York: John Wiley & Sons, 1989. |
| 17 | QFD Institute, "Frequently Asked Questions About QFD," at http://www.qfdi.org/what_is_qfd/faqs_about_qfd.html, 2005. |
| 18 | Christel, M. and Kang, K., "Issues in Requirements Elicitation," Software Engineering Institute, 1992. |
| 19 | Kunz, Werner. and Rittel, Horst., "Issues as Elements of Information Systems," at http://www.cc.gatech.edu/-ellendo/rittel/rittel-issues.pdf, 1970. |
| 20 | Schiffrin, D., "Approaches to Discourse," Oxford, UK: Blackwell, 1994. |
| 21 | Hubbard, R., Mead, N. and Schroeder, C., "An Assessment of the Relative Efficiency of a Facilitator-Driven Requirements Collection Process with Respect to the Conventional Interview Method," in Proc. of 4th International Conference on Requirements Engineering, pp.178-186, 2000. |
| 22 | Wayrynen, J., Bodén, M. and Boström, G., "Security engineering and eXtreme programming: an impossible marriage?," in Proc. of 4th Conference on Extreme Programming and Agile Methods, Vol.3134, pp.117-128, 2004. |
| 23 | Xiaocheng G., Richard F. P. and Fiona P., "Extreme Programming Security Practices", in Proc. of 8th International Conference XP 2007, Vol.4536, pp.226-230, 2007. |
| 24 | Sani, A., Firdaus, A., Jeong, S. R. and Ghani, I., "A Review on Software Development Security Engineering using Dynamic System Method(DSDM)," International Journal of Computer Applications, Vol.69, No.25, pp.33-44, 2013. |
| 25 | Ghani, I., Yasin, N. I. B., "Software Security Engineering in Extreme Programming Methodology: A Systematic Literature Review," Journal Science International Lahore, Vol.25, No.2, pp.215-221, 2013. |
| 26 | Firdaus, A., Ghani, I., Yasin, N. I. M., "Developing Websites using Feature Driven Development: A Case Study," Journal of Clean Energy Technologies, Vol.1, No.4, pp.322-326, 2013. |
| 27 | Sani, A., Ghani, I., Jeong, S. R., "Secure Dynamic System Development Method (Sdsdm) Model For Secure Software Development," Journal, Science International Lahore, Special Issue, 1059-64, 2013. |
| 28 | Keramati, H. and Mirian-Hosseinabadi, S. H., "Integrating Software Development Security Activities with Agile Methodologies," in Proc. of IEEE/ACS International Conference on Computer Systems and Applications, pp.749-754, 2008. |
| 29 | Sutherland, J. and Schwaber, K., "The Scrum Papers: Nut, Bolts, and Origin of an Agile Framework," Scrum Inc, 2011. |
| 30 | Julia, H. A., Sean, B., Robert, J., Ellison., Gary Mcgraw. And Nancy R.,"Software Security Engineering: A Guide for Project Manager," Addison-Wesley Professional, 2008. |
| 31 | Qumer, A. and Henderson-Sellers, B., "An evaluation of the degree of agility in six agile methods and it applicability for method engineering," Information and Software Technology, Vol.50, pp.280-295, 2008. DOI ScienceOn |
| 32 | Walker, R., "Improving Software Economics: Top 10 Principles of Achieving Agility At Scale," Improving Software Economics white paper, 2009. |
| 33 | Lowell, L., Carmen, Z. and Erdogmus, H., "Extreme Programming and Agile Methods - XP/Agile Universe 2004," in Proc. of 4th Conference on Extreme Programming and Agile Methods, pp.121, 2004. |
| 34 | Dyba, T. and Dingsoyr, T., "Empirical studies of agile software development: A systematic review," Information and Software Technology, Vol.50, pp.833-859, 2008. DOI ScienceOn |
| 35 | Mchugh, O. and Conboy, k. and Lang, M., "Agile practices: The Impact on Trust in Software Project Teams," IEEE Software, Vol.29, pp.71-76, 2012. DOI ScienceOn |
| 36 | Slaten, k., Droujkova, M., Berenson, S. B., Williams, L. and Layman, L., "Understanding Student Perceptions of Pair Programming and Agile Software Development Methodologies: Verifying a Model of Social Interaction," IEEE Agile Conference, pp.323-330, 2005. |
| 37 | Amir S. S., Amir A. S. and Fereidoon S., "Toward Empowering Extreme Programming from an Architectural Viewpoint," in Proc. of 9th International Conference XP 2008, Vol.9, pp.222-223, 2008. |
| 38 | Breivold, H. P., Sundmark, D., Wallin, P.and Larsson, S., "What Does Research Say about Agile and Architecture?," IEEE Software Engineering Advances, pp.32-37, 2010. |
 |
Korea Institute of Science and Technology Information
Gwahangno, Yuseong-gu, Daejeon, 305-806, Korea TEL : +82-42-869-1752
Copyright (c) 2009 KISTI. All Rights Reserved. For more information mail to
webmaster
