DocumentCode
1565468
Title
Integrating a Security Plug-in with the OpenUP/Basic Development Process
Author
Ardi, Shanai ; Shahmehri, Nahid
Author_Institution
Dept. of Comput. & Inf. Sci., Linkoping Univ., Linkoping
fYear
2008
Firstpage
284
Lastpage
291
Abstract
In this paper we present a security plug-in for the OpenUP/Basic development process. Our security plug-in is based on a structured unified process for secure software development, named S3P (sustainable software security process). This process provides the formalism required to identify the causes of vulnerabilities and the mitigation techniques that prevent these vulnerabilities. We also present the results of an expert evaluation of the security plug-in. The lessons learned from development of the plug-in and the results of the evaluation will be used when adapting S3P to other software development processes.
Keywords
security of data; software engineering; OpenUP/basic development process; security plug-in; software development; sustainable software security process; Availability; Best practices; Computer security; Costs; Information science; Information security; Performance evaluation; Process design; Programming; Software systems; Security plug-in; Software development process; Software security;
fLanguage
English
Publisher
ieee
Conference_Titel
Availability, Reliability and Security, 2008. ARES 08. Third International Conference on
Conference_Location
Barcelona
Print_ISBN
978-0-7695-3102-1
Type
conf
DOI
10.1109/ARES.2008.132
Filename
4529349
Link To Document