Title :
Integrating a Security Plug-in with the OpenUP/Basic Development Process
Author :
Ardi, Shanai ; Shahmehri, Nahid
Author_Institution :
Dept. of Comput. & Inf. Sci., Linkoping Univ., Linkoping
Abstract :
In this paper we present a security plug-in for the OpenUP/Basic development process. Our security plug-in is based on a structured unified process for secure software development, named S3P (sustainable software security process). This process provides the formalism required to identify the causes of vulnerabilities and the mitigation techniques that prevent these vulnerabilities. We also present the results of an expert evaluation of the security plug-in. The lessons learned from development of the plug-in and the results of the evaluation will be used when adapting S3P to other software development processes.
Keywords :
security of data; software engineering; OpenUP/basic development process; security plug-in; software development; sustainable software security process; Availability; Best practices; Computer security; Costs; Information science; Information security; Performance evaluation; Process design; Programming; Software systems; Security plug-in; Software development process; Software security;
Conference_Titel :
Availability, Reliability and Security, 2008. ARES 08. Third International Conference on
Conference_Location :
Barcelona
Print_ISBN :
978-0-7695-3102-1
DOI :
10.1109/ARES.2008.132
