Agile Security Using an Incremental Security Architecture

Howard Chivers, Richard F. Paige, Xiaocheng Ge

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

23 Citations (Scopus)

Abstract

The effective provision of security in an agile development requires a new approach: traditional security practices are bound to equally traditional development methods. However, there are concerns that security is difficult to build incrementally, and can prove prohibitively expensive to refactor. This paper describes how to grow security, organically, within an agile project, by using an incremental security architecture which evolves with the code. The architecture provides an essential bridge between system-wide security properties and implementation mechanisms, a focus for understanding security in the project, and a trigger for security refactoring. The paper also describes criteria that allow implementers to recognize when refactoring is needed, and a concrete example that contrasts incremental and 'top-down' architectures.

Original languageEnglish
Title of host publicationExtreme Programming and Agile Processes in Software Engineering
Subtitle of host publication6th International Conference, XP 2005, Sheffield, UK, June 18-23, 2005, Proceedings
EditorsHubert Baumeister, Michele Marchesi, Mike Holcombe
PublisherSpringer-Verlag Berlin Heidelberg
Pages57-65
Number of pages9
VolumeLNCS 3556
Edition1
ISBN (Electronic)9783540314875
ISBN (Print)9783540262770
DOIs
Publication statusPublished - 2005
Externally publishedYes
EventThe 6th International Conference on Extreme Programming and Agile Processes in Software Engineering - Sheffield, United Kingdom
Duration: 18 Jun 200523 Jun 2005
Conference number: 6
https://dl.acm.org/doi/10.1007/11499053_39

Publication series

NameLecture Notes in Computer Science (Programming and Software Engineering)
PublisherSpringer
Volume3556
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Conference

ConferenceThe 6th International Conference on Extreme Programming and Agile Processes in Software Engineering
Abbreviated titleXP 2005
Country/TerritoryUnited Kingdom
CitySheffield
Period18/06/0523/06/05
Internet address

Fingerprint

Dive into the research topics of 'Agile Security Using an Incremental Security Architecture'. Together they form a unique fingerprint.

Cite this