Reference Hub

This research has been cited in:

Conference
Surveying Secure Software Development Practices in FinlandProceedings of the 13th International Conference on Availability, Reliability and Security10.1145/3230833.3233274
Article
Security in agile software development: A practitioner surveyInformation and Software Technology10.1016/j.infsof.2020.106488
Conference
Busting a MythProceedings of the 12th International Conference on Availability, Reliability and Security10.1145/3098954.3103170
Chapter
Security Assurance in Agile Software Development MethodsExploring Security in Software Architecture and Design10.4018/978-1-5225-6313-6.ch003
Chapter
Security Assurance in Agile Software Development MethodsResearch Anthology on Agile Software, Software Development, and Testing10.4018/978-1-6684-3702-5.ch046

Case Study of Agile Security Engineering: Building Identity Management for a Government Agency

Kalle Rindell, Sami Hyrynsalmi, Ville Leppänen

Source Title: International Journal of Secure Software Engineering (IJSSE)8(1)

ISSN: 1947-3036|EISSN: 1947-3044|EISBN13: 9781522513858|DOI: 10.4018/IJSSE.2017010103

Cite Article Cite Article

MLA

Rindell, Kalle, et al. "Case Study of Agile Security Engineering: Building Identity Management for a Government Agency." IJSSE vol.8, no.1 2017: pp.43-57. http://doi.org/10.4018/IJSSE.2017010103

APA

Rindell, K., Hyrynsalmi, S., & Leppänen, V. (2017). Case Study of Agile Security Engineering: Building Identity Management for a Government Agency. International Journal of Secure Software Engineering (IJSSE), 8(1), 43-57. http://doi.org/10.4018/IJSSE.2017010103

Chicago

Rindell, Kalle, Sami Hyrynsalmi, and Ville Leppänen. "Case Study of Agile Security Engineering: Building Identity Management for a Government Agency," International Journal of Secure Software Engineering (IJSSE) 8, no.1: 43-57. http://doi.org/10.4018/IJSSE.2017010103

Export Reference

Favorite Full-Issue Download

View Full Text HTML

View Full Text PDF

Abstract

Security concerns are increasingly guiding both the design and processes of software-intensive product development. In certain environments, the development of the product requires special security arrangements for development processes, product release, maintenance and hosting, and specific security-oriented processes and governance. Integrating the security engineering processes into agile development methods can have the effect of mitigating the agile methods' intended benefits. This article describes a case of a large ICT service provider building a secure identity management system for a sizable government agency. The project was a subject to strict security regulations due to the end product's critical role. The project was a multi-team, multi-site, standard-regulated security engineering and development work executed following the Scrum framework. The study reports the difficulties in combining security engineering with agile development, provides propositions to enhance Scrum for security engineering activities. Also, an evaluation of the effects of the security work on project cost presented.

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.

Username or email: *

Password: *

Forgot individual login password?

Create individual account

Case Study of Agile Security Engineering: Building Identity Management for a Government Agency

MLA

APA

Chicago

Export Reference

Abstract

Request Access