Welcome to the InfoSci Platform
Agile Development of Security-Critical Enterprise System

Agile Development of Security-Critical Enterprise System

Xiaocheng Ge
Copyright: © 2015 |Pages: 23
ISBN13: 9781466681118|ISBN10: 146668111X|EISBN13: 9781466681125
DOI: 10.4018/978-1-4666-8111-8.ch029
Cite Chapter Cite Chapter

MLA

Ge, Xiaocheng. "Agile Development of Security-Critical Enterprise System." Standards and Standardization: Concepts, Methodologies, Tools, and Applications, edited by Information Resources Management Association, IGI Global, 2015, pp. 629-651. https://doi.org/10.4018/978-1-4666-8111-8.ch029

APA

Ge, X. (2015). Agile Development of Security-Critical Enterprise System. In I. Management Association (Ed.), Standards and Standardization: Concepts, Methodologies, Tools, and Applications (pp. 629-651). IGI Global. https://doi.org/10.4018/978-1-4666-8111-8.ch029

Chicago

Ge, Xiaocheng. "Agile Development of Security-Critical Enterprise System." In Standards and Standardization: Concepts, Methodologies, Tools, and Applications, edited by Information Resources Management Association, 629-651. Hershey, PA: IGI Global, 2015. https://doi.org/10.4018/978-1-4666-8111-8.ch029

Export Reference

Mendeley
Favorite

Abstract

The effective provision of security in an agile development requires a new approach: traditional security practices are bound to equally traditional development methods. However, there are concerns that security is difficult to build incrementally, and can prove prohibitively expensive to refactor. This chapter describes how to grow security, organically, within an agile project, by using an incremental security architecture that evolves with the code. The architecture provides an essential bridge between system-wide security properties and implementation mechanisms, a focus for understanding security in the project, and a trigger for security refactoring. The chapter also describes criteria that allow implementers to recognize when refactoring is needed, and a concrete example that contrasts incremental and “top-down” architectures.

Request Access

You do not own this content. Please login to recommend this title to your institution's librarian or purchase it from the IGI Global bookstore.