Integrating a Security Plug-in with the OpenUP/Basic Development Process

March 04-March 07

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/ARES.2008.132

2008 Third International Conference o ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Shanai Ardi Articles by Nahid Shahmehri

	ASCII Text	x
	Shanai Ardi, Nahid Shahmehri, "Integrating a Security Plug-in with the OpenUP/Basic Development Process," Availability, Reliability and Security, International Conference on, pp. 284-291, 2008 Third International Conference on Availability, Reliability and Security, 2008.

	BibTex	x
	@article{ 10.1109/ARES.2008.132, author = {Shanai Ardi and Nahid Shahmehri}, title = {Integrating a Security Plug-in with the OpenUP/Basic Development Process}, journal ={Availability, Reliability and Security, International Conference on}, volume = {0}, year = {2008}, isbn = {978-0-7695-3102-1}, pages = {284-291}, doi = {http://doi.ieeecomputersociety.org/10.1109/ARES.2008.132}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Availability, Reliability and Security, International Conference on TI - Integrating a Security Plug-in with the OpenUP/Basic Development Process SN - 978-0-7695-3102-1 SP284 EP291 A1 - Shanai Ardi, A1 - Nahid Shahmehri, PY - 2008 KW - Software security KW - Software development process KW - Security plug-in VL - 0 JA - Availability, Reliability and Security, International Conference on ER -

Shanai Ardi

Nahid Shahmehri

In this paper we present a security plug-in for the OpenUP/Basic development process. Our security plug-in is based on a structured unified process for secure software development, named S3P (Sustainable Software Security Process). This process provides the formalism required to identify the causes of vulnerabilities and the mitigation techniques that prevent these vulnerabilities. We also present the results of an expert evaluation of the security plug-in. The lessons learned from development of the plug-in and the results of the evaluation will be used when adapting S3P to other software development processes.

Index Terms:

Software security, Software development process, Security plug-in

Citation:

Shanai Ardi, Nahid Shahmehri, "Integrating a Security Plug-in with the OpenUP/Basic Development Process," ares, pp.284-291, 2008 Third International Conference on Availability, Reliability and Security, 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.