Nowadays, software development must face the challenge of integrating security and privacy elements from the earliest stages of any software development process. A correct and complete implementation starting from the requirements definition allows to significantly increase the security level of each single phase/iteration and consequently of the final system. Therefore, it is necessary to support the team throughout the software lifecycle trying to provide operational guidelines of security by design and privacy by design. Taking these aspects into account, the paper presents a Human Centered Design (HCD) approach of security and privacy-oriented software development, integrated within the Scrum agile methodology, defined as HCD-Security Scrum. The goal is to support developer decisions at all stages of software development in integrating security and privacy requirements through the formalization of key elements defined in a knowledge base, i.e., the Privacy Knowledge Base.

Integrating security and privacy in HCD-scrum

Teresa Baldassarre M.;Santa Barletta V.;Caivano D.;Piccinno A.
2021-01-01

Abstract

Nowadays, software development must face the challenge of integrating security and privacy elements from the earliest stages of any software development process. A correct and complete implementation starting from the requirements definition allows to significantly increase the security level of each single phase/iteration and consequently of the final system. Therefore, it is necessary to support the team throughout the software lifecycle trying to provide operational guidelines of security by design and privacy by design. Taking these aspects into account, the paper presents a Human Centered Design (HCD) approach of security and privacy-oriented software development, integrated within the Scrum agile methodology, defined as HCD-Security Scrum. The goal is to support developer decisions at all stages of software development in integrating security and privacy requirements through the formalization of key elements defined in a knowledge base, i.e., the Privacy Knowledge Base.
2021
9781450389778
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11586/390337
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 11
  • ???jsp.display-item.citation.isi??? ND
social impact