| dc.date.accessioned | 2020-01-09T19:16:22Z | |
| dc.date.available | 2020-01-09T19:16:22Z | |
| dc.date.created | 2019-01-31T08:32:47Z | |
| dc.date.issued | 2018 | |
| dc.identifier.citation | Rygge, Hanne Jøsang, Audun . Solving Security and Privacy Threats in Agile Software Development. Secure IT Systems - 23rd Nordic Conference, NordSec 2018, Oslo, Norway, November 28-30, 2018, Proceedings. 2018, 468-483 Springer Nature | |
| dc.identifier.uri | http://hdl.handle.net/10852/72016 | |
| dc.description.abstract | Secure software development represents a fundamental part of ‘security by design’ which in turn is a prerequisite for ‘privacy by design’ in the terminology of GDPR (General Data Protection Regulation). To follow and adhere to the principles of privacy by design and security by design during software development is a legal requirement throughout Europe with the introduction of GDPR in 2018. Secure software development is typically based on specific methods that software-design teams apply to discover and solve security threats and thereby to improve the security of systems in general. This paper describes Threat Poker as a team-based method to be exercised during agile software development for assessing both security risk and privacy risk, and for evaluating the effort needed to remove corresponding vulnerabilities in the developed software. | en_US |
| dc.language | EN | |
| dc.publisher | Springer Nature | |
| dc.title | Solving Security and Privacy Threats in Agile Software Development | en_US |
| dc.type | Chapter | en_US |
| dc.creator.author | Rygge, Hanne | |
| dc.creator.author | Jøsang, Audun | |
| cristin.unitcode | 185,15,5,0 | |
| cristin.unitname | Institutt for informatikk | |
| cristin.ispublished | true | |
| cristin.fulltext | postprint | |
| dc.identifier.cristin | 1669649 | |
| dc.identifier.bibliographiccitation | info:ofi/fmt:kev:mtx:ctx&ctx_ver=Z39.88-2004&rft_val_fmt=info:ofi/fmt:kev:mtx:book&rft.btitle=Secure IT Systems - 23rd Nordic Conference, NordSec 2018, Oslo, Norway, November 28-30, 2018, Proceedings&rft.spage=468&rft.date=2018 | |
| dc.identifier.startpage | 468 | |
| dc.identifier.endpage | 483 | |
| dc.identifier.pagecount | 486 | |
| dc.identifier.doi | http://dx.doi.org/10.1007/978-3-030-03638-6_29 | |
| dc.identifier.urn | URN:NBN:no-75144 | |
| dc.type.document | Bokkapittel | en_US |
| dc.type.peerreviewed | Peer reviewed | |
| dc.source.isbn | 978-3-030-03637-9 | |
| dc.identifier.fulltext | Fulltext https://www.duo.uio.no/bitstream/handle/10852/72016/2/RJ2018-NordSec.pdf | |
| dc.type.version | AcceptedVersion | |
| cristin.btitle | Secure IT Systems - 23rd Nordic Conference, NordSec 2018, Oslo, Norway, November 28-30, 2018, Proceedings | |