A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit <a rel="external noopener" href="https://ris.utwente.nl/ws/files/5501486/PID1988325.pdf">the original URL</a>. The file type is <code>application/pdf</code>.
Towards agile security risk management in RE and beyond
<span title="">2011</span>
<i title="IEEE">
<a target="_blank" rel="noopener" href="https://fatcat.wiki/container/35k6qz2nqrfkziwp6ui5gszhbi" style="color: black;">Workshop on Empirical Requirements Engineering (EmpiRE 2011)</a>
</i>
Preserved Fulltext
Little attention has been given so far to the process of security risk management at the early stages of system development. Security has been addressed by isolated security assurance practices, some of which consider risks and mitigations but they do not provide an overview of the overall security state of the system being developed. This paper takes the position that (1) these isolated security assurance practices should be fully integrated and should be embedded in short iterations of risk
<span class="external-identifiers">
<a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1109/empire.2011.6046253">doi:10.1109/empire.2011.6046253</a>
<a target="_blank" rel="external noopener" href="https://dblp.org/rec/conf/re/FranqueiraBTD11.html">dblp:conf/re/FranqueiraBTD11</a>
<a target="_blank" rel="external noopener" href="https://fatcat.wiki/release/ejvzjw52brcbln5rmmmzysw7nu">fatcat:ejvzjw52brcbln5rmmmzysw7nu</a>
</span>
more »
... sessment, treatment and acceptance, providing input for updating security requirements and for security risk management, and that (2) available empirical data from public catalogs and databases should be used as a source of expertise, to leverage past experiences, and therefore reduce, although not eliminate, subjectivity of human judgment. Borrowing from the agile software development and project management philosophy, we introduce the idea of a light weight, agile approach to security risk management integrated to the development life cycle.
<a target="_blank" rel="noopener" href="https://web.archive.org/web/20180720121639/https://ris.utwente.nl/ws/files/5501486/PID1988325.pdf" title="fulltext PDF download" data-goatcounter-click="serp-fulltext" data-goatcounter-title="serp-fulltext">
<button class="ui simple right pointing dropdown compact black labeled icon button serp-button">
<i class="icon ia-icon"></i>
Web Archive
[PDF]
<div class="menu fulltext-thumbnail">
<img src="https://blobs.fatcat.wiki/thumbnail/pdf/07/75/07754147e98284f81192bfdbf40f9fec3a318a1a.180px.jpg" alt="fulltext thumbnail" loading="lazy">
</div>
</button>
</a>
<a target="_blank" rel="external noopener noreferrer" href="https://doi.org/10.1109/empire.2011.6046253">
<button class="ui left aligned compact blue labeled icon button serp-button">
<i class="external alternate icon"></i>
ieee.com
</button>
</a>