dc.contributor.author | Tøndel, Inger Anne | |
dc.contributor.author | Jaatun, Martin Gilje | |
dc.contributor.author | Cruzes, Daniela Soares | |
dc.contributor.author | Oyetoyan, Tosin Daniel | |
dc.date.accessioned | 2019-11-08T09:58:33Z | |
dc.date.available | 2019-11-08T09:58:33Z | |
dc.date.created | 2019-02-04T12:32:03Z | |
dc.date.issued | 2019 | |
dc.identifier.isbn | 978-3-030-12786-2 | |
dc.identifier.uri | http://hdl.handle.net/11250/2627369 | |
dc.description.abstract | Currently, security requirements are often neglected in agile projects. Despite many approaches to agile security requirements engineering in literature, there is little empirical research available on why there is limited adoption of these techniques. In this paper we describe a case study on challenges facing adoption of the Protection Poker game; a collaborative and lightweight software security risk estimation technique that is particularly suited for agile teams. Results show that Protection Poker has the potential to be adopted by agile teams. Key benefits identified include good discussions on security and the development project, increased knowledge and awareness of security, and contributions to security requirements. Challenges include managing discussions and the time it takes to play, ensuring confidence in the results from playing the game, and integrating results in a way that improves security of the end-product. | nb_NO |
dc.language.iso | eng | nb_NO |
dc.publisher | Springer Verlag | nb_NO |
dc.relation.ispartof | Computer Security ESORICS 2018 International Workshops, CyberICPS 2018 and SECPRE 2018, Barcelona, Spain, September 6–7, 2018, Revised Selected Papers | |
dc.title | Understanding Challenges to Adoption of the Protection Poker Software Security Game | nb_NO |
dc.type | Chapter | nb_NO |
dc.description.version | acceptedVersion | nb_NO |
dc.source.pagenumber | 153-172 | nb_NO |
dc.identifier.doi | 10.1007/978-3-030-12786-2_10 | |
dc.identifier.cristin | 1673017 | |
dc.relation.project | Norges forskningsråd: 247678 | nb_NO |
dc.description.localcode | This is a post-peer-review, pre-copyedit version of an article published in [International Workshop on Security and Privacy Requirements Engineering] Locked until 31.1.2020 due to copyright restrictions. The final authenticated version is available online at: https://doi.org/10.1007/978-3-030-12786-2_10 | nb_NO |
cristin.unitcode | 194,63,10,0 | |
cristin.unitname | Institutt for datateknologi og informatikk | |
cristin.ispublished | true | |
cristin.fulltext | postprint | |
cristin.qualitycode | 1 | |