Case Study of Agile Security Engineering: Building Identity Management for a Government Agency
Research output: Contribution to journal › Article › Scientific › peer-review
|Number of pages||15|
|Journal||International Journal of Secure Software Engineering|
|Publication status||Published - Mar 2017|
|Publication type||A1 Journal article-refereed|
This article describes a case of a large ICT service provider building a secure identity management system for a sizable government agency. The project was a subject to strict security regulations due to the end product’s critical role. The project was a multi-team, multi-site, standard-regulated security engineering and development work executed following the Scrum framework. The study reports the difficulties in combining security engineering with agile development, provides propositions to enhance Scrum for security engineering activities. Also, an evaluation of the effects of the security work on project cost presented.