Skip to main content
SpringerLink
Log in

29110+ST: Integrated Security Practices. Case Study

  • Conference paper
  • First Online:
New Perspectives in Software Engineering (CIMPS 2022)

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 576))

Included in the following conference series:

Abstract

Data security has become a significant area of interest for everyone involved in developing mobile applications. Therefore, it is crucial to consider that most of the applications security issues are introduced in the development process. According to A. Semeney, Founder of DevTeam.Space, mobile applications are generally developed by small teams or software development VSEs. In this context, this article presents a tool developed with the name of 29110+TS that shows the proposal of security improvements to the ISO/IEC 29110. To validate the proposal and the 29110+TS tool, an expert’s judgment method was implemented with a survey in which the answers gave a positive response to the improvements done to the Base framework and the 29110+TS tool with 90.5%.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 189.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 249.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. DataReportal: Internet users in the world 2020 | Statista. Statista GmbH, October 2020 (2022). https://www.statista.com/statistics/617136/digital-population-worldwide/

  2. Newzoo: Smartphone users 2020 | Statista. Statista GmbH (2020). https://www.statista.com/statistics/330695/number-of-smartphone-users-worldwide/

  3. App Annie; TechCrunch: Annual number of mobile app downloads worldwide 2020 | Statista. Statista, September 2020 (2020). https://www.statista.com/statistics/271644/worldwide-free-and-paid-mobile-app-store-downloads/

  4. Poniszewska-Maranda, A., Majchrzycka, A.: Access control approach in development of mobile applications. In: Younas, M., Awan, I., Kryvinska, N., Strauss, C., Thanh, D.V. (eds.) MobiWIS 2016. LNCS, vol. 9847, pp. 149–162. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-44215-0_12

    Chapter  Google Scholar 

  5. Kitchenham, B., Brereton, O.P., Budgen, D., Turner, M., Bailey, J., Linkman, S.: Systematic literature reviews in software engineering - a systematic literature review. Inf. Softw. Technol. 51, 7–15 (2009)

    Article  Google Scholar 

  6. Mejía, J., Maciel, P., Muñoz, M., Quiñonez, Y.: Frameworks to develop secure mobile applications: a systematic literature review. In: Rocha, Á., Adeli, H., Reis, L.P., Costanzo, S., Orovic, I., Moreira, F. (eds.) WorldCIST 2020. AISC, vol. 1160, pp. 137–146. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45691-7_13

    Chapter  Google Scholar 

  7. ISO/IEC: ISO/IEC 27001:2013, Information technolog. Security techniques. Information security management systems. Requirements

    Google Scholar 

  8. ISO/IEC: ISO/IEC 27034 — Information technology — Security techniques — Application security

    Google Scholar 

  9. Microsoft: Security Development Lifecycle | SDL Process Guidance Version 5.2 (2012)

    Google Scholar 

  10. McGraw, G.: Software Security: Building Security In. Addison-Wesley Professional, Richmond (2006)

    Google Scholar 

  11. Lund, M.S., Solhaug, B., Stølen, K.: The CORAS Model-Based Method. SINTEF, Oslo (2006)

    MATH  Google Scholar 

  12. Mejía, J., Muñoz, M., Maciel-Gallegos, P., Quiñonez, Y.: Proposal to integrate security practices into the ISO/IEC 29110 standard to develop mobile apps. In: Mejia, J., Muñoz, M., Rocha, Á., Avila-George, H., Martínez-Aguilar, G.M. (eds.) CIMPS 2021. AISC, vol. 1416, pp. 29–40. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-89909-7_3

    Chapter  Google Scholar 

  13. Amer, M., Daim, T.: Expert judgment quantification. In: Daim, T., Oliver, T., Kim, J. (eds.) Research and Technology Management in the Electricity Industry. Green Energy and Technology, pp. 31–65. Springer, London (2013). https://doi.org/10.1007/978-1-4471-5097-8_3

    Chapter  Google Scholar 

  14. García, L., Fernández, S.J.: Procedimiento de aplicación del trabajo creativo en grupo de expertos. Ingeniería Energética XXIX(2), 46–50 (2008)

    Google Scholar 

  15. González Pacheco, M.Á., Muñoz Mata, M.A., Hernández Reveles, J.G.: Creación de una biblioteca de juegos serios para hacer más efectiva la enseñanza de Kanban acorde a las necesidades de la Pyme. M.S. thesis, CIMAT, Zacatecas (2021)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Centro de Investigación en Matemáticas, Zacatecas Unit, A.C., Jalisco S/N, Col. Valenciana, Guanajuato, GJ, Mexico

    Perla Maciel-Gallegos & Jezreel Mejía

  2. Facultad de Informatica Mazatlan, Universidad Autonoma de Sinaloa, 82000, Mazatlan, Mexico

    Yadira Quiñonez

Authors
  1. Perla Maciel-Gallegos
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jezreel Mejía
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Yadira Quiñonez
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Jezreel Mejía .

Editor information

Editors and Affiliations

  1. Centro de Investigación en Matemáticas, A.C., Unidad Zacatecas, Zacatecas, Mexico

    Jezreel Mejia

  2. Centro de Investigación en Matemáticas, A.C., Unidad Zacatecas, Zacatecas, Zacatecas, Zacatecas, Mexico

    Mirna Muñoz

  3. ISEG, Universidade de Lisboa, Lisbon, Portugal

    Álvaro Rocha

  4. Universidad Hipócrates, Acapulco de Juárez, Guerrero, Mexico

    Víctor Hernández-Nava

Rights and permissions

Reprints and permissions

Copyright information

© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Maciel-Gallegos, P., Mejía, J., Quiñonez, Y. (2023). 29110+ST: Integrated Security Practices. Case Study. In: Mejia, J., Muñoz, M., Rocha, Á., Hernández-Nava, V. (eds) New Perspectives in Software Engineering. CIMPS 2022. Lecture Notes in Networks and Systems, vol 576. Springer, Cham. https://doi.org/10.1007/978-3-031-20322-0_8

Download citation

Publish with us

Policies and ethics

Search

Navigation