Abstract
Data security has become a significant area of interest for everyone involved in developing mobile applications. Therefore, it is crucial to consider that most of the applications security issues are introduced in the development process. According to A. Semeney, Founder of DevTeam.Space, mobile applications are generally developed by small teams or software development VSEs. In this context, this article presents a tool developed with the name of 29110+TS that shows the proposal of security improvements to the ISO/IEC 29110. To validate the proposal and the 29110+TS tool, an expert’s judgment method was implemented with a survey in which the answers gave a positive response to the improvements done to the Base framework and the 29110+TS tool with 90.5%.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
DataReportal: Internet users in the world 2020 | Statista. Statista GmbH, October 2020 (2022). https://www.statista.com/statistics/617136/digital-population-worldwide/
Newzoo: Smartphone users 2020 | Statista. Statista GmbH (2020). https://www.statista.com/statistics/330695/number-of-smartphone-users-worldwide/
App Annie; TechCrunch: Annual number of mobile app downloads worldwide 2020 | Statista. Statista, September 2020 (2020). https://www.statista.com/statistics/271644/worldwide-free-and-paid-mobile-app-store-downloads/
Poniszewska-Maranda, A., Majchrzycka, A.: Access control approach in development of mobile applications. In: Younas, M., Awan, I., Kryvinska, N., Strauss, C., Thanh, D.V. (eds.) MobiWIS 2016. LNCS, vol. 9847, pp. 149–162. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-44215-0_12
Kitchenham, B., Brereton, O.P., Budgen, D., Turner, M., Bailey, J., Linkman, S.: Systematic literature reviews in software engineering - a systematic literature review. Inf. Softw. Technol. 51, 7–15 (2009)
Mejía, J., Maciel, P., Muñoz, M., Quiñonez, Y.: Frameworks to develop secure mobile applications: a systematic literature review. In: Rocha, Á., Adeli, H., Reis, L.P., Costanzo, S., Orovic, I., Moreira, F. (eds.) WorldCIST 2020. AISC, vol. 1160, pp. 137–146. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-45691-7_13
ISO/IEC: ISO/IEC 27001:2013, Information technolog. Security techniques. Information security management systems. Requirements
ISO/IEC: ISO/IEC 27034 — Information technology — Security techniques — Application security
Microsoft: Security Development Lifecycle | SDL Process Guidance Version 5.2 (2012)
McGraw, G.: Software Security: Building Security In. Addison-Wesley Professional, Richmond (2006)
Lund, M.S., Solhaug, B., Stølen, K.: The CORAS Model-Based Method. SINTEF, Oslo (2006)
Mejía, J., Muñoz, M., Maciel-Gallegos, P., Quiñonez, Y.: Proposal to integrate security practices into the ISO/IEC 29110 standard to develop mobile apps. In: Mejia, J., Muñoz, M., Rocha, Á., Avila-George, H., Martínez-Aguilar, G.M. (eds.) CIMPS 2021. AISC, vol. 1416, pp. 29–40. Springer, Cham (2022). https://doi.org/10.1007/978-3-030-89909-7_3
Amer, M., Daim, T.: Expert judgment quantification. In: Daim, T., Oliver, T., Kim, J. (eds.) Research and Technology Management in the Electricity Industry. Green Energy and Technology, pp. 31–65. Springer, London (2013). https://doi.org/10.1007/978-1-4471-5097-8_3
García, L., Fernández, S.J.: Procedimiento de aplicación del trabajo creativo en grupo de expertos. Ingeniería Energética XXIX(2), 46–50 (2008)
González Pacheco, M.Á., Muñoz Mata, M.A., Hernández Reveles, J.G.: Creación de una biblioteca de juegos serios para hacer más efectiva la enseñanza de Kanban acorde a las necesidades de la Pyme. M.S. thesis, CIMAT, Zacatecas (2021)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Maciel-Gallegos, P., Mejía, J., Quiñonez, Y. (2023). 29110+ST: Integrated Security Practices. Case Study. In: Mejia, J., Muñoz, M., Rocha, Á., Hernández-Nava, V. (eds) New Perspectives in Software Engineering. CIMPS 2022. Lecture Notes in Networks and Systems, vol 576. Springer, Cham. https://doi.org/10.1007/978-3-031-20322-0_8
Download citation
DOI: https://doi.org/10.1007/978-3-031-20322-0_8
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-20321-3
Online ISBN: 978-3-031-20322-0
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)