Abstract
There is an issue when security measures are implemented and tested while using agile software development techniques such as Behavior Driven Development (BDD). We need to define the necessary levels of security and the privacy behaviors and acceptance criteria for the BDD. A method for defining the acceptance criteria (BehaveSafe) by creating a threat and countermeasure graph called the T&C graph is proposed in this paper. We have estimated the efficiency of our method with a web based system.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Howard, M., Lipner, S.: The Security Development Lifecycle. Microsoft (2006)
Okubo, T., Taguchi, K., Kaiya, H., Yoshioka, N.: Masg: Advanced misuse case analysis model with assets and security goals. IPSJ Journal of Information Processing 22(3), 536–546 (2014)
Sindre, G.: Mal-activity diagrams for capturing attacks on business processes. In: Sawyer, P., Heymans, P. (eds.) REFSQ 2007. LNCS, vol. 4542, pp. 355–366. Springer, Heidelberg (2007)
Sindre, G., Opdahl, A.L.: Eliciting security requirements with misuse cases. Requir. Eng. 10(1), 34–44 (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Okubo, T. et al. (2014). Security and Privacy Behavior Definition for Behavior Driven Development. In: Jedlitschka, A., Kuvaja, P., Kuhrmann, M., Männistö, T., Münch, J., Raatikainen, M. (eds) Product-Focused Software Process Improvement. PROFES 2014. Lecture Notes in Computer Science, vol 8892. Springer, Cham. https://doi.org/10.1007/978-3-319-13835-0_28
Download citation
DOI: https://doi.org/10.1007/978-3-319-13835-0_28
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-13834-3
Online ISBN: 978-3-319-13835-0
eBook Packages: Computer ScienceComputer Science (R0)