IDEAS home Printed from https://ideas.repec.org/a/igg/jitwe0/v1y2006i2p1-24.html
   My bibliography  Save this article

Agile Development of Secure Web-Based Applications

Author

Listed:
  • A. F. Tappenden

    (University of Alberta, Canada)

  • T. Huynh

    (University of Alberta, Canada)

  • J. Miller

    (University of Alberta, Canada)

  • A. Geras

    (University of Calgary, Canada)

  • M. Smith

    (University of Calgary, Canada)

Abstract

This article outlines a four-point strategy for the development of secure Web-based applications within an agile development framework and introduces strategies to mitigate security risks commonly present in Web-based applications. The proposed strategy includes the representation of security requirements as test cases supported by the open source tool FIT, the deployment of a highly testable architecture allowing for security testing of the application at all levels, the outlining of an extensive security testing strategy supported by the open source unit-testing framework HTTPUnit, and the introduction of the novel technique of security refactoring that transforms insecure working code into a functionally equivalent secure code. Today, many Web-based applications are not secure, and limited literature exists concerning the use of agile methods within this domain. It is the intention of this article to further discussions and research regarding the use of an agile methodology for the development of secure Web-based applications.

Suggested Citation

  • A. F. Tappenden & T. Huynh & J. Miller & A. Geras & M. Smith, 2006. "Agile Development of Secure Web-Based Applications," International Journal of Information Technology and Web Engineering (IJITWE), IGI Global, vol. 1(2), pages 1-24, April.
    • Handle: RePEc:igg:jitwe0:v:1:y:2006:i:2:p:1-24
    as

    Download full text from publisher

    File URL: http://services.igi-global.com/resolvedoi/resolve.aspx?doi=10.4018/jitwe.2006040101
    Download Restriction: no
    ---><---

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Anže Mihelič & Simon Vrhovec & Tomaž Hovelja, 2023. "Agile Development of Secure Software for Small and Medium-Sized Enterprises," Sustainability, MDPI, vol. 15(1), pages 1-23, January.

    More about this item

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:igg:jitwe0:v:1:y:2006:i:2:p:1-24. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    We have no bibliographic references for this item. You can help adding them by using this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Journal Editor (email available below). General contact details of provider: https://www.igi-global.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.