Skip to main content
SpringerLink
Log in

Security and Privacy Behavior Definition for Behavior Driven Development

  • Conference paper
Product-Focused Software Process Improvement (PROFES 2014)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 8892))

Abstract

There is an issue when security measures are implemented and tested while using agile software development techniques such as Behavior Driven Development (BDD). We need to define the necessary levels of security and the privacy behaviors and acceptance criteria for the BDD. A method for defining the acceptance criteria (BehaveSafe) by creating a threat and countermeasure graph called the T&C graph is proposed in this paper. We have estimated the efficiency of our method with a web based system.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Howard, M., Lipner, S.: The Security Development Lifecycle. Microsoft (2006)

    Google Scholar 

  2. Okubo, T., Taguchi, K., Kaiya, H., Yoshioka, N.: Masg: Advanced misuse case analysis model with assets and security goals. IPSJ Journal of Information Processing 22(3), 536–546 (2014)

    Article  Google Scholar 

  3. Sindre, G.: Mal-activity diagrams for capturing attacks on business processes. In: Sawyer, P., Heymans, P. (eds.) REFSQ 2007. LNCS, vol. 4542, pp. 355–366. Springer, Heidelberg (2007)

    Google Scholar 

  4. Sindre, G., Opdahl, A.L.: Eliciting security requirements with misuse cases. Requir. Eng. 10(1), 34–44 (2005)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Information Security, 2-14-1, Tsuruyamachi, Kanagawa-ku, Yokohama, Japan

    Takao Okubo

  2. School of Science and Technology for Future Life, Tokyo Denki University, 5, Senjuasahimachi, Adachi-ku, Japan

    Yoshio Kakizaki

  3. Computer Science and Engineer Department, Waseda University, 1-104 Totsukamachi, Shinjuku-ku, Tokyo, Japan

    Takanori Kobashi & Hironori Washizaki

  4. Shinshu University, 4-17-1, Wakasato, Nagano City, Japan, 380-8553

    Shinpei Ogata

  5. Kanagawa University, 2946 Tsuchiya, Hiratsuka-shi, Kanagawa-ken, Japan

    Haruhiko Kaiya

  6. GRACE Center, National Institute of Informatics / SOKENDAI, 2-1-2 Hitotsubashi, Chiyoda-ku, Tokyo, Japan

    Nobukazu Yoshioka

Authors
  1. Takao Okubo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Yoshio Kakizaki
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Takanori Kobashi
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Hironori Washizaki
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Shinpei Ogata
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Haruhiko Kaiya
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Nobukazu Yoshioka
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Fraunhofer IESE, Fraunhofer-Platz 1, 67663, Kaiserslautern, Germany

    Andreas Jedlitschka

  2. Department of Information Processing Science, University of Oulu, FI-90014, Finland

    Pasi Kuvaja

  3. The Maersk Mc-Kinney Moeller Institute, University of Southern Denmark, Campusvej 55, 5230, Odense, Denmark

    Marco Kuhrmann

  4. Department of Computer Science, University of Helsinki, 00014, Helsinki, Finland

    Tomi Männistö  & Jürgen Münch  & 

  5. Department of Computer Science and Engineering, Aalto University, 00076, Aalto, Finland

    Mikko Raatikainen

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer International Publishing Switzerland

About this paper

Cite this paper

Okubo, T. et al. (2014). Security and Privacy Behavior Definition for Behavior Driven Development. In: Jedlitschka, A., Kuvaja, P., Kuhrmann, M., Männistö, T., Münch, J., Raatikainen, M. (eds) Product-Focused Software Process Improvement. PROFES 2014. Lecture Notes in Computer Science, vol 8892. Springer, Cham. https://doi.org/10.1007/978-3-319-13835-0_28

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-13835-0_28

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-13834-3

  • Online ISBN: 978-3-319-13835-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation