RUP extension for the development of secure systems
International Journal of Web Information Systems
ISSN: 1744-0084
Article publication date: 20 December 2007
Abstract
Purpose
Nowadays, most of the software development processes still does not provide appropriate support for the development of secure systems. Rational Unified Process (RUP) is a well‐known software engineering process that provides a disciplined approach to assigning tasks and responsibilities; however, it has little support for development of secure systems. This work aims to present a proposal of RUP for the development of secure systems.
Design/methodology/approach
In order to obtain the proposed RUP, the authors consider security as a knowledge area (discipline) and they define workflow, activities and roles according to the architecture of process engineering Unified Method Architecture (UMA). A software development was used to assess qualitatively the extended RUP.
Findings
Based on the development, the authors find that the proposed process produces security requirements in a more systematic way and results in the definition of better system architecture.
Research limitations/implications
The proposed extension requires specific adaptation if other development processes such as agile process and waterfall are employed.
Practical implications
The extension facilitates, the management of execution, and control of the activities and tasks related to security and the development teams can benefit by constructing better quality software.
Originality/value
The originality of the paper is the proposal of extension to RUP in order to consider security in a disciplined and organized way.
Keywords
Citation
Eduardo de Barros Paes, C. and Massaki Hirata, C. (2007), "RUP extension for the development of secure systems", International Journal of Web Information Systems, Vol. 3 No. 4, pp. 293-314. https://doi.org/10.1108/17440080710848099
Publisher
:Emerald Group Publishing Limited
Copyright © 2007, Emerald Group Publishing Limited