Achieving "Good Enough" Software Security: The Role of Objectivity

Sammendrag

Today's software development projects need to consider security as one of the qualities the software should possess. However, overspending on security will imply that the software will become more expensive and often also delayed. This paper discusses the role of objectivity in assessing and researching the goal of good enough security. Different understandings of objectivity are introduced, and the paper explores how these can guide the way forward in improving judgements on what level of security is good enough. The paper recommends adopting and improving upon methods that include different perspectives, support the building of interactive expertise, and support confirmability by keeping documentation of the basis on which judgements were made.

Les publikasjonen

Kategori

Vitenskapelig kapittel

Språk

Engelsk

Forfatter(e)

Inger Anne Tøndel
Daniela Soares Cruzes
Martin Gilje Jaatun

Institusjon(er)

SINTEF Digital / Software Engineering, Safety and Security
Norges teknisk-naturvitenskapelige universitet

År

2020

Forlag

Association for Computing Machinery (ACM)

Bok

EASE '20: Proceedings of the Evaluation and Assessment in Software Engineering

ISBN

9781450377317

Side(r)

360 - 365

DOI

https://doi.org/10.1145/3383219.3383267

Les fulltekst

https://hdl.handle.net/11250/2725940

Vis denne publikasjonen hos Nasjonalt Vitenarkiv

Kontakt oss

Tjenester

Rapporter og publikasjoner

Forskningssenter og samarbeid

Karriere

Bærekraft

Institutter

Andre enheter

Ledelse og organisering

Om oss

Følg oss