Criteria Prioritization in Adaptive Security Activities Selection, ASAS Model using Analytic Network Process, ANP
Organizations have proposed the best practices of security activities in software development life cycle as guidance for development team. However, the implementation of the security activities are influenced by criteria which are interdependent to each other and dynamic. Those criteria are experien...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Conference or Workshop Item |
| Published: |
Institute of Electrical and Electronics Engineers Inc.
2019
|
| Online Access: | https://www.scopus.com/inward/record.uri?eid=2-s2.0-85079284571&doi=10.1109%2fAINS47559.2019.8968709&partnerID=40&md5=97abc152ad8f89094fee5c1fb75ca83e http://eprints.utp.edu.my/23533/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Organizations have proposed the best practices of security activities in software development life cycle as guidance for development team. However, the implementation of the security activities are influenced by criteria which are interdependent to each other and dynamic. Those criteria are experience, skill and knowledge; teams workload; development team size; development timeline; and cost/budget. Therefore, the selection of security activities must be based on the priority of the criteria and adaptive. This paper addresses the adaptive security activities selection model as a multi-criteria decision making (MCDM) issue. Analytic Network Process (ANP) is proposed for weight calculation and criteria prioritization. Hypothetical examples were presented based on hard constraints faced by in-house web-based application development team in two different scenarios. The Decision Maker made the judgement by using the online ASAS model. The results show that experience, skill and knowledge get the highest priority in the first scenario while budget/cost get the highest priority in the second scenario. These prioritization will be used as a major requirement in security activities selection. © 2019 IEEE. |
|---|