Threat Poker: Gamification of Secure Agile

Autor: Audun Jøsang, Hanne Rygge, Viktoria Stray
Přispěvatelé: University of Oslo (UiO), Lynette Drevin, Suné Von Solms, Marianthi Theocharidou, TC 11, WG 11.8
Jazyk: angličtina
Rok vydání: 2020
Předmět:
Zdroj: Information Security Education. Information Security in Action
Information Security Education. Information Security in Action ISBN: 9783030592905
WISE
IFIP Advances in Information and Communication Technology
13th IFIP World Conference on Information Security Education (WISE)
13th IFIP World Conference on Information Security Education (WISE), Sep 2020, Maribor, Slovenia. pp.142-155, ⟨10.1007/978-3-030-59291-2_10⟩
DOI: 10.1007/978-3-030-59291-2_10⟩
Popis: Part 3: Gaming for Cybersecurity Training; International audience; Agile software development is practiced in most software development projects around the world. To explicitly consider and include security requirements as part of agile software development is referred to as ‘secure agile’. To include security will naturally require additional time and effort, with potentially reduced agility as a consequence. To maintain agility, it is important to have efficient methods to include security in the development process. In this study, we describe enhancements to Threat Poker, which is a game designed for the software development team to deal with security threats identified during the agile development project. Games can be valuable educational tools for actively engaging students and practitioners alike. An experiment with students indicates that playing Threat Poker increases security awareness and that it is a fun and simple way to discuss identified security threats and how to remove security vulnerabilities during the software development process.
Databáze: OpenAIRE
Externí odkaz: