-
January 10th, 2004, 11:36 PM
#1
Security engineering and your programming methodology
Recently I was reading about incorporating security engineering into projects being run by different programming methodologies. One of the points made by the author is that they thought that eXtreme programming (or agile programming) methods made it difficult to properly design and implement security for most programming projects. They held and strongly promoted the belief that cyclical models such as the one promoted by MSF allowed for better design and implementation.
I'm wondering what your opinions on this subject might be...
Have you practiced extreme programming and has it hampered you in any way? Was your experience any worse/better than when you tried a cyclical model of development?
Do you have any horror stories about trying to incorporate security into your programming project?
Any advice for people on how you believe it should be done?
If you need some background on the methodologies mentioned:
extreme programming - http://www.extremeprogramming.org
Microsoft Solutions Framework - http://www.microsoft.com/technet/tre...ol/default.asp
A good listing of other methodologies can be found easily via google. It's worth a look to see what's out there I think.
"When I get a little money I buy books; and if any is left I buy food and clothes." - Erasmus
"There is no programming language, no matter how structured, that will prevent programmers from writing bad programs." - L. Flon
"Mischief my ass, you are an unethical moron." - chsh
Blog of X
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|