In this article, author discusses three techniques to defend against malicious users in software systems. These techniques includes creating personas to think strategically about the mischief a malicious user might attempt, misuse cases used to determine how the software should respond to unintended use, and activity diagrams annotated with security concerns.
Product risk analysis (PRA) is not only useful in testing but is also applicable during the various phases of sequential or agile system development. This article introduces a different application of PRA that elevates it from project level to domain level. It shows how you can go from risk and requirement-based testing to risk and requirement-based development.
Mobile and embedded devices, more than any other technology, are an integral part of our lives and have the potential to become a part of us. This article discusses what “human experience” testing is and is not, and uses concepts from human computer interaction design theory to establish a framework for developing “human experience” test scenarios.
Chris Haddad explains in this article what Shadow IT is, what role it plays in the enterprise and why Enterprise IT needs to embrace it, adapt and address Shadow IT requirements, autonomy, and goals.
The Incremental Commitment Spiral Model: Principles and Practices for Successful Systems and Software describes a process model generator. InfoQ interviewed the authors Barry Boehm and Richard Turner.
Before you start a project, achieving team alignment is essential for efficacy and efficiency. This article describes how to do a single full-day inception meeting to get the extended team aligned.
This InfoQ article series focuses on automation tools and ideas for maintaining dynamic pools of compute resources.
Security. Cloud. Two words that are almost always together but rarely happily. Learn why that isn’t the case and what you need to known about securing your critical infrastructure in the cloud. 3
Mobile operations management is one of the top priorities of modern enterprise and after establishing solutions for device management, the next challenge is to manage and secure mobile business data.
Approximately 60% of all computers sold worldwide today are portable, making them an easy target for criminals. How can your personal data be protected? With one word - encryption! 2
With the news stories of possible data breaches at enterprises like Target, and companies migrating to cloud environments, CIOs have been asking hard questions about cloud security. 2
In this article, authors discuss the role of big data and Hadoop in security analytics space and how to use MapReduce to process data for security analysis.