Blar i SINTEF Open på forfatter "Oyetoyan, Tosin Daniel"
-
Challenges and approaches of performing canonical action research in software security: research paper
Cruzes, Daniela Soares; Jaatun, Martin Gilje; Oyetoyan, Tosin Daniel (Chapter, 2018)When studying work practices, it is important to obtain accurate and reliable information about how work is actually done. Action research is an interactive inquiry process that balances problemsolving actions implemented ... -
Comparing Capability of Static Analysis Tools to Detect Security Weaknesses in Mobile Applications
Oyetoyan, Tosin Daniel; Chaim, Marcos (Journal article; Peer reviewed, 2017) -
How is security testing done in agile teams? A cross-case analysis of four software teams
Cruzes, Daniela Soares; Felderer, Michael; Oyetoyan, Tosin Daniel; Gander, Matthias; Pekaric, Irdin (Journal article; Peer reviewed, 2017)Security testing can broadly be described as (1) the testing of security requirements that concerns confidentiality, integrity, availability, authentication, authorization, nonrepudiation and (2) the testing of the software ... -
An improved text classification modelling approach to identify security messages in heterogeneous projects
Oyetoyan, Tosin Daniel; Morrison, Patrick (Peer reviewed; Journal article, 2021)Security remains under-addressed in many organisations, illustrated by the number of large-scale software security breaches. Preventing breaches can begin during software development if attention is paid to security during ... -
A Lightweight Measurement of Software Security Skills, Usage and Training Needs in Agile Teams
Oyetoyan, Tosin Daniel; Jaatun, Martin Gilje; Cruzes, Daniela Soares (Peer reviewed; Journal article, 2017)Although most organizations understand the need for application security at an abstract level, achieving adequate software security at the sharp end requires taking bold steps to address security practices within the ... -
Myths and Facts About Static Application Security Testing Tools: An Action Research at Telenor Digital
Oyetoyan, Tosin Daniel; Milosheska, Bisera; Grini, Mari; Cruzes, Daniela Soares (Chapter, 2018)It is claimed that integrating agile and security in practice is challenging. There is the notion that security is a heavy process, requires expertise, and consumes developers’ time. These contrast with the agile vision. ... -
OAS DB: A Repository of Specifications to Support OpenAPI Research
Stoll, Alex Braha; Chaim, Marcos Lordello; Oyetoyan, Tosin Daniel; Cruzes, Daniela Soares (Peer reviewed; Journal article, 2020)There are many specifications used to describe a Web API. One of the most popular ones is OpenAPI. This specification allows one to describe all the resources that can be accessed and manipulated through a REST Web API. ... -
Understanding challenges to adoption of the Microsoft Elevation of Privilege game
Tøndel, Inger Anne; Oyetoyan, Tosin Daniel; Jaatun, Martin Gilje; Cruzes, Daniela Soares (Chapter, 2018)The goal of secure software engineering is to create software that keeps performing as intended even when exposed to an active attacker. Threat modelling is considered to be a key activity, but can be challenging to perform ... -
Understanding Challenges to Adoption of the Protection Poker Software Security Game
Tøndel, Inger Anne; Jaatun, Martin Gilje; Cruzes, Daniela Soares; Oyetoyan, Tosin Daniel (Lecture Notes in Computer Science (LNCS);, Chapter; Peer reviewed, 2019)Currently, security requirements are often neglected in agile projects. Despite many approaches to agile security requirements engineering in literature, there is little empirical research available on why there is limited ...