Explain Scrum - a type of an agile method?

Scrum as we all know is the agile software development methodology most in use nowadays for the development of many types of software systems and applications. It has been classified under the category of iterative and incremental development methodologies that works in an excellent way in managing the software products and projects. It also helps in management of the application development. 

Roles & Methods for Scrum Methodology

Some sets of predefined roles and methods have been defined for the scrum methodology:

1. The development team: It involves a team that is cross functional and self organized and takes care of the following processes:

          (a)    Analysis

(b)   Designing

(c)    Implementation

(d)   Testing and so on.  

At the end of each sprint, a shippable product is to be delivered by the development team. A typical development team may constitute of 3 – 9 members with self organizing skills which are required even though there is an interaction with the PMOs or project management organizations.

2. The product owner: The product owner is the representative of all the stake holders and sometimes may also represent the business. He/ she can also be regarded as the soul voice of the customer and he/ she is responsible for the following activities:

          (a)    Writing the customer centric items or user stories

(b)   Prioritizing the requirements based up on the user stories

(c)    Adding those identified requirements to the back log of the product.

This role is not supposed to be combined with the next one i.e., the scrum master.

3. The scrum master: The scrum master is responsible for ensuring that the whole process if followed and the impediments to the ability of the team are removed so as to make the delivery of the sprint goals easy and early. He is the one who facilitates the whole scrum development process. Scrum master as the name suggests should not be mistaken as the leader of the development team, he is in fact a buffer between the distracting influences and the development team. In a way he/ she make sure that the development process takes the intended route and enforces the rules to do so.

The above mentioned roles are called the core roles and there is another class of roles called the “ancillary roles” and as such they have no formal role but they have to be taken in to account. They have been mentioned below:

1. The stake holders and
2. The managers.

How Scrum is Useful?

- Scrum is quite useful when it comes to the management of the agile projects since it reinforces the interest in the agile development of the project. 

- The scrum and agile development method had come to challenge the conventional ideas regarding the agile project management. 

- Scrum methodology helps in the agile development at the steps where it becomes difficult to set the plan for upcoming processes. 

- The scrum and agile development methodology makes use of the concepts quite contrary to those used by the traditional development methods i.e., the mechanism of the empirical process control.

- Here the core management technique is constituted by the feedback loops. 

- The traditional development methods were command and control oriented.

- This mixed methodology of agile development and scrum has come to represent an entirely new radical approach that plans and manages the agile projects. 

- It has brought the level of the decision making authority to that of the operation certainties and properties.

- A project status meeting is held every day till the development continues which is called the “daily scrum”. 

- Below mentioned are some of the project management tools that support scrum:

1. Banana scrum
2. JIRA using Green Hopper plug-in
3. Mingle by thought works studios
4. Scrum Do
5. Pivotal tracker
6. Microsoft team foundation server

What is meant by correct filtering of user input?

Security is the top priority, be it any type of application or software. It has an importance that keeps growing with every phase of the software system or application development. Its importance is also reflected in the open source and commercial projects. Security is a very vast topic and there are many ways to implement and maintain security for all the stages. The data filtering of user input is one such way and this article is focused on this.

About Filtering of User Input

Being practical, almost all the applications or software systems depend on some external input or data to process and give out output or to start some process. 

- This input or data is supplied by the user or in some cases by some other applications (may be bots, web services clients, and scanner and so on). 

- Nobody knows what might be the nature of the user input, it can be either harmless or it can be malicious. - So it becomes mandatory for every developer to filter out this incoming foreign data.

- Input filtering is one of the important processes of the security mechanism of any application software and is independent of the environment and language.

- Today there are so many tools available that serve the purpose of filtering the input or data, for example, CGI for Perl.

- Foreign data can constitute of anything ranging from a web form to the results of the data base queries and also cookies, files, web services data, environment variables, server variables and so on. 

- The filter tools support all these kinds of user inputs. 

- The testing, validation as well as filtering of the custom or user input data every now and then can be quite annoying as well as time and effort consuming task. 

- It is quite common that while testing the tester may forget to write a test and if written also it might be incomplete.

- The filtering tools and extensions help curb these types of traps. 

- Usually filter tools follow two types of filtering methodologies:

1. Logical filtering: It involves a strong and stringent analysis of the input data, checking for the correctness of the formats and the expected type is returned if the data passes the test.
2. Sanitizing filtering: It involves determining whether or not to allow certain characters in a string. The data format is really not cared about in this type of filtering and a string is always returned.

How can filters be useful?

- It is quite a misconception that filters provide an object oriented interface. It is not so. 

- There are some filters that are also capable of turning ordinary line breaks in to effective HTML tags.

- Using the filters you can decide which input formats are to be made available to the users or you can put up a default format. 

- While the application is working up on the user input, keeping it as secure as possible prevents many security hazards.

- One of the most severe security risks is encountered whenever the full HTML is posted without being filtered.

- Most of the PHP filters are considered to be dangerous as they allow the execution of the code driven queries and other things on the data base of the web site. 

- For better input filtering, one needs to explore the modules for installing special filters that allow one to embed references to other resources, videos and so on. 

- Input filtering is much similar to filtering water for drinking and other uses.

- In some of the cases the application functions with the malicious data also, this leads to a kind of robustness of the application.