IJSSE 2011 : Special Issue on Lessons learned in engineering secure & dependable Web applications
Call For Papers
International Journal of Secure Software Engineering (IJSSE)
Special Issue Call for Papers
Lessons learned in engineering secure & dependable Web applications
Software is an integral part of everyday life, and we expect and depend upon software systems to perform correctly. Software security is about ensuring that systems continue to function correctly also under malicious attack. As most systems now are web-enabled, the number of attackers with access to the system increases dramatically and thus the threat scenario changes. The traditional approach to secure a system includes putting up defense mechanisms such as Intrusion Detection Systems and firewalls, but such measures are no longer sufficient by themselves. We need to be able to build better, more robust and thus more secure systems. Even more importantly, however, we should strive to achieve these qualities in all software systems, not just the ones that need special protection.
This special issue will focus on techniques, experiences and lessons learned for engineering secure and dependable software for the web.
Submission of papers 7 March 2011
Notification sent to authors 30 April 2011
Revised version submitted 15 June 2011
Final notification sent to authors 30 Aug 2011
Camera-ready submitted 30 Sep 2011
Submission guidelines are available from the journal website: www.igi-global.com/ijsse Please use following template for the submission:
Submit your article here: http://confdriver.ifs.tuwien.ac.at/ijsse2011
Email inquiries and any supplementary material to guest editors (eweippl [at] sba-research.org or Martin.G.Jaatun [at] sintef.no).
Suggested topics include, but are not limited to:
* Secure architecture and design
* Security in agile software development
* Aspect-oriented software development for secure software
* Security requirements
* Risk management in software projects
* Secure implementation
* Secure deployment
* Testing for security
* Quantitative measurement of security properties
* Static and dynamic analysis for security
* Verification and assurance techniques for security properties
* Lessons learned
* Security and usability
* Teaching secure software development
* Experience reports on successfully attuning developers to secure software engineering
Special Issue Editors
* Martin Gilje Jaatun, SINTEF ICT, Norway
* Edgar Weippl, SBA Research, Austria
* Riccardo Scandariato, KU Leuven, Belgium
Edgar Weippl, SBA Research, Austria
Edgar R. Weippl (CISSP, CISA, CISM) is Research Director of Secure Business Austria and Priv.-Doz. at the Vienna University of Technology. His research focuses on applied concepts of IT-security and e-learning. Edgar is member of the steering committee of the ED-MEDIA conference; he organizes the ARES conference (as PC chair 2007, 08; panel and workshop chair 2009).
After graduating with a Ph.D. from the Vienna University of Technology, Edgar worked for two years in a research startup. He then spent one year teaching as an assistant professor at Beloit College, WI. From 2002 to 2004, while with the software vendor ISIS Papyrus, he worked as a consultant for an HMO (Empire BlueCross BlueShield) in New York, NY and Albany, NY, and for Deutsche Bank (PWM) in Frankfurt, Germany. In 2004 he joined the Vienna University of Technology and founded together with A Min Tjoa and Markus Klemen the research center Secure Business Austria.
Martin Gilje Jaatun, SINTEF ICT
Martin Gilje Jaatun graduated from the Norwegian Institute of Technology in 1992, and has been employed as a research scientist at SINTEF ICT in Trondheim since 2004. His research interests include software security "for the rest of us", information security in process control environments, and security in Cloud Computing. He co-founded the International Workshop on Secure Software Engineering in 2007, and has been the main organizer of SecSE since its inception.
Riccardo Scandariato, KU Leuven
Dr. Riccardo Scandariato obtained his PhD in Computer Science from Politecnico di Torino, Italy, in 2004. Since January 2006, he joined the Distributed Systems and Computer Networks Research Group (DistriNet) at the Katholieke Universiteit Leuven, Belgium, where he collaborates with Prof. Wouter Joosen. After an initial period as a PostDoc, in June 2009 he became a permanent member of the staff (Research Expert, equivalent to a lecturer) and he currently leads a team of security researchers in the area of Secure Software.
Dr. Scandariato's main research activities are in the area of secure software engineering, with a particular focus on security in software architectures (principles, patterns and methods) and security metrics & measurements. E-health is one of his favorite application domains to validate his research results.