posted by user: secse || 3311 views || tracked by 4 users: [display]

IJSSE 2011 : Special Issue on Lessons learned in engineering secure & dependable Web applications


When N/A
Where N/A
Submission Deadline Mar 7, 2011
Categories    software security   secure software engineering   web applications   security

Call For Papers

International Journal of Secure Software Engineering (IJSSE)
Special Issue Call for Papers
Lessons learned in engineering secure & dependable Web applications

Software is an integral part of everyday life, and we expect and depend upon software systems to perform correctly. Software security is about ensuring that systems continue to function correctly also under malicious attack. As most systems now are web-enabled, the number of attackers with access to the system increases dramatically and thus the threat scenario changes. The traditional approach to secure a system includes putting up defense mechanisms such as Intrusion Detection Systems and firewalls, but such measures are no longer sufficient by themselves. We need to be able to build better, more robust and thus more secure systems. Even more importantly, however, we should strive to achieve these qualities in all software systems, not just the ones that need special protection.

This special issue will focus on techniques, experiences and lessons learned for engineering secure and dependable software for the web.

Important Dates
Submission of papers 7 March 2011
Notification sent to authors 30 April 2011
Revised version submitted 15 June 2011
Final notification sent to authors 30 Aug 2011
Camera-ready submitted 30 Sep 2011

Submission Guidelines
Submission guidelines are available from the journal website: Please use following template for the submission:

Submit your article here:

Email inquiries and any supplementary material to guest editors (eweippl [at] or Martin.G.Jaatun [at]

Suggested topics include, but are not limited to:

* Secure architecture and design
* Security in agile software development
* Aspect-oriented software development for secure software
* Security requirements
* Risk management in software projects
* Secure implementation
* Secure deployment
* Testing for security
* Quantitative measurement of security properties
* Static and dynamic analysis for security
* Verification and assurance techniques for security properties
* Lessons learned
* Security and usability
* Teaching secure software development
* Experience reports on successfully attuning developers to secure software engineering

Special Issue Editors

* Martin Gilje Jaatun, SINTEF ICT, Norway
* Edgar Weippl, SBA Research, Austria
* Riccardo Scandariato, KU Leuven, Belgium

Edgar Weippl, SBA Research, Austria

Edgar R. Weippl (CISSP, CISA, CISM) is Research Director of Secure Business Austria and Priv.-Doz. at the Vienna University of Technology. His research focuses on applied concepts of IT-security and e-learning. Edgar is member of the steering committee of the ED-MEDIA conference; he organizes the ARES conference (as PC chair 2007, 08; panel and workshop chair 2009).

After graduating with a Ph.D. from the Vienna University of Technology, Edgar worked for two years in a research startup. He then spent one year teaching as an assistant professor at Beloit College, WI. From 2002 to 2004, while with the software vendor ISIS Papyrus, he worked as a consultant for an HMO (Empire BlueCross BlueShield) in New York, NY and Albany, NY, and for Deutsche Bank (PWM) in Frankfurt, Germany. In 2004 he joined the Vienna University of Technology and founded together with A Min Tjoa and Markus Klemen the research center Secure Business Austria.

Martin Gilje Jaatun, SINTEF ICT

Martin Gilje Jaatun graduated from the Norwegian Institute of Technology in 1992, and has been employed as a research scientist at SINTEF ICT in Trondheim since 2004. His research interests include software security "for the rest of us", information security in process control environments, and security in Cloud Computing. He co-founded the International Workshop on Secure Software Engineering in 2007, and has been the main organizer of SecSE since its inception.

Riccardo Scandariato, KU Leuven

Dr. Riccardo Scandariato obtained his PhD in Computer Science from Politecnico di Torino, Italy, in 2004. Since January 2006, he joined the Distributed Systems and Computer Networks Research Group (DistriNet) at the Katholieke Universiteit Leuven, Belgium, where he collaborates with Prof. Wouter Joosen. After an initial period as a PostDoc, in June 2009 he became a permanent member of the staff (Research Expert, equivalent to a lecturer) and he currently leads a team of security researchers in the area of Secure Software.

Dr. Scandariato's main research activities are in the area of secure software engineering, with a particular focus on security in software architectures (principles, patterns and methods) and security metrics & measurements. E-health is one of his favorite application domains to validate his research results.

Related Resources

DASC 2019   17th IEEE International Conference on Dependable Autonomic and Secure Computing
ETRIJ Cyber Security & AI 2019   ETRI Journal Special issue on Cyber Security and AI
DSN 2019   Dependable Systems and Networks
ESORICS 2019   The 24th European Symposium on Research in Computer Security
ICSTR 2019   2nd ICSTR London – International Conference on Science & Technology Research, 12-13 September 2019
CLOUD 2019   8th International Conference on Cloud Computing: Services and Architecture
ICSTR 2019   2nd ICSTR Jakarta – International Conference on Science & Technology Research, 19-20 September 2019
DBSEC 2019   33rd Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy
ICSTR 2019   ICSTR Istanbul – International Conference on Science & Technology Research, 08-09 August 2019
ICSTR 2019   2nd ICSTR Rome – International Conference on Science & Technology Research, 30-31 August 2019