International Journal of Secure Software Engineering (IJSSE)
Special Issue Call for Papers
Lessons learned in engineering secure & dependable Web applications
http://www.sislab.no/ijsse
Software is an integral part of everyday life, and we expect and
depend upon software systems to perform correctly. Software security
is about ensuring that systems continue to function correctly also
under malicious attack. As most systems now are web-enabled, the
number of attackers with access to the system increases dramatically
and thus the threat scenario changes. The traditional approach to
secure a system includes putting up defense mechanisms such as
Intrusion Detection Systems and firewalls, but such measures are no
longer sufficient by themselves. We need to be able to build better,
more robust and thus more secure systems. Even more importantly,
however, we should strive to achieve these qualities in all software
systems, not just the ones that need special protection.
This special issue will focus on techniques, experiences and lessons learned for engineering secure and dependable software for the web.
Important Dates
| Submission of papers
|
7 March 2011
|
| Notification sent to authors
|
30 April 2011
|
| Revised version submitted
|
15 June 2011
|
| Final notification sent to authors
|
30 Aug 2011
|
| Camera-ready submitted
|
30 Sep 2011
|
Submission Guidelines
Submission guidelines are available from the journal website:
www.igi-global.com/ijsse
Please use following template for the submission:
http://www.sislab.no/ijsse/IJSSE_submissionTemplate.doc
Submit your articles electronically at the following site:
http://confdriver.ifs.tuwien.ac.at/ijsse2011
Email inquiries and any supplementary material to guest editors (eweippl [at] sba-research.org or Martin.G.Jaatun [at] sintef.no).
Topics
Suggested topics include, but are not limited to:
- Secure architecture and design
- Security in agile software development
- Aspect-oriented software development for secure software
- Security requirements
- Risk management in software projects
- Secure implementation
- Secure deployment
- Testing for security
- Quantitative measurement of security properties
- Static and dynamic analysis for security
- Verification and assurance techniques for security properties
- Lessons learned
- Security and usability
- Teaching secure software development
- Experience reports on successfully attuning developers to secure software engineering
Special Issue Editors
- Martin Gilje Jaatun, SINTEF ICT, Norway
- Edgar Weippl, SBA Research, Austria
- Riccardo Scandariato, KU Leuven, Belgium
Edgar Weippl, SBA Research, Austria
Edgar R. Weippl (CISSP, CISA, CISM) is Research Director of Secure Business Austria and Priv.-Doz. at the Vienna University of Technology. His research focuses on applied concepts of IT-security and e-learning. Edgar is member of the steering committee of the ED-MEDIA conference; he organizes the ARES conference (as PC chair 2007, 08; panel and workshop chair 2009).
After graduating with a Ph.D. from the Vienna University of
Technology, Edgar worked for two years in a research startup. He then
spent one year teaching as an assistant professor at Beloit College,
WI. From 2002 to 2004, while with the software vendor ISIS Papyrus, he
worked as a consultant for an HMO (Empire BlueCross BlueShield) in New
York, NY and Albany, NY, and for Deutsche Bank (PWM) in Frankfurt,
Germany. In 2004 he joined the Vienna University of Technology and
founded together with A Min Tjoa and Markus Klemen the research center
Secure Business Austria.
Martin Gilje Jaatun, SINTEF ICT
Martin Gilje Jaatun graduated from the Norwegian Institute of
Technology in 1992, and has been employed as a research scientist at
SINTEF ICT in Trondheim since 2004. His research interests include
software security "for the rest of us", information security in
process control environments, and security in Cloud Computing. He
co-founded the International Workshop on Secure Software Engineering
in 2007, and has been the main organizer of SecSE since its inception.
Riccardo Scandariato, KU Leuven
Dr. Riccardo Scandariato obtained his PhD in Computer Science from
Politecnico di Torino, Italy, in 2004. Since January 2006, he joined
the Distributed Systems and Computer Networks Research Group
(DistriNet) at the Katholieke Universiteit Leuven, Belgium, where he
collaborates with Prof. Wouter Joosen. After an initial period as a
PostDoc, in June 2009 he became a permanent member of the staff
(Research Expert, equivalent to a lecturer) and he currently leads a
team of security researchers in the area of Secure Software.
Dr. Scandariato main research activities are in the area of secure
software engineering, with a particular focus on security in software
architectures (principles, patterns and methods) and security metrics
& measurements. E-health is one of his favorite application
domains to validate his research results.