posted by user: secse || 3568 views || tracked by 4 users: [display]

IJSSE 2011 : Special Issue on Lessons learned in engineering secure & dependable Web applications


When N/A
Where N/A
Submission Deadline Mar 7, 2011
Categories    software security   secure software engineering   web applications   security

Call For Papers

International Journal of Secure Software Engineering (IJSSE)
Special Issue Call for Papers
Lessons learned in engineering secure & dependable Web applications

Software is an integral part of everyday life, and we expect and depend upon software systems to perform correctly. Software security is about ensuring that systems continue to function correctly also under malicious attack. As most systems now are web-enabled, the number of attackers with access to the system increases dramatically and thus the threat scenario changes. The traditional approach to secure a system includes putting up defense mechanisms such as Intrusion Detection Systems and firewalls, but such measures are no longer sufficient by themselves. We need to be able to build better, more robust and thus more secure systems. Even more importantly, however, we should strive to achieve these qualities in all software systems, not just the ones that need special protection.

This special issue will focus on techniques, experiences and lessons learned for engineering secure and dependable software for the web.

Important Dates
Submission of papers 7 March 2011
Notification sent to authors 30 April 2011
Revised version submitted 15 June 2011
Final notification sent to authors 30 Aug 2011
Camera-ready submitted 30 Sep 2011

Submission Guidelines
Submission guidelines are available from the journal website: Please use following template for the submission:

Submit your article here:

Email inquiries and any supplementary material to guest editors (eweippl [at] or Martin.G.Jaatun [at]

Suggested topics include, but are not limited to:

* Secure architecture and design
* Security in agile software development
* Aspect-oriented software development for secure software
* Security requirements
* Risk management in software projects
* Secure implementation
* Secure deployment
* Testing for security
* Quantitative measurement of security properties
* Static and dynamic analysis for security
* Verification and assurance techniques for security properties
* Lessons learned
* Security and usability
* Teaching secure software development
* Experience reports on successfully attuning developers to secure software engineering

Special Issue Editors

* Martin Gilje Jaatun, SINTEF ICT, Norway
* Edgar Weippl, SBA Research, Austria
* Riccardo Scandariato, KU Leuven, Belgium

Edgar Weippl, SBA Research, Austria

Edgar R. Weippl (CISSP, CISA, CISM) is Research Director of Secure Business Austria and Priv.-Doz. at the Vienna University of Technology. His research focuses on applied concepts of IT-security and e-learning. Edgar is member of the steering committee of the ED-MEDIA conference; he organizes the ARES conference (as PC chair 2007, 08; panel and workshop chair 2009).

After graduating with a Ph.D. from the Vienna University of Technology, Edgar worked for two years in a research startup. He then spent one year teaching as an assistant professor at Beloit College, WI. From 2002 to 2004, while with the software vendor ISIS Papyrus, he worked as a consultant for an HMO (Empire BlueCross BlueShield) in New York, NY and Albany, NY, and for Deutsche Bank (PWM) in Frankfurt, Germany. In 2004 he joined the Vienna University of Technology and founded together with A Min Tjoa and Markus Klemen the research center Secure Business Austria.

Martin Gilje Jaatun, SINTEF ICT

Martin Gilje Jaatun graduated from the Norwegian Institute of Technology in 1992, and has been employed as a research scientist at SINTEF ICT in Trondheim since 2004. His research interests include software security "for the rest of us", information security in process control environments, and security in Cloud Computing. He co-founded the International Workshop on Secure Software Engineering in 2007, and has been the main organizer of SecSE since its inception.

Riccardo Scandariato, KU Leuven

Dr. Riccardo Scandariato obtained his PhD in Computer Science from Politecnico di Torino, Italy, in 2004. Since January 2006, he joined the Distributed Systems and Computer Networks Research Group (DistriNet) at the Katholieke Universiteit Leuven, Belgium, where he collaborates with Prof. Wouter Joosen. After an initial period as a PostDoc, in June 2009 he became a permanent member of the staff (Research Expert, equivalent to a lecturer) and he currently leads a team of security researchers in the area of Secure Software.

Dr. Scandariato's main research activities are in the area of secure software engineering, with a particular focus on security in software architectures (principles, patterns and methods) and security metrics & measurements. E-health is one of his favorite application domains to validate his research results.

Related Resources

4th ICSTR Rome 2021   4th ICSTR Rome – International Conference on Science & Technology Research, 09-10 September 2021
IEEE TDSC - XAI-CTI 2020   IEEE Transactions on Dependable and Secure Computing Special Issue on Explainable AI for Cyber Threat Intelligence (XAI-CTI) Applications
MLIOB 2020   International Conference on Machine Learning, IOT and Blockchain
EAI D3S 2020   (Virtual) EAI International Conference on Dependable and Secure Smart Spaces
JISA-CYBER-SEC 2020   Special Issue on Trends in Cybersecurity, Journal of Information Security and Applications, Elsevier
DADS 2021   ACM Dependable, Adaptive, and Secure Distributed Systems
MEAP 2020   4th International Conference on Mechanical Engineering & Applications
DASC 2020   The 18th IEEE Int’l Conference on Dependable, Autonomic and Secure Computing
DSN 2020   Dependable Systems and Networks