Printed from https://ideas.repec.org/s/igg/jsse00.html
Content
January 2017, Volume 8, Issue 1
- 1-27 A Lightweight Measurement of Software Security Skills, Usage and Training Needs in Agile Teams
by Tosin Daniel Oyetoyan & Martin Gilje Jaatun & Daniela Soares Cruzes - 28-42 Jif-Based Verification of Information Flow Policies for Android Apps
by Lina M. Jimenez & Martin Ochoa & Sandra J. Rueda - 43-57 Case Study of Agile Security Engineering: Building Identity Management for a Government Agency
by Kalle Rindell & Sami Hyrynsalmi & Ville Leppänen
October 2016, Volume 7, Issue 4
- 1-18 Survey of Vulnerabilities and Mitigation Techniques for Mooc-Based Applications
by Hossain Shahriar & Hisham M. Haddad & David Lebron & Rubana Lupu - 19-38 Vulnerability Discovery Modeling for Open and Closed Source Software
by Ruchi Sharma & Ritu Sibal & A.K. Shrivastava - 39-50 Where to Integrate Security Practices on DevOps Platform
by Hasan Yasar & Kiriakos Kontostathis
July 2016, Volume 7, Issue 3
- 1-25 Towards Ontological Approach to Security Risk Analysis of Information System: Model and Architecture
by Oluwasefunmi ‘Tale Arogundade & Olusola Adeniran & Zhi Jin & Yang Xiaoguang - 26-43 An Exploratory Study of the Security Design Pattern Landscape and their Classification
by Poonam Ponde & Shailaja Shirwaikar - 44-73 Migration Goals and Risk Management in Cloud Computing: A Review of State of the Art and Survey Results on Practitioners
by Shareeful Islam & Stefan Fenz & Edgar Weippl & Christos Kalloniatis
April 2016, Volume 7, Issue 2
- 1-18 Fuzzy Rule-Based Vulnerability Assessment Framework for Web Applications
by Hossain Shahriar & Hisham Haddad - 19-36 The Case for Privacy Awareness Requirements
by Inah Omoronyia - 37-64 An Incremental B-Model for RBAC-Controlled Electronic Marking System
by Nasser Al-hadhrami & Benjamin Aziz & Lotfi ben Othmane
January 2016, Volume 7, Issue 1
- 1-16 Agile Threat Assessment and Mitigation: An Approach for Method Selection and Tailoring
by Clemens Teichmann & Stephan Renatus & Jörn Eichler - 17-37 Evaluation of the Challenges of Developing Secure Software Using the Agile Approach
by Hela Oueslati & Mohammad Masudur Rahman & Lotfi ben Othmane & Imran Ghani & Adila Firdaus Bt Arbain - 38-52 Steps Towards Fuzz Testing in Agile Test Automation
by Pekka Pietikäinen & Atte Kettunen & Juha Röning
October 2015, Volume 6, Issue 4
- 1-31 Supporting Consistency during the Development and Evolution of Quality Unified Use-Misuse Case Models
by Mohamed El-Attar - 32-51 Expansion and Practical Implementation of the MFC Cybersecurity Model via a Novel Security Requirements Taxonomy
by Neila Rjaibi & Latifa Ben Arfa Rabai - 52-63 An Introduction to Remote Installation Vulnerability in Content Management Systems
by Mehdi Dadkhah & Shahaboddin Shamshirband
July 2015, Volume 6, Issue 3
- 1-25 Request and Response Analysis Framework for Mitigating Clickjacking Attacks
by Hossain Shahriar & Hisham Haddad & Vamshee Krishna Devendran - 26-49 Method Using Command Abstraction Library for Iterative Testing Security of Web Applications
by Seiji Munetoh & Nobukazu Yoshioka - 50-64 An Alternative Threat Model-based Approach for Security Testing
by Bouchaib Falah & Mohammed Akour & Samia Oukemeni
April 2015, Volume 6, Issue 2
- 1-22 An Empirical Bandwidth Analysis of Interrupt-Related Covert Channels
by Richard Gay & Heiko Mantel & Henning Sudbrock - 23-46 Calculating Quantitative Integrity and Secrecy for Imperative Programs
by Tom Chothia & Chris Novakovic & Rajiv Ranjan Singh - 47-69 Using Attack Graphs to Analyze Social Engineering Threats
by Kristian Beckers & Leanid Krautsevich & Artsiom Yautsiukhin - 70-89 Risk-Based Privacy-Aware Information Disclosure
by Alessandro Armando & Michele Bezzi & Nadia Metoui & Antonino Sabetta - 90-112 Assessing the Usefulness of Testing for Validating and Correcting Security Risk Models Based on Two Industrial Case Studies
by Gencer Erdogan & Fredrik Seehusen & Ketil Stølen & Jon Hofstad & Jan Øyvind Aagedal
January 2015, Volume 6, Issue 1
- 1-23 A Method and Case Study for Using Malware Analysis to Improve Security Requirements
by Nancy R. Mead & Jose Andre Morales & Gregory Paul Alice - 24-46 A Pattern-Based and Tool-Supported Risk Analysis Method Compliant to ISO 27001 for Cloud Systems
by Azadeh Alebrahim & Denis Hatebur & Stephan Fassbender & Ludger Goeke & Isabelle Côté - 47-75 Balancing Product and Process Assurance for Evolving Security Systems
by Wolfgang Raschke & Massimiliano Zilli & Philip Baumgartner & Johannes Loinig & Christian Steger & Christian Kreiner
October 2014, Volume 5, Issue 4
- 1-30 Validating Security Design Pattern Applications by Testing Design Models
by Takanori Kobashi & Nobukazu Yoshioka & Haruhiko Kaiya & Hironori Washizaki & Takano Okubo & Yoshiaki Fukazawa - 31-47 A Tagging Approach to Extract Security Requirements in Non-Traditional Software Development Processes
by Annette Tetmeyer & Daniel Hein & Hossein Saiedian - 48-98 Evolution of Security Engineering Artifacts: A State of the Art Survey
by Michael Felderer & Basel Katt & Philipp Kalb & Jan Jürjens & MartÃn Ochoa & Federica Paci & Le Minh Sang Tran & Thein Than Tun & Koen Yskout & Riccardo Scandariato & Frank Piessens & Dries Vanoverberghe & Elizabeta Fourneret & Matthias Gander & Bjørnar Solhaug & Ruth Breu
July 2014, Volume 5, Issue 3
- 1-15 Information Theoretic XSS Attack Detection in Web Applications
by Hossain Shahriar & Sarah North & Wei-Chuen Chen & Edward Mawangi - 16-31 Design Churn as Predictor of Vulnerabilities?
by Aram Hovsepyan & Riccardo Scandariato & Maximilian Steff & Wouter Joosen - 32-55 Secure Software Development Assimilation: Effects of External Pressures and Roles of Internal Factors
by Mingqiu Song & Donghao Chen & Elizabeth Sylvester Mkoba - 56-74 Meta-Modeling Based Secure Software Development Processes
by Mehrez Essafi & Henda Ben Ghezala
April 2014, Volume 5, Issue 2
- 1-19 Threat Analysis in Goal-Oriented Security Requirements Modelling
by Per Håkon Meland & Elda Paja & Erlend Andreas Gjære & Stéphane Paul & Fabiano Dalpiaz & Paolo Giorgini - 20-43 A Structured Method for Security Requirements Elicitation concerning the Cloud Computing Domain
by Kristian Beckers & Isabelle Côté & Ludger Goeke & Selim Güler & Maritta Heisel - 44-64 Automated Synthesis and Ranking of Secure BPMN Orchestrators
by Vincenzo Ciancia & Jose Martin & Fabio Martinelli & Ilaria Matteucci & Marinella Petrocchi & Ernesto Pimentel
January 2014, Volume 5, Issue 1
- 1-18 Validation of a Trust Approach in Multi-Organization Environments
by Khalifa Toumi & Ana Cavalli & César Andrés - 19-38 An Invariant-Based Approach for Detecting Attacks Against Data in Web Applications
by Romaric Ludinard & Éric Totel & Frédéric Tronel & Vincent Nicomette & Mohamed Kaâniche & Éric Alata & Rim Akrout & Yann Bachy - 39-60 Remote E-Voting Using the Smart Card Web Server
by Sheila Cobourne & Lazaros Kyrillidis & Keith Mayes & Konstantinos Markantonakis - 61-74 Improving the Detection of On-Line Vertical Port Scan in IP Traffic
by Christine Fricker & Philippe Robert & Yousra Chabchoub
October 2013, Volume 4, Issue 4
- 1-24 Performance Evaluation of SHA-2 Standard vs. SHA-3 Finalists on Two Freescale Platforms
by Pal-Stefan Murvay & Bogdan Groza - 25-46 Optimal Voting Strategy against Random and Targeted Attacks
by Li Wang & Zheng Li & Shangping Ren & Kevin Kwiat - 47-69 Trust Based Interdependency Weighting for On-Line Risk Monitoring in Interdependent Critical Infrastructures
by Filipe Caldeira & Thomas Schaberreiter & Sébastien Varrette & Edmundo Monteiro & Paulo Simões & Pascal Bouvry & Djamel Khadraoui
July 2013, Volume 4, Issue 3
- 1-17 Assessing the Value of Formal Control Mechanisms on Strong Password Selection
by Jeff Crawford - 18-41 Semi-Automatic Annotation of Natural Language Vulnerability Reports
by Yan Wu & Robin Gandhi & Harvey Siy - 42-63 Eliciting Security Requirements for an Information System using Asset Flows and Processor Deployment
by Haruhiko Kaiya & Junya Sakai & Shinpei Ogata & Kenji Kaijiri - 64-81 Mean Failure Cost as a Measurable Value and Evidence of Cybersecurity: E-Learning Case Study
by Neila Rjaibi & Latifa Ben Arfa Rabai & Anis Ben Aissa & Ali Mili
April 2013, Volume 4, Issue 2
- 1-18 Threat Representation Methods for Composite Service Process Models
by Per Håkon Meland & Erlend Andreas Gjære - 19-39 Mitigating Type Confusion on Java Card
by Jean Dubreuil & Guillaume Bouffard & Bhagyalekshmy N. Thampi & Jean-Louis Lanet - 40-66 A Taxonomy Built on Layers of Abstraction for Time and State Vulnerabilities
by Horia V. Corcalciuc
January 2013, Volume 4, Issue 1
- 1-10 Principles and Measurement Models for Software Assurance
by Nancy R. Mead & Dan Shoemaker & Carol Woody - 11-30 Towards a More Systematic Approach to Secure Systems Design and Analysis
by Simon Miller & Susan Appleby & Jonathan M. Garibaldi & Uwe Aickelin - 31-49 A New Method for Writing Assurance Cases
by Yutaka Matsuno & Shuichiro Yamamoto - 50-74 Analyzing Human Factors for an Effective Information Security Management System
by Reza Alavi & Shareeful Islam & Hamid Jahankhani & Ameer Al-Nemrat - 75-96 Advancing Cyber Resilience Analysis with Performance-Based Metrics from Infrastructure Assessments
by Eric D. Vugrin & Jennifer Turgeon
October 2012, Volume 3, Issue 4
- 1-26 A Practical Framework for Policy Composition and Conflict Resolution
by Ousmane Amadou Dia & Csilla Farkas - 27-44 Extraction of an Architectural Model for Least Privilege Analysis
by Bernard Spitz & Riccardo Scandariato & Wouter Joosen - 45-64 Role Mining to Assist Authorization Governance: How Far Have We Gone?
by Safaà Hachana & Nora Cuppens-Boulahia & Frédéric Cuppens - 65-83 A Comparative Analysis of Access Control Policy Modeling Approaches
by K. Shantha Kumari & T.Chithraleka
July 2012, Volume 3, Issue 3
- 1-22 Model Based Process to Support Security and Privacy Requirements Engineering
by Shareeful Islam & Haralambos Mouratidis & Christos Kalloniatis & Aleksandar Hudic & Lorenz Zechner - 23-49 SETER: Towards Architecture-Model Based Security Engineering
by Ayda Saidane & Nicolas Guelfi - 50-65 Formal Modeling and Verification of Security Property in Handel C Program
by Yujian Fu & Jeffery Kulick & Lok K. Yan & Steven Drager
April 2012, Volume 3, Issue 2
- 1-35 Attribute Decoration of Attack–Defense Trees
by Alessandra Bagnato & Barbara Kordy & Per HÃ¥kon Meland & Patrick Schweitzer - 36-53 Modelling Security Using Trust Based Concepts
by Michalis Pavlidis & Haralambos Mouratidis & Shareeful Islam - 54-73 Comparing Misuse Case and Mal-Activity Diagrams for Modelling Social Engineering Attacks
by Peter Karpati & Guttorm Sindre & Raimundas Matulevicius
January 2012, Volume 3, Issue 1
- 1-19 Formative User-Centered Evaluation of Security Modeling: Results from a Case Study
by Sandra Trösterer & Elke Beck & Fabiano Dalpiaz & Elda Paja & Paolo Giorgini & Manfred Tscheligi - 20-36 Improving Security and Safety Modelling with Failure Sequence Diagrams
by Christian Raspotnig & Andreas L. Opdahl - 37-61 Analyzing Impacts on Software Enhancement Caused by Security Design Alternatives with Patterns
by Takao Okubo & Haruhiko Kaiya & Nobukazu Yoshioka - 62-63 Software Security Engineering: Design and Applications
by Khaled M. Khan
October 2011, Volume 2, Issue 4
- 1-18 Eliciting Policy Requirements for Critical National Infrastructure Using the IRIS Framework
by Shamal Faily & Ivan Fléchais - 19-33 Security Evaluation of Service-Oriented Systems Using the SiSOA Method
by Christian Jung & Manuel Rudolph & Reinhard Schwarz - 34-48 JavaSPI: A Framework for Security Protocol Implementation
by Matteo Avalle & Alfredo Pironti & Davide Pozza & Riccardo Sisto - 49-61 Not Ready for Prime Time: A Survey on Security in Model Driven Development
by Jostein Jensen & Martin Gilje Jaatun
July 2011, Volume 2, Issue 3
- 1-22 Organizational Patterns for Security and Dependability: From Design to Application
by Yudis Asnar & Fabio Massacci & Ayda Saidane & Carlo Riccucci & Massimo Felici & Alessandra Tedeschi & Paul El-Khoury & Keqin Li & Magali Séguran & Nicola Zannone - 23-41 Secure by Design: Developing Secure Software Systems from the Ground Up
by Haralambos Mouratidis & Miao Kang - 42-62 Security Gaps in Databases: A Comparison of Alternative Software Products for Web Applications Support
by Afonso Araújo Neto & Marco Vieira - 63-76 Building Secure Software Using XP
by Walid Al-Ahmad
April 2011, Volume 2, Issue 2
- 1-24 Integrating Patient Consent in e-Health Access Control
by Kim Wuyts & Riccardo Scandariato & Griet Verhenneman & Wouter Joosen - 25-52 Analysis of ANSI RBAC Support in EJB
by Wesam Darwish & Konstantin Beznosov - 53-64 Using Executable Slicing to Improve Rogue Software Detection Algorithms
by Jan Durand & Juan Flores & Travis Atkison & Nicholas Kraft & Randy Smith - 65-76 Ell Secure Information System Using Modal Logic Technique
by Yun Bai & Khaled M. Khan
January 2011, Volume 2, Issue 1
- 1-21 Performance Evaluation of Secure Key Deployment and Exchange Protocol for MANETs
by Alastair Nisbet & M. A. Rashid - 22-39 A Formal Language for XML Authorisations Based on Answer Set Programming and Temporal Interval Logic Constraints
by Sean Policarpio & Yan Zhang - 40-83 A Systematic Empirical Analysis of Forging Fingerprints to Fool Biometric Systems
by Christian Schwarzl & Edgar Weippl
October 2010, Volume 1, Issue 4
- 1-17 A Rigorous Approach to the Definition of an International Vocational Master’s Degree in Information Security Management
by Frédéric Girard & Bertrand Meunier & Duan Hua & Eric Dubois - 18-34 Development of a Master of Software Assurance Reference Curriculum
by Nancy R. Mead & Julia H. Allen & Mark Ardis & Thomas B. Hilburn & Andrew J. Kornecki & Rick Linger & James McDonald - 35-61 Secure Software Education: A Contextual Model-Based Approach
by J. J. Simpson & M. J. Simpson & B. Endicott-Popovsky & V. Popovsky - 62-80 Assimilating and Optimizing Software Assurance in the SDLC: A Framework and Step-Wise Approach
by Aderemi O. Adeniji & Seok-Won Lee
July 2010, Volume 1, Issue 3
- 1-17 Katana: Towards Patching as a Runtime Part of the Compiler-Linker-Loader Toolchain
by Sergey Bratus & James Oakley & Ashwin Ramaswamy & Sean W. Smith & Michael E. Locasto - 18-40 Monitoring Buffer Overflow Attacks: A Perennial Task
by Hossain Shahriar & Mohammad Zulkernine - 41-55 CONFU: Configuration Fuzzing Testing Framework for Software Vulnerability Detection
by Huning Dai & Christian Murphy & Gail Kaiser - 56-70 Towards Tool-Support for Usable Secure Requirements Engineering with CAIRIS
by Shamal Faily & Ivan Fléchais - 71-85 Agile Software Development: The Straight and Narrow Path to Secure Software?
by Torstein Nicolaysen & Richard Sassoon & Maria B. Line & Martin Gilje Jaatun
April 2010, Volume 1, Issue 2
- 1-17 Software Engineering Security Based on Business Process Modeling
by Joseph Barjis - 18-34 Towards Designing E-Services that Protect Privacy
by George O. M. Yee - 35-56 A Tool Support for Secure Software Integration
by Khaled Md Khan & Jun Han - 57-82 Improving Memory Management Security for C and C++
by Yves Younan & Wouter Joosen & Frank Piessens & Hans Van den Eynden
January 2010, Volume 1, Issue 1
- 1-19 Integrating Access Control into UML for Secure Software Modeling and Analysis
by Thuong Doan & Steven Demurjian & Laurent Michel & Solomon Berhe - 20-40 Retrofitting Existing Web Applications with Effective Dynamic Protection Against SQL Injection Attacks
by San-Tsai Sun & Konstantin Beznosov - 41-53 A Formal Approach for Securing XML Document
by Yun Bai - 54-73 Security Requirements Engineering for Evolving Software Systems: A Survey
by Armstrong Nhlabatsi & Bashar Nuseibeh & Yijun Yu - 74-91 Benefits and Challenges in the Use of Case Studies for Security Requirements Engineering Methods
by Nancy R. Mead