- Conference Chairs:
- Danilo Bruschi,
- Bart De Win,
- Mattia Monga
No abstract available.
Proceeding Downloads
Towards a structured unified process for software security
Security is often an afterthought when developing software, and is often bolted on late in development or even during deployment or maintenance, through activities such as penetration testing, add-on security software and penetrate-and patch ...
Extending XP practices to support security requirements engineering
This paper proposes a way of extending eXtreme Programming (XP) practices, in particular the original planning game and the coding guidelines, to aid the developers and the customer to engineer security requirements while maintaining the iterative and ...
On instrumenting obfuscated java bytecode with aspects
Code obfuscators are widely used tools for protecting commercial Java software. Advanced obfuscation techniques make de-compiled Java programs not re-compilable, thus greatly raising the barrier of instrumenting Java bytecode for malicious purpose. ...
How secure is AOP and what can we do about it?
From a software engineering perspective, using Aspect-Oriented Programming (AOP) to build secure software has clear advantages. Until recently, the security perspective of this approach has been given less attention, however. This paper analyses the ...
A framework for security requirements engineering
This paper presents a framework for security requirements elicitation and analysis, based upon the construction of a context for the system and satisfaction arguments for the security of the system. One starts with enumeration of security goals based on ...
Building problem domain ontology from security requirements in regulatory documents
Establishing secure systems assurance based on Certification and Accreditation (C&A) activities, requires effective ways to understand the enforced security requirements, gather relevant evidences, perceive related risks in the operational environment, ...
Trust and tamper-proof software delivery
Software engineering today relies to a large extent on acquiring and composing software components and other software-related artifacts from different producers, either at design or at run time. For any user of such artifacts, both as developer and as ...
Formal specification and analysis of JAAS framework
This paper reports on our experience of using Alloy for analysis of system design in regard to changes in the security requirements. It presents some of technical details for the specification and analysis of the JAAS framework. The declarative way of ...
A formal approach to sensor placement and configuration in a network intrusion detection system
Network Intrusion Detection Systems (NIDSs) can be composed of a potentially large number of sensors, which monitor the traffic flowing in the network. Deciding where sensors should be placed and what information they need in order to detect the desired ...
Cited By
-
Sonne J Firing Thoreau: Conscience and At-Will Employment, SSRN Electronic Journal, 10.2139/ssrn.927989
-
Burke M Much Ado About Nothing: Kelo v. City of New London, Sweet Home v. Babbitt, and Other Tales from the Supreme Court, SSRN Electronic Journal, 10.2139/ssrn.895008
-
Arya N State Trends: Legislative Changes from 2005 to 2010 - Removing Youth from the Adult Criminal Justice System, SSRN Electronic Journal, 10.2139/ssrn.1892403
-
Parent C Takings Constraints: Mechanisms to Minimize the Uncompensated Increment and Limit the Government's Power to Take Property, SSRN Electronic Journal, 10.2139/ssrn.1131795
Recommendations
Acceptance Rates
| Year | Submitted | Accepted | Rate |
|---|---|---|---|
| SESS '11 | 11 | 8 | 73% |
| Overall | 11 | 8 | 73% |