Calls for Papers (special): International Journal of Secure Software Engineering (IJSSE)


Special Issue On: Secure Software Engineering in DevOps and Agile Development

Submission Due Date
8/1/2018

Introduction
Software security is about protecting information and ensuring that systems continue to function correctly even when under malicious attack. The traditional approach of securing a system has been to create defensive walls such as intrusion detection systems and firewalls around it, but there are always cracks in these walls, and thus such measures are no longer sufficient by themselves. We need to be able to build better, more robust and more “inherently secure” systems, and we should strive to achieve these qualities in all software systems, not just in the ones that “obviously” need special protection.

Objective
This special issue will focus on techniques, experiences and lessons learned for engineering secure and dependable software using the DevOps paradigm, as well as other forms of agile development.

Recommended Topics
Topics to be discussed in this special issue include (but are not limited to) the following:

  • Security in DevOps
  • Security aspects of software deployment
  • Security in Continuous Deployment
  • Security Architecture in Agile Development
  • Security testing in DevOps
  • Container security for DevOps
  • Security automation tools
  • Secure implementation in agile software development
  • Agile security requirements
  • Risk management in agile software projects
  • Agile testing for security


Submission Procedure
Researchers and practitioners are invited to submit papers for this special theme issue on Secure Software Engineering in DevOps and Agile Development on or before August 1st, 2018. All submissions must be original and may not be under review by another publication. INTERESTED AUTHORS SHOULD CONSULT THE JOURNAL’S GUIDELINES FOR MANUSCRIPT SUBMISSIONS at http://www.igi-global.com/publish/contributor-resources/before-you-write/. All submitted papers will be reviewed on a double-blind, peer review basis. Papers must follow APA style for reference cita tions.

All submissions should be uploaded to eEditorial Discovery using the link at the end of the call.

All submissions and inquiries should be directed to the attention of:
Martin Gilje Jaatun
Editor-in-Chief
International Journal of Secure Software Engineering (IJSSE)
E-mail: martin.g.jaatun@sintef.no

Special Issue On: Education and Training for Cybersecurity and SCRM

Submission Due Date
9/15/2018

Guest Editors
Carol Woody, Ph.D., Software Engineering Institute, Carnegie Mellon University, USA

Introduction
There is growing awareness that many of the cybersecurity threats and vulnerabilities we see today stem from weak acquisition, third party, or supply chain management practices. Unfortunately, there is a noticeable gap in the current workforce’s skills needed to address critical concerns in cybersecurity and associated supply chain risk management (SCRM). How can we best build the workforce to apply effective cyber security and SCRM practices in the development, acquisition, and supply chain-related jobs that are already performed?

Objective
Bust the myths that all we need to do is replace our current workforce with new people who have the requisite knowledge and skills, or hand new tools to everyone; highlight gaps in currently available education and training resources and approaches; assemble information that supports a strategy to raise the expertise of the current workforce using new and existing (though possibly scattered) resources.

Recommended Topics
Topics to be discussed in this special issue include (but are not limited to) the following:

• What capabilities and expertise are needed to address cybersecurity and SCRM in acquisitions?
• Who do we educate/train and why?
• What do they need to know to address cybersecurity related areas of responsibility?
• How should they learn about what they need to know?
• Who can educate/train them?
• What successful education/training options do we have now?
• What strategies have proven successful? What strategies tend to fail?
• What gaps exist in education/training options?
• How can improvements in standards, processes, practices, and tools for cybersecurity and/or supply chain management help fill the gaps?
• Who should establish cybersecurity and SCRM requirements and what do they need to know?
• What role does certification have in establishing workforce capabilities?
• How can we measure success in this area?

Submission Procedure
Researchers and practitioners are invited to submit papers for this special theme issue on Education and Training for Cyber Security and SCRM on or before September 15, 2018. All submissions must be original and may not be under review by another publication.

INTERESTED AUTHORS SHOULD CONSULT THE JOURNAL’S GUIDELINES FOR MANUSCRIPT SUBMISSIONS at http://www.igi-global.com/publish/contributor-resources/before-you-write/. All submitted papers will be reviewed on a double-blind, peer review basis. Papers must follow APA style for reference citations.

All submissions and inquiries should be directed to the attention of:
Carol Woody
Guest Editor
International Journal of Secure Software Engineering (IJSSE)
E-mail cwoody@cert.org

Special Issue On: Software Security Design and Applications

Submission Due Date
11/30/2018

Guest Editors
Dr. Shadi A. Aljawarneh, Jordan University of Science & Tech., Jordan
Dr. Juan Alfonso Lara Torralbo, UDIMA Universidad a distancia de Madrid

Introduction
The main mission of this special issue on Software Security Design and Applications is to be the premier and authoritative source for the most innovative scholarly and professional research and information pertaining to aspects of Software Security. Such issue presents advancements in the state-of-the-art, standards, and practices of software security, in an effort to identify emerging trends that will ultimately define the future of “the software security.”

Objective
This special issue will be intended for researchers and practitioners of Data2018, Spain accepted papers who are interested in issues of software security that arise from using applications technologies of web- based computing and business informatics advancements. The manuscript must not be under consideration for publication elsewhere. The extensions of the best conference papers from the Data2018 2018 (http://iares.net/Conference/Data2018), Madrid, Spain can only be submitted if the papers were completely re-written or substantially extended (75%). For additional questions please contact the guest editors.

This special issue focuses on advanced research in the practical applications and the theoretical foundations of software security, through presentation of the most up-to-date advances and new directions of research in the field from various scholarly, professional, and practitioner perspectives. An interdisciplinary look at software security including engineering and business aspects, such issue covers, are encouraged, as well as high-quality research expositions.

This issue will explore the foundations of software security. The important software vulnerabilities and attacks will be considered that exploit them -- such as buffer overflows, SQL injection, and session hijacking -- and defenses will be also considered that prevent or mitigate these attacks, including advanced testing and program analysis techniques. Importantly, we take a "build security in" mentality, considering techniques at each phase of the development cycle that can be used to strengthen the security of software systems. The objective of this special issue is to capture the latest advances in this research field.]

Recommended Topics
Topics to be discussed in this special issue include (but are not limited to) the following:

  • Penetration testing
  • Software Security Technologies & services
  • Software Security Applications
  • Software Security Architecture
  • Software Security Patterns
  • Software Security Standard
  • Built-in security
  • Security techniques for creating highly interactive Web applications
  • Software security measurements of Web applications


Submission Procedure
Researchers and practitioners are invited to submit papers for this special theme issue on Software Security Design and Applications on or before November 31, 2018. All submissions must be original and may not be under review by another publication. INTERESTED AUTHORS SHOULD CONSULT THE JOURNAL’S GUIDELINES FOR MANUSCRIPT SUBMISSIONS at http://www.igi-global.com/publish/contributor-resources/before-you-write/. All submitted papers will be reviewed on a double-blind, peer review basis. Papers must follow APA style for reference citations.

All submissions and inquiries should be directed to the attention of:
Shadi A. Aljawarneh
Guest Editor
International Journal of Secure Software Engineering (IJSSE)
E-mail: saaljawarneh@just.edu.jo