Web engineering security: A practitioner's perspective

ICWE'06: The Sixth International Conference on Web Engineering

Volumn , Issue , 2006, Pages 257-264

  Glisson, William Bradley ^a   McDonald, Andrew ^a   Weiland, Ray ^a  

^a UNIVERSITY OF GLASGOW   (United Kingdom)

Author keywords

Development process; Security; Software engineering; Survey; Web engineering

Indexed keywords

DATA REDUCTION; SOCIETIES AND INSTITUTIONS; SOFTWARE ENGINEERING; SURVEYS; WEB SERVICES;

DEVELOPMENT PROCESS; SECURITY IMPROVEMENT APPROACH; WEB ENGINEERING;

SECURITY OF DATA;

EID: 34250651288     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1145/1145581.1145633     Document Type: Conference Paper

References (26)

1. Berinato, S., The Bugs Stop Here, in CIO. 2003
2. Berinato, S., Global Security, The Global State of Information Security 2005. 13/10/2005. http://www.cio.com/archive/091505/global.html
3. Deloitte, 2005 Global Security Survey. 2005, Deloitte Touché Tohmatsu: London, p. 1-44.
4. Deshpande, Y., Murugesan, S., Ginige, A., Hansen, S., Schwabe, D., Gaedke, M. and White, B., Web Engineering. Journal of Web Engineering, 2002. 1(No. 1): p. 3-17.
5. Dictionary.com, Trust 03/12/2005. http://dictionary.reference.com/search? q=Trust
6. Exler, R., Security and the Application Development Process. 22/01/2006. http://www.csoonline.com/analyst/report3068.html
7. Gartner Research, Three Lenses Into Information Security. 2006. p. 1-4.
8. Glisson, W. B. and Weiland, R. Web Development Evolution: The Assimilation of Web Engineering Security. in 3rd Latin American Web Congress. 2005. Buenos Aires - Argentina: IEEE CS Press.
9. Glisson, W. B., Glisson, L. M. and Weiland, R. Web Development Evolution: The Business Perspective on Security, in Thirty-Fifth Annual Western Decision Sciences Institute. 2006. Hawaii: Western Decision Sciences Institute.
10. Glisson, W. B. and Weiland, R., Web Engineering, Security (WES) Application Survey Technical Report. 2006, University of Glasgow: Glasgow.
11. Gordon, L. A., Loeb, M. P., Lucyshyn, W. and Richardson, R., 2004 CSI/FBI Computer Crime Security Survey. 2004, Computer Security Institute, p. 2-18.
12. Gordon, L. A., Loeb, M. P., Lucyshyn, W. and Richardson, R., 2005 CSI/FBIComputer Crime Survey, in Tenth Annual. 2005, Computer Security Institute, p. 1-25.
13. Hansche, S., Berti, J. and Hare, C., Official (ISC)2 Guide to the CISSP Exam. 2004, Boca Raton: Auerbach Publications.
14. Hare, C., Policy Development, in Information Security Managment Handbook, Tipton, H.F. and Krause, M., (eds). 2004. Auerbach Publications: Boca Raton, p. 925-943.
15. Kaplan, R., A Matter of Trust, in Information Security Managment Handbook, Krause, H.F.T.a.M., (ed). 2004, Auerbach Publications: Boca Raton.
16. Lemos, R., Microsoft developers feel Windows pain. 23/10/2005. http://news.com.com/2100-1001-832048.html
17. Mcdonald, A., The Agile Web Engineering (AWE) Process, Ph.D. Thesis, in Department of Computing Science. 2004, University of Glasgow: Glasgow.
18. McDonald, A. and Weiland, R., Agile Web Engineering (A WE) Process: Perceptions within a Fortune 500 Financial Services Company. Journal of Web Engineering, 2005. 4(4): p. 283-312.
19. McGraw, G., Software security, in IEEE Security & Privacy. 2004. p. 80-83.
20. Mimoso, M. S., Top Web application security problems identified SearchSecurity.com. April 12, 2005. http://searchsecurity.techtarget.com/ originalContent/0,289142,sid14-_gci873823,00.html?NewsEL=9.25
21. Mitnick, K., The art of deception : controlling the human element of security / Kevin D. Mitnick & William L. Simon. 2002, Indianapolis, Ind.: Wiley. 352.
22. Organization for Internet Safety, Guidelines for Security Vulnerability Reporting and Response. http://www.oisafety.org/guidelines/ Guidelines%20for%20Security%20Vulnerability%20Reporting%20and%20Response%20V2.0. pdf
23. Rakitin, S. R., Software Verification and Validation: A practitioner's Guide. 1997, Boston: Artech House.
24. Systems Security Engineering Capability Maturity Model (SSE-CMM) Project, Systems Security Engineering -Capability Maturity Model (SSE-CMM) Model Description Document. 2003, Carnegie Mellon University: Pennsylvania, p. 1-340.
25. Taylor, D. and McGraw, G., Adopting a software security improvement program, in IEEE Security & Privacy. 2005. p. 88-91.
26. Zelkowitz, M. V. and Wallace, D. R., Experimental Models for Validating Technology. IEEE Computer, 1998. 31(5): p. 23-31.