Engineering Secure Software and Systems: First International Symposium, ESSoS 2009 Leuven, Belgium, February 4-6, 2009, Proceedings: 5429 (Lecture Notes in Computer Science) - Tapa blanda

Reseña del editor

It is our pleasure to welcome you to the ?rst edition of the International S- posium on Engineering Secure Software and Systems. This unique events aims at bringing together researchers from Software - gineeringandSecurity Engineering,helping to unite and further developthe two communitiesinthisandfutureeditions.Theparalleltechnicalsponsorshipsfrom the ACM SIGSAC (the ACM interest group in security) and ACM SIGSOFT (the ACM interest groupin softwareengineering) and the IEEE TCSE is a clear sign of the importance of this inter-disciplinary research area and its potential. The di?culty of building secure software systems is no longer focused on mastering security technology such as cryptography or access control models. Other important, and less controllable, factors include the complexity of m- ern networked software systems, the unpredictability of practical development lifecycles, the intertwining of and trade-o? between functionality, security and other qualities, the di?culty of dealing with human factors, and so forth. Over the last few years, an entire research domain has been building up around these problems. And although some battles have been won, the jury is still out on the ?nal verdict. The conference program included two major keynotes from Axel Van L- sweerde (U. Louvain) and Wolfram Schulte (Microsoft Research) and an int- esting blend of research, industry and idea papers.

Contraportada

This book constitutes the refereed proceedings of the First International Symposium on Engineering Secure Software and Systems, ESSoS 2009, held in Leuven, Belgium, in February 2009.

The 10 revised full papers presented together with 7 industry reports and ideas papers were carefully reviewed and selected from 57 submissions. The papers are organized in topical sections on policy verification and enforcement, model refinement and program transformation, secure system development, attack analysis and prevention, as well as testing and assurance.