Conferences related to Secure Development

Back to Top

ICC 2021 - IEEE International Conference on Communications

IEEE ICC is one of the two flagship IEEE conferences in the field of communications; Montreal is to host this conference in 2021. Each annual IEEE ICC conference typically attracts approximately 1,500-2,000 attendees, and will present over 1,000 research works over its duration. As well as being an opportunity to share pioneering research ideas and developments, the conference is also an excellent networking and publicity event, giving the opportunity for businesses and clients to link together, and presenting the scope for companies to publicize themselves and their products among the leaders of communications industries from all over the world.


2020 IEEE International Conference on Image Processing (ICIP)

The International Conference on Image Processing (ICIP), sponsored by the IEEE SignalProcessing Society, is the premier forum for the presentation of technological advances andresearch results in the fields of theoretical, experimental, and applied image and videoprocessing. ICIP 2020, the 27th in the series that has been held annually since 1994, bringstogether leading engineers and scientists in image and video processing from around the world.


2020 IEEE International Conference on Systems, Man, and Cybernetics (SMC)

The 2020 IEEE International Conference on Systems, Man, and Cybernetics (SMC 2020) will be held in Metro Toronto Convention Centre (MTCC), Toronto, Ontario, Canada. SMC 2020 is the flagship conference of the IEEE Systems, Man, and Cybernetics Society. It provides an international forum for researchers and practitioners to report most recent innovations and developments, summarize state-of-the-art, and exchange ideas and advances in all aspects of systems science and engineering, human machine systems, and cybernetics. Advances in these fields have increasing importance in the creation of intelligent environments involving technologies interacting with humans to provide an enriching experience and thereby improve quality of life. Papers related to the conference theme are solicited, including theories, methodologies, and emerging applications. Contributions to theory and practice, including but not limited to the following technical areas, are invited.


2020 IEEE Nuclear Science Symposium and Medical Imaging Conference (NSS/MIC)

All areas of ionizing radiation detection - detectors, signal processing, analysis of results, PET development, PET results, medical imaging using ionizing radiation


2020 IEEE Power & Energy Society General Meeting (PESGM)

The Annual IEEE PES General Meeting will bring together over 2900 attendees for technical sessions, administrative sessions, super sessions, poster sessions, student programs, awards ceremonies, committee meetings, tutorials and more


More Conferences

Periodicals related to Secure Development

Back to Top

Aerospace and Electronic Systems Magazine, IEEE

The IEEE Aerospace and Electronic Systems Magazine publishes articles concerned with the various aspects of systems for space, air, ocean, or ground environments.


Antennas and Wireless Propagation Letters, IEEE

IEEE Antennas and Wireless Propagation Letters (AWP Letters) will be devoted to the rapid electronic publication of short manuscripts in the technical areas of Antennas and Wireless Propagation.


Automation Science and Engineering, IEEE Transactions on

The IEEE Transactions on Automation Sciences and Engineering (T-ASE) publishes fundamental papers on Automation, emphasizing scientific results that advance efficiency, quality, productivity, and reliability. T-ASE encourages interdisciplinary approaches from computer science, control systems, electrical engineering, mathematics, mechanical engineering, operations research, and other fields. We welcome results relevant to industries such as agriculture, biotechnology, healthcare, home automation, maintenance, manufacturing, pharmaceuticals, retail, ...


Communications Letters, IEEE

Covers topics in the scope of IEEE Transactions on Communications but in the form of very brief publication (maximum of 6column lengths, including all diagrams and tables.)


Communications Magazine, IEEE

IEEE Communications Magazine was the number three most-cited journal in telecommunications and the number eighteen cited journal in electrical and electronics engineering in 2004, according to the annual Journal Citation Report (2004 edition) published by the Institute for Scientific Information. Read more at http://www.ieee.org/products/citations.html. This magazine covers all areas of communications such as lightwave telecommunications, high-speed data communications, personal communications ...


More Periodicals

Most published Xplore authors for Secure Development

Back to Top

Xplore Articles related to Secure Development

Back to Top

Are Companies Actually Using Secure Development Life Cycles?

Computer, 2010

As threats to applications have increased, developers have begun including security in their software design. Secure development life cycles are methodologies for accomplishing this, but are companies actually using SDLs?


Reducing attack surface corresponding to Type 1 cross-site scripting attacks using secure development life cycle practices

2018 Fourth International Conference on Advances in Electrical, Electronics, Information, Communication and Bio-Informatics (AEEICB), 2018

While because the range of web users have increased exponentially, thus has the quantity of attacks that decide to use it for malicious functions. The vulnerability that has become usually exploited is thought as cross-site scripting (XSS). Cross-site Scripting (XSS) refers to client-side code injection attack whereby a malicious user will execute malicious scripts (also usually stated as a malicious ...


Using Dr. Fuzz, Dr. Memory, and Custom Dynamic Tools for Secure Development

2016 IEEE Cybersecurity Development (SecDev), 2016

This tutorial will present two tools that can be integrated into a secure software development approach, as well as describing how custom tools can be built utilizing the same underlying tool platform.


Tutorial: Secure Your Things: Secure Development of IoT Software with Frama-C

2018 IEEE Cybersecurity Development (SecDev), 2018

Among distributed systems, connected devices and services, also referred to as the Internet of Things (IoT), are becoming more and more widespread. Some of these devices are used in security-critical domains, and even in domains that are not necessarily critical, privacy issues may arise with devices collecting and transmitting a lot of personal information. It is therefore important to provide ...


The IEE forum on IT security: it's not all trust trusted computing, secure development and secure (ing) users

2005 The First IEE International Conference on Commercialising Technology and Innovation (Ref. No. 2005/11044), 2005

None


More Xplore Articles

Educational Resources on Secure Development

Back to Top

IEEE.tv Videos

IEEE Green Energy Summit 2015: Keynote & Opening Remarks
Quantum Technologies in Europe: The Quantum Flagship Initiative - Applied Superconductivity Conference 2018
Developing Automated Analysis Tools for Space/Time Sidechannel Detection - IEEE SecDev 2016
IEEE @ SXSW 2015 - A Framework for Privacy by Design
John S. Baras accepts the IEEE Simon Ramo Medal - Honors Ceremony 2017
5G Proof-of-Concept (PoC) Systems with focus on real use cases - Juha Silipa and Mark Cudak: Brooklyn 5G Summit 2017
How will 5G drive the self-driving car? Challenges from a V2X solution provider's point of view - Jozsef Kovacs: Brooklyn 5G Summit 2017
IEEE Green Energy Summit 2015, Panel 1: When will green become the new normal?
The Future of Computing And Computer Science
Critical Skills in the Engineering Workforce
IEEE Green Energy Summit 2015: Closing Remarks
The Evolution of Secure Things - Alex Gantman, 2017 IEEE VIC Summit
Dream Jobs In Engineering
Building IoT Projects Faster - Ed Hemphill at Fog World Congress 2018
AuthorLab: Video Featuring a Discussion of the Author Gateway
Philippe Wolf: Designing Secure and Private Complex Data Systems - WF-IoT 2015
Yoshihiro Ohba: Secure Multicast Group Communication in ECHONET-Lite - Industry Forum Panel: WF IoT 2016
FinSAL: A Novel FinFET Based Secure Adiabatic Logic for Energy-Efficient and DPA Resistant IoT Devices - Himanshu Thapliyal: 2016 International Conference on Rebooting Computing
Low-Power and Secure Lightweight Cryptography Via TFET-Based Energy Recovery Circuits: IEEE Rebooting Computing 2017
Net Neutrality Briefing - Oleg Logvinov - IoT Washington DC 2015

IEEE-USA E-Books

  • Are Companies Actually Using Secure Development Life Cycles?

    As threats to applications have increased, developers have begun including security in their software design. Secure development life cycles are methodologies for accomplishing this, but are companies actually using SDLs?

  • Reducing attack surface corresponding to Type 1 cross-site scripting attacks using secure development life cycle practices

    While because the range of web users have increased exponentially, thus has the quantity of attacks that decide to use it for malicious functions. The vulnerability that has become usually exploited is thought as cross-site scripting (XSS). Cross-site Scripting (XSS) refers to client-side code injection attack whereby a malicious user will execute malicious scripts (also usually stated as a malicious payload) into a legitimate web site or web based application. XSS is amongst the foremost rampant of web based application vulnerabilities and happens once an internet based application makes use of un-validated or un-encoded user input at intervals the output it generates. In such instances, the victim is unaware that their data is being transferred from a website that he/she trusts to a different site controlled by the malicious user. In this paper we shall focus on type 1 or "non-persistent cross-site scripting". With non-persistent cross-site scripting, malicious code or script is embedded in a Web request, and then partially or entirely echoed (or "reflected") by the Web server without encoding or validation in the Web response. The malicious code or script is then executed in the client's Web browser which could lead to several negative outcomes, such as the theft of session data and accessing sensitive data within cookies. In order for this type of cross-site scripting to be successful, a malicious user must coerce a user into clicking a link that triggers the non-persistent cross-site scripting attack. This is usually done through an email that encourages the user to click on a provided malicious link, or to visit a web site that is fraught with malicious links. In this paper it will be discussed and elaborated as to how attack surfaces related to type 1 or "non-persistent cross-site scripting" attack shall be reduced using secure development life cycle practices and techniques.

  • Using Dr. Fuzz, Dr. Memory, and Custom Dynamic Tools for Secure Development

    This tutorial will present two tools that can be integrated into a secure software development approach, as well as describing how custom tools can be built utilizing the same underlying tool platform.

  • Tutorial: Secure Your Things: Secure Development of IoT Software with Frama-C

    Among distributed systems, connected devices and services, also referred to as the Internet of Things (IoT), are becoming more and more widespread. Some of these devices are used in security-critical domains, and even in domains that are not necessarily critical, privacy issues may arise with devices collecting and transmitting a lot of personal information. It is therefore important to provide security guarantees for the software executed by simple devices, which often do not even provide memory protection units. This kind of guarantees can be brought using formal verification. In this tutorial, we focus on the use of Frama-C, a platform for the analysis of C programs, to verify IoT software. We illustrate it on several examples taken from Contiki, a lightweight operating system for Internet of Things.

  • The IEE forum on IT security: it's not all trust trusted computing, secure development and secure (ing) users

    None

  • Seamless Secure Development of Systems: From Modeling to Enforcement of Access Control Policies

    Despite the emphasis on removing gap between software models and implementation code, there has been made little effort to apply software tools to enforce access control models directly into program code. In this paper the design and implementation of an access control policy enforcement environment is described. Within this environment, view-based access control policies defined in XML Metadata Interchange format are translated into view policy language. The view policy language primitives are then easily translated into Java primitives. At last, these primitives are enforced into Java program code to be secured. Two major benefits of applying the proposed approach for modeling and enforcement of access control policies are rapid development of view-based customized applications and secure enforcement of ordered chain of methods' executions.

  • Static analysis for web service security - Tools & techniques for a secure development life cycle

    In this ubiquitous IoT (Internet of Things) era, web services have become a vital part of today's critical national and public sector infrastructure. With the industry wide adaptation of service-oriented architecture (SOA), web services have become an integral component of enterprise software eco-system, resulting in new security challenges. Web services are strategic components used by wide variety of organizations for information exchange on the internet scale. The public deployments of mission critical APIs opens up possibility of software bugs to be maliciously exploited. Therefore, vulnerability identification in web services through static as well as dynamic analysis is a thriving and interesting area of research in academia, national security and industry. Using OWASP (Open Web Application Security Project) web services guidelines, this paper discusses the challenges of existing standards, and reviews new techniques and tools to improve services security by detecting vulnerabilities. Recent vulnerabilities like Shellshock and Heartbleed has shifted the focus of risk assessment to the application layer, which for majority of organization means public facing web services and web/mobile applications. RESTFul services have now become the new service development paradigm normal; therefore SOAP centric standards such as XML Encryption, XML Signature, WS-Security, and WS-SecureConversation are nearly not as relevant. In this paper we provide an overview of the OWASP top 10 vulnerabilities for web services, and discuss the potential static code analysis techniques to discover these vulnerabilities. The paper reviews the security issues targeting web services, software/program verification and security development lifecycle.

  • Silver Bullet Talks with Adam Shostack

    Gary McGraw interviews Adam Shostack. Shostack is a member of Microsoft's Secure Development Lifecycle Team. He's worked for Zero Knowledge as Most Evil Genius and Reflective where, as CTO, he focused on static analysis for software security. Shostack recently coauthored The New School of Information Security with Andrew Stewart.

  • Tutorial: Building Secure and Trustworthy Blockchain Applications

    Beyond cryptocurrencies, blockchain technologies have shown great potential in enabling a wealth of decentralized applications (DApps), including but not limited to trustworthy auction, election, autonomous organization. While public blockchains are well recognized to allow participants mutually unbeknownst to achieve consensus, financial/business organizations also find great interest in consortium blockchains for better organizational collaborations. We will touch both types of blockchain and corresponding applications in this tutorial. In particular, we will summarize existing blockchain technologies and applications, elaborate the principles of designing and implementing secure DApps, and analyze the security concerns therein. Through concrete examples, we will discuss common practices and pitfalls, such as on-chain/off-chain interaction, randomness generation, and various corner cases. If time permits, we will also go through the implementation of the cloud-based blockchain backbone that powers this tutorial, possibly covering a layered architecture, and discuss deployment choices and security issues along the way. The tutorial will be interspersed with revisiting the security and implementation rules, so that participants are expected to readily apply the tutorial content into real-world practice. The design principles elaborated in this tutorial will be transferable to participants' development of secure and trustworthy blockchain applications and systems in their own workplaces.

  • Secure coding in C and C++ of strings and integers

    Although the flexibility and performance of C and C++ aren't in question, security has increasingly become an issue. The C and C++ communities have recognized this and have taken steps to improve security at all levels, including improved standards, compiler implementations, and static and runtime analysis tools.



Standards related to Secure Development

Back to Top

No standards are currently tagged "Secure Development"


Jobs related to Secure Development

Back to Top