Published: Jan 1, 2017
Converted to Gold OA:
DOI: 10.4018/IJSSE.20170101.pre
Volume 8
Editorial Preface
Khaled M. Khan
Content Forthcoming
Add to Your Personal Library: Article Published: Jan 1, 2017
Converted to Gold OA:
DOI: 10.4018/IJSSE.2017010101
Volume 8
Research Article
Tosin Daniel Oyetoyan, Martin Gilje Jaatun, Daniela Soares Cruzes
Although most organizations understand the need for application security at an abstract level, achieving adequate software security at the sharp end requires taking bold steps to address security...
Show More
Although most organizations understand the need for application security at an abstract level, achieving adequate software security at the sharp end requires taking bold steps to address security practices within the organization. In the Agile software development world, a security engineering process is unacceptable if it is perceived to run counter to the agile values, and agile teams have thus approached software security activities in their own way. To improve security within agile settings requires that management understands the current practices of software security activities within their agile teams. In this study, the authors have used a survey instrument to investigate software security usage, competence, and training needs in two agile organizations. They find that (1) The two organizations perform differently in terms of core software security activities, but are similar when secondary activities that could be leveraged for security are considered (2) regardless of cost or benefit, skill drives the kind of activities that are performed (3) Secure design is expressed as the most important training need by all groups in both organizations (4) Effective software security adoption in agile setting is not automatic, it requires a driver.
Content Forthcoming
Add to Your Personal Library: Article
Cite Article
Cite Article
MLA
Oyetoyan, Tosin Daniel, et al. "A Lightweight Measurement of Software Security Skills, Usage and Training Needs in Agile Teams." IJSSE vol.8, no.1 2017: pp.1-27. http://doi.org/10.4018/IJSSE.2017010101
APA
Oyetoyan, T. D., Jaatun, M. G., & Cruzes, D. S. (2017). A Lightweight Measurement of Software Security Skills, Usage and Training Needs in Agile Teams. International Journal of Secure Software Engineering (IJSSE), 8(1), 1-27. http://doi.org/10.4018/IJSSE.2017010101
Chicago
Oyetoyan, Tosin Daniel, Martin Gilje Jaatun, and Daniela Soares Cruzes. "A Lightweight Measurement of Software Security Skills, Usage and Training Needs in Agile Teams," International Journal of Secure Software Engineering (IJSSE) 8, no.1: 1-27. http://doi.org/10.4018/IJSSE.2017010101
Export Reference
Published: Jan 1, 2017
Converted to Gold OA:
DOI: 10.4018/IJSSE.2017010102
Volume 8
Research Article
Lina M. Jimenez, Martin Ochoa, Sandra J. Rueda
Android stores and users need mechanisms to evaluate whether their applications are secure or not. Although various previous works use data and control flow techniques to evaluate security features...
Show More
Android stores and users need mechanisms to evaluate whether their applications are secure or not. Although various previous works use data and control flow techniques to evaluate security features of Android applications, this paper extends those works by using Jif to verify compliance of information flow policies. To do so, the authors addressed some challenges that emerge in Android environments, like automatizing generation of Jif labels for Android applications, and defining translations for Java instructions that are not currently supported by the Jif compiler. Results show that a Jif-based analysis is faster and has a better recall than other available mechanisms, but it also has a slightly lower precision. Jif also provides an open source compiler, generates executable code for an application only if such application meets a defined policy, and checks implicit flows which may be relevant for highly sensitive applications.
Content Forthcoming
Add to Your Personal Library: Article
Cite Article
Cite Article
MLA
Jimenez, Lina M., et al. "Jif-Based Verification of Information Flow Policies for Android Apps." IJSSE vol.8, no.1 2017: pp.28-42. http://doi.org/10.4018/IJSSE.2017010102
APA
Jimenez, L. M., Ochoa, M., & Rueda, S. J. (2017). Jif-Based Verification of Information Flow Policies for Android Apps. International Journal of Secure Software Engineering (IJSSE), 8(1), 28-42. http://doi.org/10.4018/IJSSE.2017010102
Chicago
Jimenez, Lina M., Martin Ochoa, and Sandra J. Rueda. "Jif-Based Verification of Information Flow Policies for Android Apps," International Journal of Secure Software Engineering (IJSSE) 8, no.1: 28-42. http://doi.org/10.4018/IJSSE.2017010102
Export Reference
Published: Jan 1, 2017
Converted to Gold OA:
DOI: 10.4018/IJSSE.2017010103
Volume 8
Research Article
Kalle Rindell, Sami Hyrynsalmi, Ville Leppänen
Security concerns are increasingly guiding both the design and processes of software-intensive product development. In certain environments, the development of the product requires special security...
Show More
Security concerns are increasingly guiding both the design and processes of software-intensive product development. In certain environments, the development of the product requires special security arrangements for development processes, product release, maintenance and hosting, and specific security-oriented processes and governance. Integrating the security engineering processes into agile development methods can have the effect of mitigating the agile methods' intended benefits. This article describes a case of a large ICT service provider building a secure identity management system for a sizable government agency. The project was a subject to strict security regulations due to the end product's critical role. The project was a multi-team, multi-site, standard-regulated security engineering and development work executed following the Scrum framework. The study reports the difficulties in combining security engineering with agile development, provides propositions to enhance Scrum for security engineering activities. Also, an evaluation of the effects of the security work on project cost presented.
Content Forthcoming
Add to Your Personal Library: Article
Cite Article
Cite Article
MLA
Rindell, Kalle, et al. "Case Study of Agile Security Engineering: Building Identity Management for a Government Agency." IJSSE vol.8, no.1 2017: pp.43-57. http://doi.org/10.4018/IJSSE.2017010103
APA
Rindell, K., Hyrynsalmi, S., & Leppänen, V. (2017). Case Study of Agile Security Engineering: Building Identity Management for a Government Agency. International Journal of Secure Software Engineering (IJSSE), 8(1), 43-57. http://doi.org/10.4018/IJSSE.2017010103
Chicago
Rindell, Kalle, Sami Hyrynsalmi, and Ville Leppänen. "Case Study of Agile Security Engineering: Building Identity Management for a Government Agency," International Journal of Secure Software Engineering (IJSSE) 8, no.1: 43-57. http://doi.org/10.4018/IJSSE.2017010103
Export Reference
Published: Apr 1, 2017
Converted to Gold OA:
DOI: 10.4018/IJSSE.20170401.pre
Volume 8
Editorial Preface
Martin Gilje Jaatun
Content Forthcoming
Add to Your Personal Library: Article Published: Apr 1, 2017
Converted to Gold OA:
DOI: 10.4018/IJSSE.2017040101
Volume 8
Research Article
Christos Kalloniatis, Argyri Pattakou, Evangelia Kavakli, Stefanos Gritzalis
Pervasiveness of information systems is well underway, redefining our social and economic relationships. This technological revolution has generated enormous capabilities, but also enabled the...
Show More
Pervasiveness of information systems is well underway, redefining our social and economic relationships. This technological revolution has generated enormous capabilities, but also enabled the creation of new vulnerabilities and threats. A major challenge in the field of information systems is therefore, to ensure the trustworthiness of the underlying technologies that make possible the generation, collection, storage, processing and transmission of user data at rates more intensive than ever before. Trust in information systems depends on different aspects, one of which is the security of user's data. Data security is referred as the protection of user's data from corruption and unauthorized access. Another important aspect of trust is the protection of user's privacy. Protecting privacy is about complying with user's desires when it comes to handling personal information. Without security to guarantee data protection, appropriate uses of that data cannot be realized. This implies that security and privacy issues are inherently intertwined and should be viewed synergistically. The aim of this paper is to elevate modern practices for ensuring security and privacy during software systems analysis and design. To this end, the basic security and privacy requirements that should be considered are introduced. Additionally, a number of well known methods in the research area of requirements engineering which focus on eliciting and modeling security and privacy requirements are described. Finally, a comparative analysis between these methods is presented.
Content Forthcoming
Add to Your Personal Library: Article
Cite Article
Cite Article
MLA
Kalloniatis, Christos, et al. "Designing Secure and Privacy-Aware Information Systems." IJSSE vol.8, no.2 2017: pp.1-25. http://doi.org/10.4018/IJSSE.2017040101
APA
Kalloniatis, C., Pattakou, A., Kavakli, E., & Gritzalis, S. (2017). Designing Secure and Privacy-Aware Information Systems. International Journal of Secure Software Engineering (IJSSE), 8(2), 1-25. http://doi.org/10.4018/IJSSE.2017040101
Chicago
Kalloniatis, Christos, et al. "Designing Secure and Privacy-Aware Information Systems," International Journal of Secure Software Engineering (IJSSE) 8, no.2: 1-25. http://doi.org/10.4018/IJSSE.2017040101
Export Reference
Published: Apr 1, 2017
Converted to Gold OA:
DOI: 10.4018/IJSSE.2017040102
Volume 8
Research Article
Martin Boldt, Andreas Jacobsson, Dejan Baca, Bengt Carlsson
In this paper, a novel security-enhanced agile software development process, SEAP, is introduced. It has been designed, tested, and implemented at Ericsson AB, specifically in the development of a...
Show More
In this paper, a novel security-enhanced agile software development process, SEAP, is introduced. It has been designed, tested, and implemented at Ericsson AB, specifically in the development of a mobile money transfer system. Two important features of SEAP are 1) that it includes additional security competences, and 2) that it includes the continuous conduction of an integrated risk analysis for identifying potential threats. As a general finding of implementing SEAP in software development, the developers solve a large proportion of the risks in a timely, yet cost-efficient manner. The default agile software development process at Ericsson AB, i.e. where SEAP was not included, required significantly more employee hours spent for every risk identified compared to when integrating SEAP. The default development process left 50.0% of the risks unattended in the software version that was released, while the application of SEAP reduced that figure to 22.5%. Furthermore, SEAP increased the proportion of risks that were corrected from 12.5% to 67.9%, a more than five times increment.
Content Forthcoming
Add to Your Personal Library: Article
Cite Article
Cite Article
MLA
Boldt, Martin, et al. "Introducing a Novel Security-Enhanced Agile Software Development Process." IJSSE vol.8, no.2 2017: pp.26-52. http://doi.org/10.4018/IJSSE.2017040102
APA
Boldt, M., Jacobsson, A., Baca, D., & Carlsson, B. (2017). Introducing a Novel Security-Enhanced Agile Software Development Process. International Journal of Secure Software Engineering (IJSSE), 8(2), 26-52. http://doi.org/10.4018/IJSSE.2017040102
Chicago
Boldt, Martin, et al. "Introducing a Novel Security-Enhanced Agile Software Development Process," International Journal of Secure Software Engineering (IJSSE) 8, no.2: 26-52. http://doi.org/10.4018/IJSSE.2017040102
Export Reference
Published: Apr 1, 2017
Converted to Gold OA:
DOI: 10.4018/IJSSE.2017040103
Volume 8
Research Article
Liguo Yu, Yingmei Li, Srini Ramaswamy
Design patterns are reusable software design solutions to object-oriented programs. Since the initial introduction of the 23 well-known design patterns in 1995, more and more patterns have been...
Show More
Design patterns are reusable software design solutions to object-oriented programs. Since the initial introduction of the 23 well-known design patterns in 1995, more and more patterns have been identified and utilized in the software industry. The benefits of applying design patterns include reducing development cost, improving code quality, and standardizing the integration and maintenance processes. Therefore, using design patterns is becoming a common practice to build both commercial software and open-source products. Although most design patterns are considered creative solutions to some difficult design problems, not all of them are necessarily the best with respect to all different software quality measures, such as program complexity. This paper studies 13 commonly employed design patterns in software industry. First, these 13 patterns are analyzed theoretically about their design complexity in comparison to the conventional solutions. Second, empirical studies are performed on five open-source Java projects to investigate the correlations between design patterns and class structural quality. Finally, these 13 design patterns are evaluated by software programmers who have experience of using all of them. Overall, this study finds that although some design patterns are considered useful, creative, and significant compared to conventional solutions based on user experience, pattern-involved classes are more complex than pattern-free classes, both theoretically and empirically. The authors accordingly recommend a balanced approach to using design patterns: design quality, cost, development time, and product quality should all be considered, when design patterns are utilized.
Content Forthcoming
Add to Your Personal Library: Article
Cite Article
Cite Article
MLA
Yu, Liguo, et al. "Design Patterns and Design Quality: Theoretical Analysis, Empirical Study, and User Experience." IJSSE vol.8, no.2 2017: pp.53-81. http://doi.org/10.4018/IJSSE.2017040103
APA
Yu, L., Li, Y., & Ramaswamy, S. (2017). Design Patterns and Design Quality: Theoretical Analysis, Empirical Study, and User Experience. International Journal of Secure Software Engineering (IJSSE), 8(2), 53-81. http://doi.org/10.4018/IJSSE.2017040103
Chicago
Yu, Liguo, Yingmei Li, and Srini Ramaswamy. "Design Patterns and Design Quality: Theoretical Analysis, Empirical Study, and User Experience," International Journal of Secure Software Engineering (IJSSE) 8, no.2: 53-81. http://doi.org/10.4018/IJSSE.2017040103
Export Reference
Published: Jul 1, 2017
Converted to Gold OA:
DOI: 10.4018/IJSSE.20170701.pre
Volume 8
Editorial Preface
Martin Gilje Jaatun
Content Forthcoming
Add to Your Personal Library: Article Published: Jul 1, 2017
Converted to Gold OA:
DOI: 10.4018/IJSSE.2017070101
Volume 8
Research Article
Sofia Rei, Rui Abreu
From holding worldwide companies' information hostage to keeping several distributed systems down for hours, the last years were marked by several security attacks which are the result of complex...
Show More
From holding worldwide companies' information hostage to keeping several distributed systems down for hours, the last years were marked by several security attacks which are the result of complex software and its fast production. There are already tools which can be used to help companies detect vulnerabilities responsible for such attacks. However, their reliability is still not the best and well discriminated. In software testing, researchers tend to use hand-seeded test cases or mutations due to the challenges involved in the extraction or reproduction of real test cases which might not be suitable for testing techniques, since both approaches can create samples that inadvertently differ from the real vulnerabilities and thus might lead to misleading assessments of the tools' capabilities. The lack of databases of real security vulnerabilities is an issue since it hampers the tools' evaluation and categorization. To study these tools, the researchers created a database of 682 real test cases which is the outcome of mining 248 repositories for 16 different vulnerability patterns.
Content Forthcoming
Add to Your Personal Library: Article
Cite Article
Cite Article
MLA
Rei, Sofia, and Rui Abreu. "A Database of Existing Vulnerabilities to Enable Controlled Testing Studies." IJSSE vol.8, no.3 2017: pp.1-23. http://doi.org/10.4018/IJSSE.2017070101
APA
Rei, S. & Abreu, R. (2017). A Database of Existing Vulnerabilities to Enable Controlled Testing Studies. International Journal of Secure Software Engineering (IJSSE), 8(3), 1-23. http://doi.org/10.4018/IJSSE.2017070101
Chicago
Rei, Sofia, and Rui Abreu. "A Database of Existing Vulnerabilities to Enable Controlled Testing Studies," International Journal of Secure Software Engineering (IJSSE) 8, no.3: 1-23. http://doi.org/10.4018/IJSSE.2017070101
Export Reference
Published: Jul 1, 2017
Converted to Gold OA:
DOI: 10.4018/IJSSE.2017070102
Volume 8
Research Article
Chandan Kumar Behera, D. Lalitha Bhaskari
This article describes how code obfuscation techniques aim to conceal the functionality of a program by mystifying the code so that it is unreadable or in an incomprehensible format. Since the...
Show More
This article describes how code obfuscation techniques aim to conceal the functionality of a program by mystifying the code so that it is unreadable or in an incomprehensible format. Since the objective of this article is to make a program obfuscated, the source code shall appear like normal native code and should be perfectly readable. As nobody can guess that the code is an obfuscated one, obviously it will be very tough to analyze. Nowadays, a lot of programs protect themselves from being analyzed by hiding their behaviors or compressing their semantics by using obfuscation techniques. On the contrary, self-modifying code (SMC) can challenge one's intellect to discover the real intrinsic meaning of the source code as it is difficult and strenuous to analyze, since the code gets modified dynamically during runtime. Hence, this article brings into play the underlying concepts of self-modifying codes for obfuscating the programs to construct a much better code protection model. Some techniques like indirect memory addressing, register renaming, direction-changing of instructions, segment ignoring, modification of registry content and many more are expounded in this article by using Assembly-level language, which is binary obfuscation.
Content Forthcoming
Add to Your Personal Library: Article
Cite Article
Cite Article
MLA
Behera, Chandan Kumar, and D. Lalitha Bhaskari. "Self-Modifying Code: A Provable Technique for Enhancing Program Obfuscation." IJSSE vol.8, no.3 2017: pp.24-41. http://doi.org/10.4018/IJSSE.2017070102
APA
Behera, C. K. & Bhaskari, D. L. (2017). Self-Modifying Code: A Provable Technique for Enhancing Program Obfuscation. International Journal of Secure Software Engineering (IJSSE), 8(3), 24-41. http://doi.org/10.4018/IJSSE.2017070102
Chicago
Behera, Chandan Kumar, and D. Lalitha Bhaskari. "Self-Modifying Code: A Provable Technique for Enhancing Program Obfuscation," International Journal of Secure Software Engineering (IJSSE) 8, no.3: 24-41. http://doi.org/10.4018/IJSSE.2017070102
Export Reference
Published: Jul 1, 2017
Converted to Gold OA:
DOI: 10.4018/IJSSE.2017070103
Volume 8
Research Article
Yijun Yu, Haruhiko Kaiya, Nobukazu Yoshioka, Zhenjiang Hu, Hironori Washizaki, Yingfei Xiong, Amin Hosseinian-Far
This article describes how earlier detection of security problems and the implementation of solutions would be a cost-effective approach for developing secure software systems. Developing, gathering...
Show More
This article describes how earlier detection of security problems and the implementation of solutions would be a cost-effective approach for developing secure software systems. Developing, gathering and sharing similar repeatable programming knowledge and solutions has led to the introduction of Patterns in the 90's. The same concept has been adopted to realise reoccurring security knowledge and hence security patterns. Detecting a security problem using the patterns in requirements models may lead to its early prevention. In this article, the authors have provided an overview of security patterns in the past two decades, followed by a summary of i*/Tropos goal modelling framework. Section 2 outlines model-driven development, meta-models and model transformation, within the context of requirements engineering. They have summarised security access control types, and formally described role-based access control (RBAC) in particular as a pattern that may occur in the stakeholder requirements models. Then the authors used the i* modelling language and some elements from its constructs - model-driven queries and transformations - to describe the pattern enforcement. This is applied to a number of requirements models within the literature, and the pattern-based transformation tool they designed has automated the detection and resolution of this security pattern in several goal-oriented stakeholder requirements. Finally, the article also reflects on a variety of existing applications and future work.
Content Forthcoming
Add to Your Personal Library: Article
Cite Article
Cite Article
MLA
Yu, Yijun, et al. "Goal Modelling for Security Problem Matching and Pattern Enforcement." IJSSE vol.8, no.3 2017: pp.42-57. http://doi.org/10.4018/IJSSE.2017070103
APA
Yu, Y., Kaiya, H., Yoshioka, N., Hu, Z., Washizaki, H., Xiong, Y., & Hosseinian-Far, A. (2017). Goal Modelling for Security Problem Matching and Pattern Enforcement. International Journal of Secure Software Engineering (IJSSE), 8(3), 42-57. http://doi.org/10.4018/IJSSE.2017070103
Chicago
Yu, Yijun, et al. "Goal Modelling for Security Problem Matching and Pattern Enforcement," International Journal of Secure Software Engineering (IJSSE) 8, no.3: 42-57. http://doi.org/10.4018/IJSSE.2017070103
Export Reference
Published: Oct 1, 2017
Converted to Gold OA:
DOI: 10.4018/IJSSE.20171001.pre
Volume 8
Editorial Preface
Martin Gilje Jaatun
Content Forthcoming
Add to Your Personal Library: Article Published: Oct 1, 2017
Converted to Gold OA:
DOI: 10.4018/IJSSE.2017100101
Volume 8
Research Article
Inger Anne Tøndel, Martin Gilje Jaatun, Daniela Soares Cruzes, Nils Brede Moe
When working with software security in a risk-centric way, development projects become equipped to make decisions on how much security to include and what type of security pays off. This article...
Show More
When working with software security in a risk-centric way, development projects become equipped to make decisions on how much security to include and what type of security pays off. This article presents the results of a study made among 23 public organisations, mapping their risk-centric activities and practices, and challenges for implementing them. The authors found that their software security practices were not based on an assessment of software security risks, but rather driven by compliance. Additionally, their practices could in many cases be characterised as arbitrary, late and error driven, with limited follow up on any security issues throughout their software development projects. Based on the results of the study, the authors identified the need for improvements in three main areas: responsibilities and stakeholder cooperation; risk perception and competence; and, practical ways of doing risk analysis in agile projects.
Content Forthcoming
Add to Your Personal Library: Article
Cite Article
Cite Article
MLA
Tøndel, Inger Anne, et al. "Risk Centric Activities in Secure Software Development in Public Organisations." IJSSE vol.8, no.4 2017: pp.1-30. http://doi.org/10.4018/IJSSE.2017100101
APA
Tøndel, I. A., Jaatun, M. G., Cruzes, D. S., & Moe, N. B. (2017). Risk Centric Activities in Secure Software Development in Public Organisations. International Journal of Secure Software Engineering (IJSSE), 8(4), 1-30. http://doi.org/10.4018/IJSSE.2017100101
Chicago
Tøndel, Inger Anne, et al. "Risk Centric Activities in Secure Software Development in Public Organisations," International Journal of Secure Software Engineering (IJSSE) 8, no.4: 1-30. http://doi.org/10.4018/IJSSE.2017100101
Export Reference
Published: Oct 1, 2017
Converted to Gold OA:
DOI: 10.4018/IJSSE.2017100102
Volume 8
Research Article
Hossain Shahriar, Hisham Haddad, Pranahita Bulusu
Lightweight Directory Access Protocol (LDAP) is commonly used in web applications to provide lookup information and enforcing authentication. Web applications may suffer from LDAP injection...
Show More
Lightweight Directory Access Protocol (LDAP) is commonly used in web applications to provide lookup information and enforcing authentication. Web applications may suffer from LDAP injection vulnerabilities that can lead to security breaches such as login bypass and privilege escalation. This paper1 proposes OCL fault injection-based detection of LDAP injection attacks. The authors extract design-level information and constraints expressed in OCL and then randomly alter them to generate test cases that have the capability to uncover LDAP injection vulnerabilities. The authors proposed approaches to implement test case generation, and they used one open source PHP application and one custom application to evaluate the proposed approach. The analysis shows that this approach can detect LDAP injection vulnerabilities.
Content Forthcoming
Add to Your Personal Library: Article
Cite Article
Cite Article
MLA
Shahriar, Hossain, et al. "LDAP Vulnerability Detection in Web Applications." IJSSE vol.8, no.4 2017: pp.31-50. http://doi.org/10.4018/IJSSE.2017100102
APA
Shahriar, H., Haddad, H., & Bulusu, P. (2017). LDAP Vulnerability Detection in Web Applications. International Journal of Secure Software Engineering (IJSSE), 8(4), 31-50. http://doi.org/10.4018/IJSSE.2017100102
Chicago
Shahriar, Hossain, Hisham Haddad, and Pranahita Bulusu. "LDAP Vulnerability Detection in Web Applications," International Journal of Secure Software Engineering (IJSSE) 8, no.4: 31-50. http://doi.org/10.4018/IJSSE.2017100102
Export Reference
Published: Oct 1, 2017
Converted to Gold OA:
DOI: 10.4018/IJSSE.2017100103
Volume 8
Research Article
Sanjay Misra, Adewole Adewumi, Robertas Damasevicius, Rytis Maskeliunas
In order to maintain the quality of software, it is important to measure it complexity. This provides an insight into the degree of comprehensibility and maintainability of the software. Measurement...
Show More
In order to maintain the quality of software, it is important to measure it complexity. This provides an insight into the degree of comprehensibility and maintainability of the software. Measurement can be carried out using cognitive measures which are based on cognitive informatics. A number of such measures have been proposed in literature. The goal of this article is to identify the features and advantages of the existing measures. In addition, a comparative analysis is done based on some selected criteria. The results show that there is a similar trend in the output obtained from the different measures when they are applied to different examples. This makes it easy for adopting organisations to readily choose from the options based on the availability of tool support.
Content Forthcoming
Add to Your Personal Library: Article
Cite Article
Cite Article
MLA
Misra, Sanjay, et al. "Analysis of Existing Software Cognitive Complexity Measures." IJSSE vol.8, no.4 2017: pp.51-71. http://doi.org/10.4018/IJSSE.2017100103
APA
Misra, S., Adewumi, A., Damasevicius, R., & Maskeliunas, R. (2017). Analysis of Existing Software Cognitive Complexity Measures. International Journal of Secure Software Engineering (IJSSE), 8(4), 51-71. http://doi.org/10.4018/IJSSE.2017100103
Chicago
Misra, Sanjay, et al. "Analysis of Existing Software Cognitive Complexity Measures," International Journal of Secure Software Engineering (IJSSE) 8, no.4: 51-71. http://doi.org/10.4018/IJSSE.2017100103
Export Reference
IGI Global Open Access Collection provides all of IGI Global’s open access content in one convenient location and user-friendly interface
that can easily searched or integrated into library discovery systems.
Browse IGI Global Open
Access Collection
Author Services Inquiries
For inquiries involving pre-submission concerns, please contact the Journal Development Division:
journaleditor@igi-global.comOpen Access Inquiries
For inquiries involving publishing costs, APCs, etc., please contact the Open Access Division:
openaccessadmin@igi-global.comProduction-Related Inquiries
For inquiries involving accepted manuscripts currently in production or post-production, please contact the Journal Production Division:
journalproofing@igi-global.comRights and Permissions Inquiries
For inquiries involving permissions, rights, and reuse, please contact the Intellectual Property & Contracts Division:
contracts@igi-global.comPublication-Related Inquiries
For inquiries involving journal publishing, please contact the Acquisitions Division:
acquisition@igi-global.comDiscoverability Inquiries
For inquiries involving sharing, promoting, and indexing of manuscripts, please contact the Citation Metrics & Indexing Division:
indexing@igi-global.com Editorial Office
701 E. Chocolate Ave.
Hershey, PA 17033, USA
717-533-8845 x100