Special Issue Journal of Computer Security

The Journal of Computer Security has published a special issue on Web Applications Security in honor of the Web at 25 celebrations. All articles of this special issue are freely available online.

25 years since its creation, the world wide web has taken over the world as the global computing platform. A package of technologies, often referred to as Web 2.0, has revolutionized the web in recent years, moving from a static client–server paradigm to a highly dynamic and interactive paradigm for computation by multiple servers and clients. The power of web applications drives the evolution of the web, which makes securing web applications a critical goal.

This special issue focuses on the security of these web applications. The articles address a landscape of security issues for web applications: from securing JavaScript and other executable content in the browser to securing cross-origin authorization protocols. The issue contains the following articles, freely available online here.

Volume 22, Number 4 / 2014
Special Issue on Web Application Security – Web @ 25

Secure multi-execution of web scripts: Theory and practice
DOI    10.3233/JCS-130495
Willem De Groef, Dominique Devriese, Nick Nikiforakis and Frank Piessens

Typed-based verification of Web sandboxes
DOI    10.3233/JCS-140504
Joe Gibbs Politz, Arjun Guha and Shriram Krishnamurthi

Scriptless attacks: Stealing more pie without touching the sill
DOI    10.3233/JCS-130494
M. Heiderich, M. Niemietz, F. Schuster, T. Holz and J. Schwenk

Discovering concrete attacks on website authorization by formal analysis
DOI    10.3233/JCS-140503
Chetan Bansal, Karthikeyan Bhargavan, Antoine Delignat-Lavaud and Sergio Maffeis

About the Journal
The Journal of Computer Security presents research and development results of lasting significance in the theory, design, implementation, analysis, and application of secure computer systems. It also provides a forum for ideas about the meaning and implications of security and privacy, particularly those with important consequences for the technical community.

The journal provides an opportunity to publish articles of greater depth and length than is possible in the proceedings of various existing conferences, while addressing an audience of researchers in computer security who can be assumed to have a more specialized background than the readership of other archival publications. The journal welcomes contributions on all aspects of computer security: confidentiality, integrity, and assurance of service – that is, protection against unauthorized disclosure or modification of sensitive information, or denial of service. Of interest is a precise understanding of security policies through modelling, as well as the design and analysis of mechanisms for enforcing them, and the architectural principles of software and hardware systems implementing them.

Prof. Pierangela Samarati
Department of Information Technology
Università degli Studi di Milano
Via Bramante 65
Crema, I-26013
Email: jcs@unimi.it

Prof. Andrew Myers
4133 Upson Hall
Department of Computer Science
Cornell University
Ithaca, NY 14853-7501
Email: jcs@unimi.it