{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,20]],"date-time":"2026-01-20T09:13:43Z","timestamp":1768900423017,"version":"3.49.0"},"publisher-location":"Cham","reference-count":18,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030587925","type":"print"},{"value":"9783030587932","type":"electronic"}],"license":[{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"},{"start":{"date-parts":[[2020,1,1]],"date-time":"2020-01-01T00:00:00Z","timestamp":1577836800000},"content-version":"vor","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2020]]},"DOI":"10.1007\/978-3-030-58793-2_26","type":"book-chapter","created":{"date-parts":[[2020,8,30]],"date-time":"2020-08-30T23:04:02Z","timestamp":1598828642000},"page":"317-331","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["A Cloud SecDevOps Methodology: From Design to Testing"],"prefix":"10.1007","author":[{"given":"Valentina","family":"Casola","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Alessandra","family":"De Benedictis","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Massimiliano","family":"Rak","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Giovanni","family":"Salzillo","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2020,8,31]]},"reference":[{"key":"26_CR1","unstructured":"Anderson, R.: Security Engineering: A Guide to Building Dependable Distributed Systems, 2nd edn (2008). http:\/\/www.cl.cam.ac.uk\/~rja14\/book.html"},{"issue":"5","key":"26_CR2","doi-asserted-by":"publisher","first-page":"741","DOI":"10.1109\/TSC.2016.2540630","volume":"10","author":"V Casola","year":"2017","unstructured":"Casola, V., De Benedictis, A., Erascu, M., Modic, J., Rak, M.: Automatically enforcing security SLAs in the cloud. IEEE Trans. Serv. Comput. 10(5), 741\u2013755 (2017)","journal-title":"IEEE Trans. Serv. Comput."},{"issue":"2","key":"26_CR3","doi-asserted-by":"publisher","first-page":"267","DOI":"10.1504\/IJGUC.2020.105541","volume":"11","author":"V Casola","year":"2020","unstructured":"Casola, V., De Benedictis, A., Rak, M., Villano, U.: A methodology for automated penetration testing of cloud applications. Int. J. Grid Util. Comput. 11(2), 267\u2013277 (2020)","journal-title":"Int. J. Grid Util. Comput."},{"key":"26_CR4","doi-asserted-by":"publisher","first-page":"110537","DOI":"10.1016\/j.jss.2020.110537","volume":"163","author":"V Casola","year":"2020","unstructured":"Casola, V., De Benedictis, A., Rak, M., Villano, U.: A novel security-by-design methodology: modeling and assessing security by SLAs with a quantitative approach. J. Syst. Softw. 163, 110537 (2020)","journal-title":"J. Syst. Softw."},{"key":"26_CR5","unstructured":"Cavoukian, A., Chanliau, M.: Privacy and security by design: an enterprise architecture approach (2013). https:\/\/www.ipc.on.ca\/wp-content\/uploads\/Resources\/pbd-privacy-and-security-by-design-oracle.pdf"},{"key":"26_CR6","unstructured":"Common Criteria: CCMB-2017-04-001: Common Criteria for Information Technology Security Evaluation v3.1 rev5 (2017). https:\/\/www.commoncriteriaportal.org\/files\/ccfiles\/CCPART1V3.1R5.pdf"},{"key":"26_CR7","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"223","DOI":"10.1007\/978-3-030-41702-4_14","volume-title":"Information Security Theory and Practice","author":"N Dejon","year":"2020","unstructured":"Dejon, N., Caputo, D., Verderame, L., Armando, A., Merlo, A.: Automated security analysis of IoT software updates. In: Laurent, M., Giannetsos, T. (eds.) WISTP 2019. LNCS, vol. 12024, pp. 223\u2013239. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-41702-4_14"},{"issue":"6","key":"26_CR8","doi-asserted-by":"publisher","first-page":"12","DOI":"10.1109\/MC.2010.159","volume":"43","author":"D Geer","year":"2010","unstructured":"Geer, D.: Are companies actually using secure development life cycles? Computer 43(6), 12\u201316 (2010)","journal-title":"Computer"},{"key":"26_CR9","unstructured":"Herzog, P.: OSSTMM 3: the open source security testing methodology manual-contemporary security testing and analysis (2010). http:\/\/www.isecom.org\/"},{"key":"26_CR10","unstructured":"Jayaram, K., Mathur, A.P.: Software engineering for secure software-state of the art: a survey. Purdue University (2005)"},{"key":"26_CR11","doi-asserted-by":"crossref","unstructured":"Scarfone, K., Souppaya, M., Cody, A., Orebaugh, A.: Technical guide to information security testing and assessment. NIST Special Publication 800\u2013115 (2008)","DOI":"10.6028\/NIST.SP.800-115"},{"key":"26_CR12","doi-asserted-by":"publisher","unstructured":"Knowles, W., Baron, A., McGarr, T.: The simulated security assessment ecosystem: does penetration testing need standardisation? Comput. Secur. 62, 296\u2013316 (2016). https:\/\/doi.org\/10.1016\/j.cose.2016.08.002","DOI":"10.1016\/j.cose.2016.08.002"},{"key":"26_CR13","unstructured":"National Institute of Standards and Technology: SP 800\u201353 Rev 4: Recommended Security and Privacy Controls for Federal Information Systems and Organizations. Technical report (2013). http:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-53r4.pdf"},{"key":"26_CR14","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"786","DOI":"10.1007\/978-3-319-57186-7_57","volume-title":"Green, Pervasive, and Cloud Computing","author":"M Rak","year":"2017","unstructured":"Rak, M.: Security assurance of (multi-)cloud application with security SLA composition. In: Au, M.H.A., Castiglione, A., Choo, K.-K.R., Palmieri, F., Li, K.-C. (eds.) GPC 2017. LNCS, vol. 10232, pp. 786\u2013799. Springer, Cham (2017). https:\/\/doi.org\/10.1007\/978-3-319-57186-7_57"},{"key":"26_CR15","unstructured":"Ross, R., McEvilley, M., Oren, J.C.: NIST SP 800\u2013160: systems security engineering: considerations for a multidisciplinary approach in the engineering of trustworthy secure systems (2016). https:\/\/nvlpubs.nist.gov\/nistpubs\/SpecialPublications\/NIST.SP.800-160v1.pdf"},{"key":"26_CR16","doi-asserted-by":"crossref","unstructured":"Santos, J.C.S., Tarrit, K., Mirakhorli, M.: A catalog of security architecture weaknesses. In: 2017 IEEE International Conference on Software Architecture Workshops (ICSAW), pp. 220\u2013223 (2017)","DOI":"10.1109\/ICSAW.2017.25"},{"key":"26_CR17","unstructured":"The Software Assurance Forum for Excellence in Code (SAFECode): Fundamental Practices for Secure Software Development Essential Elements of a Secure Development Lifecycle Program - Third Edition (2018)"},{"key":"26_CR18","series-title":"Advances in Intelligent Systems and Computing","doi-asserted-by":"publisher","first-page":"867","DOI":"10.1007\/978-3-030-44038-1_79","volume-title":"Web, Artificial Intelligence and Network Applications","author":"L Verderame","year":"2020","unstructured":"Verderame, L., Caputo, D., Migliardi, M., Merlo, A.: AppIoTTE: an architecture for the security assessment of mobile-IoT ecosystems. In: Barolli, L., Amato, F., Moscato, F., Enokido, T., Takizawa, M. (eds.) WAINA 2020. AISC, vol. 1150, pp. 867\u2013876. Springer, Cham (2020). https:\/\/doi.org\/10.1007\/978-3-030-44038-1_79"}],"container-title":["Communications in Computer and Information Science","Quality of Information and Communications Technology"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-58793-2_26","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,4,24]],"date-time":"2021-04-24T08:37:57Z","timestamp":1619253477000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-030-58793-2_26"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020]]},"ISBN":["9783030587925","9783030587932"],"references-count":18,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-58793-2_26","relation":{},"ISSN":["1865-0929","1865-0937"],"issn-type":[{"value":"1865-0929","type":"print"},{"value":"1865-0937","type":"electronic"}],"subject":[],"published":{"date-parts":[[2020]]},"assertion":[{"value":"31 August 2020","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"QUATIC","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on the Quality of Information and Communications Technology","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Faro","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Portugal","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2020","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"9 September 2020","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"11 September 2020","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"13","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"quatic2020","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"https:\/\/2020.quatic.org\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Double-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"81","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"27","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"12","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"33% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"The conference was held virtually due to the COVID-19 pandemic.","order":10,"name":"additional_info_on_review_process","label":"Additional Info on Review Process","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}