{"id":"https://openalex.org/W2885220124","doi":"https://doi.org/10.3233/978-1-60750-014-8-149","title":"Software Security Vulnerabilities Seen As Feature Interactions","display_name":"Software Security Vulnerabilities Seen As Feature Interactions","publication_year":2009,"publication_date":"2009-01-01","ids":{"openalex":"https://openalex.org/W2885220124","doi":"https://doi.org/10.3233/978-1-60750-014-8-149","mag":"2885220124"},"language":"en","primary_location":{"id":"doi:10.3233/978-1-60750-014-8-149","is_oa":false,"landing_page_url":"https://doi.org/10.3233/978-1-60750-014-8-149","pdf_url":null,"source":{"id":"https://openalex.org/S4306463470","display_name":"IOS Press eBooks","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310318577","host_organization_name":"IOS Press","host_organization_lineage":["https://openalex.org/P4310318577"],"host_organization_lineage_names":["IOS Press"],"type":"ebook platform"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Feature Interactions in Software and Communication Systems X","raw_type":"book-chapter"},"type":"book-chapter","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5007509079","display_name":"Guy-Vincent Jourdan","orcid":"https://orcid.org/0000-0001-6067-6545"},"institutions":[{"id":"https://openalex.org/I153718931","display_name":"University of Ottawa","ror":"https://ror.org/03c4mmv16","country_code":"CA","type":"education","lineage":["https://openalex.org/I153718931"]}],"countries":["CA"],"is_corresponding":true,"raw_author_name":"Jourdan Guy-Vincent","raw_affiliation_strings":["University of Ottawa"],"affiliations":[{"raw_affiliation_string":"University of Ottawa","institution_ids":["https://openalex.org/I153718931"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":["https://openalex.org/A5007509079"],"corresponding_institution_ids":["https://openalex.org/I153718931"],"apc_list":null,"apc_paid":null,"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.32896192,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":"149","last_page":"159"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":1.0,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9955000281333923,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9945999979972839,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.6471061706542969},{"id":"https://openalex.org/keywords/feature","display_name":"Feature (linguistics)","score":0.6026984453201294},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.5969667434692383},{"id":"https://openalex.org/keywords/security-bug","display_name":"Security bug","score":0.5957998633384705},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5855344533920288},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.5579285621643066},{"id":"https://openalex.org/keywords/software","display_name":"Software","score":0.46146753430366516},{"id":"https://openalex.org/keywords/programming-language","display_name":"Programming language","score":0.17363208532333374},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.13444215059280396},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.07847726345062256},{"id":"https://openalex.org/keywords/linguistics","display_name":"Linguistics","score":0.05016028881072998},{"id":"https://openalex.org/keywords/philosophy","display_name":"Philosophy","score":0.04444622993469238}],"concepts":[{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.6471061706542969},{"id":"https://openalex.org/C2776401178","wikidata":"https://www.wikidata.org/wiki/Q12050496","display_name":"Feature (linguistics)","level":2,"score":0.6026984453201294},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5969667434692383},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.5957998633384705},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5855344533920288},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.5579285621643066},{"id":"https://openalex.org/C2777904410","wikidata":"https://www.wikidata.org/wiki/Q7397","display_name":"Software","level":2,"score":0.46146753430366516},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.17363208532333374},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.13444215059280396},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.07847726345062256},{"id":"https://openalex.org/C41895202","wikidata":"https://www.wikidata.org/wiki/Q8162","display_name":"Linguistics","level":1,"score":0.05016028881072998},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.04444622993469238}],"mesh":[],"locations_count":3,"locations":[{"id":"doi:10.3233/978-1-60750-014-8-149","is_oa":false,"landing_page_url":"https://doi.org/10.3233/978-1-60750-014-8-149","pdf_url":null,"source":{"id":"https://openalex.org/S4306463470","display_name":"IOS Press eBooks","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/P4310318577","host_organization_name":"IOS Press","host_organization_lineage":["https://openalex.org/P4310318577"],"host_organization_lineage_names":["IOS Press"],"type":"ebook platform"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Feature Interactions in Software and Communication Systems X","raw_type":"book-chapter"},{"id":"pmh:oai:CiteSeerX.psu:10.1.1.993.9818","is_oa":false,"landing_page_url":"http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.993.9818","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"http://www.eiti.uottawa.ca/%7Egvj/papers/C26.pdf","raw_type":"text"},{"id":"mag:2885220124","is_oa":false,"landing_page_url":"https://www.site.uottawa.ca/~gvj/papers/C26.pdf","pdf_url":null,"source":null,"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":null}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.41999998688697815,"display_name":"Peace, Justice and strong institutions","id":"https://metadata.un.org/sdg/16"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":8,"referenced_works":["https://openalex.org/W1600776630","https://openalex.org/W1604658196","https://openalex.org/W2015004885","https://openalex.org/W2072978486","https://openalex.org/W2116475161","https://openalex.org/W2171834277","https://openalex.org/W2496257339","https://openalex.org/W2564142338"],"related_works":["https://openalex.org/W1978034799","https://openalex.org/W4384518368","https://openalex.org/W2141388993","https://openalex.org/W2155353733","https://openalex.org/W2504659933","https://openalex.org/W2039943835","https://openalex.org/W2293245356","https://openalex.org/W2560421591","https://openalex.org/W1566131087","https://openalex.org/W2044639210"],"abstract_inverted_index":{"The":[0],"security":[1,20,115,146],"of":[2,38,44,69,82,94,141],"software":[3,48,51,114,145],"applications":[4],"is":[5],"an":[6],"important":[7],"domain,":[8],"and":[9,19,117],"one":[10,140],"that":[11,110,119],"mixes":[12],"formalisms":[13],"(e.g.":[14],"when":[15,63],"dealing":[16],"with":[17,22,139],"cryptography":[18],"protocols)":[21],"very":[23],"ad":[24],"hoc,":[25],"low":[26],"level":[27],"practical":[28],"solutions.":[29],"In":[30],"this":[31,56,66],"paper,":[32],"we":[33,64,123],"look":[34],"at":[35,92],"a":[36,50,129],"subset":[37,68],"the":[39,42,70,95,126,136,142],"&amp;ldquo;security&amp;rdquo;":[40],"field:":[41],"production":[43],"secure,":[45],"general":[46],"purpose":[47],"from":[49],"engineering":[52],"viewpoint.":[53],"We":[54,60,86,133],"call":[55],"simply":[57],"&amp;ldquo;software":[58],"security&amp;rdquo;.":[59],"show":[61,118],"that,":[62],"analyze":[65],"particular":[67],"field,":[71],"many":[72],"if":[73],"not":[74],"most":[75,98],"problems":[76],"turn":[77],"out":[78],"to":[79],"be":[80],"instances":[81],"feature":[83,130],"interactions":[84,131],"problems.":[85],"illustrate":[87],"our":[88],"claim":[89],"by":[90,106],"looking":[91],"three":[93,109],"top":[96],"ten":[97],"common":[99],"vulnerabilities":[100],"in":[101,112,120],"Web":[102],"application":[103],"as":[104,128],"published":[105],"OWASP":[107],"(the":[108],"are":[111],"fact":[113],"issues)":[116],"each":[121],"instance,":[122],"can":[124],"express":[125],"problem":[127],"problem.":[132],"also":[134],"reach":[135],"same":[137],"conclusion":[138],"latest":[143],"generalized":[144],"vulnerability,":[147],"&amp;ldquo;ClickJacking&amp;rdquo;.":[148]},"counts_by_year":[],"updated_date":"2026-04-05T17:49:38.594831","created_date":"2025-10-10T00:00:00"}