Recent



Books

  • E. B. Fernandez, Designing secure architectures using security patterns, under contract with J. Wiley. To appear in the Wiley Series on Software Design Patterns.
  • E. B. Fernandez, E. Gudes, and M. Olivier, The design of secure systems, under contract with Addison-Wesley.
  • M. Schumacher, E. B. Fernandez, D. Hybertson, F. Buschmann, and P. Sommerlad, Security Patterns: Integrating security and systems engineering, Wiley 2006.



Journal Papers

  • X. Yuan and E. B. Fernandez, “Patterns for Business-to-Consumer E-Commerce Applications”, accepted for the International Journal of Software Engineering & Applications (IJSEA).
  • J. C. Pelaez and E. B. Fernandez, “Semi-formal models for VoIP network forensics”, accepted for the Int. Journal on Advances in Security (IARIA), 2010.
  • E. B. Fernandez and X. Yuan, “Semantic analysis patterns and secure semantic analysis patterns”, in revision for the Int. Journal of Information and Computer Security (IJICS). Inderscience Publishers.
  • A. Agarwal and E. B. Fernandez, “System Level Power Management for Embedded RTOS: an Object-Oriented Approach”, International Journal of Engineering (IJE), Volume 3, and Issue 5, 2010.
  • J. Pelaez, E. B. Fernandez and M. M. Larrondo-Petrie, “Misuse Patterns in VoIP”, Security and Communication Networks Journal, Wiley, vol. 2, No 2, 635-653, published online: 15 Apr 2009.
    http://www3.interscience.wiley.com/journal/122324463/abstract
  • M. VanHilst, E. B. Fernandez and F. Braz, “A Multidimensional Classification for Users of Security Patterns”, Journal of Research and Practice in Information Technology, vol. 41, No 2, May 2009, 87-97.
  • E. B. Fernandez, J. C. Pelaez and M. M. Larrondo-Petrie, “Security Patterns for Voice Over IP Networks”, Journal of Software, Vol. 2, No. 2, August 2007, pp. 19-29.
    http://www.academypublisher.com/jsw
  • B. Wu, J. Wu, E. B. Fernandez, M. Ilyas and S. Magliveras, “Secure and Efficient Key Management in Mobile Ad Hoc Networks”, Journal of Network and Computer Applications, Vol. 30, 2007, pp. 937-954.



Book Chapters (refereed)

  • M. VanHilst and E. B. Fernandez, “A Construct Grid Approach to Security Classification and Analysis”, accepted as a chapter in Strategic and Practical Approaches for Information Security Governance: Technologies and Applied Solutions, Manish Gupta, John Walp, and Raj Sharman, IGI Global 2011.
  • E. B. Fernandez, N. Yoshioka, H. Washizaki, J. Jurjens, M.VanHilst , and G. Pernul, “Using security patterns to develop secure systems”, in H. Mouratidis, Ed., Software engineering for secure systems: Industrial and Research Perspectives, IGI Global Group, 2010
    http://www.igi-global.com
  • E. B. Fernandez, K. Hashizume, I. Buckley, M. M. Larrondo-Petrie, and M. VanHilst, “Web services security: Standards and products”, Chapter 8 in Web Services Security Development and Architecture: Theoretical and Practical Issues, Carlos A. Gutierrez, Eduardo Fernandez-Medina, and Mario Piattini (Eds.), IGI Global Group 2010. 152-177.
  • E. B. Fernandez, M. M. Larrondo-Petrie, T. Sorgente, and M. VanHilst, “A methodology to develop secure systems using patterns”, Chapter 5 in “Integrating security and software engineering: Advances and future vision”, H. Mouratidis and P. Giorgini (Eds.), IDEA Press, 2006, 107-126.



Book Chapters (by invitation)

  • E. B. Fernandez, “Wireless network security for health applications”, to appear in the Pervasive Communication Handbook, M. Ilyas (Ed.), CRC Press 2011.
  • E. B. Fernandez, C. Marin, and M. M. Larrondo-Petrie, “Security requirements for social networks in Web 2.0″, in the Handbook of Social Networks: Technologies and Applications, B. Furht (Editor), Springer 2010.
    http://www.springer.com/computer/swe/book/978-1-4419-7141-8
  • E. B. Fernandez, “Security patterns and a methodology to apply them”, to appear in Security and Dependability for Ambient Intelligence, G. Spanoudakis and A. Maña (Eds.), Springer Verlag, 2009.
  • J. Jurjens and E. B. Fernandez, “Secure database development”, to appear in the Encyclopedia of Database Systems, Ling Liu and Tamer Oszu (eds.), Springer Verlag, Berlin, Germany, 2009.
  • E. B. Fernandez and M. VanHilst, “An overview of WiMax security”, Chapter 10 in the Handbook of WiMax security and QoS, S. Ahson and M. Ilyas (Eds.), CRC Press, Taylor and Francis Group, Boca Raton, FL, 2008, 197-204.
  • E. B. Fernandez and M. M. Larrondo Petrie, “Securing design patterns for distributed systems”, Chapter 3 in Security in Distributed, Grid, and Pervasive Computing, Y. Xiao (Ed.)., Auerbach Pubs., Taylor & Francis Group, LLC, 2007, 53-66.



Conference Papers

2011

  • K. Hashizume, N. Yoshioka, and E. B. Fernandez, “Misuse Patterns for Cloud Computing”, 2011.
  • M. Cardei, E. B. Fernandez, A. Sahu, and I. Cardei, “A pattern for Wireless System Architectures”, 2011.
  • S. Mujica, F. Valenzuela, and E. B. Fernandez, “Two security patterns: Least Privilege and Secure Logger/Auditor”, 2011.
  • J. Muñoz-Arteaga, E. B. Fernandez, and H. Caudel, “Misuse pattern: Spoofing web services”, sent to Asian PLoP 2011.
  • J. Muñoz-Arteaga, E. B. Fernandez, R. Santaolaya-Salgado, “Interaction Patterns for Designing Visual Feedback in Secure Websites”, presented at the Fourth International Conference on Advances in Computer-Human Interactions (ACHI 2011), February 23-28, 2011, Gosier, Guadeloupe, France.

2010

  • Y. Shiroma, H. Washizaki, Y. Fukazawa , A. Kubo, N. Yoshioka, and E. B. Fernandez, “Model-driven application and validation of security patterns”, 17th Conf. on Pattern Languages of Programs (PLoP 2010).
  • E. B. Fernandez and Sergio Mujica , “Building secure systems: From threats to security patterns”, Procs. of the XXIX International Conference of the Chilean Computer Society, Antofagasta, Chile, November 2010.
  • A. Sahu, E. B. Fernandez, Mihaela Cardei, and M. VanHilst, “A pattern for a sensor node”, Procs. 17th Conf. on Pattern Languages of Programs (PLoP 2010).
  • M. Van Hilst and E. B. Fernandez, “A Pattern System of Underlying Theories for Process Improvement”, Procs. 17th Conf. on Pattern Languages of Programs (PLoP 2010).
  • E. B. Fernandez, D. laRed M., and J. I. Pelaez, “A conceptual approach to voting based on patterns”, Procs.of the 36th Latin American Conf. on Informatics (CLEI 2010), 18-22 October, Asuncion, Paraguay. (Acceptance ratio: 27%.)
  • O. Ajaj and E. B. Fernandez, “A pattern for the WS-Policy standard”, Procs.of the 8th Latin American Conference on Pattern Languages of Programs (SugarLoafPLoP 2010), Salvador, Bahia, Brazil, Sept 23-26, 2010.
  • A. Kumar and E. B. Fernandez, “Security patterns for Virtual Private Networks”, Procs. of the 8th Latin American Conference on Pattern Languages of Programs (SugarLoafPLoP 2010), Salvador, Bahia, Brazil, Sept 23-26, 2010.
  • M. Solinas, J. Trad, J. Abdala, F. Capdevila, E. B. Fernandez, L. Antonelli, “Caso de éxito de método que aplica patrones de seguridad en la Ingeniería en Computación”, Congreso Argentino de Ciencias de la Computación 2010 (CACIC 2010).
  • C. Marin, E. B. Fernandez, and M. M. Larrondo-Petrie, “Patterns for social networks in Web 2.0″, Procs. of the 8th Latin American and Caribbean Conf. for Eng. and Technology (LACCEI’2010), June 1-4, 2010, Arequipa, Peru.
  • O. Ajaj and E. B. Fernandez, “A pattern for the WS-Trust standard of web services”, Procs. of the 1st Asian Conference on Pattern Languages of Programs (AsianPLoP 2010), Tokyo, Japan, March 16-17, 2010.
  • E. B. Fernandez, N. Yoshioka, and H. Washizaki, “A Worm misuse pattern”, Procs. of the 1st Asian Conference on Pattern Languages of Programs (AsianPLoP 2010), Tokyo, Japan, March 16-17, 2010.
  • M. Netter, E. B. Fernandez, and G. Pernul, “Refining the pattern-based reference model for electronic invoices by incorporating threats”, Procs. of the 4th workshop on Secure systems methodologies using patterns (SPattern 2010), in conjunction with ARES 2010, Krakow, Poland, February 2010.
  • E. B. Fernandez, N. Yoshioka, H. Washizaki, and M. VanHilst, “Measuring the level of security introduced by security patterns”, Procs. of the 4th workshop on Secure systems methodologies using patterns (SPattern 2010), in conjunction with ARES 2010, Krakow, Poland, February 2010.
  • E. B. Fernandez and M. M. Larrondo-Petrie, “Designing secure SCADA systems using security patterns”, Procs. of the 43rd Hawaii Conf. on Systems Science, Honolulu, Jan. 2010, 1-8.
    http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=5428672

2009

  • K. Hashizume, E. B. Fernandez, and Shihong Huang, “The WS-Security pattern”, First IEEE Int. Workshop on Security Eng. Environments, Dec. 17-19, 2009, Shanghai, China.
  • E. B. Fernandez, M. VanHilst, D. laRed M., and S. Mujica, “An extended reference monitor for security and safety”, Procs. of the 5th Iberoamerican Conference on Information Security (CIBSI 2009). Montevideo, Uruguay, November 2009.
  • I. Buckley and E. B. Fernandez, “Three patterns for fault tolerance”, Procs. of the OOPSLA MiniPLoP, October 26, 2009.
    http://www.refactory.com/miniploppapers/FT_Patts.pdf
  • E. B. Fernandez and J. Munoz-Arteaga, “Extending a secure software methodology with usability aspects”, position paper for the 3rd Workshop on Software Patterns and Quality (SPAQu’09), in conjunction with OOPSLA 2009.
  • E. B. Fernandez, N. Yoshioka, and H. Washizaki, “Security patterns and quality”, position paper for the 3rd Workshop on Software Patterns and Quality (SPAQu’09), in conjuction with OOPSLA 2009. Proceedings of the Third International Workshop on Software Patterns and Quality (pp. 46-47), in conjuction with OOPSLA 2009.
    http://grace-center.jp/downloads/GRACE-TR-2009-07.pdf
  • E. B. Fernandez and X. Yuan, “An Analysis Pattern for Invoice Processing”, Procs. of the 16th Conf. on Pattern Languages of Programs (PLoP 2009).
  • K. Hashizume and E. B. Fernandez, “Symmetric Encryption and XML Encryption Patterns”, Procs. of the 16th Conf. on Pattern Languages of Programs (PLoP 2009).
  • Z. Jiang and E. B. Fernandez, “Composing analysis patterns to build complex models: Flight reservation”, Procs. of the 16th Conf. on Pattern Languages of Programs (PLoP 2009).
  • Solinas Procs. of the 3rd Int. Workshop on Secure Systems Methodologies using Patterns (SPattern’09), in conjunction with the 6th International Conference on Trust, Privacy & Security in Digital Busines(TrustBus’09), pp. 176-180.
  • E. B. Fernandez and J. L. Ortega-Arjona, “The secure Pipes and Filters pattern”, Procs. of the Third Int Workshop on Secure System Methodologies using Patterns (SPattern 2009).
    http://www.matematicas.unam.mx/jloa/publicaciones/PipesFiltersMay22-09.pdf
  • H. Washizaki, E. B. Fernandez, K. Maruyama, A. Kubo, and N. Yoshioka, “Improving the classification of security patterns”, Procs. of the Third Int. Workshop on Secure System Methodologies using Patterns (SPattern 2009).
  • J. C. Pelaez and E. B. Fernandez. “VoIP Network Forensic Patterns”, Procs. of the Fourth International Multi-Conference on Computing in the Global Information Technology (ICCGI 2009), Cannes, France, August 23-29.
  • K. Hashizume, E. B. Fernandez, and S. Huang, “Digital Signature with Hashing and XML Signature patterns”, Procs. of the 14th European Conf. on Pattern Languages of Programs (EuroPLoP 2009).
  • I. Buckley, E. B. Fernandez, G. Rossi, and M. Sadjadi, “Web services reliability patterns”, short paper in the 21st International Conference on Software Engineering and Knowledge Engineering (SEKE’2009), Boston, July 1-3, 2009, 4-9. (Acceptance rate 38%.)
  • M. VanHilst, E. B. Fernandez, and F. Braz, “Building a Concept Grid to Classify Security Patterns”, short paper for the 21st International Conference on Software Engineering and Knowledge Engineering (SEKE’2009), July 1-3, 2009, Boston.
  • E. B. Fernandez and M. M. Larrondo-Petrie, “A project on web services security and reliability”, 7th Latin American and Caribbean Conference for Engineering and Technology (LACCEI 2009), June 2-5, 2009, San Cristobal, Venezuela.
  • E. B. Fernandez, J. Wu, M. M. Larrondo-Petrie and Y. Shao, “On building secure SCADA Systems using Security Patterns”, Procs. of the Cyber security and information intelligence challenges and strategies (CSIIR 2009). Oak Ridge, TN, April 13-15, 2009.
  • L. L. Lobato and E. B. Fernandez, “Patterns to support the development of privacy policies”, Procs. of the First Int. Wokshop on Organizational Security Aspects (OSA 2009), in conjuction with ARES 2009. March 16-19, 2009, Fukuoka, Japan.
  • E. B. Fernandez, N. Yoshioka and H. Washizaki, “Modeling misuse patterns”, Procs. of the 4th Int. Workshop on Dependability Aspects of Data Warehousing and Mining Applications (DAWAM 2009), in conjunction with the 4th Int.Conf. on Availability, Reliability, and Security (ARES 2009). March 16-19, 2009, Fukuoka, Japan.

2008

  • E. B. Fernandez, H. Washizaki, and N. Yoshioka, “Abstract security patterns”, Position paper in Procs. of the 2nd Workshop on Software Patterns and Quality (SPAQu’08), in conjuction with the 15th Conf. on Pattern Languages of Programs (PLoP 2008), October 18-20, 2008, Nashville, TN.
  • E. B. Fernandez and D. laRed M., “Patterns for the secure and reliable execution of processes”. Procs. of the 15th Int. Conference on Pattern Languages of Programs (PLoP 2008), collocated with OOPSLA, Nashville, TN, Oct. 2008.
  • J. L. Ortega-Arjona and E. B. Fernandez, “The Secure Blackboard pattern”, Procs. of the 15th Int. Conference on Pattern Languages of Programs (PLoP 2008), co-located with OOPSLA, Nashville, TN, Oct. 2008.
    http://www.matematicas.unam.mx/jloa/publicaciones/secureBlackboard.pdf
  • E. B. Fernandez, G. Pernul, and M. M. Larrondo-Petrie, “Patterns and pattern diagrams for access control”, Procs. of the 5th Int. Conf. on Trust, Privacy, and Security in Digital Systems (Trustbus’08), Turin, Italy, Sept. 1-5, 2008. Springer LNCS 5185, 38-47 (Acceptance ratio: 53 %.)
  • F. Braz, E. B. Fernandez, and M. VanHilst, “Eliciting security requirements through misuse activities”, Procs. of the 2nd Int. Workshop on Secure Systems Methodologies using Patterns (SPattern’07), in conjunction with the 4th International Conference onTrust, Privacy & Security in Digital Busines(TrustBus’07), Turin, Italy, September 1-5, 2008. 328-333.
  • E. B. Fernandez, J. Jurjens, N. Yoshioka, and H. Washizaki, “Incorporating database systems into a secure software development methodology”, Procs. of the 2nd Int. Workshop on Secure Systems Methodologies using Patterns (SPattern’07), in conjunction with the 4th International Conference onTrust, Privacy & Security in Digital Busines(TrustBus’07), Turin, Italy, September 1-5, 2008. 310-314.
  • M. VanHilst, E. B. Fernandez, and F. Braz, “A multidimensional classification for users of security patterns”, Procs. of the 6th Int. Workshop on Security in Information Systems (WOSIS 2008), Barcelona, Spain, June 12-13, 2008, in conjunction with ICEIS 2008, 89-98. (Acceptance ratio: 47.6%.)
  • E. B. Fernandez and M. M. Larrondo-Petrie, “A Course on security for critical infrastructure systems”, Procs. of the 6th Latin American and Caribbean Conference for Engineering and Technology (LACCEI 2008), June 4-6, 2008, Tegucigalpa, Honduras.
  • E. B. Fernandez, H. Washizaki, N. Yoshioka, A. Kubo, and Y. Fukazawa, “Classifying security patterns”, Procs. of the 10th Asia-Pacific Web Conference (APWEB’08), April 26-28, 2008, Shenyang, China. (Acceptance ratio 37%.) Springer LNCS 4976/2008, 342-347.
  • N. Delessy and E. B. Fernandez, “A pattern-driven security process for SOA applications”, Procs. of the ACM Symposium on Applied Computing (ACM SAC 2008), Fortaleza, Ceara, Brazil, March 16-20, 2008. Short paper.
  • N. Delessy and E. B. Fernandez, “A pattern-driven security process for SOA applications”, Procs. of the 3rd Int. Conf. on Availability, Reliability, and Security (ARES 2008). Barcelona, Spain, March 4-7, 2008, 416-421. (Acceptance ratio: 21 %.)
  • E. B. Fernandez, M. Fonoage, M. VanHilst, and M. Marta, “The secure three-tier architecture”, Procs. of the Second Workshop on Engineering Complex Distributed Systems (ECDS 2008), Barcelona, Spain, March 4-7, 2008. 555-560.

2007

  • E. B. Fernandez, M. M. Larrondo-Petrie, and M. VanHilst, “A methodology to build secure systems using patterns”, short paper in the 23rd Annual Computer Security Applications Conference (ACSAC), Miami Beach, December 10-14, 2007.
  • E. B. Fernandez, N. Yoshioka, H. Washizaki, and J. Jurjens, “Using security patterns to build secure systems”, position paper in the 1st Int. Workshop on Software Patterns and Quality (SPAQu’07), Nagoya, Japan, December 3, 2007, collocated with the 14th Asia-Pacific Software Engineering Conference (APSEC).
  • M. VanHilst and E. B. Fernandez, “Reverse engineering and the verification of security patterns in code”, Procs. of the 1st Int. Workshop on Software Patterns and Quality (SPAQu’07), Nagoya, Japan, December 3, 2007, collocated with the 14th Asia-Pacific Software Engineering Conference (APSEC),
  • J. C. Pelaez, E. B. Fernandez, M. M. Larrondo-Petrie, and C. Wieser, “Attack patterns in VoIP”, Procs. of the 14th Pattern Languages of Programs Conference (PLoP2007), Monticello, Illinois, USA, September 5-8, 2007.
  • N. Delessy. E. B. Fernandez, M. M. Larrondo-Petrie, and J. Wu, “Patterns for access control in distributed systems”, Procs. of the 14th Pattern Languages of Programs Conference (PLoP 2007), Monticello, Illinois, USA, September 5-8, 2007.
  • E. B. Fernandez, P. Cholmondeley, and O. Zimmermann, “Extending a secure system development methodology to SOA”, Procs. of the 1st Int. Workshop on Secure Systems Methodologies Using Patterns (SPattern’07) in conjunction with the 4th International Conference on Trust, Privacy & Security in Digital Business (TrustBus’07), Regensburg, Germany, September 03-07, 2007, 749-754.
  • E. B. Fernandez , M. VanHilst, and J. C. Pelaez, “Patterns for WiMax security”, Procs. EuroPLoP 2007.
  • J. C. Pelaez, E. B. Fernandez, and C. Wieser, “Patterns for VoIP signaling protocol architectures”, Procs. EuroPLoP 2007.
  • E. B. Fernandez, J. Ballesteros, A. C. Desouza-Doucet, and M. M. Larrondo-Petrie, “Security Patterns for Physical Access Control Systems”, in S. Barker and G. J. Ahn (Eds.), Data and Applications Security XXI, LNCS 4602, 259-274, Springer 2007. Procs. of the 21st Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Redondo Beach, California, U.S.A, July 8-11, 2007. (Acceptance ratio: 40%.)
  • N. Delessy and E. B. Fernandez, “Adapting web services security standards for mobile and wireless environments”, in “Advances in Web and Network Technologies, and Information Management”, K. Chen-Chuan Chang, W. Wang, L. Chen, C.A.Ellis, C-H Hsu, A.C.Tsoi, and H. Wang (Eds.), Springer LNCS 4537, 624-633. Procs. of the 2007 International Workshop on Application and Security service in Web and pervAsive eNvironments (ASWAN 2007), June 16-18, 2007, HuangShan (Yellow Mountain), China. (Acceptance ratio: 26%.)
  • E. B. Fernandez, D. L. laRed M., J. Forneron, V. E. Uribe, and G. Rodriguez, “A secure analysis pattern for handling legal cases”, Procs. of the 6th Latin American Conference on Pattern Languages of Programming (SugarLoafPLoP’2007), 178-187.
    http://sugarloafplop.dsc.upe.br/AnaisSugar2007_WEB.pdf
  • M. Fullerton and E. B. Fernandez, “An analysis pattern for Customer Relationship Management (CRM)”, Procs. of the 6th Latin American Conference on Pattern Languages of Programming (SugarLoafPLoP’2007), May 27-30, 2007, Porto de Galinhas, Pernambuco, Brazil, 80-90.
  • E. B. Fernandez and X.Y. Yuan, “Securing analysis patterns”, Procs. of the 45th ACM Southeast Conference (ACMSE 2007), March 23-24, 2007, Winston-Salem, North Carolina. (Acceptance ratio: 59%.)
    http://acmse2007.wfu.edu
  • E. B. Fernandez, C. Pertuz, and M. M. Larrondo-Petrie, “A security pattern for Pipes and Filters”, Procs. of the 5th Latin American and Caribbean Conference for Engineering and Technology (LACCEI 2007), Tampico, MX, May 29-June 1st, 2007.
    www.laccei.org
  • E. B. Fernandez, M. M. Larrondo-Petrie, and A. Escobar, “Contexts and context-based access control”, Procs. of the 3rd IEEE Int. Conf. on Wireless and Mobile Communications (ICWMC 2007), March 4-9, Guadeloupe, French Caribbean.
  • E. B. Fernandez, J. C. Pelaez, and M. M. Larrondo-Petrie, “Security patterns for voice over IP networks”, Procs. of the 2nd IEEE Int. Multiconference on Computing in the Global Information Technology (ICCGI 2007), March 4-9, Guadeloupe, French Caribbean. Best paper award.
  • N. Delessy, E. B. Fernandez, and M. M. Larrondo-Petrie, “A pattern language for identity management”, Procs. of the 2nd IEEE Int. Multiconference on Computing in the Global Information Technology (ICCGI 2007), March 4-9, Guadeloupe, French Caribbean.
    http://www.computer.org/portal/web/csdl/doi/10.1109/ICCGI.2007.5
  • E. B. Fernandez, J. C. Pelaez, and M. M. Larrondo-Petrie, “Attack patterns: A new forensic and design tool”, Procs. of the Third Annual IFIP WG 11.9 Int. Conf. on Digital Forensics, Orlando, FL, Jan. 29-31, 2007. Chapter 24 in Advances in Digital Forensics III, P. Craiger and S. Shenoi (Eds.), Springer/IFIP, 2007, 345-357. (Acceptance ratio: 58%.)
    www.cis.utulsa.edu/ifip119

2006

  • E. B. Fernandez and M. M. Larrondo-Petrie, “A methodology to build secure systems using patterns”, 22nd Annual Computer Security Applications Conference (ACSAC), Works in Progress, Miami Beach, FL, Dec. 11-15.
    http://www.acsac.org
  • E. B. Fernandez, “Security patterns”, Procs. of the Eigth International Symposium on System and Information Security – SSI’2006, Keynote talk, Sao Jose dos Campos, Brazil, November 08-10, 2006.
  • E. B. Fernandez and G. Pernul, “Patterns for Session-Based Access Control”, Procs. of the Conference on Pattern Languages of Programs, PLoP 2006, Portland, OR, October 2006.
    http://hillside.net/plop/2006/
  • P. Morrison and E. B. Fernandez, “The Credential pattern”, Procs. of the Conference on Pattern Languages of Programs, PLoP 2006, Portland, OR, October 2006.
    http://hillside.net/plop/2006/
  • E. B. Fernandez, T. Sorgente, and M. M. Larrondo-Petrie, “Even more patterns for secure operating systems,” Procs. of the Conference on Pattern Languages of Programs, PLoP 2006, Portland, OR, October 2006.
    http://hillside.net/plop/2006/
  • E. B. Fernandez, N.A.Delessy, and M. M. Larrondo-Petrie, “Patterns for web services security”, in Best Practices and Methodologies in Service-Oriented Architectures, L. A. Skar and A.A.Bjerkestrand (Eds.), 29-39, part of OOPSLA 2006, the 21st Int. Conf. on Object-Oriented Programming, Systems, Languages, and Applications, Portland, OR, ACM, October 22-26.
  • E. B. Fernandez, M. VanHilst, M. M. Larrondo Petrie, S. Huang, “Defining Security Requirements through Misuse Actions”, in Advanced Software Engineering: Expanding the Frontiers of Software Technology, S. F. Ochoa and G.-C. Roman (Eds.), International Federation for Information Processing, Springer, 2006, 123-137. (Acceptance ratio: 40%.)
  • E. B. Fernandez and M. M. Larrondo-Petrie, “Developing secure architectures for middleware systems”, Procs. of CLEI 2006. (XXXII Conferencia Latinoamericana de Informática). (Acceptance ratio: 45%.)
  • P. Morrison and E. B. Fernandez, “Securing the Broker pattern”, Procs. of the 11th European Conf. on Pattern Languages of Programs (EuroPLoP 2006).
    http://hillside.net/europlop/europlop2006/
  • E. B. Fernandez and M. M. Larrondo-Petrie, “Security patterns and secure systems design”, Procs. of the 4th Latin American and Caribbean Conference for Engineering and Technology (LACCEI 2006), Mayaguez, Puerto Rico, June 21-23, 2006.
  • J. Pelaez and E. B. Fernandez, “Network forensics in wireless VoIP networks”, Procs. of the 4th Latin American and Caribbean Conference for Engineering and Technology (LACCEI 2006), Mayaguez, Puerto Rico, June 21-23, 2006.
  • E. B. Fernandez, S. Huang, and M. M. Larrondo-Petrie, “A set of courses for teaching secure software development”, Workshop on Secure Software Engineering Education and Training, Hawaii, April 2006. Part of the 19th Conference on Software Engineering Education and Training, CSEET 2006, Oahu, Hawaii, USA, 2006.
  • E. B. Fernandez and N. Delessy, “Using patterns to understand and compare web services security products and standards”, Proceedings of the Int. Conference on Web Applications and Services (ICIW’06), Guadeloupe, February 2006. IEEE Comp. Society, 2006.
  • E. B. Fernandez, S. Huang, and M. M. Larrondo-Petrie, “Building secure middleware using patterns”, Procs. of the IEEE Int. Symposium and School on Advanced Distributed Systems (ISSADS 2006).

2005

  • E. B. Fernandez and David L. la Red M., “Using patterns to develop, evaluate, and teach secure operating systems”, Proceedings of the Congreso Internacional de Auditoría y Seguridad de la Información (CIASI 2005), Madrid, Spain, 125-130.
  • E. B. Fernandez and T. Sorgente, “A pattern language for secure operating system architectures”, Proceedings of the 5th Latin American Conference on Pattern Languages of Programs, Campos do Jordao, Brazil, August 16-19, 2005, 68-88.
  • E. B. Fernandez and M. M. Larrondo-Petrie, “A sequence of security courses based on a methodology with patterns”. VIII Congreso Chileno de Educación Superior en Computación, Valdivia, Chile, November 7-11, 2005.
  • E. B. Fernandez, T. Anantvalee, J. Labush, and M. M. Larrondo-Petrie, “Analysis patterns for elections”, in Proceedings of the Nordic Conference on Pattern Languages of Programs, Viking PLoP 2005, Otaniemi, Finland, 23-25 September 2005.
  • E. B. Fernandez and A. Kumar, “A security pattern for rule-based intrusion detection”, Proceedings of the Nordic Conference on Pattern Languages of Programs, Viking PLoP 2005, Otaniemi, Finland, 23-25 September 2005.
  • E. B. Fernandez, Tami Sorgente, and M. VanHilst, “Constrained Resource Assignment Description Pattern”. Proceedings of the Nordic Conference on Pattern Languages of Programs, Viking PLoP 2005, Otaniemi, Finland, 23-25 September 2005.
  • N. Delessy, and E. B. Fernandez, “Patterns for the eXtensible Access Control Markup Language”, in Proceedings of the 12th Pattern Languages of Programs Conference (PLoP2005), Monticello, Illinois, USA, 7-10 September 2005.
    http://hillside.net/plop/2005/proceedings/
  • M. Sadicoff, M. M. Larrondo-Petrie, and E. B. Fernandez, “Privacy-Aware Network Client Pattern”, in Proceedings of the 12th Pattern Languages of Programs Conference (PLoP2005), Monticello, Illinois, USA, 7-10 September 2005.
    http://hillside.net/plop/2005/proceedings/PLoP2005_msadicoff0_0.pdf
  • T. Sorgente, E. B. Fernandez, and M. M. Larrondo-Petrie, “The SOAP pattern for medical charts”, in Proceedings of the 12th Pattern Languages of Programs Conference (PLoP2005), Monticello, Illinois, 7-10 September 2005.
    http://hillside.net/plop/2005/proceedings/PLoP2005_tsorgente0_1.pdf
  • E. B. Fernandez and M. M. Larrondo-Petrie, “Teaching a course on data and network security using UML and patterns”, Procs. of the Educators Symposium of MoDELS/UML 2005, Montego Bay, Jamaica, October 2-7, 2005.
  • J. Pelaez and E. B. Fernandez, “Security in Voice over Internet Protocols (VoIP) networks”, Procs. of the 3rd Latin American and Caribbean Conference for Engineering and Technology (LACCEI), Cartagena, Colombia, June 8-10, 2005.
  • E. B. Fernandez, T. Sorgente, and M. M. Larrondo-Petrie, “A UML-based methodology for secure systems: The design stage”, Procs. of the Third International Workshop on Security in Information Systems (WOSIS-2005), Miami, May 24-25, 2005, 207-216.
  • E. B. Fernandez, and M. M. Larrondo-Petrie, “Using UML and Security Patterns to Teach Secure Systems Design,” in Proceedings of the American Society for Engineering Education Conference, ASEE’05, Portland, Oregon, USA, 12–17 June 2005.
  • E. B. Fernandez and T. Sorgente, “An analysis of modeling flaws in HL7 and JAHIS”, in Procs. of the ACM Symposium on Applied Computing (SAC’05), Santa Fe, NM, March 2005. (Acceptance ratio: 26%.)

Submitted

  • K. Hashizume and E. B. Fernandez, to Software Practice and Experience, a Wiley journal (Special issue on Pattern Languages).
  • Y. Shiroma, H. Washizaki, Y. Fukazawa, A. Kubo, N. Yoshioka, and E. B. Fernandez, “Model-driven application and validation of security patterns”, to Software Practice and Experience, a Wiley journal (Special issue on Pattern Languages).
  • I. Buckley and E. B. Fernandez, “Enumerating failures to build reliable systems”, sent to the IEEE CQR (Int. workshop on Comm. Quality and Reliability), Naples, Florida, 10-12 May 2011.
  • A. Marcus, M. Cardei, I. Cardei, E. B. Fernandez, F. Frati, and E. Damiani, “A pattern for web-based WSN monitoring”, sent to the Journal of Communications (JCM) Special Issue on New Advances in Wireless Sensor Networks.
  • E. B. Fernandez, D. LaRed M., and J. I. Pelaez, “A conceptual approach to voting based on patterns”, sent to the Journal of Theoretical and Applied Electronic Commerce Research (JTAER).