Call for Abstracts: Third International Workshop on Analysis of Security APIs July 10-11 2009, Port Jefferson, New York, USA. (a satellite workshop of IEEE CSF 22) http://www.lsv.ens-cachan.fr/~steel/asa3/ *** Deadline for extended abstracts: May 6th 2009 *** Aim and Format Security APIs allow untrusted code to access sensitive resources in a secure way. Security API analysis is an emerging field of computer security research. The aim of the ASA workshop is to bring together researchers working in security API analysis for a day of presentations and discussions, on the afternoon of 10th July and the morning of 11th July. Since the field is relatively young, polished research papers will not be solicited. Instead, the workshop will follow the format that was highly successful at ASA in 2007-8: prospective participants are invited to submit a short (1-4 page) abstract describing their current work and/or interests in the area. We plan to have two sessions of 20-minute talks by participants, with each session followed by informal discussion. There will also be a workshop dinner on the evening of the 10th, and subject to confirmation, an invited speaker. Scope The scope of ASA runs from theoretical results and formalisms for API analysis right through to applications and empirical results with security APIs deployed `in the field'. Applications of interest include (but are not limited to) financial applications (e.g. APIs of Hardware Security Modules), smartcard APIs, the Trusted Computing Architecture, and security APIs for web based systems. Submission Submission is via the easychair website. Please use the EasyChair latex class file (http://www.easychair.org/coolnews.cgi) if you're preparing your abstract with LaTeX (if you have to use something else, we'll negotiate). Submit your 1-4 page extended abstract at: http://www.easychair.org/conferences/?conf=asa3 All submissions will be reviewed by the PC. Notification of acceptance/rejection will be given by May 27th, giving time to register for the workshop at the early registration rate. Programme Committee * Mike Bond, Cryptomathic * Dan Cvrcek, Deloitte & Brno University of Technology * Joshua D. Guttman, MITRE * Ralf Kuesters, Universita:t Trier * Nicko van Someren, affiliation TBC * Graham Steel, LSV, INRIA & CNRS & ENS-Cachan