*** Deadline for abstracts extended to April 9th 2010 ***

Fourth International Workshop on
Analysis of Security APIs

July 21 2010, Edinburgh, Scotland

A satellite workshop of CSF, part of FLoC 2010


Aim and Format

Security APIs allow untrusted code to access sensitive resources in a
secure way. They arise naturally, for example, in the context of tamper
resistant cryptographic hardware or web based services.

Security API analysis is an emerging field of computer
security research. The aim of the ASA workshop is to bring together
researchers working in security API analysis for a day of
presentations and discussions.

Since the field is relatively young, polished research papers will not
be solicited. Instead, the workshop will follow the format that was
highly successful at ASA in 2007-9: prospective participants are
invited to submit a short (1-4 page) abstract describing their current work
and/or interests in the area. Early work or work submitted elsewhere is
welcome - there will be no formal proceedings.

We plan to have two sessions of 20-minute talks by participants, with
each session followed by informal discussion. There will also be a
workshop dinner in the evening, and subject to confirmation, an
invited speaker.


The scope of ASA runs from theoretical results and formalisms for API
analysis right through to applications and empirical results with
security APIs deployed `in the field'. Applications of interest
include (but are not limited to) financial applications (e.g. APIs of
Hardware Security Modules), smartcard APIs, the Trusted Computing
Architecture, and security APIs for web based systems.


Submission is via the easychair website. Please use the EasyChair
latex class file (http://www.easychair.org/coolnews.cgi) if you're
preparing your abstract with LaTeX (if you have to use something else,
we'll negotiate). Submit your 1-4 page extended abstract at:


All submissions will be reviewed by the PC for relevance and
interest. Notification of acceptance/rejection will be given by April
25th, giving time to register for the workshop at the early registration rate.

Programme Committee

 * Mike Bond, Cryptomathic
 * Dan Cvrcek, Deloitte & Brno University of Technology
 * Ralf Kuesters, Universität Trier
 * Joshua D. Guttman, Worcester Polytechnic Institute
 * Graham Steel, LSV, INRIA & CNRS & ENS-Cachan (chair)