Fourth International Workshop on
Analysis of Security APIs

July 21 2010, Edinburgh, Scotland

A satellite workshop of CSF, part of FLoC 2010

http://www.lsv.ens-cachan.fr/~steel/asa4/

Aim and Format

Security APIs allow untrusted code to access sensitive resources in a
secure way. They arise naturally, for example, in the context of
tamper resistant cryptographic hardware or web based services.

Security API analysis is an emerging field of computer security
research. The aim of the ASA workshop is to bring together researchers
working in security API analysis for a day of presentations and
discussions.

Since the field is relatively young, polished research papers will not
be solicited. Instead, the workshop will follow the format that was
highly successful at ASA in 2007-9: prospective participants are
invited to submit a short (1-4 page) abstract describing their current work
and/or interests in the area. Early work or work submitted elsewhere is
welcome - abstracts will be distributed to participants, but there
will be no formal proceedings.


We plan to have sessions of 20-minute talks, with
each session followed by informal discussion. There will also be a
workshop dinner in the evening, and subject to confirmation, an
invited speaker.


Scope

The scope of ASA runs from theoretical results and formalisms for API
analysis right through to applications and empirical results with
security APIs deployed `in the field'. Applications of interest
include (but are not limited to) financial applications (e.g. APIs of
Hardware Security Modules), smartcard APIs, the Trusted Computing
Architecture, and security APIs for web based systems.


Submission

Submission is via the easychair website. Please use the EasyChair
latex class file (http://www.easychair.org/coolnews.cgi) if you're
preparing your abstract with LaTeX (if you have to use something else,
we'll negotiate). Submit your 1-4 page extended abstract at:

 http://www.easychair.org/conferences/?conf=asa4


Deadline for extended abstracts: April 5th 2010
All submissions will be reviewed by the PC for relevance and
interest. Notification of acceptance/rejection will be given by April
25th, giving time to register for the workshop at the early registration rate.

Programme Committee


 * Mike Bond, Cryptomathic
 * Dan Cvrcek, Deloitte & Brno University of Technology
 * Ralf Kuesters, Universität Trier
 * Joshua D. Guttman, Worcester Polytechnic Institute
 * Graham Steel, LSV, INRIA & CNRS & ENS-Cachan (chair)