One day between June 27 and July 2, 2014, 
at Hilton Anchorage, Alaska, USA in conjunction with IEEE SERVICES 2014


Building on the success of the first workshop and its alignment within
the IEEE World Congress on Services, the Cloud Security Auditing
Workshop provides a unique setting for the exchange of research and
development practices for the detection, prevention, mitigation, and
reporting of security attacks in the cloud. The concepts surrounding
security auditing cover issues related to cloud architectures, tenant
services and resources, service interactions, privacy, and standards,
where meta-information must be captured, shared, and monitored across
the cloud.

The workshop solicits original papers on increasing cloud resiliency
and trustworthiness through security auditing as applied to various
cloud models, layers, services, resources, and application
domains. Though not limited to these topics, contributions can address
issues such as cloud mashing, technologies for capturing security
relevant events, service level agreements, session management,
languages and protocols, real-time analysis, streaming and
manipulation of big cloud data, and information assurance standards
application. The workshop also welcomes survey papers and practitioner

       Cloud mashing security issues

       Languages and protocols for specifying, composing, analyzing,
       and sharing security-relevant, distributed logs of audit data
       from a cloud-wide perspective

       Cloud security, threat modeling, and analysis, including
       centralized/distributed attack detection and
       prediction/prevention algorithms

       Automated tools for capturing, integrating, and analyzing cloud
       audit data

       Algorithms and protocols for audit data stream delivery,
       manipulation, and analysis for big cloud audit data

       Access control and information flow control models for
       disclosure and modification of sensitive cloud audit data

       Methods for expressing and representing the cloud
       infrastructure and configuration to influence logging and
       monitoring processes

       Information assurance (authenticity, integrity, confidentiality
       and availability) of cloud audit data, including security and
       privacy policies and compliance with security controls such as
       NIST sp800-53 and Cloud Security Alliance guidance 3.0

       Service-level agreements that formalize and guarantee logging
       and analysis capabilities

       Session management, tracking, and alerting of vulnerabilities and threats


(Workshop chairs can grant extension to individuals provided that the
hard deadline for the camera-ready version is respected.)
       Full Paper Submission Due Date: March 29, 2014
       Decision Notification (Electronic): April 12, 2014
       Camera-Ready Copy Due Date & Pre-registration Due: May 1, 2014
Please check the workshop website at for any
changes to deadlines, submission information, and for the final

Authors are invited to submit full papers (about 8 pages) or short
papers (about 4 pages) as per IEEE 8.5 x 11 manuscript guidelines
(download Word templates or LaTeX templates ). The submitted papers
can only be in the format of PDF or WORD. Please follow the IEEE
Computer Society Press Proceedings Author Guidelines to prepare your
papers. At least one author of each accepted paper is required to
attend the workshop and present the paper. All papers must be
submitted via the confhub submission system for the CSA workshop
(TBD).  First time users need to register with the system first (see
these instructions for details). All the accepted papers by the
workshops will be included in the Proceedings of the IEEE 10th World
Congress on Services (SERVICES 2014) which will be published by IEEE
Computer Society.

       Rose Gamble, General Chair, University of Tulsa, gamble AT

       Indrakshi Ray, Program Co-Chair, Colorado State University,
       iray AT

       Keesook J. Han, Program Co-Chair, Air Force Research
       Laboratory, keesook.han AT

       Norman Ahmed, Air Force Research Laboratory, Rome, NY, USA
       Yu Chen, Binghamton University, USA
       Nora Cuppens, Telecom Bretagne, France
       Matthew Hale, University of Tulsa, USA
       Ravi Jhawar, Università degli Studi di Milano, Italy
       Ravi Kaliappa, City University of New York, USA
       Murat Kantarcioglu: University of Texas at Dallas, USA
       Mauricio Papa, University of Tulsa, USA
       Atul Prakash, University of Michigan, USA
       Indrajit Ray, Colorado State University, USA
       Shouhuai Xu, University of Texas at San Antonio, USA