CFP: First International Workshop on Security and Privacy in Cloud Computing (ICDCS-SPCC) Genoa, Italy June 25, 2010 http://www.ece.iit.edu/~ubisec/workshop.htm To be held in conjuction with IEEE International Conference on Distributed Computing Systems (ICDCS 2010) Cloud computing has recently emerged as a new information technology infrastructure. In cloud computing, information is permanently stored in large data centers on the Internet and temporarily accessed and cached on clients that include desktops and portable PCs, sensors, etc. With the "cloud" as a metaphor for the Internet, cloud computing promises to deliver massively scalable IT-enabled data, software, and hardware capabilities as a service to external clients using Internet technologies. Cloud computing has been envisioned as the key technology to achieve economies of scale in the deployment and operation of IT solutions. Cloud computing has unique attributes that raise many security and privacy challenges in areas such as data security, recovery, and privacy, as well as legal issues in areas such as regulatory compliance and auditing. In contrast to traditional enterprise IT solutions, where the IT services are under proper physical, logical and personnel controls, cloud computing moves the application software and databases to the servers in large data centers on the Internet, where the management of the data and services are not fully trustworthy. When clients store their data on the server without themselves possessing a copy of it, how the integrity of the data can be ensured if the server is not fully trustworthy? Will encryption solve the data confidentiality problem of sensitive data? How will encryption affect dynamic data operations such as query, insertion, modification, and deletion? Data in the cloud is typically in a shared environment alongside data from other clients. How the data segregation should be done, while data are stored, executed, and transmitted? How the virtulized resources is being managed and secured in the cloud? Due to the fundamental paradigm shift in cloud computing, many security concerns have to be better understood, unanticipated vulnerabilities identified, and viable solutions to critical threats devised, before the wide deployment of cloud computing techniques can take place. Topics of interests include (but are not limited to) the following subject categories: Secure management of virtualized cloud resources Secure network architecture for cloud computing Joint security and privacy aware cloud protocol design Access control and key management Trust and policy management in clouds Identification and privacy in cloud Remote data integrity protection Secure computation outsourcing Dynamic data operation security Software and data segregation security Failure detection and prediction Secure data management within and across data centers Availability, recovery and auditing Secure wireless cloud Authors are invited to submit either Research Papers or Position Papers or both. Position Papers that define new problems in cloud computing security or provide visions and clarifications of cloud computing security are solicited. Regular Research Papers that present novel research results on security and privacy in cloud computing and Short Research Papers that describe work-in-progress ideas are also welcome. Research Papers and Position Papers will be reviewed separately. Time Table Manuscript submission: January 22, 2010 Acceptance notification: Feburary 28, 2010 Final Manuscript due: March 15, 2010 Workshop Date: June 25, 2010 Paper Submission Form of Manucript: All paper submissions should follow the IEEE 8.5" x 11" Two-Column Format. Regular Research Paper submission can have 10 pages plus up to 2 over-length pages. If the paper is accepted for publication, an over-length fee will be charged to each of the over-length pages, at $200 per page in the final camera-ready version. Position Papers and Short Research Papers, on the other hand, are allowed to be up to 5 pages. Electronic Submission: https://www.easychair.org/login.cgi?conf=spcc20100. Organizing Committees Program Co-chairs Peng Ning, North Carolina State University, Raleigh Wenjing Lou, Worcester Polytechnic Institute Publicity Chair Kui Ren, Illinois Institute of Technology Technical Program Committee Vasanth Bala, IBM T.J. Watson Research Guohong Cao, The Pennsylvania State University Hao Chen, UC Davis Shigang Chen, University of Florida Bruno Crispo, University of Trento Weidong Cui, Microsoft Research Roberto Di Pietro, Universitat Rovira i Virgili Yong Guan, Iowa State University Xuxian Jiang, North Carolina State University Ari Juels, RSA Laboratories Yongdae Kim, University of Minnesota at Twin Cities Wenke Lee, Georgia Institute of Technology Karl Levitt, UC Davis Refik Molva, EURECOM Peter Mueller, IBM Zurich Research Cristina Nita-Rotaru, Purdue University Alina Oprea, RSA Laboratories Michael Reiter, University of North Carolina at Chapel Hill Kui Ren, Illinois Institute of Technology Mark Ryan, University of Birmingham Pierangela Samarati, Università degli Studi di Milano Wade Trappe, Rutgers University Mladen Vouk, North Carolina State University Cliff Wang, US Army Research Office Guilin Wang, University of Birmingham Xinyuan Wang, George Mason University Samuel Weber, National Science Foundation Tilman Wolf, University of Massachusetts Amherst Dongyan Xu, Purdue University Dong Xuan, The Ohio State University Lok-Kwong Yan, US Air Force Research Laboratory Moti Yung, Google Inc. Xiaolan Zhang, IBM T.J. Watson Research Lenore D. Zuck, National Science Foundation Steering Committee Peng Ning, North Carolina State University, Raleigh Jeffrey Chase, Duke University David Du, University of Minnesota Ari Juels, RSA Laboratories Wenjing Lou, Worcester Polytechnic Institute Michael Reiter, University of North Carolina at Chapel Hill Moti Yung, Google Inc.