Call for Papers
===============
InSPEC 2009
2nd International Workshop on Security and Privacy in Enterprise Computing
in conjunction with the 13th IEEE International EDOC Conference 2009
Auckland, New Zealand, 31 August - 4 September 2009
http://sesar.dti.unimi.it/InSPEC2009/
In recent years several technologies have emerged for enterprise computing.
Workflows are now widely adopted by industry and distributed workflows have
been a topic of research for many years. Today, services are becoming the
new building blocks of enterprise systems and service-oriented
architectures are combining them in a flexible and novel way. In addition,
with wide adoption of e-commerce, business analytics that exploits
multiple, heterogeneous data sources have become an important field.
Ubiquitous computing technologies, such as RFID or sensor networks change
the way business systems interact with their physical environment, such as
goods in a supply chain or machines on the shop floor. All these
technological trends are accompanied also by new business trends due to
globalization that involve innovative forms of collaborations such as
virtual organizations. Further, the increased speed of business requires IT
systems to become more flexible and highly dynamic.
All of these trends bring with them new challenges to the security and
privacy of enterprise computing. We are increasingly relying on IT systems
for our daily business including essential utilities such as water and
power. The traditional forms of computer security need to be enhanced to
address the distributed nature and multiple administrative domains of
conducting business. For example, algorithms for incorporating the new
business practices need to be identified for access control. Similarly,
data confidentiality cannot be provided on the network layer alone anymore,
it needs to be built into applications and processes that span across
various domains. The enhanced data sharing calls for innovative algorithms
and protocols that respect the users security needs. Novel cryptographic
techniques need to be developed and established ones evaluated for
industrial adoption. In addition to the security measures, this new
generation of distributed systems requires techniques for ensuring
compliance with regulations on governance and privacy of data, including
those asserted by government and regulatory agencies.
New concepts for solving these challenges require the combination of many
disciplines from computer science and information systems, such as
cryptography, networking, distributed systems, process modeling and design,
access control, privacy etc. It is the goal of this workshop to provide a
forum for exchange of novel research in these areas among the experts from
academia and industry. Completed work as well as research in progress is
welcome, as we want to foster the exchange of novel ideas and approaches.
Topics of interest include but are not limited to:
* Security and privacy in workflow systems
o Access and usage control architectures
o Modeling of security and privacy constraints
o Automatic security augmentation
o Information flow properties
* Security and privacy in service-oriented architectures
o Secure composition of services
o Semantic aware security
o Security services
* Security analysis of business systems
o Threat and vulnerability analysis
o Modeling of and reasoning about distributed security policies
o Forensic analysis
o Multi-layers audits
o Risk analysis
* Identity Management
o Security and privacy
o Applications to compliance
o Effective use in business IT systems
* Data sharing
o Cryptographic protection during data sharing
o Privacy-preserving distributed applications
o Efficient multi-party computations
o Privacy and data sharing policies
* Security and privacy in management information systems
o Novel secure applications
o Secure and private data analytics
o Flexible and seamless security architectures
* Collaborations
o Secure and private supply chains
o Security and privacy in virtual organizations
o Private social network and Web 2.0 applications
o Security and privacy in outsourcing
Workshop Chairs
Rafael Accorsi (University of Freiburg, Germany)
Ernesto Damiani (University of Milan, Italy)
Frank Innerhofer-Oberperfler (University of Innsbruck, Austria)
Florian Kerschbaum (SAP Research, Germany)
Program Committee
Ruth Breu (University of Innsbruck, Austria)
Marco Casassa-Mont (HP Research Labs Bristol, UK)
Octavian Catrina (International University, Germany)
David Chadwick (University of Kent, UK)
Wenliang Du (Syracuse University, USA)
Isao Echizen (NII, Japan)
Keith Frikken (University of Miami, Ohio, USA)
Dieter Hutter (DFKI, Germany)
Jörn Müller-Quade (University of Karlsruhe, Germany)
Alexander Pretschner (University of Kaiserslautern, Germany)
Seth Proctor (Sun Microsystems Labs, USA)
Roland Rieke (Fraunhofer IESE, Germany)
Riccardo Scandariato (KU Leuven, Belgium)
Andreas Schaad (SAP Research, Germany)
Anoop Singhal (NIST, USA)
Ketil Stolen (SINTEF, Norway)
Duminda Wijesekera (George Mason University, USA)
Jon Whittle (Lancaster University, UK)
Important Dates
Paper submission deadline: 31 May 2009
Paper acceptance notification: 12 July 2009
Camera ready of papers: 24 July 2009
Submission Instructions
Authors are invited to submit previously unpublished, high-quality papers.
Submitted papers must be unpublished and must not be currently under review
for any other publication. Submissions can be either short papers of at
most 4 pages length or full papers of at most 8 pages length. All papers
should be formatted in IEEE Computer Society format and include the
author's name, affiliation and contact details. Guidelines and templates
for the IEEE format are available at the IEEE Computer Society site
(http://www.computer.org/portal/pages/cscps/cps/cps_forms.html). At least
one author of every accepted paper MUST register for the Workshop and
present the paper. The workshop proceedings will be published on the
conference CD-ROM. Previous years workshop proceedings have appeared in
the IEEE Digital Library and it is expected (but yet to be confirmed) that
all accepted papers of this year will also appear in the IEEE Digital
Library. Submissions are to be made to the submission web site at
http://www.easychair.org/conferences/?conf=inspec09. Only pdf files will
be accepted.