CALL FOR PAPERS

The 2nd International Workshop on Middleware Security (MidSec 2009)
Focusing on "Composing secure architectures in the Web 2.0 era"

http://www.cs.kuleuven.be/conference/MidSec2009/

November 30, 2009
Urbana Champaign, Illinois, USA

Co-located with the 10th ACM/IFIP/USENIX International Middleware
Conference (MIDDLEWARE 2009)


SCOPE AND TOPICS

Modern applications are predominantly built around the distributed
programming paradigm. Client-server applications, grids, peer-to-peer
networks and event-based systems are examples of architectures that are
used by a large share of the present software base. These paradigms
expose applications to numerous, ever-growing security threats. However,
many areas of security are still only partially addressed w.r.t.
middleware. Examples are identity management, privacy and anonymity,
accountability, application protection, and so on.

While more conventional research results in the above-mentioned areas of
middleware security are appreciated, this year the MidSec workshop will
particularly welcome papers in the area of security measures for
lightweight composition. Papers are sought after from two complementary
angles: middleware platforms and software architectures. Mashup editors
provide an easy-to-use facility that brings the power of software
composition at the fingertips of any Internet-connected user. The mashup
model is catching the enterprise world as well; it all started with
situational applications and it is currently spreading further. Ready or
not, here it comes. We are about to face times where application
composition will be less and less rigid and hence will more and more
resemble organized chaos. Enforcing sound security principles in such a
muddled environment is an interesting research challenge for both the
middleware and the software architecture communities. On one hand,
software architectures modeling techniques must provide suitable
abstractions to represent and address the above (and many other)
security concerns. On the other hand, middleware platforms should
support such abstractions in a natural, usable way.

The topics of interest for papers include, but are not limited to:

     * Middleware security and privacy
     * Security and privacy in agent-based platforms
     * Context-sensitive security middleware
     * Security and privacy in aspect-based middleware
     * Security and privacy in service-oriented architectures
     * Middleware-level security monitoring and measurement
     * Middleware-driven lightweight secure composition
     * Architecture-driven lightweight secure composition
     * Security and privacy in enterprise mashups
     * Usability and security in lightweight composition


IMPORTANT DATES

Submission of paper: August 1, 2009
Acceptance notification: September 15, 2009
Submission of camera-ready: October 1, 2009
Workshop: November 30, 2009


SUBMISSION GUIDELINES

The workshop solicits original research papers in any of the
above-mentioned topics. The workshop organizers also solicit relevant
experience results from industry experts. Papers should not exceed 6
pages and should be prepared according to the standard ACM format.
Accepted papers will be published in the workshop proceedings and made
available through the ACM Digital Library.


ORGANIZERS

Riccardo Scandariato, Katholieke Universiteit Leuven, BE
Giovanni Russello, CREATE-NET, IT


WEB CHAIR

Tom Goovaerts, Katholieke Universiteit Leuven, BE


PROGRAM COMMITTEE

Jean Bacon, University of Cambridge, UK
David Chadiwck, University of Kent, UK
Bart De Win, Ascure, BE
Changyu Dong, Imperial College, UK
Naranker Dulay, Imperial College, UK
David Eyers, University of Cambridge, UK
Emil Lupu, Imperial College, UK
Fabio Martinelli, National Research Centre, IT
Federica Paci, University of Trento, IT
Anand Ranganathan, IBM Watson Centre, US
Andreas Schmidt, Create-net, IT
Roshan Thomas, Cobham Analytic Solutions, US
Simon Tsang, Telecordia, US
Tine Verhanneman, Atos, BE
Ian Welch, Victoria University of Wellington, NZ


Disclaimer: http://www.kuleuven.be/cwis/email_disclaimer.htm