Call for Papers ================ International Workshop on Risk and Trust in Extended Enterprises (RTEE'2010) 1-4 Nov 2010, San Jose CA, USA http://www.issre2010.org/content/international-workshop-risk-and-trust-extended-enterprises-rtee'2010 Scope and Purpose Increasingly, organizations are focusing on core business and relying on other organizations (suppliers, services companies, consultants, etc.) to deliver mission critical services and to handle business critical tasks. This is also the case in dependability systems context, such as those related to critical infrastructure, SCADA systems, real-time and embedded systems and other safety and security critical systems. An example is mission critical and organizational sensitive data which may not only be made accessible to third parties on-site but that may also be stored under the control of other parties. The aim of this workshop is to examine the challenges involved in contexts of completely intervened organizations; here referred to as extended enterprises. In extended enterprises it becomes difficult to determine organizational boundaries, and establish security perimeters. As a consequence, an enterprise-centric assessment of security risks is no longer enough, and a more holistic approach that extends across the whole extended enterprise is required. The emphasis of this workshop is on techniques and strategies for risk management in such context, as well as on the aspect of trust between the involved stakeholders. The goal is to bring together industry and researchers in a discussion of the challenges involved and potential ways to address them. Topics of interest RTEE'2010 invites, but do not limit, submissions on the following areas: Risk management - risk identification and assessment (methods, models and techniques) - risk mitigation (strategies, methods and models) - risk controls (e.g., identity and access management) - risk estimation in extended enterprises (methods and models) - security assurance (e.g., SAS 70, ISO 14508, ISO 2700x) - challenges and differences in risk management of extended enterprises compared to traditiona enterprises - risk governance in extended enterprises -risks related to specific B2B relationships such as outsourcing, cloud computing XaaS (IaaS, PaaS, SaaS, BPaaS), and public-private partnerships - different perspectives of risk (legal, IT, business Trust management - trust models and their applicability in extended enterprises (e.g., reputation, recommendation, collaboration) - measures of trust (methods and models) - dynamics of trust in extended enterprises - cross-organizational trust Keynote speaker To be announced. Submission Authors are invited to submit original, unpublished work which will be refereed by at least two members of the program committee. All accepted papers will be published ... provided authors guarantee that their papers will be presented at the workshop. Submissions should be written in English, should be anonymous and comply with the IEEE guidelines; only pdf or ps files will be accepted. Two types of submission are welcome: 8 pages (maximum) full papers and 5 pages (maximum) position papers and practitioners reports. All accepted papers will be published by IEEE on the ISSRE 2010 supplemental proceedings. Submission procedure: To be announced shortly. Important dates Paper submission due: September 01, 2010 Notification to authors: September 15, 2010 Camera-ready due: September 22, 2010 Organization Committee Siv Hilde Houmb (SecureNOK Ltd., Norway) Virginia N.L. Franqueira (University of Twente, the Netherlands) Andreas L. Opdahl (University of Bergen, Norway) Christian Raspotnig (IFE, Norway) Vikash Katta (IFE, Norway) Roel Wieringa (University of Twente, Netherlands) Program Committee Ketil Stølen (University of Oslo, Norway) Bjørn Axel Gran (Safetec Nordic, Norway) Judith Rossebø (ABB, Norway) Alan Karp (HP Labs, Palo Alto/USA) Jun Li (HP Labs, Palo Alto/USA) Wolter Pieters (University of Twente, Netherlands) Chiang-Sheng Derrick Huang (Florida Atlantic University, USA) Maarten Wedgam (Novay, Netherlands) Ragnar Schierholz (ABB Switzerland Ltd.) Sudipto Ghosh (Colorado State University, USA) Dorina C. Petriu (Carleton University, Canada) Gabriela Bodea (TNO, Netherlands) Janusz Gorski (Gdansk University of Technology, Poland) Geri Georg (Colorado State University, USA) Jim Bieman (Colorado State University, USA) Tor Stålhane (Norwegian University of Science and Technology, Norway) Tim Kelly (University of York, UK) Eric Dubois (CRP Henri Tudor, Luxembourg) Thomas Ågotnes (University of Bergen, Norway) Jorge Rady de Almeida Jr. (Polytechnic School of the University of São Paulo -USP, Brazil)