SOUPS 2023 Call for Workshops Submissions
The Nineteenth Symposium on Usable Privacy and Security (SOUPS 2023)
will be co-located with the 32nd USENIX Security Symposium, August
6–8, 2023, in Anaheim, CA, USA.
Sponsored by USENIX, the Advanced Computing Systems Association.
Important Dates
All dates are at 23:59 AoE (Anywhere on Earth) time.
Workshop paper submission deadline: Thursday, June 1, 2023 23:59 AOE
Workshop paper acceptance notification to authors: Thursday, June 8, 2023
Workshop final papers due: Wednesday, June 22, 2023
Organizers
Tutorials and Workshops Co-Chairs
Daniel Votipka, Tufts University
Yaxing Yao, University of Maryland, Baltimore County
Tutorials and Workshops Junior Co-Chair
Kelsey Fulton, University of Maryland, College Park
Workshop Schedule
Please check each workshop's website for the specific program schedule.
Workshop on Deconstructing Gamified Approaches to Security and
Privacy (DGASP 2023): Sunday, August 6, 2023, 9:00 am–12:30 pm
https://www.usenix.org/conference/soups2023/call-for-workshops-submissions#dgasp
Privacy Engineering in Practice '23 (PEP '23): Sunday, August 6,
2023, 9:00 am–12:30 pm
https://www.usenix.org/conference/soups2023/call-for-workshops-submissions#pep
Workshop on Privacy Threat Modeling (WPTM 2023): Sunday, August 6,
2023, 1:30 pm–5:00 pm
https://www.usenix.org/conference/soups2023/call-for-workshops-submissions#wptm
Workshop on Security (and Privacy) Information Workers (WSIW
2023): Sunday, August 6, 2023, 1:30 pm–5:25 pm
https://www.usenix.org/conference/soups2023/call-for-workshops-submissions#wsiw
8th Workshop on Inclusive Privacy and Security (WIPS 2023):
Sunday, August 6, 2023, 9:00 am–5:00 pm (Virtual Event)
https://www.usenix.org/conference/soups2023/call-for-workshops-submissions#wips
Workshop on Kids' Online Privacy and Safety (KOPS 2023): Sunday,
August 6, 2023, 1:00 pm–5:00 pm (Virtual Event)
https://www.usenix.org/conference/soups2023/call-for-workshops-submissions#kops
------
Workshop on Deconstructing Gamified Approaches to Security and Privacy
(DGASP 2023)
The importance of understanding and interpreting knowledge in the
areas of security and privacy is paramount as we observe the rise of
the Internet of Things (IoT), Artificial Intelligence (AI), and many
other influential technologies. Unfortunately, many aspects of
security and privacy are often undermined by perceptions of steep
learning curves, a requirement of specialist knowledge and a lack of
appropriate training and funding within organisations. In particular,
this may relate more to non-technical individuals and those who may
use computing equipment and write software code without any formal
software engineering training. As a solution to this, the use of
gamified approaches can be employed to increase user awareness and
engagement in activities related to security and privacy, such as
training and risk management, which can lead to better understanding
and outcomes related to best practices in security and privacy.
This workshop aims to develop and stimulate discussions around how
gamified approaches can be used in the fields of security and
privacy. We will consider topics including, but not limited to:
Novel experimental games, environments and interactions in the
area of security and privacy
Design challenges related to gamified approaches in security and privacy
Game dynamics, game mechanics and learning mechanics applicable to
security and privacy
Serious games in cybersecurity
Misuse of gamified approaches
https://www.usenix.org/conference/soups2023/call-for-workshops-submissions#dgasp
------
Workshop on Privacy Engineering in Practice (PEP '23)
This workshop aims to stimulate discussion among diverse stakeholders
about how privacy engineering can be used to push the envelope on
privacy regulatory compliance.
We will consider topics including but not limited to:
Novel applications and research related to privacy engineering
Technical standards, heuristics and best practices for privacy engineering
Privacy design patterns and privacy-preserving architectures
Privacy Enhancing Technologies (PETs)
Translating privacy laws into privacy technical requirements
Integrating law and policy compliance into the development or data lifecycle
Privacy requirements elicitation and analysis methods
Privacy-adjacent requirements for ethics, transparency, fairness, trust
Case studies that discuss compliance challenges or lessons learned
Pilots and new tools designed to assist privacy engineers/practitioners
Tools and formal languages supporting privacy engineering
Interdisciplinary studies on privacy engineering current state
Implementing privacy for emerging use cases and unregulated domains
Scaling privacy engineering programs
Privacy assurance and validation techniques
https://www.usenix.org/conference/soups2023/call-for-workshops-submissions#pep
------
2nd Workshop on Privacy Threat Modeling (WPTM 2023)
The Workshop on Privacy Threat Modeling seeks participation in the
form of research findings, new ideas, and constructive feedback. The
purpose of the workshop is to bring together researchers,
practitioners, industry specialists, and government representatives to
collaborate on the topic of privacy threat modeling. While aspects of
privacy risk modeling are relatively well-developed, such as
constructions of privacy harms there has been insufficient discussion
around approaches to modeling privacy threats, broadly construed. A
holistic approach to representing privacy threats could inform privacy
risk models and provide a common lexicon to accelerate conversations
in the privacy community.
Topics of interest include:
Definitions of a privacy incident, attack, threat, and breach
Distinctions between privacy threats, privacy vulnerabilities, and
privacy harms
Describing or categorizing privacy threats, including taxonomies
or ontologies for privacy incidents, attacks, threats, and
breaches
Applicability and limitations of security threat modeling
techniques for privacy
Integration of threat models in risk models and risk management
Privacy threat-informed defense
Qualitative versus quantitative threat modeling
Trade-offs between specific and general models
Operationalizing privacy threat models
Privacy threat case studies
https://www.usenix.org/conference/soups2023/call-for-workshops-submissions#wptm
------
9th Workshop on Security Information Workers (WSIW 2023)
The human element is often considered the weakest element in
security. Although many kinds of humans interact with systems that are
designed to be secure, one particular type of human is especially
important, the security and privacy information workers who develop,
use, and manipulate privacy and security-related information and data
as a significant part of their jobs.
https://www.usenix.org/conference/soups2023/call-for-workshops-submissions#wsiw
------
8th Workshop on Inclusive Privacy and Security (WIPS 2023)
Security and privacy challenges confront all participants in modern
society, but particular groups may experience unique or uneven privacy
and security concerns. These groups may face distinctive obstacles to
addressing issues, and their particular needs and concerns may not be
well understood beyond those groups. Traditionally, inclusive design
has addressed physical accessibility as well as needs arising from
age, disability, or environment. While this work remains critical, our
community also increasingly recognizes the importance of accounting
for the needs of vulnerable users and marginalized groups. The
workshop deliberately avoids any concrete definitions of what
"vulnerable" means in this context. Instead, we encourage a diverse
discussion of groups and situations without prejudice.
In this workshop, we explore the privacy and security experiences and needs of vulnerable user groups (and affected non-users). We are also interested in populations or roles in our society (e.g., lawyers, journalists, politicians, activists, medical providers) that support and/or affect the lives of vulnerable individuals. We will endeavor to uncover new ways of taking a more inclusive approach to appreciating and addressing privacy and security challenges. We also seek to identify the unintended harms resulting from privacy and security technology.
The objectives of our workshop are as follows:
To broaden participants' awareness of diverse privacy and security concerns
To map out fundamental research questions for the emerging field
of inclusive privacy and security
To share and compile design guidelines and best practices that are
relevant to inclusive design
To form collaborations among researchers in this space
https://www.usenix.org/conference/soups2023/call-for-workshops-submissions#wips
----
Workshop on Kids' Online Privacy and Safety (KOPS 2023)
The second workshop on Kids' Online Privacy and Safety (KOPS) is
soliciting extended abstracts in privacy and online safety where the
focus is on minors. Through KOPS, we aim to grow an interdisciplinary
community focused on research related to the online privacy or safety
of minors. Submissions may include papers describing novel research in
this area as well as case studies, work in progress, preliminary
results, novel ideas, and position papers. Papers on both the
technical and human perspective are encouraged.
Accepted abstracts will be invited for a 15-minute talk at the
workshop, with an additional 5 minutes for questions and
discussion. Following the workshop, abstracts will be posted
publicly. We are interested in talks from researchers, industry
practitioners, lawyers, and safety advocates to discuss these
issues.
Example topics of interest include, but are not limited to:
Resilience factors associated with minors' crime and safety
Challenges in minors' online safety
Methodology and lessons learned from designing studies in the
minors' safety and privacy domain.
https://www.usenix.org/conference/soups2023/call-for-workshops-submissions#kops