Workshop Call for Position
Papers
W2SP 2007: Web 2.0 Security
and Privacy 2007
Sponsored by the IEEE Technical Committee on Security and Privacy
Held in conjunction with the 2007 IEEE Symposium
on Security and Privacy
Thursday, May 24, The Claremont Resort,
The goal of this one day
workshop is to bring together researchers and practitioners from academia and
industry to focus on understanding Web 2.0 security and privacy issues, and
establishing new collaborations in these areas.
Web 2.0 is about connecting people and
amplifying the power of working together.
The goal of connecting people is bringing together a broad range of
technologies and social forces. We have
witnessed a rapid proliferation of social computing web sites and content. This mixing of technology and social
interaction is also occurring in the context of a wave of technologies
supporting rapid development of these interpersonal interactions.
Many of these new web technologies rely on
the composition of content and services from multiple sources. On one end of
the technology spectrum we have simple services such as blogs
and wikis. However there are far more complex
technology composition (mash-up) examples.
The content composition trend is likely to continue. The lure is the
promise of inexpensive and easy ways to compose software service and content.
However, there are issues with respect to management
of identities, reputation, privacy, anonymity, transient and long term
relationships, and composition of function and content, both on the server side
and inside the web browser. While the
security and privacy issues are not new (many of these issues already exist
with portal servers and browsers), the security issue is increasingly becoming
acute as the technologies are adopted and adapted to appeal to a wider
developer audience. Some of these technologies deliberately bypass existing
security mechanisms. This workshop is
intended to discuss the limitations of the current technologies and explore
alternatives.
The scope of W2SP 2007 includes, but is not limited to:
-- Identity, privacy,
reputation and anonymity
-- End-to-end security
architectures
-- Security of content
composition
-- Security and privacy
policy definition and modeling of content composition
-- Provenance and
governance
-- Usable security and
privacy models
-- Static and dynamic
analysis for security
-- Security as a service
Workshop
Co-Chairs: oakland07-workshop@ieee-security.org
. Larry Koved -
. Dan Wallach -
Program committee:
Drew Dean (Yahoo)
Simone Fischer-Hubner (
Larry Koved (IBM)
Shriram Krishnamurthi (
John C. Mitchell (
Alex Russell (DojoToolkit.org)
Dan Wallach (
Helen Wang (Microsoft)
Due to space limitations of the workshop venue registration is
limited to 40 participants. While not
required, potential workshop participants should submit a 1-2 page position
statement on topics relevant to Web 2.0 security and privacy issues. This will help the workshop organizers
organize the day around topics of common interest, and choose panels / papers
to be presented. Should the workshop be
oversubscribed, the program committee will strive to select participants in a
way that is balanced between academia and industry, as well as across topics. The program committee will also select
workshop position statements to appear on the workshop web site.
Important dates:
Position statement
submission deadline:
Workshop acceptance
notification date:
Workshop date:
Workshop position statement submission web site: http://continue.cs.brown.edu/servlets/w2sp07/continue.ss
Workshop
registration will only be available via the 2007 IEEE
Symposium on Security and Privacy conference web site.