HAISA 2008

International Conference on Human Aspects of Information Security & Assurance
Call for Papers
8-18 July 2008, Plymouth, United Kingdom

Conference Concept

It is commonly acknowledged that security requirements cannot be
addressed by technical means alone, and that a significant aspect of
protection comes down to the attitudes, awareness, behaviour and
capabilities of the people involved. Indeed, people can potentially
represent a key asset in achieving security, but at present, factors
such as lack of awareness and understanding, combined with
unreasonable demands from security technologies, can dramatically
impede their ability to do so. Ensuring appropriate attention and
support for the needs of users should therefore be seen as a vital
element of a successful security strategy.

People at all levels (i.e. from organisations to domestic
environments; from system administrators to end-users) need to
understand security concepts, how the issues may apply to them, and
how to use the available technology to protect their systems. In
addition, the technology itself can make a contribution by reducing
the demands upon users, simplifying protection measures, and
automating a variety of safeguards.

With the above in mind, this conference specifically addresses
information security issues that relate to people. It concerns the
methods that inform and guide users' understanding of security, and
the technologies that can benefit and support them in achieving

Conference Themes

The conference welcomes papers addressing research and case studies in
relation to any aspect of information security that pertains to the
attitudes, perceptions and behaviour of people, and how human
characteristics or technologies may be positively modified to improve
the level of protection. Indicative themes include:

- Information security culture 
- Awareness and education methods 
- Enhancing risk perception 
- Public understanding of security 
- Usable security 
- Psychological models of security software usage 
- User acceptance of security policies and technologies 
- User-friendly authentication methods 
- Biometric technologies and impacts 
- Automating security functionality 
- Non-intrusive security 
- Assisting security administration 
- Impacts of standards, policies, compliance requirements 
- Organizational governance for information assurance 
- Simplifying risk and threat assessment 
- Understanding motivations for misuse 
- Social engineering and other human-related risks 
- Privacy attitudes and practices 
- Computer ethics and security 

Information for Authors

Authors are invited to submit full papers, not exceeding ten pages
(including all figures, tables and references) by 14 December 2007.
Comprehensive author guidelines, including details of acceptable file
formats, can be found on the conference website.  Please refer to this
before submission.

All papers will be double-blind reviewed by at least three members of
the Programme Committee. All accepted papers will be published in the
Conference Proceedings. Selected papers will be considered for
publication in a special issue of the main sponsoring journal,
Information Management & Computer Security, and a Best Paper prize
will be awarded by Emerald.

Summary of Important Dates
14 December 2007 	Deadline for submission of papers 
1 February 2008 	Notification of paper acceptance 
4 April 2008 		Deadline for camera-ready paper submission 
18 April 2008 		Deadline for author registration 

Social Programme

HAISA 2008 will be supported by a comprehensive social programme,
including a Welcome Reception and Conference Banquet. The social
programme is also planned to include a tour of local sites of both
historic interest and scenic beauty.

Conference Secretariat / Correspondence 
E-mail:      info@haisa.org
Web:         http://www.haisa.org

Conference Location and Venue

The conference will take place at the Sherwell Conference Centre, at
the University of Plymouth. The University is situated in the centre
of Plymouth, a historic city on the south-west coast of the United

Plymouth has good rail and bus links with main airports in the south
of the UK, as well as a local airport enabling direct flights from
London Gatwick airport.

Conference Chairs
Steven Furnell, University of Plymouth, United Kingdom
Nathan Clarke, University of Plymouth, United Kingdom

International Programme Committee
Helen Armstrong (Curtin University, Australia)
William Buchanan (Napier University, United Kingdom)
Jeff Crume (IBM, United States)
Dorothy Denning (Naval Postgraduate School, United States)
Ronald Dodge (United States Military Academy, United States)
Paul Dowland (University of Plymouth, United Kingdom)
Jan Eloff (University of Pretoria, South Africa)
Simone Fischer-Huebner (Karlstad University, Sweden)
Kevin Fitzgerald (Fitzgerald InfoSec, Australia)
Ed Gibson (Microsoft, United Kingdom)
Sarah Gordon (Symantec, United States)
Dimitris Gritzalis (Athens University of Economics & Business, Greece)
Stefanos Gritzalis (University of the Aegean, Greece)
John Howie (Microsoft, United States)
William Hutchinson (Edith Cowan University, Australia)
Murray Jennex (San Diego State University, United States)
Andy Jones (British Telecom, United Kingdom; Edith Cowan University, Australia)
Jorma Kajava (University of Lapland, Finland)
Vasilios Katos (University of Portsmouth, United Kingdom)
Sokratis Katsikas (University of the Aegean, Greece)
David Lacey (David Lacey Consulting, UK)
Costas Lambrinoudakis (University of the Aegean, Greece)
Javier Lopez (University of Malaga, Spain)
Martin Olivier (University of Pretoria, South Africa)
Maria Papadaki (University of Plymouth, United Kingdom)
Malcolm Pattinson (University of South Australia, Australia)
Andy Phippen (University of Plymouth, United Kingdom)
Paul Reynolds (Orange, United Kingdom)
Corey Schou (Idaho State University, United States)
Rossouw von Solms (Nelson Mandela Metropolitan University, South Africa)
Jeffrey Stanton (Syracuse University, United States
Kim Vu (California State University, United States)
Jeremy Ward (Symantec EMEA, United Kingdom)
Merrill Warkentin (Mississippi State University, United States)
Warren (Deakin University, Australia)
Chris Wills (Kingston University, United Kingdom)
Louise Yngstrom (Stockholm University, Sweden)

For further information, please visit the conference web site or
contact the conference secretariat.


Steven Furnell and Nathan Clarke
Conference co-chairs