============== HAISA 2008 ============== International Conference on Human Aspects of Information Security & Assurance Call for Papers 8-18 July 2008, Plymouth, United Kingdom http://www.haisa.org Conference Concept ================== It is commonly acknowledged that security requirements cannot be addressed by technical means alone, and that a significant aspect of protection comes down to the attitudes, awareness, behaviour and capabilities of the people involved. Indeed, people can potentially represent a key asset in achieving security, but at present, factors such as lack of awareness and understanding, combined with unreasonable demands from security technologies, can dramatically impede their ability to do so. Ensuring appropriate attention and support for the needs of users should therefore be seen as a vital element of a successful security strategy. People at all levels (i.e. from organisations to domestic environments; from system administrators to end-users) need to understand security concepts, how the issues may apply to them, and how to use the available technology to protect their systems. In addition, the technology itself can make a contribution by reducing the demands upon users, simplifying protection measures, and automating a variety of safeguards. With the above in mind, this conference specifically addresses information security issues that relate to people. It concerns the methods that inform and guide users' understanding of security, and the technologies that can benefit and support them in achieving protection. Conference Themes ================= The conference welcomes papers addressing research and case studies in relation to any aspect of information security that pertains to the attitudes, perceptions and behaviour of people, and how human characteristics or technologies may be positively modified to improve the level of protection. Indicative themes include: - Information security culture - Awareness and education methods - Enhancing risk perception - Public understanding of security - Usable security - Psychological models of security software usage - User acceptance of security policies and technologies - User-friendly authentication methods - Biometric technologies and impacts - Automating security functionality - Non-intrusive security - Assisting security administration - Impacts of standards, policies, compliance requirements - Organizational governance for information assurance - Simplifying risk and threat assessment - Understanding motivations for misuse - Social engineering and other human-related risks - Privacy attitudes and practices - Computer ethics and security Information for Authors ======================= Authors are invited to submit full papers, not exceeding ten pages (including all figures, tables and references) by 14 December 2007. Comprehensive author guidelines, including details of acceptable file formats, can be found on the conference website. Please refer to this before submission. All papers will be double-blind reviewed by at least three members of the Programme Committee. All accepted papers will be published in the Conference Proceedings. Selected papers will be considered for publication in a special issue of the main sponsoring journal, Information Management & Computer Security, and a Best Paper prize will be awarded by Emerald. Summary of Important Dates ========================== 14 December 2007 Deadline for submission of papers 1 February 2008 Notification of paper acceptance 4 April 2008 Deadline for camera-ready paper submission 18 April 2008 Deadline for author registration Social Programme ================ HAISA 2008 will be supported by a comprehensive social programme, including a Welcome Reception and Conference Banquet. The social programme is also planned to include a tour of local sites of both historic interest and scenic beauty. Conference Secretariat / Correspondence ======================================= E-mail: info@haisa.org Web: http://www.haisa.org Conference Location and Venue ============================= The conference will take place at the Sherwell Conference Centre, at the University of Plymouth. The University is situated in the centre of Plymouth, a historic city on the south-west coast of the United Kingdom. Plymouth has good rail and bus links with main airports in the south of the UK, as well as a local airport enabling direct flights from London Gatwick airport. Conference Chairs ================= Steven Furnell, University of Plymouth, United Kingdom Nathan Clarke, University of Plymouth, United Kingdom International Programme Committee ================================= Helen Armstrong (Curtin University, Australia) William Buchanan (Napier University, United Kingdom) Jeff Crume (IBM, United States) Dorothy Denning (Naval Postgraduate School, United States) Ronald Dodge (United States Military Academy, United States) Paul Dowland (University of Plymouth, United Kingdom) Jan Eloff (University of Pretoria, South Africa) Simone Fischer-Huebner (Karlstad University, Sweden) Kevin Fitzgerald (Fitzgerald InfoSec, Australia) Ed Gibson (Microsoft, United Kingdom) Sarah Gordon (Symantec, United States) Dimitris Gritzalis (Athens University of Economics & Business, Greece) Stefanos Gritzalis (University of the Aegean, Greece) John Howie (Microsoft, United States) William Hutchinson (Edith Cowan University, Australia) Murray Jennex (San Diego State University, United States) Andy Jones (British Telecom, United Kingdom; Edith Cowan University, Australia) Jorma Kajava (University of Lapland, Finland) Vasilios Katos (University of Portsmouth, United Kingdom) Sokratis Katsikas (University of the Aegean, Greece) David Lacey (David Lacey Consulting, UK) Costas Lambrinoudakis (University of the Aegean, Greece) Javier Lopez (University of Malaga, Spain) Martin Olivier (University of Pretoria, South Africa) Maria Papadaki (University of Plymouth, United Kingdom) Malcolm Pattinson (University of South Australia, Australia) Andy Phippen (University of Plymouth, United Kingdom) Paul Reynolds (Orange, United Kingdom) Corey Schou (Idaho State University, United States) Rossouw von Solms (Nelson Mandela Metropolitan University, South Africa) Jeffrey Stanton (Syracuse University, United States Kim Vu (California State University, United States) Jeremy Ward (Symantec EMEA, United Kingdom) Merrill Warkentin (Mississippi State University, United States) Warren (Deakin University, Australia) Chris Wills (Kingston University, United Kingdom) Louise Yngstrom (Stockholm University, Sweden) For further information, please visit the conference web site or contact the conference secretariat. http://www.haisa.org Steven Furnell and Nathan Clarke Conference co-chairs