International Symposium on Human Aspects of Information Security & Assurance 
(HAISA 2015),
Lesvos Greece, 
1 - 3 July 2015 
(Deadline for submission  is 31 March 2015)

We invite you to participate in the International Symposium on Human
Aspects of Information Security & Assurance (HAISA 2015). The event
will be held over the 1-3 July 2015 in the city of Mytilene on the
island of Lesvos, Greece in association with the Tenth International
Workshop on Digital Forensics and Incident Management (WDFIA
2015). This symposium, the ninth in our series, will bring together
leading figures from academia and industry to present and discuss the
latest advances in information security from research and commercial

Call for Papers

It is commonly acknowledged that security requirements cannot be
addressed by technical means alone, and that a significant aspect of
protection comes down to the attitudes, awareness, behaviour and
capabilities of the people involved. Indeed, people can potentially
represent a key asset in achieving security, but at present, factors
such as lack of awareness and understanding, combined with
unreasonable demands from security technologies, can dramatically
impede their ability to do so. Ensuring appropriate attention and
support for the needs of users should therefore be seen as a vital
element of a successful security strategy.

People at all levels (i.e. from organisations to domestic
environments; from system administrators to end-users) need to
understand security concepts, how the issues may apply to them, and
how to use the available technology to protect their systems. In
addition, the technology itself can make a contribution by reducing
the demands upon users, simplifying protection measures, and
automating a variety of safeguards.

With the above in mind, this symposium specifically addresses
information security issues that relate to people. It concerns the
methods that inform and guide users' understanding of security, and
the technologies that can benefit and support them in achieving


The symposium welcomes papers addressing research and case studies in
relation to any aspect of information security that pertains to the
attitudes, perceptions and behaviour of people, and how human
characteristics or technologies may be positively modified to improve
the level of protection. Indicative themes include:

- Information security culture
- Awareness and education methods
- Enhancing risk perception
- Public understanding of security
- Usable security
- Psychological models of security software usage
- User acceptance of security policies and technologies
- User-friendly authentication methods
- Biometric technologies and impacts
- Automating security functionality
- Non-intrusive security
- Assisting security administration
- Impacts of standards, policies, compliance requirements
- Organizational governance for information assurance
- Simplifying risk and threat assessment
- Understanding motivations for misuse
- Social engineering and other human-related risks
- Privacy attitudes and practices
- Computer ethics and security

 Paper Submission, review and publication

Authors are invited to submit full papers, not exceeding ten pages
(including all figures, tables and references) by 31 March 2015. A
comprehensive set of instructions for preparing camera ready papers
can be found here, an example paper (annotated with style names) is
available here and the Word format template is also available. Please
refer to this before submission. Authors are strongly encouraged to
use the Word template for ease of paper formatting.

Papers can be submitted to the conference paper management system
All papers will be double-blind reviewed by at least three
members of the Programme Committee. All accepted papers will be
published in the Proceedings. Selected papers will be considered for
publication in the main sponsoring journal, Information Management &
Computer Security.

For more information, please see