Workshop Call for Position Papers
W2SP 2008: Web 2.0 Security and Privacy 2008
Thursday, May 22The Claremont Resort, Oakland, California
Sponsored by the 2008 IEEE Symposium on Security and Privacy
The goal of this one day workshop is to bring together researchers and practitioners from academia and industry to focus on understanding Web 2.0 security and privacy issues, and establishing new collaborations in these areas.
Web 2.0 is about connecting people and amplifying the power of working together. The mixing of technology and social interaction is occurring in the context of a wave of technologies supporting rapid development of these interpersonal and business interactions. Many of the new web technologies rely on the composition of content and services from multiple sources, resulting in complex technology compositions (mash-ups). The content composition trend is likely to continue. The lure of these technologies is the promise of simpler ways to compose software service and content, at lower cost.
However, there are issues with respect to management of identities, reputation, privacy, anonymity, transient and long term relationships, and composition of function and content, both on the server side and at the client (web browser). While the security and privacy issues are not new, these issues are increasingly becoming acute as the technologies are adopted and adapted to appeal to wider audiences. Some of these technologies deliberately bypass existing security mechanisms. This workshop is intended to discuss the limitations of the current technologies and explore alternatives.
The scope of W2SP 2008 includes, but is not limited to:
- Identity, privacy, reputation and anonymity
- End-to-end security architectures
- Security of content composition
- Security and privacy policy definition and modeling of content composition
- Provenance and governance
- Usable security and privacy models
- Static and dynamic analysis for security
- Security as a service
- Click fraud
- Software as a service
- Web services/feeds/mashups
- Next generation browser technology
Due to space limitations of the workshop, venue registration is limited to 75 participants. Potential workshop participants should submit a paper on topics relevant to Web 2.0 security and privacy issues. We are seeking both short position papers (2–4 pages) and refereed papers (a maximum of 8 pages). Papers longer than 8 pages may be automatically rejected by the co-chairs or workshop committee. From the submissions, the program committee will strive to select participants in a way that is balanced between academia and industry, as well as across topics. Selected papers will appear on the workshop web site.
Workshop Co-Chairs: W2SP2008@ieee-security.org
Larry Koved, IBM T. J. Watson Research Center
Dan S. Wallach, Rice University
Program Committee:
- Ben Adida (Harvard University)
- Dirk Balfanz (Google)
- Konstantin (Kosta) Beznosov (University of British Columbia)
- Hao Chen (U.C. Davis)
- Douglas Crockford (Yahoo! Inc.)
- Simone Fischer-Hübner (Karlstad University)
- Carrie Gates (CA Labs)
- Rob Johnson (SUNY Stony Brook)
- Yuecel Karabulut (SAP Research)
- Larry Koved (IBM Research)
- Shriram Krishnamurthi (Brown University)
- John C. Mitchell (Stanford University)
- Niels Provos (Google)
- Alex Russell (DojoToolkit.org)
- Sean W. Smith (Dartmouth)
- Dan Wallach (Rice University)
- Helen Wang (Microsoft Research)
Important dates:
Paper submission deadline (extended): March 10, 2008, (11:59pm US-Eastern)
Workshop acceptance notification date: March 28, 2008
Workshop date: Thursday May 22, 2008
Workshop paper submission web site: http://continue2.cs.brown.edu/W2SP08/
Registration: Workshop registration will only be available via the 2008 IEEE Symposium on Security and Privacy conference web site.