[ISN] Call for Papers: CPSRT 2010

From: InfoSec News <alerts_at_private>
Date: Wed, 16 Jun 2010 00:27:11 -0500 (CDT)
Forwarded from: George Yee <gmyee (at) sce.carleton.ca>

Apologies if you have already seen this.

CALL FOR PAPERS (For HTML version with clickable links, please visit 
http://CPSRT.cloudcom.org/)

INTERNATIONAL WORKSHOP ON CLOUD PRIVACY, SECURITY, RISK & TRUST (CPSRT 2010)

In conjunction with 2nd IEEE International Conference on Cloud Computing 
Technology and Science (CloudCom 2010), November 30 - December 3, 2010 
Indiana University, USA, http://2010.cloudcom.org/


IMPORTANT DATES

Submission deadline: 15 July 2010
Author notification: 15 August 2010
Camera-ready manuscript: 1 September 2010
Author registration: 1 September 2010
Workshop date: 30 November 2010


WORKSHOP  CHAIRS

Latifur Khan  University of Texas at Dallas, USA
email: lkhan (at) utdallas.edu

Siani Pearson  Hewlett-Packard Laboratories, Bristol, UK
e-mail: Siani.Pearson (at) hp.com

George Yee  Carleton University, Canada
e-mail: gmyee (at) sce.carleton.ca


WORKSHOP STEERING COMMITTEE (in progress)

Martin Gilje Jaatun, Department of Software Engineering, Safety and Security, SINTEF, Trondheim, Norway 
Chunming Rong, Center of IP-based Services Innovation (CIPSI), University of Stavanger, Stavanger, Norway
Bhavani Thuraisingham, Cyber Security Research Center, University of Texas at Dallas, U.S.A.


WORKSHOP PROGRAM COMMITTEE

Carlisle Adams, University of Ottawa, Canada
Andrew Charleswoth, University of Bristol, UK 
Giles Hogben, ENISA, Greece
Paul Hopkins, University of Warwick, UK
Latifur Khan, University of Texas at Dallas, USA
Steve Marsh, Communications Research Centre Canada, Canada
Christopher Millard, University of London, UK
Andrew Patrick, Office of the Privacy Commissioner of Canada, Canada
Siani Pearson, HP Labs, UK
Simon Shiu, HP Labs, UK
Sharad Singhal, HP Labs, USA
Ronggong Song, National Research Council Canada, Canada
Anthony Sulistio, Hochschule Furtwangen University, Germany
George Yee, Carleton University, Canada


WORKSHOP OBJECTIVE

Cloud computing has emerged to address an explosive growth of 
web-connected devices, and handle massive amounts of data. It is defined 
and characterized by massive scalability and new Internet-driven 
economics. Yet, privacy, security, and trust for cloud computing 
applications are lacking in many instances and risks need to be better 
understood.

   Privacy in cloud computing may appear straightforward, since one may 
   conclude that as long as personal information is protected, it 
   shouldnt matter whether the processing is in a cloud or not. However, 
   there may be hidden obstacles such as conflicting privacy laws 
   between the location of processing and the location of data origin. 
   Cloud computing can exacerbate the problem of reconciling these 
   locations if needed, since the geographic location of processing can 
   be extremely difficult to find out, due to cloud computings dynamic 
   nature. Another issue is user-centric control, which can be a legal 
   requirement and also something consumers want. However, in cloud 
   computing, the consumers' data is processed in the cloud, on machines 
   they don't own or control, and there is a threat of theft, misuse or 
   unauthorized resale. Thus, it may even be necessary in some cases to 
   provide adequate trust for consumers to switch to cloud services. In 
   the case of security, some cloud computing applications simply lack 
   adequate security protection such as fine-grained access control and 
   user authentication (e.g. Hadoop). Since enterprises are attracted to 
   cloud computing due to potential savings in IT outlay and management, 
   it is necessary to understand the business risks involved. If cloud 
   computing is to be successful, it is essential that it is trusted by 
   its users. Therefore, we also need studies on cloud-related trust 
   topics, such as what are the components of such trust and how can 
   trust be achieved, for security as well as for privacy.


MISSION

This year, the CPSRT workshop will bring together a diverse group of 
academics and industry practitioners in an integrated state-of-the-art 
analysis of privacy, security, risk, and trust in the cloud. The 
workshop will address cloud issues specifically related to access 
control, trust, policy management, secure distributed storage and 
privacy-aware map-reduce frameworks.


TOPICS OF INTEREST

The workshop includes but is not limited to the following topics that 
refer to computing in the cloud:
* Access control and key management
* Security and privacy policy management 
* Identity management
* Remote data integrity protection
* Secure computation outsourcing
* Secure data management within and across data centers
* Secure distributed data storage
* Secure resource allocation and indexing
* Intrusion detection/prevention
* Denial-of-Service (DoS) attacks and defense
* Web service security, privacy, and trust
* User requirements for privacy
* Legal requirements for privacy 
* Privacy enhancing technologies 
* Privacy aware map-reduce framework 
* Risk or threat identification and analysis
* Risk or threat management
* Trust enhancing technologies
* Trust management

These topics give rise to a number of interesting research questions to 
be discussed at the workshop, such as the following:

* How can consumers retain control over their data when it is stored and 
  processed in the cloud?

* How can users' trust in cloud computing be enhanced? How can 
  reputation management be used in a practical way?

* How can transborder data flow regulations be enforced within the 
  cloud?

* How can solutions be tailored to a specific context? For example, how 
  can privacy and security requirements be gathered and matched to 
  service provisioning in an automated or semi-automated way, and on an 
  ongoing basis?

* How can adequate assurance be given about the way in which cloud 
  providers process and protect data?

* How can audit mechanisms be provided for the cloud?

Software demonstrations are welcome. We encourage submissions of 
greenhouse work, which present early stages of cutting-edge research and 
development.


SUBMISSION

The submission format must conform to the following: 10 pages maximum 
including figures, tables and references (see 
http://CPSRT.cloudcom.org/). Authors should submit the manuscript in PDF 
format. The official language of the meeting is English. Please submit 
your paper to the CPSRT 2010 Workshop submission server 
(https://www.easychair.org/account/signin.cgi?conf=cpsrt2010) via an 
EasyChair account.


DISSEMINATION

Peer-reviewed papers that are accepted for presentation at the workshop 
will be published in the CloudCom 2010 IEEE proceedings, and will be 
available in IEEExplore (EI indexing). The workshop organisers plan to 
invite the authors of selected high quality papers to revise and 
lengthen their papers for a special issue of a related journal or an 
edited book.

For further details, please visit the workshop Web site: 
http://CPSRT.cloudcom.org/


_________________________________________________________________
Attend Black Hat USA 2010, hosted at Caesars Palace in Las Vegas, Nevada
July 24-29th, offering over 60 training sessions and 11 tracks of Briefings
from security industry elite. To sign up visit http://www.blackhat.com
Received on Tue Jun 15 2010 - 22:27:11 PDT

This archive was generated by hypermail 2.2.0 : Tue Jun 15 2010 - 22:39:12 PDT