The 9th IEEE International Workshop on Security, Trust, and Privacy for Software Applications (STPSA 2014)

Held in conjunction with COMPSAC, the IEEE Signature Conference on Computers, Software, and Applications

Website: http://www.computer.org/portal/web/COMPSAC/Workshops/STPSA
July 21-25, 2014
Vasteras, Sweden

GOAL OF THE WORKSHOP
This workshop will bring together researchers from both academia and industry to discuss methods and tools to achieve security, trust, and privacy (STP) goals of both traditional and emerging Web and mobile based software applications. The workshop will focus on techniques, experiences and lessons learned with respect to the STP aspects of software specification, design, implementation, testing, and deployment.

THEME AND SCOPE OF THE WORKSHOP
Our societies are becoming increasingly dependent on software applications. Software applications must be engineered with reliable protection mechanisms with respect to security, privacy, and trust (STP), while still delivering the expected value of applications to end-users. Nonetheless, the scale and severity of security attacks on different types of software applications, from web-based to mobile services, have continued to grow at an ever-increasing pace. Potential consequences of a compromised software application have also become more and more serious as many high-profile attacks are reportedly targeting software applications used in industrial control systems at nuclear power plants, in implanted heart defibrillators, and in military satellites. This situation has been worsened by recent technological developments, including pervasive computing, mobile devices, Web applications and cloud computing, which have made the distrusted Internet an integral component of software applications. The traditional approaches to securing a software application (e.g., anti-virus) alone are no longer sufficient to address the STP issues of such emerging software applications. The STP issues must be addressed throughout the lifecycle of a software application, including its design, implementation, testing, and deployment. The principal obstacle in developing STP-aware software is the lack of consideration, methods, and tools for addressing STP issues under current approaches to software applications development.

Topics of interest include, but are not limited to, the following:
• Security, trust, and privacy (STP) challenges and solutions in Web-based applications
• Security, trust, and privacy (STP) challenges and solutions in mobile applications
• STP challenges and solutions in cloud computing applications
• STP challenges and solutions in pervasive software applications
• STP challenges and solutions in mobile software applications
• STP challenges and solutions in e-services, e.g. e-health, e-government, e-banking, etc.
• STP challenges and solutions in distributed or sensor-based software applications
• STP specific software development practices
• STP requirements elicitation and specification
• Models and languages for STP-aware software specification and design
• Architecture for STP-aware software development
• Testing STP properties of software applications
• Testing STP properties of web based applications
• STP management and usability issues in software applications
• User interfaces for STP-aware software applications
• Software reengineering for STP-aware software applications
• Tradeoffs among security, privacy, trust, and other criteria
• STP-aware service discovery mechanisms for pervasive computing environments
• Teaching STP-aware software development
• Experience reports on developing STP-aware software


IMPORTANT DATES
Workshop paper submission deadline: April 7, 2014
Author notification deadline: April 28, 2014
Camera-ready copy and registration deadline: April 28, 2014


SUBMISSION

Papers must be submitted electronically via the SPTPA 2014 Submission Page at http://compsac.cs.iastate.edu/stpsa2014.php. Follow the IEEE Computer Society Press Proceedings Author Guidelines to prepare your papers http://www.computer.org/portal/web/cscps/ submission.
All papers will be carefully reviewed by at least three reviewers. Papers can be submitted as regular papers (six pages), and the acceptance will depend on reviewer feedback. Accepted papers will be published in the workshop proceedings of the IEEE Computer Software and Applications Conference (COMPSAC 2014) by the IEEE CS Press. At least one of the authors of each accepted paper or fast abstract must register as a full participant of the workshop to have the paper or fast abstract published in the proceedings. Each accepted paper must be presented in person by an author.


WORKSHOP ORGANIZERS

Program Co-Chairs:

Dr. Farzana Rahman
Assistant Professor
Department of Computer Science
James Madison University
Harrisonburg, Virginia, USA
Email: rahma2fx@jmu.edu


Dr. Lingyu Wang
Associate Professor
Concordia Institute for Information Systems Engineering
Concordia University
Montreal, Quebec, Canada H3G1M8
Email: wang@ciise.concordia.ca


GENERAL INQUIRIES

For updated information, please contact Lingyu Wang (wang@ciise.concordia.ca) or Farzana Rahman (rahma2fx@jmu.edu).

For COMPSAC’14, please visit http://compsac.cs.iastate.edu/stpsa2014.phphttp://compsac.cs.iastate.edu/stpsa2014.php