SECOND INTERNATIONAL WORKSHOP ON SECURITY ASSURANCE IN THE CLOUD (IWSAC2014)
Held in conjunction with the 10th International Conference on Signal Image Technology & Internet Based Systems (SITIS 2014) One day between November 23-27, 2014, Marrakech, Morocco Web site: http://sesar.di.unimi.it/IWSAC2014

IWSAC 2014 BACKGROUND AND GOALS
The ongoing merge between Service-Oriented Architectures (SOAs) and the Cloud computing paradigm provides a new environment fostering the integration of services located within company boundaries with those in the Cloud. An increasing number of organizations implement their business processes and applications via runtime composition of services made available in the Cloud by external suppliers. This scenario is changing the traditional view of security introducing new service security risks and threats, and requires re-thinking of current assurance, development, testing, and verification methodologies. In particular, security assurance in the cloud is becoming a pressing need to increase the confidence of the cloud actors that the cloud and its services are behaving as expected, and requires novel approaches addressing SOA and cloud peculiarities. IWSAC 2014 is the continuation of the International Workshop on Securing Services on the Cloud, held in September 2011, Milan, Italy. It aims to address the security assurance issues related to the deployment of services in the Cloud, along with evaluating their impact on traditional security solutions for software and network systems.

The workshop seeks submissions from academia and industry presenting novel research on all theoretical and practical aspects of security and assurance of services implemented in the Cloud, as well as experimental studies in Cloud infrastructures, the implementation of services, and lessons learned. Topics of interest include, but are not limited to:

* Authentication and access control in the cloud
* Challenges in moving critical systems to the cloud
* Cloud accountability
* Cloud audit
* Cloud compliance
* Cloud certification
* Cloud transparency, introspection, and outrospection
* Cybersecurity in the cloud
* Data security and privacy in the Cloud
* Information assurance and trust management
* Intrusion detection in the Cloud
* Security assurance in the cloud
* Security and assurance protocols in the Cloud
* Service level agreements
* Service procurement in the cloud
* Service verification in critical cloud services
* Test-based and monitoring-based verification of cloud services

IMPORTANT DATES
Paper submission due: September 30 2014 (11:59 PM American Samoa time)
Notification to authors: October 9, 2014
Camera-ready due: October 15, 2014
Registration due: October 19, 2014

SUBMISSION INSTRUCTIONS
Submissions must not substantially overlap papers that have been published or that are simultaneously submitted to a journal or conference/workshop with proceedings. Each submission should be at most
8 pages in total including bibliography and well-marked appendices, and must follow the IEEE double columns publication format available at
- [Microsoft Word DOC]
ftp://pubftp.computer.org/Press/Outgoing/proceedings/instructA4x2.doc
- [LaTex Formatting Macros]
ftp://pubftp.computer.org/Press/Outgoing/proceedings/IEEE_CS_LatexA4x2.zip

A maximum of 2 extra pages can be purchased for the final version of the accepted papers.

Submissions are to be made to the submission web site
https://www.easychair.org/conferences/?conf=sitis2014 by selecting track "Workshop on Security Assurance in the Cloud". Only pdf files will be accepted. Submissions not meeting these guidelines risk rejection without consideration of their merits.

Authors of accepted papers must guarantee that their papers will be presented at the workshop. At least one author of each accepted paper is required to register with the main conference and present the paper.
Accepted papers at the workshop will be published in the conference proceedings and in the IEEE digital library.
Extended version of selected accepted papers will be considered for publication in a journal special issue (TBC).

IWSAC 2014 COMMITTEES AND CHAIRS

General Chair (SITIS General Chair)
* Ernesto Damiani, Universita' degli Studi di Milano, Italy

Program Chairs
* Marco Anisetti, Universita' degli Studi di Milano, Italy
* Claudio A. Ardagna, Universita' degli Studi di Milano, Italy
* Rasool Asal, British Telecommunications, UK/UAE

Publicity Chair
* Valerio Bellandi, Universita' degli Studi di Milano, Italy
* Fulvio Frati, Universita' degli Studi di Milano, Italy

Web Chair
* Fulvio Frati, Universita' degli Studi di Milano, Italy

Program Committee
* Rafael Accorsi, University of Freiburg, Germany
* Valerio Bellandi, Universita' degli Studi di Milano, Italy
* Michele Bezzi, SAP, France
* Mauro Conti, University of Padua, Italy
* Nora Cuppens-Boulahia, Telecom Bretagne, France
* Ernesto Damiani, Universita' degli Studi di Milano, Italy
* Eduardo Fernandez, Florida Atlantic University, USA
* Atsuhiro Goto, Institute of Information Security, Japan
* Nils Gruschka, NEC Laboratories Europe, Germany
* Patrick Hung, University of Ontario Institute of Technology, Canada
* Meiko Jensen, Southern Denmark University, Denmark
* Florian Kerschbaum, SAP, Germany
* Nicolas Larrieu, ENAC, France
* Antonio Mana, Universidad de Malaga, Spain
* Siani Pearson, HP Labs, UK
* George Spanoudakis, City University of London, UK

This call for papers and additional information about the conference can be found at http://sesar.di.unimi.it/iwsac2014