International WOrkshop on Cloud Security (IWOCS)

Hosted by the Third ASE International Conference on Cyber Security - Stanford, CA, USA, May 27 - May 31, 2014
http://www.scienceengineering.org/ase/conference/2014/cybersecurity/sanjose/website/cloudsecurity-workshop/


============
Description
============

Cloud technology offers a powerful and fast growing approach to the provision of infrastructure, platform and software services without the high costs of owning, operating and maintaining the computational infrastructures required for this purpose. However, despite its appeal from the economic, operational and even energy consumption perspectives, cloud technology still raises concerns regarding the security, privacy, governance and compliance of the data and software services offered through it. These concerns arise from the difficulty to verify security properties of the different types of applications and services available through cloud technology and the uncertainty of the owners and users of such services about the security of their services, and of the applications based on them, once they are deployed and offered through a cloud. This difficulty stems from both the fact that the provision and security of a cloud service is sensitive to potential interference between the features and behaviour of all the inter-dependent services in all layers of the cloud stack, as well as dynamic changes in them; and the fact that current cloud models and infrastructure do not provide adequate support for controlling the behaviour of cloud software and for managing the decoupling of evolution cycles of the different software components, both applications and services, which happens in these scenarios. In this setting, system evolution, an inherent process in most computing systems, has an important impact on the security, resilience and quality of the cloud. In this line certification and other assurance approaches become crucial for establishing the necessary trust relationships. Likewise, novel testing mechanisms, engineering approaches, formal modelling paradigms, monitoring models, runtime support infrastructures, secure dynamic application building and service orchestration approaches, etc. are needed in order to fill other gaps and to restore the missing trust links in these new scenarios. The workshop will provide a forum for presenting research results, practical experiences, and innovative ideas in security infrastructures and applications for cloud computing. The workshop will focus on Cloud Computing security, how users of Cloud systems can be educated to maintain the security posture of their systems, and how to improve the state of the art of Cloud Computing. The workshop will also look at the need to facilitate research and development of the next generation of Cloud Computing security standards and tools to assist in the creation of better, more secure systems.

================
Important Dates
================

• Paper Submissions 15-03-2014
• Notification for Authors 01-04-2014
• Camera Ready Deadline 07-05-2014
• Workshop Dates 27-05-2014

===============
List of Topics
===============

• Secure Virtualization Structures
• Privacy Enforcement for cloud applications, platforms and operations
• Monitoring systems for cloud infrastructure/platform applications
• Cloud security architecture and protocol
• Data protection and secured information sharing in the cloud
• Evolution of multi-tenant monitoring as a function of the number of tenants.
• Intra- and inter-cloud security issues and considerations
• Privacy policy framework for clouds
• Access control mechanisms and trust models for cloud services
• Energy/cost/efficiency of security in clouds
• Secure Mobile Cloud Networking
• Content and Service Distribution
• Security Certification for cloud
• Security Engineering for cloud

=============
Organization
=============

Workshop chairs

• ANTONIO MUÑOZ, University of Málaga, Spain
• ERNESTO DAMIANI, University of Milan, Italy

Program Committee

• ALCARAZ-CALERO, JOSE M., Hewlett-Packard, UK
• ANTON DEL PINO, PABLO, U. of Málaga, Spain
• BEZZI, MICHELE, SAP, France
• BOYD, COLIN, Queensland U. of Tech., Australia
• COLLBERG, CHRISTIAN, Arizona University, USA
• CUELLAR, JORGE, Siemens, Germany
• DAVIDS, CAROL, Illinois Institute of Technology, USA
• DUSIT NIYATO, Nanyang Technological U., Singapore
• ENDICOTT-POPOVSKY, BARBARA, U. of Washington, USA
• FERNANDEZ, EDUARDO B., Florida Atlantic U., USA
• GIORGINI, PAOLO, University of Trento, Italy
• GRAWROCK, DAVID, Intel, USA
• GÜRGENS, SIGRID, Fraunhofer SIT, Germany
• JÜRJENS, JAN, TU of Dortmund, Germany
• KIYOMOTO, SHINSAKU, KDDI R&D Labs, Japan
• LAMBRINOUDAKIS, COSTAS, U. of Piraeus, Greece
• LAURENCE T. YANG, St Francis Xavier University, Canada
• LEVI, ALBERT, Sabanci University, Turkey
• LOEVENICH, DANIEL, Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany
• LOSAVIO, MICHAEL, U. of Kentucky, USA
• LOTZ, VOLKMAR, SAP AG, France
• MAÑA, ANTONIO, University of Malaga, Spain
• MARTINELLI, FABIO, CNR-IIT, Italy
• MARTINEZ-PEREZ, GREGORIO, U. of Murcia, Spain
• NADARAJAM, R., PSG College of Technology, India
• POSEGGA, JOAQUM, U. of Passau, Germany
• PRESENZA, DOMENICO, Engineering, Italy
• QUISQUATER, JEAN-JACQUES, U. Catholique De Louvain, Belgium
• RAY, INDRAKSHI, Colorado State University, USA
• RUDOLPH, CARSTEN, Fraunhofer SIT, Germany
• SABETTA, ANTONINO, SAP, France
• SORIA-RODRIGUEZ, PEDRO, ATOS R&D, Spain
• SKIANIS CHARALABOS, University of Aegean, Greece
• SPANOUDAKIS, GEORGE, City University, UK
• WASHIZAKI, HIRONORI, Waseda University, Japan
• WESPI, ANDREAS, IBM, Switzerland
• YOSHIOKA, NOBUKAZU, Nat. I. of Informatics, Japan
• ZULKERNINE, MOHAMMAD,Queen’s U., Canada

=============
Submissions
=============

Authors are invited to submit Regular Papers (maximum 8 pages) or Short Papers (maximum 4 pages) using EasyChair. Regular papers will be evaluated according to normal research conference criteria with respect to relevance, originality, and quality of the methodology and writing. Work that is highly novel, controversial, or preliminary can be submitted as a short paper.
Proceedings of IWOCS 2014 will be included in the third ASE International Conference on Cyber Security, Stanford, CA, USA, May 27 – May 31, 2014.

Registration: Online Registration

====================
Implementation Plan
====================

IWOCS will have a hybrid approach that will combine a traditional scientific workshop with an interactive forum for discussion of the main workshop topics, seeking the creation of a community and a clear focus on producing.