SUBMISSION DEADLINE EXTENDED -- FINAL EXTENSION 20 AUGUST

The third international workshop in Enterprise Security, as part of UCC 2016 (http://computing.derby.ac.uk/ucc2016/), Tongji University, Shanghai, China, December 6 - 9, 2016

Enterprise security is the key to achieving global information security in business and organizations. Cloud computing is a new paradigm for enterprise where businesses need to be secured. However, this new trend needs to be more systematic with respect to cloud security, which is a factor in sustaining cloud technology by building-in trust. For example, current challenges with cyber security and application security flaws are highlighting important lessons to be learned and also lead to the adoption of best practices. Similarly, as the demand for cloud services increases, the importance of security and privacy will also increase.

One solution is to develop a framework for enterprise security to analyze and model organizational security of the cloud and its data. In particular, cloud data and cloud storage technologies (Amazon s3, drop box, Google drive, etc.) have now become normal practice for almost every computing user. This can explain why building trust for cloud users is one of the main focuses of cloud computing research. On the other hand, the social, human and business aspects of enterprise security are essential to users to keep their skills, business concepts and policies up-to-date. By maintaining all these aspects of security, organizations can develop an enterprise security solution to work together with business models, such as cloud provider enterprise model and cloud consumer enterprise model. In this way, enterprise security can address technical and organizational aspects of security to provide added value and win-win situations for users, adopters and service providers. Following the successful delivery of our workshop in 2014, we foresee the importance of enterprise security as a unique and rising field to ensure all aspects of security and risks can be identified, surveyed, tested, prototyped and minimized with recommendations and lessons learned disseminated. The scope of enterprise security has expanded into risk management/analysis, management of future technologies such as internet of things and big data and modern ethical hacking methods that can provide a robust and enhanced level of enterprise security.

By blending technical and organizational aspects of security, our workshop can provide a platform for intellectual discussions and interactions. To highlight the significance of enterprise security and disseminate research contributions in cloud community, we welcome papers addressing technical (implementations, algorithms, experiments, simulation, modeling and prototypes) and organizational (information system related issues, recommendation and best practices, frameworks, risks) issues.


Topics:
Algorithms, software engineering and development
System design and implementation
Testing (software engineering; penetration; product development)
Encryption (all aspects)
Firewall, access control, identity management
Experiments of using security solutions and proof-of-concepts
Large-scale simulations in the Cloud, Big Data and Internet of Things
Intrusion and detection techniques
Social engineering and ethical hacking: techniques and case studies
Risk Modeling, business process modeling and analytics
Trust and privacy
Data security, data recovery, disaster recovery
Data center management
Adoption challenges and recommendation
Risk management and control
Business and economic models
Change management and continuous service improvement
Information systems related issues
Conceptual frameworks and models
Emerging issues and recommendations for organizational security
E-Commerce and online banking
Social network analysis, emerging issues in social networks
Education and e-Learning
Surveys and their quantitative analysis
Architecture (technical or organizational)
Case studies

The focus of this workshop is to present new techniques, demonstrations, innovative approaches and case studies related to Enterprise Security. The impacts of research contributions are as follows:
-- Explain how to implement enterprise security and their added values.
-- Demonstrate how enterprise security can be used in different case studies.
-- Describe how to resolve challenges in each adoption scenario.
-- Provide reproducible steps for anyone to follow, and support reproducibility, an
-- important aspect in Cloud Computing science.
-- Explain how their Cloud services can work effectively in production and real-time
-- Present how their services can make contributions to users involved in the use of
-- Cloud services and adoption.
-- Sum up and disseminate all the lessons learned and recommendation to play an influential role in academia and industry.

All presented papers will be undertaken with a double-blind review process, and extended versions of the workshop papers will be likely to be published in a special issue: Enterprise Security, International Journal of Organizational and Collective Intelligence (IJOCI) and Open Journal of Big Data. We will also set up a special issue with Future Generation Computer Systems (FGCS) and another leading journal for top paper UCC delegate winners.