[Apologies for cross and multiple postings.  Please circulate to colleagues
and prospective interested parties.]

 =========================================================================
Call for Papers

International Workshop on Security Aspects of Process-aware Information Systems (SAPAIS)

*Submission Deadline: April 17th, 2011*

In conjunction with ARES 2011
August 22-26, 2011
Vienna, Austria
http://www.ares-conference.eu/conf/

=========================================================================

Introduction
============

Business processes play a central role in many commercial software
systems and are of considerable interest to the research communities
in software engineering and information & system security.  A
process-aware information system (PAIS) provides support for the
specification, execution, and/or monitoring of intra- as well as
inter-organizational business processes.

In this context, a complete and correct mapping of process definitions
and related security policies to the corresponding software system is
essential in order to assure consistency between the modeling-level
specifications on the one hand, and the software system that actually
manages corresponding process instances and enforces the respective
policies on the other. The requirement that runtime process instances
must comply with modeling-level processes and policies becomes even
more pressing with recent laws and regulations such as the
Sarbanes-Oxley Act (SOX), the Health Insurance Portability and
Accountability Act (HIPAA), or the Basel II Accord.  Moreover,
corresponding compliance requirements also arise from security
recommendations and standards such as the NIST security handbook, the
NIST recommended security controls, the ISO 27000 standard family
(formerly ISO 17799), legally binding agreements such as business
contracts, or company-specific (internal) rules/regulations. This
workshop is concerned with the different security aspects of
process-aware information systems - including authentication,
authorization, audit, availability, confidentiality, integrity, and
privacy aspects.


Topics
======
Suggested topics include, but are not limited to:
- Requirements engineering for security aspects of PAIS
- Modeling-level support for security aspects of PAIS
- Implementation experiences for security aspects of PAIS
- Security aspects of SOA-based PAIS
- Integration of PAIS security aspects in the development process
- Monitoring security aspects of PAIS
- Testing security aspects of PAIS
- Usability aspects of secure PAIS
- Change management for security aspects of PAIS
- Lessons learned and case studies


Important dates:
================
- Submission Deadline: April 17th, 2011
- Author Notification: May 16th 2011
- Author Registration: June 1st 2011
- Proceedings Version: June 1st 2011
- Conference/ Workshop: August 22nd -26th 2011


Submission Guidelines
=====================

Authors are invited to submit papers in IEEE Computer Society CPS
style (two columns, single-spaced, including figures and references,
using 10 pt fonts, and number each page). Papers must be submitted as
a single PDF file. Please consult the IEEE CS CPS Author Guidelines at
the following web page:
http://www.computer.org/portal/web/cscps/formatting

We solicit the submission of academic workshop papers (6 pages)
representing original, previously unpublished work. Submitted papers
will be carefully evaluated based on originality, significance,
technical soundness, and clarity of exposition.

Duplicate submissions are not allowed. A submission is considered to
be a duplicate submission if it is simultaneously submitted to other
conferences/workshops/journals or if it has been already accepted to
be published in other conferences/workshops/journals. Duplicate
submissions thus will be automatically rejected without review.

The contact author must provide the following information: Paper
title, authors' names, affiliations, postal address, phone, fax, and
e-mail address of the author(s), about 200-250 word abstract, and
about five keywords. Paper registration and submission is done through
the ARES Paper Management System at the following address:
http://stdev.ifs.tuwien.ac.at/ares2011/

Submission of a paper implies that should the paper be accepted, at
least one of the authors will register for the ARES conference and
present the paper at the workshop. Accepted papers will be given
guidelines in preparing and submitting the final manuscript(s)
together with the notification of acceptance. 

Publication
===========

Accepted papers will be published by IEEE Computer Society's
Conference Publishing Services (CPS) and will be available online
through IEEE Xplore (EI indexing).
http://www.computer.org/portal/web/cscps/

Organizing committee:
=====================

Workshop Co-Chairs:

Mark Strembeck, WU Vienna, Austria
Stefanie Rinderle-Ma, Univ. of Vienna, Austria


Program committee
=================
Ruth Breu, Univ. of Innsbruck, Austria
Jason Crampton, Royal Holloway, Univ. of London, UK
Schahram Dustdar, TU Vienna, Austria
Ludwig Fuchs, Univ. of Regensburg, Germany
Jan Mendling, HU Berlin, Germany
Günter Müller, Univ. of Freiburg, Germany
Gustaf Neumann, WU Vienna, Austria
Stefanie Rinderle-Ma, Univ. of Vienna, Austria
Andreas Schaad, SAP Research, Germany
Mark Strembeck, WU Vienna, Austria
A Min Tjoa, TU Vienna, Austria
Barbara Weber, Univ. of Innsbruck, Austria
Edgar Weippl, SBA Research, Austria
Uwe Zdun, Univ. of Vienna, Austria



--
Mailing-Liste: wi@aifb.uni-karlsruhe.de
Administrator: wi-admin@aifb.uni-karlsruhe.de
Konfiguration: https://www.lists.uni-karlsruhe.de/sympa/info/wi