-------- Original-Nachricht -------- Betreff: [WI] Call for Papers ECCA 2010 Datum: Tue, 1 Sep 2009 09:37:20 +0200 Von: Stefan Sackmann sackmann@iig.uni-freiburg.de An: wi@aifb.uni-karlsruhe.de
[Our apologies if you receive duplicates of this posting]
+ + + Call for Papers + + +
First Workshop on Economics of Compliance Control and Automation (ECCA 2010)
Submission Deadline: October, 15th 2009
To be held in conjunction with the Fifth International Conference on Availability, Reliability and Security (ARES 2010) http://www.ares-conference.eu. February 15th - 18th, 2010 Andrzej Frycz Modrzewski Cracow College, Krakow, Poland
Achieving compliance to an ever growing number of regulatory requirements, such as reporting practices and treatment of personal information, poses a grand challenge to enterprises of all sizes. Such requirements stipulate the reliable deployment of a number of accountable activities which must be periodically validated by means of third-party audits. To conduct adequate validation in a timely, cost-effective and reliable manner, enterprises are advancing the automation of business process and the corresponding controls.
Controls subsume organizational measures and security mechanisms for enforcing regulatory laws and detecting regulation deviations, opening up the chance to react timely. However, deploying such controls is a challenging task yet not completely understood: Unexpected interactions between controls and business processes might arise, leading to inconsistencies, compliance violations and conflicts with the operative goals of business processes and, thereby, opening up risks. Also, a too restrictive, risk-averse enforcement of regulations is not optimal with regard to the operational use of upcoming technologies, such as service-oriented architectures or cloud computing, since it may hinder the harvesting of their full potential. Addressing these issues is of primary relevance and requires well-founded, cross-disciplinary approaches to reason about and bridge the technical and economical perspectives of the deployment of controls.
The goal of this workshop is to bring together researchers and practitioners working on innovative methods for managing compliance, risk and security. The focus of the workshop is primarily on the integration of economical and technical research, yet it encourages papers with a cross-disciplinary character, encompassing for instance legal and sociological aspects, as well as papers more purely focused on information technology.
Submission topics include, but are not limited to: . Process-oriented risk management . Security issues on workflows . Process reconstruction . Accountability and liability . Policy enforcement . Usage control . Audit strategies . Secure logging mechanisms . Monitoring techniques . Implementation experiences
Important dates . Submission Deadline: October, 15th 2009 . Author Notification: November, 01st 2009 . Proceedings Version: November, 14th 2009 . Conference/Workshop: February, 15th - 18th 2010
All accepted papers will be published as ISBN proceedings published by the IEEE Computer Society.
More detailed information can be found on: http://www.ares-conference.eu/conf/index.php/workshops/ecca
-- Mailing-Liste: WI@aifb.uni-karlsruhe.de Administrator: WI-admin@aifb.uni-karlsruhe.de Konfiguration: http://www.aifb.uni-karlsruhe.de/mailman/listinfo/wi