-------- Forwarded Message --------
Dear colleagues,
the deadline for the 4th Workshop on Security, Privacy,
Organizations, and Systems Engineering (SPOSE) has been extended
to **July 8, 2022**
As always, we welcome full, short and demo papers. Please consider
to submit as well as to redistribute this CfP.
Best regards
Angela Sasse, Frank Pallas and Jörg Pohle
The 4th Workshop on Security, Privacy, Organizations, and Systems
Engineering (SPOSE) -
https://spose-ws.github.io
Date: September 26 or 30, 2022 (according to the current state of
planning, 26th is most likely)
held in conjunction with ESORICS 2022
(
https://esorics2022.compute.dtu.dk) in Copenhagen, Denmark
Submission deadline (extended): July 8, 2022
Submission link:
https://easychair.org/conferences/?conf=spose2022
Call for Papers
Over the past decades, a multitude of security and privacy
enhancing technologies has been developed and brought to
considerable maturity. However, the design and engineering of such
technologies often ignores the organizational context that
respective technologies are to be applied in. A large and
hierarchical organization, for example, calls for significantly
different security and privacy practices and respective
technologies than an agile, small startup. Similarly, whenever
employees’ behavior plays a significant role for the ultimate
level of security and privacy provided, their individual skills,
interests and incentives as well as typical behavioral patterns
must be taken into account and materialized in concrete technical
solutions and practices. Even though research on security- and
privacy-related technologies increasingly considers questions of
practical applicability in realistic scenarios, implementation
decisions are still mostly technology-driven, and existing
technical limitations and notions of “this is how we’ve always
done it” hamper both innovation and application in practice.
On the other hand, a substantial body of organization-related
security and privacy research already exists, incorporating
aspects like decision-making and governance structures, individual
interests and incentives of employees, behavioral aspects,
organizational roles and procedures, organizational as well as
national culture, or business models and organizational goals.
However, there is still a large gap between the generation of
respective insights and their actual incorporation in concrete
technical mechanisms, frameworks, and systems.
This disconnection between rather technical and rather
organization-related security and privacy research leaves
substantial room for improving the fit between organizational
practices on the one hand and the engineering of concrete
technologies on the other hand. Achieving a better fit between
these two sides through security and privacy technologies that
soundly incorporate organizational and behavioral theories and
practices promises substantial benefits for organizations and data
subjects, engineers, policy makers, and society as a whole.
The aim of this workshop is therefore to discuss, exchange, and
develop ideas and questions regarding the design and engineering
of technical security and privacy mechanisms with particular
reference to organizational contexts. We invite papers from
researchers and practitioners working in security- and
privacy-related systems engineering as well as in the field of
organizational science to submit their original papers to this
workshop. Topics of interest include, but are not limited to:
* Security and privacy technologies consciously addressing
different organizational structures
* Security and privacy technologies and individual behavior in
organizations
* Security and privacy technologies for and in organizational /
national cultures
* Security and privacy technologies for and in unusual
organizational settings
* Engineering-focused methods, frameworks, and assessment
approaches for addressing the above subjects in novel ways
We particularly welcome papers explicitly translating findings and
insights from organizational and behavioral theory into the
concrete design and engineering of technical security and privacy
mechanisms as well as papers evaluating, assessing, or
scrutinizing existing security and privacy technologies against
actual organizational and behavioral theories and/or givens from
the practice. Papers providing a clear engineering contribution
based on non-technical insights are especially welcome and will be
particularly recognized in the review process. Papers without
relation to concrete technologies are not excluded in general.
Authors of such papers are, however, explicitly encouraged to
sketch foreseen connections to and implications for the
engineering domain.
Besides regular (max. 16 pages) and short (max. 8 pages) papers,
we also invite practical demonstrations, intermediate reports, and
mini-tutorials on respective technologies currently under
development. Such contributions should be consciously tailored to
inspire more in-depth discussions. Submissions falling under this
category should describe the proposed contribution to the workshop
in no more than 4 pages and be explicitly marked as such during
the submission process. Authors of accepted papers must guarantee
that their papers will be presented at the conference.
Submission Guidelines & Types of Papers
Accepted papers are planned be published in a joint LNCS
proceedings together with further ESORICS workshops. Submissions
must not substantially duplicate work that any of the authors has
published elsewhere or has submitted in parallel to any other
venue with formally published proceedings.
Besides regular (max. 18 pages) and short (max. 8 pages) papers,
we also invite practical demonstrations, intermediate reports, and
mini-tutorials on respective technologies currently under
development. Such contributions should be consciously tailored to
inspire more in-depth discussions. Submissions falling under this
category should describe the proposed contribution to the workshop
in no more than 6 pages and be explicitly marked as such during
the submission process.
Authors of accepted papers must guarantee that their papers will
be presented at the workshop. At least one author must register.
Submissions
Submissions must be made via Easychair at
https://easychair.org/conferences/?conf=spose2022
Submissions must follow the original LNCS format (also available
as an Overleaf-template) with a page limit of 16 pages (incl.
references) for full papers, 8 pages (incl. references) for short
papers, and 6 pages (incl. references) for demos, mini-tutorials,
etc. These page limits exclude possible appendices. Submissions
must be submitted in anonymized / blinded form.
Important Dates
Important dates (might be subject to slight changes)
* Submission deadline: July 8, 2022
* Notification to authors: August 03, 2022
* Pre-workshop final/cam-ready versions: September 09, 2022
* Workshop: September 26 or 30, 2022
* “Ultimate” versions with final amendments from the workshop
(post-proceedings): (no earlier than) October 14, 2022
Organizers
* Frank Pallas (TU Berlin)
* Jörg Pohle (Humboldt Institute for Internet and Society)
* Angela Sasse (Ruhr-Uni Bochum)
—
Dr.-Ing. Frank Pallas
Senior Researcher
Technische Universität Berlin
Information Systems Engineering Research Group (ISE)
Sekretariat EN14
Einsteinufer 17
10587 Berlin, Germany
Phone: +49 30 314-73285
Fax: +49 30 314-22357
mailto:frank.pallas@tu-berlin.de
www.ise.tu-berlin.de
--
Mailing-Liste:
wi@lists.kit.edu
Administrator:
wi-request@lists.kit.edu
Konfiguration:
https://www.lists.kit.edu/wws/info/wi