-------- Original Message -------- Subject: [AISWorld] CFP WOSIS 2012. Deadline extended: 10 April Date: Mon, 9 Apr 2012 00:14:17 +0200 From: DAVID GARCIA ROSADO David.GRosado@uclm.es To: aisworld@lists.aisnet.org
[Apologies if you receive multiple copies of this announcement. Please pass it on to your colleagues and students who might be interested in contributing]
**
*The best papers will have the chance to publish extended and revised versions in a special issue of Computer Standards and Interfaces in the ISI Journal Citation Reports with Impact factor of 0.825.*
**** CALL FOR PAPERS ****
The Ninth International Workshop on Security In Information Systems WOSIS-2012
28 June -- 1 July, 2012 - Wroclaw, Poland
http://www.iceis.org/wosis.aspx
To be held in conjunction with the 14th International Conference on Enterprise Information Systems (ICEIS 2012) http://www.iceis.org/
*********Important Dates*********
Regular Paper Submission: *10 April, 2012 (extended)*
Authors Notification: 27 April, 2012
Camera Ready Submission Deadline: 10 May, 2012
*******************************
_Co-chairs:_
Dr. David G. Rosado
University of Castilla-La Mancha, Spain
David.GRosado@uclm.es mailto:David.GRosado@uclm.es
Dr. Luis Enrique Sánchez
Sicaman-NT, Departament of R+D, Spain
lesanchez@sicaman-nt.com
Dr. Carlos Blanco
University of Cantabria, Spain
blancobc@unican.es
Dr. Jan Jürjens
Technical University of Dortmund, Germany
jan.jurjens@cs.tu-dortmund.de mailto:jan.jurjens@cs.tu-dortmund.de
_Workshop Background and Goals_
Information Systems Security is one of the most pressing challenges facing all kinds of organizations today. Although many companies have discovered how critical information is to the success of their business or operations, very few have managed to be effective in maintaining their information secure, avoiding unauthorized access, preventing intrusions, stopping secret information disclosure, etc.
There are various definitions of security, but all of them basically agree on the same components. Security in information systems considers the protection of information and of the systems that manage it, against a wide range of threats in order to ensure business continuity, minimize risks and maximize the return on investment and business opportunities.
Security is, therefore, currently a widespread and growing concern that covers all areas of society: business, domestic, financial, government, and so on. In fact, the so-called information society is increasingly dependent on a wide range of software systems whose mission is critical, such as air traffic control systems, financial systems, or public health systems. The potential losses that are faced by businesses and organizations that rely on all these systems, both hardware and software, therefore signify that it is crucial for information systems to be properly secured from the outset.
With the increasing dependence that the information society has on Information and Communication Technology (ICT), the need to protect information is increasingly important for companies. The demand for products, systems and services with which to manage and maintain information is therefore increasing, and the realization of superficial security controls is not sufficient. It is necessary to apply a rigorous approach to the assessing and improvement of the security of products and processes that take place in the context of ICT. This has led to the emergence of Information Security Management Systems (ISMS), which are of great importance to the stability of companies' information systems.
In this new edition of WOSIS, the traditional information systems security topics will remain but we want explicitly focus the workshop on one of the most important issues and currently considered as it is security in Cloud computing. Although there are many benefits to adopting cloud computing, there are also some significant barriers to adoption as is security followed by issues regarding compliance, privacy and legal matters. Security is the main obstacle for many organizations in their move to the cloud, related to risk areas such as external data storage, dependency on the "public" internet, multi-tenancy and integration with internal security. The objective of this new edition is to contribute to the study and analysis of solutions and approaches which help to achieve and facilitate the level of security needed for such distributed environments and that its adoption is not any problem for the society, administration and enterprise.
_Topics of interest include, but are not limited to:_
_Topic for Cloud Computing_
* Security Engineering for Cloud-Based Systems * Security Requirements Engineering for Cloud-Based Systems * Risks and threats in Cloud * Privacy and Data protection in Cloud * Cloud Legal Issues * Trust and policy management in Clouds * Issues and recent approaches in portability, interoperability and migration * Secure migration processes to cloud computing * Security in migration models * Systems adapted to the cloud * Storage security * Cloud Infrastructure Security * Security Governance in the Cloud * Risk management and assessment and third-party risk management * Identity & Access Management in the Cloud * Security and Virtualization__ * Security in SaaS, PaaS and IaaS * Security in Cloud applications * Cloud security models * MDA and MDS applied to cloud computing * Case studies
_Rest of topics_
* Security in Software development Life Cycle * Information Security Management System * Security Management and Assessment * Analysis and management of risks * Security Implementation, Secure programming and Security Deployment * Case studies and experiences of secure software * Security culture * IT Governance * IT Service Continuity * Language-based Security * Open Security Standards and Security Certification * Common practice, legal and regulatory issues * Security for SOA, Web Services, Grid computing * Security for Databases and Data Warehouses * Metadata and Security * Secure Data Management * Workflow and Business Process Security * Security Metrics and Measurement * Security Ontologies * Security in Software Product Lines * Distributed and Network Security * Security & Trust Models * Authentication, Authorization and Access Control * Anonymity and Privacy * Security for Mobile Computing, sensors networks, multimedia systems * Security for Electronic Commerce, Electronic Business and e-Services (e-voting, e-banking, e-governement, e-health) * Security in Social Networks * Security for embedded systems, smart cards and RFID * Security Issues in Ubiquitous/Pervasive Computing * Intellectual Property Protection * Digital Rights Management (DRM). Mobile DRM * Personal Data Protection for Information Systems and Digital Identity management * Access Control and Rights Expression Languages * Semantic Web Technologies applied to Security * Security Engineering * Disaster Recovery and Failure Prevention * Incident Response and Prevention * Intrusion Detection and Fraud Detection * Biometric Security * Cryptology: Cryptography and Cryptanalysis * Information hiding: Steganography & Steganalysis * Digital Forensics * Cyber terrorism
_Paper Submission_
Prospective authors are invited to submit papers for oral presentation in any of the topics listed above. Submitted papers must present original, non-published work of high quality. Only papers in English will be accepted, and the length of the paper should not exceed 10 pages for full papers and 8 pages for short papers (figures and appendices included).
Instructions for preparing the manuscript (in Word and Latex formats) are available at the conference Paper Templates web page. Please also check the web page with the Submission Guidelines. Papers should be submitted electronically via the web-based submission system at: http://www.insticc.org/Primoris
_Publications_
All accepted papers will be published in the workshop proceedings book, under an ISBN reference, and in CD-ROM support. Additionally, the best papers will have the chance to publish extended and revised versions in Journal of Computer Standards and Interfaces in the ISI Journal Citation Reports.
_Workshop Program Committee _
Alfonso Rodriguez. University of Bio-Bio. Chile
Ambrosio Toval. University of Murcia. Spain
Andreas Bauer, National ICT Australia. Australia
Antonio Maña. University of Malaga. Spain
Brajendra Panda. University of Arkansas. USA
Csilla Farkas. University of South Carolina. USA
Daniel Mellado. University of Castilla-La Mancha. Spain
Debasis Giri. Haldia Institute of Technology. India
Duminda Wijesekera. University George Mason. USA
Eduardo Fernández-Medina. University of Castilla-La Mancha. Spain
Eduardo B. Fernández. Florida Atlantic University. USA
Ernesto Damiani. Università degli Studi di Milano. Italy
Günther Pernul. University of Regensburg. Germany
Hugo Jonker. University of Luxembourg. Luxembourg
Indrakshi Ray. Colorado State University. USA
Jaejoon Lee. Lancaster University. UK
Jaime Delgado. Universitat Politècnica de Catalunya. Spain
Kevin Butler. University of Oregon. USA
Luigi Lo Iacono, European University of Applied Sciences. Germany
María Carmen Fernández. Universidad de Málaga. Spain
Mario Piattini. University of Castilla-La Mancha. Spain
Mihai Christodorescu. University of Wisconsin. USA http://www.wisc.edu/
Raimundas Matulevicius, University of Tartu. Estonia
Rajkumar Buyya, Univ. of Melbourne. Australia
Sabrina De Capitani di Vimercati. Università degli Studi di Milano. Italy
Shareful Islam. University of East London. UK
Shinsaku Kiyomoto. KDDI R & D Laboratories Inc. Japan
Siani Pearson. Hewlett-Packard Laboratories. Bristol, UK.
Spyros Kokolakis. Athens University of Economics and Business. Greece
Stamatis Karnouskos. SAP AG. Germany
Steven Furnell. University of Plymouth. UK
Toshihiro Yamauchi. Okayama University http://www.okayama-u.ac.jp/index_e.html. Japan