IWOCS 2014 - 2014 International WOrkshop on Cloud Security

Cloud technology offers a powerful and fast growing approach to the provision of infrastructure, platform and software services without the high costs of owning, operating and maintaining the computational infrastructures required for this purpose. However, despite its appeal from the economic, operational and even energy consumption perspectives, cloud technology still raises concerns regarding the security, privacy, governance and compliance of the data and software services offered through it. These concerns arise from the difficulty to verify security properties of the different types of applications and services available through cloud technology and the uncertainty of the owners and users of such services about the security of their services, and of the applications based on them, once they are deployed and offered through a cloud. This difficulty stems from both the fact that the provision and security of a cloud service is sensitive to potential interference between the features and behaviour of all the inter-dependent services in all layers of the cloud stack, as well as dynamic changes in them; and the fact that current cloud models and infrastructure do not provide adequate support for controlling the behaviour of cloud software and for managing the decoupling of evolution cycles of the different software components, both applications and services, which happens in these scenarios. In this setting, system evolution, an inherent process in most computing systems, has an important impact on the security, resilience and quality of the cloud. In this line certification and other assurance approaches become crucial for establishing the necessary trust relationships. Likewise, novel testing mechanisms, engineering approaches, formal modelling paradigms, monitoring models, runtime support infrastructures, secure dynamic application building and service orchestration approaches, etc. are needed in order to fill other gaps and to restore the missing trust links in
these new scenarios. The workshop will provide a forum for presenting research results, practical experiences, and innovative ideas in security infrastructures and applications for cloud computing. The workshop will focus on Cloud Computing security, how users of Cloud systems can be educated to maintain the security posture of their systems, and how to improve the state of the art of Cloud Computing. The workshop will also look at the need to facilitate research and development of the next generation of Cloud Computing security standards and tools to assist in the creation of better, more secure systems.
Important Dates
Paper Submissions 15-03-2014
Notification for Authors 01-04-2014
Camera Ready Deadline 07-05-2014
Workshop Dates 27-05-2014
List of Topics
Secure Virtualization Structures
Privacy Enforcement for cloud applications, platforms and operations
Monitoring systems for cloud infrastructure/platform applications
Cloud security architecture and protocol
Data protection and secured information sharing in the cloud
Evolution of multi-tenant monitoring as a function of the number of tenants.
Intra- and inter-cloud security issues and considerations
Privacy policy framework for clouds
Access control mechanisms and trust models for cloud services
Energy/cost/efficiency of security in clouds
Secure Mobile Cloud Networking
Content and Service Distribution
Security Certification for cloud
Security Engineering for cloud
Organization
Workshop chairs
ANTONIO MUÑOZ, University of Málaga, Spain
ERNESTO DAMIANI, University of Milan, Italy
Programe Committee
ALCARAZ-CALERO, JOSE M., Hewlett-Packard, UK
ANTON DEL PINO, PABLO, U. of Málaga, Spain
BOYD, COLIN, Queensland U. of Tech., Australia
COLLBERG, CHRISTIAN, Arizona University, USA
CUELLAR, JORGE, Siemens, Germany
DAVIDS, CAROL, Illinois Institute of Technology, USA
DUSIT NIYATO, Nanyang Technological U., Singapore
ENDICOTT-POPOVSKY, BARBARA, U. of Washington, USA
FERNANDEZ, EDUARDO B., Florida Atlantic U., USA
GIORGINI, PAOLO, University of Trento, Italy
GRAWROCK, DAVID, Intel, USA
GÜRGENS, SIGRID, Fraunhofer SIT, Germany
JÜRJENS, JAN, TU of Dortmund, Germany
KIYOMOTO, SHINSAKU, KDDI R&D Labs, Japan
LAMBRINOUDAKIS, COSTAS, U. of Piraeus, Greece
LAURENCE T. YANG, St Francis Xavier University, Canada
LEVI, ALBERT, Sabanci University, Turkey
LOEVENICH, DANIEL, Bundesamt für Sicherheit in der Informationstechnik (BSI), Germany
LOSAVIO, MICHAEL, U. of Kentucky, USA
LOTZ, VOLKMAR, SAP AG, France
MAÑA, ANTONIO, University of Malaga, Spain
MARTINELLI, FABIO, CNR-IIT, Italy
MARTINEZ-PEREZ, GREGORIO, U. of Murcia, Spain
MICHELE BEZZI, SAP, France
NADARAJAM, R., PSG College of Technology, India
POSEGGA, JOAQUM, U. of Passau, Germany
PRESENZA, DOMENICO, Engineering, Italy
QUISQUATER, JEAN-JACQUES, U. Catholique De Louvain, Belgium
RAY, INDRAKSHI, Colorado State University, USA
RUDOLPH, CARSTEN, Fraunhofer SIT, Germany
SABETTA, ANTONINO, SAP, France
SORIA-RODRIGUEZ, PEDRO, ATOS R&D, Spain
SKIANIS CHARALABOS, University of Aegean, Greece
SPANOUDAKIS, GEORGE, City University, UK
WASHIZAKI, HIRONORI, Waseda University, Japan
WESPI, ANDREAS, IBM, Switzerland
YOSHIOKA, NOBUKAZU, Nat. I. of Informatics, Japan
ZULKERNINE, MOHAMMAD,Queen’s U., Canada
Submissions
Authors are invited to submit Regular Papers (maximum 8 pages) or Short Papers (maximum 4 pages)
using EasyChair. Regular papers will be evaluated according to normal research conference criteria with
respect to relevance, originality, and quality of the methodology and writing. Work that is highly novel,
controversial, or preliminary can be submitted as a short paper.
Proceedings of IWOCS 2014 will be included in the third ASE International Conference on Cyber
Security, Stanford, CA, USA, May 27 ? May 31, 2014.