WISARC 2015 - First International Workshop on Information Security, Assurance and Reliability in the Cloud

Cloud computing is nowadays a key enabling technology in the IT world. Adopting or moving to the cloud raises security concerns, spanning from confidentiality issues due to data outsourcing, to regulation and jurisdiction problems, which have been the focus of researchers and security solutions manufacturers in the past few years. Cloud computing effectively increased the attack landscape and brought security issues of its own. On the other hand, it also provided new means to deal with threats, and it constitutes an environment where fundamentally different information security approaches need to be devised, involving often a multidisciplinary effort in disciplines such as cryptography, networking, software development, system architecture, among others. This workshop aims to attract innovative research works and foster discussions addressing technical, policy and legal issues of information security, assurance and reliability in cloud computing environments, elaborating on distinguished and emerging topics that are of interest to both the academia and the industry.
Topics of Interest
The Technical Program Committee of WISARC 2015 invites researchers and practitioners to prepare high-quality submissions describing unpublished theoretical or practical research related with cloud security. Topics of interest include (but are not limited to) the following:
* Architecture security of web services and web protocols;
* Assurance of data sanitization in the Cloud;
* Auditability of cloud systems;
* Big data and log analysis;
* Cloud and BYOD integration security;
* Cloud availability and resources starvation;
* Cloud computing cybercriminality, APTs and cybersecurity;
* Cloud-focused attacks;
* Cloud forensics;
* Cryptography for the Cloud;
* Cryptography in trust models and trusted computing technology;
* Enforcement of security in hybrid clouds;
* Interclouds security;
* Modern malware analysis;
* Multi-factor auth (authentication and authorization);
* Network perimeter security, monitoring and SIEM in the cloud for incident response;
* Privacy and anonymization in cloud systems;
* Reliable and privacy-preserving outsourced storage and distributed computing;
* Secure (federated) identity management and SSO architectures;
* Secure and reliable cloud programming models;
* Secure generation and management of cryptography secrets in VMs;
* Security issues in software-defined networks;
* Security of open-source cloud software;
* Trust and policy management in cloud systems;
* Virtualization and sandbox security and VM isolation assurance.