WISARC 2016 - Second International Workshop on Information Security, Assurance and Reliability in the Cloud

Cloud computing is a major research area. Much of the discussion is due to the security issues it poses as a new technology and to the IT paradigm shift, as well as the fact that increasing cybersecurity concerns have a direct impact on the cloud. Issues span from fundamental confidentiality assurance of data in rest and motion, due to data outsourcing, to regulation and jurisdiction problems of legal data ownership and takeover. The virtualization technology that supports the building blocks for multi-tenant infrastructures also poses novel security risks and vulnerabilities that need to be properly addressed. Ironically, the interplay of these new technologies paves the way for the development of novel defenses against the very threats that arise in the current attack landscape. For example, virtual machine escape vulnerabilities are specific to virtualization technology, the same one that simplifies dynamic malware analysis.
Cloud computing research is a multidisciplinary effort involving cryptography, networking, software development, system architecture, among others. This workshop aims to attract innovative research works and foster discussions addressing technical, policy and legal issues of information security, assurance and reliability in cloud computing environments, elaborating on distinguished and emerging topics that are of interest to both the academia and the industry.
Topics of Interest
The Technical Program Committee of WISARC 2016 invites researchers and practitioners to prepare high-quality submissions describing unpublished theoretical or practical research related with, but not limited to, the following topics:
* Architecture security of web services and web protocols;
* Assurance of data sanitization in the Cloud;
* Auditability of cloud systems;
* Big data and log analysis;
* Cloud and BYOD integration security;
* Cloud availability and resources starvation;
* Cloud computing cybercriminality, APTs and cybersecurity;
* Cloud-focused attacks;
* Cloud forensics;
* Cryptography for the Cloud;
* Cryptography in trust models and trusted computing technology;
* Cybercriminality, APTs and cybersecurity leveraging the Cloud;
* Enforcement of security in hybrid clouds;
* Interclouds security;
* Modern malware analysis;
* Multi-factor auth (authentication and authorization);
* Network perimeter security, monitoring and SIEM in the cloud for incident response;
* Network steganography;
* Privacy and anonymization in cloud systems;
* Reliable and privacy-preserving outsourced storage and distributed computing;
* Secure (federated) identity management and SSO architectures;
* Secure and reliable cloud programming models;
* Secure generation and management of cryptography secrets in VMs;
* Security issues in software-defined networks;
* Security of open-source cloud software;
* Trust and policy management in cloud systems;
* Virtualization and sandbox security and VM isolation assurance.