International Workshop on Security Aspects of Process-aware Information Systems (SAPAIS) In conjunction with ARES 2011 August 22-26, 2011 Vienna, Austria http://www.ares-conference.eu/conf/
Call for Papers
IntroductionBusiness processes are an important source for the engineering of customized software systems and are constantly gaining attention in the area of software engineering as well as in the area of information and system security. A process-aware information system (PAIS) provides support for the specification, execution, and/or monitoring of intra- as well as inter-organizational business processes.
In this context, a complete and correct mapping of process definitions and related security policies to the corresponding software system is essential in order to assure consistency between the modeling-level specifications on the one hand, and the software system that actually manages corresponding process instances and enforces the respective policies on the other. The demand to ensure that runtime process instances comply with modeling-level processes and policies becomes even more pressing with recent laws and regulations such as the Sarbanes-Oxley Act (SOX), the Health Insurance Portability and Accountability Act (HIPAA), or the Basel II Accord. Moreover, corresponding compliance requirements also arise from security recommendations and standards such as the NIST security handbook, the NIST recommended security controls, the ISO 27000 standard family (formerly ISO 17799), legally binding agreements such as business contracts, or company-specific (internal) rules/regulations. This workshop is concerned with the different security aspects of process-aware information systems - including authentication, authorization, audit, availability, confidentiality, integrity, and privacy aspects.
TopicsSuggested topics include, but are not limited to: - Requirements engineering for security aspects of PAIS - Modeling-level support for security aspects of PAIS - Implementation experiences for security aspects of PAIS - Security aspects of SOA-based PAIS - Integration of PAIS security aspects in the development process - Monitoring security aspects of PAIS - Testing security aspects of PAIS - Usability aspects of secure PAIS - Change management for security aspects of PAIS - Lessons learned and case studies
Important dates:- Submission Deadline: April 17th, 2011 April 24th, 2011 (extended) - Author Notification: May 16th 2011 - Author Registration: June 1st 2011 - Proceedings Version: June 1st 2011 - Conference/ Workshop: August 22nd -26th 2011
Submission GuidelinesAuthors are invited to submit papers in CPS style (two columns, single-spaced, including figures and references, using 10 pt fonts, and number each page). Papers must be submitted as a single PDF file. Please consult the iCPS Author Guidelines at the following web page: http://www.computer.org/portal/web/cscps/formatting
We solicit the submission of academic workshop papers (6 pages) representing original, previously unpublished work. Submitted papers will be carefully evaluated based on originality, significance, technical soundness, and clarity of exposition.
Duplicate submissions are not allowed. A submission is considered to be a duplicate submission if it is simultaneously submitted to other conferences/workshops/journals or if it has been already accepted to be published in other conferences/workshops/journals. Duplicate submissions thus will be automatically rejected without review.
The contact author must provide the following information: Paper title, authors' names, affiliations, postal address, phone, fax, and e-mail address of the author(s), about 200-250 word abstract, and about five keywords. Paper registration and submission is done through the ARES Paper Management System at the following address: http://stdev.ifs.tuwien.ac.at/ares2011/
Submission of a paper implies that should the paper be accepted, at least one of the authors will register for the ARES conference and present the paper at the workshop. Accepted papers will be given guidelines in preparing and submitting the final manuscript(s) together with the notification of acceptance.
PublicationAccepted papers will be published byConference Publishing Services (CPS) and will be available online through IEEE Xplore (EI indexing). http://www.computer.org/portal/web/cscps/
Organizing committee:Workshop Co-Chairs
Mark Strembeck, WU Vienna, Austria Stefanie Rinderle-Ma, Univ. of Vienna, Austria
Program committeeRuth Breu, Univ. of Innsbruck, Austria Jason Crampton, Royal Holloway, Univ. of London, UK Schahram Dustdar, TU Vienna, Austria Ludwig Fuchs, Univ. of Regensburg, Germany Jan Mendling, HU Berlin, Germany Günter Müller, Univ. of Freiburg, Germany Gustaf Neumann, WU Vienna, Austria Stefanie Rinderle-Ma, Univ. of Vienna, Austria Andreas Schaad, SAP Research, Germany Mark Strembeck, WU Vienna, Austria A Min Tjoa, TU Vienna, Austria Barbara Weber, Univ. of Innsbruck, Austria Edgar Weippl, SBA Research, Austria Uwe Zdun, Univ. of Vienna, Austria
|