5th International Workshop on Secure systems methodologies using patterns (SPattern 2011)
To be held in conjunction with the Sixth International Conference on Availability, Reliability and Security (ARES 2011 – http://www.ares-conference.eu).
August 22nd – 26th, 2011 Vienna University of Technology Vienna, Austria Security patterns have arrived to a stage where there are a significant number of them, two books about them have been published, and industry is starting to accept and use them. Analysis and design patterns have been around for about fifteen years and have found practical use in many projects; they have been incorporated into several software development methodologies where less experienced developers can use them to receive the advice and knowledge of experts. The situation is not so clear for security patterns because no accepted methodology exists for their use and their naming has not been unified. In spite of their value, it is not clear how much they are actually used in practice.
Catalogs of security patterns are a good step, but they are not enough. Building secure systems is a difficult process where security aspects are interlaced with the satisfaction of functional requirements as well as other non-functional requirements. Developers are typically experts on a language or a development methodology but know little about security, which results in them not knowing what security mechanisms make sense at which moments. We need methodologies that guide a designer at each stage of the development cycle. A few of them have appeared, but none of them has been tested in production applications. We still need more patterns to build more complete catalogs. Unification of pattern catalogs is becoming urgent because the several existing repositories confuse the designers. Tool support is also important for their acceptance. Related patterns are also important, i.e. reliability and safety patterns. Usability is an important aspect is some cases.
Topics of interest comprise but are not limited to: - Methodologies to build secure systems using patterns
- New aspects of existing methodologies
- Tradeoffs or combinations between security and other requirements expressed as patterns, e.g. reliable security patterns or secure reliability patterns.
- New security patterns
- New types of security-related patterns, e.g. misuse or attack patterns
- Pattern languages
- Classification of security patterns
- Tool support for security patterns
- Secure reference architectures
- Usability aspects
- Experiences in applying security patterns
Important dates
Submission Deadline |
April 17th, 2011 |
Author Notification |
May 09th, 2011 |
Author Registration |
June 01st, 2011 |
Proceedings Version |
June 01st, 2011 |
Conference/Workshop |
August 22nd - 26th, 2011 |
Submission Guidelines
The submission guidelines valid for the workshop are the same as for the ARES conference. They can be found at:
http://www.ares-conference.eu/submission-guidelines
Workshop Co-Chairs
Prof. Eduardo B. Fernandez
Florida Atlantic University, Boca Raton, FL 33431, USA
ed[at]cse[dot]fau[dot]edu
Prof. Sergio Mujica
Universidad Andres Bello, Santiago, Chile
smujica[at]unab[dot]cl
Program Committee
Eduardo Fernández-Medina Patón, Universidad de Castilla-La Mancha, Ciudad Real, Spain Jan Jürjens, TU Dortmund & Fraunhofer ISST, Germany Costas Lambrinoudakis, University of Piraeus, Greece Antonio Maña, University of Malaga, Spain Haris Mouratidis, University of East London, London, UK Jaime Muñoz-Arteaga, University of Aguascalientes, Mexico Alfonso Rodríguez Ríos, Universidad del Bío-Bío, Chillán, Chile Markus Schumacher , Virtual Forge GmbH & Fraunhofer SIT, Germany Dan Thomsen, SIFT, LLC, USA Michael VanHilst, Florida Atlantic University, USA Hironori Washizaki, Waseda University, Japan Marcel Winandy, Ruhr-University Bochum, Germany Joe Yoder, The Refactory, Inc., USA Nobukazu Yoshioka, National Institute of Informatics, Japan |