For someone looking for a topic, I would encourage exploration of "Trustworthy cloud-based services" via license agreements and terms of service.
If the license agreements or terms of service states a provider is indemnified by the user; or the provider is allowed to loose, sell, or give away your data without making you whole (Apple's ToS), then I would question the platform's trustworthiness. Giving data to law enforcement still qualifies as a threat to data in my opinion. I don't discriminate between "good" bad guys and "bad" bad guys - they are threats to the data. There are no shades of grey. I suspect there are no trustworthy platforms after factoring in license agreements and terms of service. Jeff On Sun, Dec 16, 2012 at 11:37 AM, Larry Koved <ko...@us.ibm.com> wrote: > On behalf of the workshop co-chairs and program chair, we would like to > invite you participate in the seventh Web 2.0 Security and Privacy workshop. > > Web 2.0 Security and Privacy workshop is co-located with > The 34th IEEE Symposium on Security and Privacy (IEEE S&P 2013) > http://www.ieee-security.org/TC/SP2013/ > > and is an event of > The IEEE Computer Society's Security and Privacy Workshops (SPW 2013) > http://ieee-security.org/TC/SPW2013 > > W2SP brings together researchers, practitioners, web programmers, policy > makers, and others interested in the latest understanding and advances in > the security and privacy of the web, browsers and their eco-system. We have > had six years of successful W2SP workshops. > > W2SP is held in conjunction with the IEEE Symposium on Security and privacy, > which will take place from May 19-22, 2013, at the Westin St. Francis Hotel > in San Francisco. W2SP will continue to be open-access: all papers will be > made available on the workshop website, and authors will not need to forfeit > their copyright. > > We are seeking both short position papers (2–4 pages) and longer papers (a > maximum of 10 pages). Papers must be formatted for US letter (not A4) size > paper with margins of at least 3/4 inch on all sides. The text must be > formatted in a two-column layout, with columns no more than 9 in. high and > 3.375 in. wide. The text must be in Times font, 10-point or larger, with > 12-point or larger line spacing. Authors are encouraged to use the IEEE > conference proceedings templates. > > The scope of W2SP 2013 includes, but is not limited to: > > - Trustworthy cloud-based services > - Privacy and reputation in social networks > - Security and privacy as a service > - Usable security and privacy > - Security for the mobile web > - Identity management and psuedonymity > - Web services/feeds/mashups > - Provenance and governance > - Security and privacy policies for composible content > - Next-generation browser technology > - Secure extensions and plug-ins > - Advertisement and affiliate fraud > - Measurement study for understanding web security and privacy > > Any questions should be directed to the program chair: ka...@us.ibm.com. > > > WORKSHOP CO-CHAIRS > > Larry Koved (IBM Research) > Matt Fredrikson (University of Wisconsin - Madison) > > PROGRAM CHAIR > Kapil Singh (IBM Research) _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. Follow KRvW Associates on Twitter at: http://twitter.com/KRvW_Associates _______________________________________________
