This is a workshop that may be of interest to subscribers of this mailing 

This is a gentle reminder that the position statements / papers are due 
this Friday.

Our keynote speaker will be Niels Provos, presenting "All Your iFrames 
Point to Us."

Hope to see you at the workshop!

Larry Koved and Dan Wallach
W2SP 2008 co-chairs


Workshop web site:    
2007 workshop web site:

Workshop Call for Position Papers

W2SP 2008: Web 2.0 Security and Privacy 2008

Thursday, May 22 
The Claremont Resort
Oakland, California 
Sponsored by the 2008 IEEE Symposium on Security and Privacy 

The goal of this one day workshop is to bring together researchers and 
practitioners from academia and industry to focus on understanding 
Web 2.0 security and privacy issues, and establishing new collaborations 
in these areas. 

Web 2.0 is about connecting people and amplifying the power of working 
The mixing of technology and social interaction is occurring in the 
context of a wave of technologies supporting rapid development of these 
interpersonal and business interactions. Many of the new web technologies 
rely on the composition of content and services from multiple sources, 
resulting in complex technology compositions (mash-ups). 
The content composition trend is likely to continue. The lure of these 
technologies is the promise of simpler ways to compose software service 
and content, at lower cost. 

However, there are issues with respect to management of identities, 
reputation, privacy, anonymity, transient and long term relationships, 
and composition of function and content, both on the server side and 
at the client (web browser). While the security and privacy issues are 
not new, these issues are increasingly becoming acute as the technologies 
are adopted and adapted to appeal to wider audiences. Some of these 
technologies deliberately bypass existing security mechanisms. 
This workshop is intended to discuss the limitations of the current 
technologies and explore alternatives. 

The scope of W2SP 2008 includes, but is not limited to:
  - Identity, privacy, reputation and anonymity
  - End-to-end security architectures
  - Security of content composition
  - Security and privacy policy definition and modeling of content 
  - Provenance and governance
  - Usable security and privacy models
  - Static and dynamic analysis for security
  - Security as a service
  - Click fraud
  - Software as a service
  - Web services/feeds/mashups
  - Next generation browser technology

Due to space limitations of the workshop venue, registration is limited 
to 75 participants. Potential workshop participants should submit a paper 
on topics relevant to Web 2.0 security and privacy issues. 

We are seeking both short position papers (2-–4 pages) and refereed papers 

(a maximum of 8 pages). Papers longer than 8 pages may be automatically 
rejected by the co-chairs or workshop committee. From the submissions, 
the program committee will strive to select participants in a way that 
is balanced between academia and industry, as well as across topics. 
Selected papers will appear on the workshop web site. 

Workshop Co-Chairs: [EMAIL PROTECTED] 
  - Larry Koved, IBM T. J. Watson Research Center
  - Dan S. Wallach, Rice University 

Important dates: 
  - Paper submission deadline: March 7, 2008, (11:59pm US-Eastern)
  - Workshop acceptance notification date: March 28, 2008
  - Workshop date: Thursday May 22, 2008
  - Workshop paper submission web site: 
  - Registration: Workshop registration will only be available via the 
     IEEE Symposium on Security and Privacy conference web site. 
Secure Coding mailing list (SC-L)
List information, subscriptions, etc -
List charter available at -
SC-L is hosted and moderated by KRvW Associates, LLC (
as a free, non-commercial service to the software security community.

Reply via email to