Dear secure coding friends, In exactly one year -- June 21-24, 2010 -- let's all meet in beautiful Stockholm, Sweden. OWASP Sweden, Norway, and Denmark hereby invite you to OWASP AppSec Research 2010.
AppSec Research = AppSec Europe This conference was formerly known as OWASP AppSec Europe. We have added 'Research' to highlight that we invite both industry and academia. All the regular AppSec Europe visitors and topics are welcome along with contributions from universities and research institutes. This is the European conference for anyone interested in or working with application security. Co-host is the Department of Computer and Systems Science at Stockholm University, offering a great venue in the fabulous Aula Magna. Call for Papers and Proposals We offer two options: 1. Full papers. Peer-reviewed 12 page papers that will be published in formal proceedings by Springer-Verlag Lecture Notes in Computer Science (final approval pending). 2. Presentation proposals. A presentation proposal should consist of a 2-page position paper representing the essential matter proposed by the speaker(s). Proposals must include sufficient material for the reviewers to make an informed decision. Topics of Interest We encourage the publication and presentation of new tools, new methods, empirical data, novel ideas, and lessons learned in the following areas: Web application security Security aspects of new/emerging web technologies/paradigms (mashups, web 2.0, offline support, etc) Security in web services, REST, and service oriented architectures Security in cloud-based services Security of frameworks (Struts, Spring, ASP.Net MVC etc) New security features in platforms or languages Next-generation browser security Security for the mobile web Secure application development (methods, processes etc) Threat modeling of applications Vulnerability analysis (code review, pentest, static analysis etc) Countermeasures for application vulnerabilities Metrics for application security Application security awareness and education Submission Deadline and Instructions Submission deadline is Sunday February 7th 23:59 (Apia, Samoa time). Submissions should be at most 12 pages long in the Springer LNCS style for "Proceedings and Other Multiauthor Volumes". Templates for preparing papers in this style for LaTeX, Word, etc can be downloaded from: http://www.springer.com/computer/lncs?SGWID=0-164-7-72376-0. Full papers must be submitted in a form suitable for anonymous review: remove author names and affiliations from the title page, and avoid explicit self-referencing in the text. Program Committee John Wilander, Omegapoint and Linköping University (chair) Alan Davidson, Stockholm University/Royal Institute of Technology (co-host) Andrei Sabelfeld, Chalmers UT Engin Kirda, Institute Eurecom Lieven Desmet, Katholieke Universiteit Leuven Martin Johns, University of Passau Christoph Kern, Google Sergio Maffeis, Imperial College London Organizing Committee John Wilander, chapter leader Sweden (chair) Mattias Bergling (vice chair) Alan Davidson, Stockholm University/Royal Institute of Technology (co-host) Ulf Munkedal, chapter leader Denmark Kåre Presttun, chapter leader Norway Stefan Pettersson (sponsoring coordinator) Carl-Johan Bostorp (schedule and event coordinator) Martin Holst Swende (coffee/lunch/dinner) Kate Hartmann, OWASP Sebastien Deleersnyder, OWASP Board Countdown Challenges -- Free Tickets to Win! There will be a challenge posted on the conference wiki page the 21st every month up until the event. The winner will get free entrance to the conference. What are you waiting for? The first challenge is posted. Go, go, go -- https://www.owasp.org/index.php/OWASP_AppSec_Research_2010_-_Stockholm%2C_Sw eden#AppSec_Research_Challenge_1:_Input_Validation_and_Regular_Expressions. OWASP The Open Web Application Security Project (OWASP) is an open community dedicated to enabling organizations to develop, purchase, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a people, process, and technology problem because the most effective approaches to application security include improvements in all of these areas. We can be found at www.owasp.org. Welcome to Stockholm next year! Regards, John Wilander
_______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________