Here is a one-page printable
PDF version
of the CFP for this track.
The flexibility and richness of the Web architecture have come at the
price of increasing complexity and lack of a sound overall security
architecture. The movement toward Web-based services, and the
increasing dependency on the Web, have also made reliability a
first-rate security concern. From malware and spyware, drive-by
downloads, typo squatting, denial of service attacks, to phishing and
identity theft, a variety of threats make the Web an increasingly
hostile and dangerous environment. By undermining user trust, these
problems are hampering e-commerce and the growth of online
communities.
This track promotes the view that security, privacy, reliability, and
sound guiding ethics must be part of the texture of a successful World
Wide Web. In addition to devising practical tools and techniques, it is
the duty of the research community to promote and guide business
adoption of security technology for the Web and to help inform related
legislation. We seek novel research (both theoretical and practical) in
security, privacy, reliability, and ethics as they relate to the Web,
including but not limited to the following areas:
- Authentication, authorization, and auditing on the web
- Availability and reliability of Web servers and services
- Intrusion detection and honeypots
- The Insider threat
- Privacy-enhancing technologies, including anonymity, pseudonymity and
identity management, specifically for the web
- User interfaces and usability as they relate to use of
cryptography and online scams such as phishing and pharming
- Applications of cryptography to the web, including PKI and supporting
concepts like digital signatures, certification, etc.
- Electronic commerce, particularly security mechanisms for e-cash,
auctions, payment, and fraud detection
- Economic / business analysis of Web security and privacy
- Legal and legislative approaches to issues of Web security and privacy
- Secure and robust management of server farms
- Dealing with client-side risks
- Security for new web services (blogs, RSS, wikis, etc.)
- Wireless web security (including RFID, sensors, and mobile phones)
- Content protection and abuse on the web (DRM, web/blog spam, etc.)
Paper formatting requirements are provided on the
submissions page.
Track Chair:
Angelos Keromytis (Columbia University, USA)
Deputy Chair:
Dan Wallach (Rice University, USA)
Program Committee:
- Scott Alexander (Telcordia, USA)
- Weidong Cui (Microsoft Research, USA)
- George Danezis (KU Leuven, Belgium)
- Roberto Di Pietro (University of Roma "La Sapienza", Italy)
- Nick Feamster (Georgia Tech, USA)
- Bao Feng (Institute for Infocomm Research, Singapore)
- Kevin Fu (University of Massachusetts at Amherst, USA)
- John L. Griffin (BAE)
- Stuart Haber (HP Labs, USA)
- Goichiro Hanaoka (JAIST, Japan)
- Markus Jakobsson (University of Indiana, USA)
- Sam King (University of Illinois at Urbana-Champaign, USA)
- Yoshi Kohno (University of Washington, USA)
- Shriram Krishnamurthy (Brown University, USA)
- Christopher Kruegel (Technical University Vienna, Austria)
- Ninghui Li (Purdue University, USA)
- Patrick McDaniel (Penn State University, USA)
- Raphael C.-W. Phan (Swinburne University of Technology, Malaysia)
- Vassilis Prevelakis (Drexel University, USA)
- Eric Rescorla (RTFM Inc., USA)
- Jim Roskind (Roskind Consulting, USA)
- Ke Wang (Google, USA)
- Brent Waters (SRI, USA)
- Nick Weaver (ICSI, USA)
- Susanne Wetzel (Stevens Institute of Technology, USA)
- Matt Wright (University of Texas at Arlington, USA)