WORKSHOP ON SECURITY AND PRIVACY IN CLOUD COMPUTING - SPCC 2010
PART OF COMPUTER PRIVACY AND DATA PROTECTION - CPDP 2010
www.spcc2010.info, www.cpdpconferences.org
29th January 2010 - Brussels, Belgium

An increasing amount of data is stored and processed outside the control of the owner. Outsourcing, software-as-a-service, infrastructure renting and social networking sites change the way we think about information handling. Instead of managing our own information, we leave it somewhere ?out there?. The development of providing information technology as a service is currently reaching its apex in cloud computing: a technology that provides on-demand access to massively scalable resources. When the information being processed is sensitive, security and privacy concerns are inevitable. How can we protect the confidentiality, integrity and availability of information that is processed outside our control? In the SPCC workshop, we seek technical and organisational solutions for protecting security and privacy in cloud computing environments. The workshop will consist of keynote lectures on security and privacy in cloud computing as well as presentations of submitted papers.

Topics of interest include, but are not limited to:
- Understanding cloud security and privacy
o security modelling and threat analysis
o security requirements engineering
o interaction between the physical, digital and social security domains
- Technical security mechanisms for cloud computing
o access control
o applied cryptography and protocols
o centralised vs. decentralised security architectures
o data-centric security and data classification
o identity-centric security and identity management
- Cloud computing in organisational and societal context
o auditing
o incident identification and management
o risk analysis and risk management
o trust management
o economic, social and legal aspects

Technical contributions should provide insight into business and/or societal value. Papers and presentations should be targeted to a broad audience, including information security experts, legal experts, policy makers, and social scientists. We especially encourage submission of papers that connect two or more of the above topics. Papers should be PDF, in Springer book chapter style (http://www.springer.com/authors/book+authors?SGWID=0-154102-12-417900-0), without author identification, and should be submitted through the EasyChair website (http://www.easychair.org/conferences/?conf=spcc2010) by 16 November 2009. We accept both position papers (maximum 10 pages) and full papers (maximum 15 pages). Papers will be selected based on blind review. Submission implies that, should the paper be accepted, at least one author will register for the conference and present the paper in the workshop. Accepted papers will be published by Springer in the book of the CPDP conference (post-proceedings).

Important dates:

Submission Deadline: 16 November 2009
Notification of Acceptance: 15 December 2009
Papers? Presentation at CPDP: 29 January 2010
Final Camera-Ready Version for Publication: 17 May 2010


Organising committee:

dr. Wolter Pieters
Prof.dr. Pieter Hartel
Prof.dr. Roel Wieringa
University of Twente, Netherlands

Prof.dr. Sandro Etalle
Eindhoven University of Technology, Netherlands

Prof.dr. Bart Jacobs
Radboud University Nijmegen, Netherlands

Prof.dr. Sjouke Mauw
University of Luxembourg, Luxembourg


Keynote speaker:

Prof.dr. Jean-Pierre Seifert
TU Berlin & Deutsche Telekom Laboratories, Berlin, Germany