With rapid global penetration of the Internet and smart phones and the resulting productivity and social gains, the world is becoming increasingly dependent on its cyber infrastructure. Criminals, spies and predators of all kinds have learnt to exploit this landscape much quicker than defenders have advanced in their technologies. Security and Privacy has become an essential concern of applications and systems throughout their lifecycle. Security concerns have rapidly moved up the software stack as the Internet and web have matured. The security, privacy, functionality, cost and usability tradeoffs necessary in any practical system can only be effectively achieved at the data and application layers. This new conference series provides a dedicated venue for high-quality research in this arena, and seeks to foster a community with this focus in cyber security.

Data and the applications that manipulate data are the crucial assets in today's information age. With the increasing drive towards availability of data and services anytime anywhere, security and privacy risks have increased. Vast amounts of privacy-sensitive data are being collected today by organizations for a variety of reasons. Unauthorized disclosure, modification, usage or denial of access to these data and corresponding services may result in high human and financial costs. New applications such as social networking and social computing provide value by aggregating input from numerous individual users and/or the mobile devices they carry with them and computing new information of value to society and individuals. To achieve efficiency and effectiveness in traditional domains such as healthcare there is a drive to make these records electronic and highly available. The need for organizations and government agencies to share information effectively is underscored by rapid innovations in the business world that require close collaboration across traditional boundaries and the dramatic failure of old-style approaches to information protection in government agencies in keeping information too secret to connect the dots. Security and privacy in these and other arenas can be meaningfully achieved only in context of the application domain.

Data and applications security and privacy has rapidly expanded as a research field with many important challenges to be addressed. The goal of the conference is to discuss novel exciting research topics in data and application security and privacy and to lay out directions for further research and development in this area. The conference seeks submissions from diverse communities, including corporate and academic researchers, open source projects, standardization bodies, governments, system and security administrators, software engineers and application domain experts.


Topics include (but not limited to):

Application layer security policies Secure information sharing
Authorization /Access Control for Applications Secure knowledge management
Authorization/Access Control for Databases Secure multiparty computations
Data dissemination controls Secure software development
Data forensics Securing data/apps on untrusted platforms
Enforcement layer security policies Securing the semantic web
Privacy preserving techniques Security and Privacy in GIS/Spatial Data
Private information retrieval Security and Privacy in Healthcare
Search on protected/encrypted data Security policies for databases
Secure auditing Social computing security and privacy
Secure collaboration Social networking security and privacy
Secure data provenance Trust metrics for application, data and user
Secure electronic commerce Web application security

Important Dates

Paper Submissions: Sept 10, 2011
Notification: Nov 1, 2011
Camera Ready: Dec 1, 2011