|
|
|
| |||||||||||||||||
ECCA 2010 : First Workshop on Economics of Compliance Control and Automation | |||||||||||||||||
| Link: http://www.ares-conference.eu/conf/index.php/workshops/ecca | |||||||||||||||||
| |||||||||||||||||
Call For Papers | |||||||||||||||||
|
**************************************************************************************
First Workshop on Economics of Compliance Control and Automation (ECCA 2010) ************************************************************************************** To be held in conjunction with the Fifth International Conference on Availability, Reliability and Security (ARES 2010 – http://www.ares-conference.eu). February 15th – 18th, 2010 Andrzej Frycz Modrzewski Cracow College Krakow, Poland Achieving compliance to an ever growing number of regulatory requirements, such as reporting practices and treatment of personal information, poses a grand challenge to enterprises of all sizes. Such requirements stipulate the reliable deployment of a number of accountable activities which must be periodically validated by means of third-party audits. To conduct adequate validation in a timely, cost-effective and reliable manner, enterprises are advancing the automation of business process and the corresponding controls. Controls subsume organizational measures and security mechanisms for enforcing regulatory laws and detecting regulation deviations, opening up the chance to react timely. However, deploying such controls is a challenging task yet not completely understood: Unexpected interactions between controls and business processes might arise, leading to inconsistencies, compliance violations and conflicts with the operative goals of business processes and, thereby, opening up risks. Also, a too restrictive, risk-averse enforcement of regulations is not optimal with regard to the operational use of upcoming technologies, such as service-oriented architectures or cloud computing, since it may hinder the harvesting of their full potential. Addressing these issues is of primary relevance and requires well-founded, cross-disciplinary approaches to reason about and bridge the technical and economical perspectives of the deployment of controls. The goal of this workshop is to bring together researchers and practitioners working on innovative methods for managing compliance, risk and security. The focus of the workshop is primarily on the integration of economical and technical research, yet it encourages papers with a cross-disciplinary character, encompassing for instance legal and sociological aspects, as well as papers more purely focused on information technology. ************************************************************************************** TOPICS ************************************************************************************** Submission topics include, but are not limited to: - Process and workflow modeling and simulation - Process-oriented risk management - Security issues on workflows - Process reconstruction - Accountability and liability - Policy enforcement - Usage control - Audit strategies - Secure logging mechanisms - Monitoring techniques - Implementation experiences ************************************************************************************** IMPORTANT DATES ************************************************************************************** Submission Deadline October 15th, 2009 Author Notification November 01st, 2009 Author Registration November 14th, 2009 Proceedings Version November 14th, 2009 Conference/Workshop February 15th - 18th, 2010 ************************************************************************************** SUBMISSION GUIDELINES ************************************************************************************** The submission guidelines valid for the ECCA workshop are the same as for the ARES conference. They can be found at: http://www.ares-conference.eu/conf/index.php/submission-guidelines Submission of a paper implies that should the paper be accepted, at least one of the authors will register and present the paper in the conference. Accepted papers will be given guidelines in preparing and submitting the final manuscript(s) together with the notification of acceptance. All accepted papers will be published as ISBN proceedings published by the IEEE Computer Society. ************************************************************************************** WORKSHOP CO-CHAIR ************************************************************************************** Dr. Stefan Sackmann University of Freiburg sackmann[at]iig[dot]uni-freiburg[dot]de Dr. Rafael Accorsi University of Freiburg accorsi[at]iig[dot]uni-freiburg[dot]de |
|
