<br><font size=2 face="Courier">This is a workshop that may be of interest
to subscribers of this mailing list. </font>
<br>
<br><font size=2 face="Courier">This is a gentle reminder that the position
statements / papers are due this Friday.</font>
<br>
<br><font size=2 face="Courier">Our keynote speaker will be Niels Provos,
presenting "All Your iFrames Point to Us."</font>
<br>
<br><font size=2 face="Courier">Hope to see you at the workshop!</font>
<br>
<br><font size=2 face="Courier">Larry Koved and Dan Wallach</font>
<br><font size=2 face="Courier">W2SP 2008 co-chairs</font>
<br>
<br><font size=2 face="Courier">----------------------------------------------------------------------------------</font>
<br>
<br><font size=2 face="Courier">CFP:
http://seclab.cs.rice.edu/w2sp/2008/cfp.html</font>
<br><font size=2 face="Courier">Workshop web site:
http://seclab.cs.rice.edu/w2sp/2008/</font>
<br><font size=2 face="Courier">2007 workshop web site:
http://seclab.cs.rice.edu/w2sp/2007/</font>
<br>
<br>
<br><font size=2 face="Courier">Workshop Call for Position Papers</font>
<br>
<br><font size=2 face="Courier">W2SP 2008: Web 2.0 Security and Privacy
2008</font>
<br>
<br><font size=2 face="Courier">Thursday, May 22 </font>
<br><font size=2 face="Courier">The Claremont Resort</font>
<br><font size=2 face="Courier">Oakland, California </font>
<br><font size=2 face="Courier">Sponsored by the 2008 IEEE Symposium on
Security and Privacy </font>
<br>
<br><font size=2 face="Courier">The goal of this one day workshop is to
bring together researchers and </font>
<br><font size=2 face="Courier">practitioners from academia and industry
to focus on understanding </font>
<br><font size=2 face="Courier">Web 2.0 security and privacy issues, and
establishing new collaborations </font>
<br><font size=2 face="Courier">in these areas. </font>
<br>
<br><font size=2 face="Courier">Web 2.0 is about connecting people and
amplifying the power of working together. </font>
<br><font size=2 face="Courier">The mixing of technology and social interaction
is occurring in the </font>
<br><font size=2 face="Courier">context of a wave of technologies supporting
rapid development of these </font>
<br><font size=2 face="Courier">interpersonal and business interactions.
Many of the new web technologies </font>
<br><font size=2 face="Courier">rely on the composition of content and
services from multiple sources, </font>
<br><font size=2 face="Courier">resulting in complex technology compositions
(mash-ups). </font>
<br><font size=2 face="Courier">The content composition trend is likely
to continue. The lure of these </font>
<br><font size=2 face="Courier">technologies is the promise of simpler
ways to compose software service </font>
<br><font size=2 face="Courier">and content, at lower cost. </font>
<br>
<br><font size=2 face="Courier">However, there are issues with respect
to management of identities, </font>
<br><font size=2 face="Courier">reputation, privacy, anonymity, transient
and long term relationships, </font>
<br><font size=2 face="Courier">and composition of function and content,
both on the server side and </font>
<br><font size=2 face="Courier">at the client (web browser). While the
security and privacy issues are </font>
<br><font size=2 face="Courier">not new, these issues are increasingly
becoming acute as the technologies </font>
<br><font size=2 face="Courier">are adopted and adapted to appeal to wider
audiences. Some of these </font>
<br><font size=2 face="Courier">technologies deliberately bypass existing
security mechanisms. </font>
<br><font size=2 face="Courier">This workshop is intended to discuss the
limitations of the current </font>
<br><font size=2 face="Courier">technologies and explore alternatives.
</font>
<br>
<br><font size=2 face="Courier">The scope of W2SP 2008 includes, but is
not limited to:</font>
<br><font size=2 face="Courier"> </font>
<br><font size=2 face="Courier"> - Identity, privacy, reputation
and anonymity</font>
<br><font size=2 face="Courier"> - End-to-end security architectures</font>
<br><font size=2 face="Courier"> - Security of content composition</font>
<br><font size=2 face="Courier"> - Security and privacy policy definition
and modeling of content composition</font>
<br><font size=2 face="Courier"> - Provenance and governance</font>
<br><font size=2 face="Courier"> - Usable security and privacy models</font>
<br><font size=2 face="Courier"> - Static and dynamic analysis for
security</font>
<br><font size=2 face="Courier"> - Security as a service</font>
<br><font size=2 face="Courier"> - Click fraud</font>
<br><font size=2 face="Courier"> - Software as a service</font>
<br><font size=2 face="Courier"> - Web services/feeds/mashups</font>
<br><font size=2 face="Courier"> - Next generation browser technology</font>
<br>
<br><font size=2 face="Courier">Due to space limitations of the workshop
venue, registration is limited </font>
<br><font size=2 face="Courier">to 75 participants. Potential workshop
participants should submit a paper </font>
<br><font size=2 face="Courier">on topics relevant to Web 2.0 security
and privacy issues. </font>
<br>
<br><font size=2 face="Courier">We are seeking both short position papers
(2-–4 pages) and refereed papers </font>
<br><font size=2 face="Courier">(a maximum of 8 pages). Papers longer than
8 pages may be automatically </font>
<br><font size=2 face="Courier">rejected by the co-chairs or workshop committee.
>From the submissions, </font>
<br><font size=2 face="Courier">the program committee will strive to select
participants in a way that </font>
<br><font size=2 face="Courier">is balanced between academia and industry,
as well as across topics. </font>
<br><font size=2 face="Courier">Selected papers will appear on the workshop
web site. </font>
<br>
<br><font size=2 face="Courier">Workshop Co-Chairs: W2SP2008@ieee-security.org
</font>
<br><font size=2 face="Courier"> - Larry Koved, IBM T. J. Watson
Research Center</font>
<br><font size=2 face="Courier"> - Dan S. Wallach, Rice University
</font>
<br>
<br><font size=2 face="Courier">Important dates: </font>
<br><font size=2 face="Courier"> - Paper submission deadline: March
7, 2008, (11:59pm US-Eastern)</font>
<br><font size=2 face="Courier"> - Workshop acceptance notification
date: March 28, 2008</font>
<br><font size=2 face="Courier"> - Workshop date: Thursday May 22,
2008</font>
<br><font size=2 face="Courier"> - Workshop paper submission web
site: http://continue2.cs.brown.edu/W2SP08/ </font>
<br><font size=2 face="Courier"> - Registration: Workshop registration
will only be available via the 2008 </font>
<br><font size=2 face="Courier"> IEEE Symposium on Security
and Privacy conference web site. </font>