IEEE 2014 Second International Workshop on Cloud Security Auditing (CSAW2014)



One day between June 27 and July 2, 2014, at Hilton Anchorage, Alaska, USA
within IEEE SERVICES 2014



Description

Building on the success of the first workshop and its alignment within the IEEE World Congress on Services, the Cloud Security Auditing Workshop provides a unique setting for the exchange of research and development practices for the detection, prevention, mitigation,and reporting of security attacks. The concepts surrounding security auditing cover issues related to cloud architectures, tenant services and resources, service interactions, privacy, and standards, where meta-information must be captured, shared, and monitored across the cloud.

The workshop solicits original papers on increasing cloud resiliency and trustworthiness through security auditing as applied to various cloud models, layers, services, resources, and application domains. Though not limited to these topics, contributions can address issues such as cloud mashing, technologies for capturing security relevant events, service level agreements, session management, languages and protocols, real-time analysis, streaming and manipulation of big cloud data, and information assurance standards application. The workshop also welcomes survey papers and practitioner experiences.

Topics of interest to CSAW 2014 include, but are not limited to:

List of Topics

  • Cloud mashing security issues

  • Languages and protocols for specifying, composing, analyzing, and sharing security-relevant, distributed logs of audit data from a cloud-wide perspective

  • Cloud security, threat modeling, and analysis, including centralized/distributed attack detection and prediction/prevention algorithms based on audited information

  • Automated tools for capturing, integrating, and analyzing cloud audit data

  • Algorithms and protocols for audit data stream delivery, manipulation, and analysis for big cloud audit data

  • Access control and information flow control models for disclosure and modification of sensitive cloud audit data

  • Methods for expressing and representing the cloud infrastructure and configuration to influence logging and monitoring processes

  • Information assurance (authenticity, integrity, confidentiality and availability) of cloud audit data, including security and privacy policies and compliance with security controls such as NIST sp800-53 and Cloud Security Alliance guidance 3.0

  • Service-level agreements that formalize and guarantee logging and analysis capabilities

  • Session management, tracking, and alerting of vulnerabilities and threats

Important Dates

(Workshop chairs can grant extension to individuals under special circumstances provided that the hard deadline for the camera-ready version is respected.)

  • Full Paper Submission Due Date:March 29, 2014, April 15, 2014 (extended)

  • Decision Notification (Electronic): April 12, 2014, April 22, 2014 (extended)

  • Camera-Ready Copy Due Date & Pre-registration Due: May 1, 2014 (extended)

Please check the workshop website at www.csaworkshop.org for any general changes to deadlines, submission information, and for the final program.

Submission Guidelines

Authors are invited to submit full papers (maximum 8 pages) or short papers (maximum 4 pages) as per IEEE 8.5 x 11 manuscript guidelines (download Word templates or LaTeX templates). The submitted papers can only be in the format of PDF or WORD . Please follow the IEEE Computer Society Press Proceedings Author Guidelines to prepare your papers. At least one author of each accepted paper is required to attend the workshop and present the paper. All papers must be submitted via the confhub submission system for the CSA Workshop at http://www.confhub.com/conf.php?id=339 . Registration with confhub is needed for first time users.
First time users need to register with the system first (see these instructions for details). All the accepted papers by the workshops will be included in the Proceedings of the IEEE 10th World Congress on Services (SERVICES 2014) which will be published by IEEE Computer Society.

Workshop Chairs

Rose Gamble, General Chair, University of Tulsa, gamble@utulsa.edu
Indrakshi Ray, Program Co-Chair, Colorado State University, iray@cs.colostate.edu
Keesook J. Han, Program Co-Chair, Air Force Research Laboratory, keesook.han@rl.af.mil

Publicity Chair

Sarra Alqahtani, University of Tulsa, sarra-alqahtani@utulsa.edu

Program Committee

Atul Prakash, University of Michigan, USA
Indrajit Ray, Colorado State University, USA
Matthew Hale, University of Tulsa, USA
Mauricio Papa, University of Tulsa, USA
Murat Kantarcioglu: University of Texas at Dallas, USA
Nora Cuppens, Telecom Bretagne, France
Norman Ahmed, Air Force Research Laboratory, USA
Ravi Jhawar, UniversitÓ degli Studi di Milano, Italy
Ravi Kaliappa, City University of New York, USA
Shouhuai Xu, University of Texas at San Antonio, USA
Yu Chen, Binghamton University, USA

Previous Workshop

CSAW2013