IEEE Symposium on Security and Privacy


Two co-located workshops will be held on Thursday, 21 May 2009:


Fourth International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering

The IEEE/SADFE (Systematic Approaches to Digital Forensic Engineering) International Workshop promotes systematic approaches to computer investigations, by furthering the advancement of digital forensic engineering as a disciplined practice.

Most previous IEEE/SADFE papers have emphasized cyber crime investigations, and this is still a key focus of the meeting. However, we also welcome papers on forensics that do not necessarily involve a crime: general attack analysis, insider threat, insurance and compliance investigations, and similar forms of retrospective analysis are all viable topics. Digital forensic engineering is characterized by the application of scientific and mathematical principles to the investigation and establishment of facts or evidence, either for use within a court of law or to aid in understanding past events on a computer system.

Past speakers and attendees of SADFE have included computer scientists, social scientists, forensic practitioners, law enforcement, lawyers, and judges. The synthesis of hard technology and science with social science and practice forms the foundation of this conference. Papers focussing on any of the scientific, legal, or practical aspects of digital forensics are solicited.

General Chair: Rob Erbacher (Utah State University)
Program Committee Co-Chairs: Matt Bishop (UC Davis) and Sean Peisert (UC Davis)
Workshop Website

W2SP 2009

Web 2.0 Security and Privacy 2009

The goal of this one day workshop is to bring together researchers and practitioners from academia and industry to focus on understanding Web 2.0 security and privacy issues, and establishing new collaborations in these areas.

Web 2.0 is about connecting people and amplifying the power of working together. Enabled by a wave of new technology, these social and business interactions rely on composition of content and services from multiple sources, commonly called mash-ups, leading to systems with complex trust boundaries. This trend is likely to continue because individuals and businesses desire the efficiency and simplicity these technologies offer.

Together with their virtues, these technologies raise issues about management of identities, reputation, privacy, anonymity, transient and long term relationships, and composition of function and content, both on the server and on the client (web browser). Although the underlying security and privacy issues are not new, the use of these technologies on a wide scale and by a broad audience raises new questions. This workshop is intended to discuss the limitations of current technologies and explore alternatives.

The scope of W2SP 2009 includes, but is not limited to: trustworthy cloud-based services, privacy and reputation in social networks, usable security and privacy, security for the mobile web, identity management and psuedonymity, advertisement and affiliate fraud, provenance and governance, security and privacy as a service, web services/feeds/mashups, security and privacy policies for composible content, and next-generation browser technology.

Potential workshop participants should submit a paper on topics relevant to Web 2.0 security and privacy issues. We are seeking both short position papers (24 pages) and refereed papers (a maximum of 8 pages). Papers longer than 8 pages may be automatically rejected by the chair or workshop committee. From the submissions, the program committee will strive to balance participation between academia and industry and across topics. Selected papers will appear on the workshop web site.

Workshop Co-Chairs: Larry Koved (IBM Research) and Dan S. Wallach (Rice University)
Program Chair: Adam Barth (UC Berkeley)
Workshop Website