Second Ibero-American Conference on Web-Applications Security (IBWAS’10)
ISCTE – Lisbon University Institute
11th – 12th November 2010
[organised by OWASP Portugal and OWASP Spain]
There is a change in the information systems development paradigm. The emergence of Web 2.0 technologies led to the extensive deployment and use of web-based applications and web services as a way to developed new and flexible information systems. Such systems are easy to develop, deploy and maintain and demonstrate impressive features for users, resulting in their current wide use.
As a result of this paradigm shift, the security requirements have also changed. These web-based information systems have different security requirements, when compared to traditional systems. Important security issues have been found and privacy concerns have also been raised recently. In addition, the emerging Cloud Computing paradigm promises even greater flexibility; however corresponding security and privacy issues still need to be examined. The security environment should involve not only the surrounding environment but also the application core.
This conference aims to bring together application security experts, researchers, educators and practitioners from the industry, academia and international communities such as OWASP, in order to discuss open problems and new solutions in application security. In the context of this track academic researchers will be able to combine interesting results with the experience of practitioners and software engineers.
Suggested topics for papers submission include (but are not limited to):
- Secure application development
- Security of service oriented architectures
- Security of development frameworks
- Threat modelling of web applications
- Cloud computing security
- Web applications vulnerabilities and analysis (code review, pen-test, static analysis etc.)
- Metrics for application security
- Countermeasures for web application vulnerabilities
- Secure coding techniques
- Platform or language security features that help secure web applications
- Secure database usage in web applications
- Access control in web applications
- Web services security
- Browser security
- Privacy in web applications
- Standards, certifications and security evaluation criteria for web applications
- Application security awareness and education
- Security for the mobile web
- Attacks and Vulnerability Exploitation
- Paper Submission Instructions
- … and more.
Authors should submit an original paper in English, carefully checked for correct grammar and spelling, using the on-line submission procedure (http://paperman.ibwas.com). Please check the paper formats so you may be aware of the accepted paper page limits (12 pages, in accordance to a supplied template).
The guidelines for paper formatting provided at the conference web site must be strictly used for all submitted papers. The submission format is the same as the camera-ready format. Please check and carefully follow the instructions and templates provided.
Each paper should clearly indicate the nature of its technical/scientific contribution, and the problems, domains or environments to which it is applicable.
Papers that are out of the conference scope or contain any form of plagiarism will be rejected without reviews.
Remarks about the on-line submission procedure:
- A “double-blind” paper evaluation method will be used. To facilitate that, the authors are kindly requested to produce and provide the paper, WITHOUT any reference to any of the authors. This means that is necessary to remove the author’s personal details, the acknowledgements section and any reference that may disclose the authors identity
- Papers in ODF, PDF, DOC, DOCX or RTF format are accepted
- The web submission procedure automatically sends an acknowledgement, by e-mail, to the contact author.
Paper submission types
Regular Paper Submission
A regular paper presents a work where the research is completed or almost finished. It does not necessary means that the acceptance is as a full paper. It may be accepted as a “full paper” (30 min. oral presentation), a “short paper” (15 min. oral presentation) or a “poster”.
Position Paper Submission
A position paper presents an arguable opinion about an issue. The goal of a position paper is to convince the audience that your opinion is valid and worth listening to, without the need to present completed research work and/or validated results. It is, nevertheless, important to support your argument with evidence to ensure the validity of your claims. A position paper may be a short report and discussion of ideas, facts, situations, methods, procedures or results of scientific research (bibliographic, experimental, theoretical, or other) focused on one of the conference topic areas. The acceptance of a position paper is restricted to the categories of “short paper” or “poster”, i.e. a position paper is not a candidate to acceptance as “full paper”.
After the reviewing process is completed, the contact author (the author who submits the paper) of each paper will be notified of the result, by e-mail. The authors are required to follow the reviews in order to improve their paper before the camera-ready submission.
All accepted papers will be published in the conference proceedings, under an ISBN reference. Conference proceedings will be published by Springer in the Communications in Computer and Information Science (CCIS) series.
Submission of papers and all other contributions due: 24th September 2010 Notification of acceptance: 8th October 2010
Camera-ready version of accepted contributions: 15th October 2010
Conference: 11th – 12th November 2010