Overview
With security established as a critical ICT attribute, one also needs to be able to scientifically quantify the levels of desired or achieved security assurance. This naturally needs to occur over the entire multi-level life-cycle of systems & services, e.g., from requirements elicitation to run-time operation and maintenance. Addressing such quantitative aspects, the QASA workshop aims to bring together researchers and practitioners interested in the research dimensions of quantification spanning dependability, security, privacy and risk.
The list of topics includes (but it is not limited to):
- Assurance: Modeling, Analysis, Verification, Testing, Use Cases
- Assurance: Measurement and Metrics
- Process compliance assurance techniques
- Foundational quantitative approaches to security analysis
- Quantitative information flow analysis
- Quantitative issues in access and usage control
- Simulation techniques for security, privacy, risk
- Tool support for quantitative security assurance
Important dates :
Submission deadline for paper: | |
Notification of authors: | |
Camera-ready copy due: | August 07, 2016 |
Workshop Organizers:
- General Chair:
- Fabio Martinelli, CNR-IIT Pisa, Italy
- PC Chairs:
- Alessandro Aldini, Univ. of Urbino, Italy
- Reijo Savola, VTT, Finland
- Neeraj Suri, TU Darmstadt, Germany
Program Committee:
- Habtamu Abie, Norsk Regnesentral
- Jorge Cuellar, Siemens
- Joaquin Garcia-Alfaro, Telecom-sudparis
- Sotiris Ioannidis, Forth
- Michaela Iorga, NIST
- Mohamed Kaaniche, LAAS-CNRS
- Giovanni Livraga, Univ. of Milano
- Javier Lopez, Univ. of Malaga
- Jesus Luna, CSA
- Ilaria Matteucci, CNR-IIT Pisa
- Martin Ochoa, Singapore Univ. of Technology
- Juha Röning, University of Oulu
- Einar Snekkenes, Gjøvik Univ. College
- Ruben Trapero, TU Darmstadt
Submission
We encourage the submission of original contributions written in English:- full papers (at most 16 pages)
- short papers (at most 6 pages)
Publication
As in previous editions, accepted papers will be published in a volume of the Lecture Notes in Computer Science series of Springer.Program (DPM+QASA)
-
Monday, September 26
- 14:00 - 15:30: Quantitative Aspects of Security Assurance
- Dayana Spagnuelo, Cesare Bartolini and Gabriele Lenzini. Metrics for Transparency.
- Maarten van Wieren, Christian Doerr, Vivian Jacobs and Wolter Pieters. Understanding bifurcation of slow versus fast cyber-attackers.
- Ilaria Matteucci and Francesco Santini. Decomposing Global Quantitative Properties into Local Ones.
- Alexander Weigl. Efficient SAT-based Pre-image Enumeration for Quantitative Information Flow in Programs (short paper).
- 15:30 - 16:00: Coffee Break
- 16:00 - 17:00: Invited Talk (TBA)
-
Tuesday, September 27
- 09:30-10:30 Invited Talk (DPM-QASA)
- Amir Herzberg (Bar Ilan University, Israel).
- 10:30-11:00 Coffee Break
- 11:00-12:30 Identification, Authentication, and Authorization
- Ghassane Amchyaa, Julien Bringer and Roch Lescuyer. Searchable Encryption for Biometric Identification Revisited.
- Ahmad Sabouri. On the User Acceptance of Privacy-Preserving Attribute-based Credentials - A Qualitative Study.
- Yousra Javed and Mohamed Shehab. Investigating the Animation of Application Permission Dialogs: A Case Study of Facebook.
- Martin Schanzenbach and Christian Banse. Managing and Presenting User Attributes over a Decentralized Secure Name System (short paper).
- 12:30-13:45 Lunch
- 13:45-15:30 Privacy Protection
- Joachim Biskup, Ralf Menzel and Jaouad Zarouali. Controlled Management of Confidentiality-Preserving Relational Interactions.
- Álvaro García-Recuero, Jeffrey Burdges and Christian Grothoff. Privacy-Preserving Abuse Detection in Future Decentralised Online Social Networks.
- Yang Liu and Andrew Simpson. Privacy-Preserving Targeted Mobile Advertising: Formal Models and Analysis.
- Hiroaki Kikuchi, Takayasu Yamaguchi, Koki Hamada, Yuji Yamaoka, Hidenobu Oguri and Jun Sakuma. A Study from Data Anonymization Competition Pwscup 2015 (short paper).
- Sourya Joyee De and Daniel Le Métayer. PRIAM: A Privacy Risk Analysis Methodology (short paper).
- 15:30-16:00 Coffee Break
- 16:00-17:30 Security and Secure Applications
- Florian Kammueller Isabelle Modelchecking for Insider Threats.
- Peeter Laud and Alisa Pankova. Securing Multiparty Protocols against the Exposure of Data to Honest Parties.
- Hiroki Imabayashi, Yu Ishimaki, Akira Umayabara, Hiroki Sato and Hayato Yamana. Secure Frequent Pattern Mining by Fully Homomorphic Encryption with Ciphertext Packing
- Florian Kammueller Refactoring Preserves Security (short paper)
Contact
For any question, please contact the organizing committee at qasa2016@iit.cnr.it.