Home      中文网站      INSTICC Portal

8th International Workshop on Security in Information Systems - WOSIS 2011

In conjunction with the 13th International Conference on Enterprise Information Systems - ICEIS 2011

David G. Rosado
University of Castilla-La Mancha

Luis Enrique Sánchez
University of Castilla-La Mancha

Jan Jürjens
Technical University of Dortmund
Background and Goals
Information Systems Security is one of the most pressing challenges facing all kinds of organizations today. Although many companies have discovered how critical information is to the success of their business or operations, very few have managed to be effective in maintaining their information secure, avoiding unauthorized access, preventing intrusions, stopping secret information disclosure, etc.

There are various definitions of security, but all of them basically agree on the same components. Security in information systems considers the protection of information and of the systems that manage it, against a wide range of threats in order to ensure business continuity, minimize risks and maximize the return on investment and business opportunities. Security is, therefore, currently a widespread and growing concern that covers all areas of society: business, domestic, financial, government, and so on. In fact, the so-called information society is increasingly dependent on a wide range of software systems whose mission is critical, such as air traffic control systems, financial systems, or public health systems. The potential losses that are faced by businesses and organizations that rely on all these systems, both hardware and software, therefore signify that it is crucial for information systems to be properly secured from the outset.

With the increasing dependence that the information society has on Information and Communication Technology (ICT), the need to protect information is increasingly important for companies. The demand for products, systems and services with which to manage and maintain information is therefore increasing, and the realization of superficial security controls is not sufficient. It is necessary to apply a rigorous approach to the assessing and improvement of the security of products and processes that take place in the context of ICT. This has led to the emergence of Information Security Management Systems (ISMS), which are of great importance to the stability of companies' information systems.

In this new edition of WOSIS, the traditional information systems security will be maintained but that area of security engineering which is oriented towards developing secure software, security aspects in new applications and technologies, and security management will also be considered. Topics such as model driven security approaches, security requirements elicitations, security in Cloud and Mobile computing, e-services, analysis and management of risks, and/or security assessment are therefore welcome in the WOSIS 2011 edition.
Topics of interest
Topics of interest include, but are not limited to:

› Security in Software Development Life Cycle
› Information Security Management System
› Security Management and Assessment
› Analysis and Management of Risks
› Security Implementation, Secure Programming and Security Deployment
› Case Studies and Experiences of Secure Software
› Security Culture
› Open Security Standards and Security Certification
› Security for SOA, Web Services, Grid Computing and Cloud Computing
› Security for Databases and Data Warehouses
› Workflow and Business Process Security
› Security Metrics and Measurement
› Security Ontologies
› Security in Software Product Lines
› Distributed and Network Security
› Security & Trust Models
› Authentication, Authorization and Access Control
› Anonymity and Privacy
› Security for Mobile Computing, Sensors Networks, Multimedia Systems
› Security for Electronic Commerce, Electronic Business and e-Services (e-Voting, e-Banking, e-Government)
› Security for Embedded Systems, Smart Cards and RFID
› Security Issues in Ubiquitous/Pervasive Computing
› Intellectual Property Protection
› Digital Rights Management (DRM). Mobile DRM
› Personal Data Protection for Information Systems and Digital Identity Management
› Access Control and Rights Expression Languages
› Semantic Web Technologies applied to Security
› Security Engineering
› Prevention and Detection of Intrusions
› Biometric Security
› Cryptology: Cryptography and Cryptanalysis
› Information Hiding: Steganography & Steganalysis
› Digital Forensics
› Cyber Terrorism
Workshop Program Committee
Alfonso Rodriguez, University of Bio-Bio, Chile
Ambrosio Toval, University of Murcia, Spain
Andreas Bauer, National ICT Australia, Australia
Antonio Maña, University of Malaga, Spain
Brajendra Panda, University of Arkansas, U.S.A.
Carlos Gutierrez, Correos Telecom, Spain
Csilla Farkas, University of South Carolina, U.S.A.
Debasis Giri, Haldia Institute of Technology, India
Dieter Gollmann, Hamburg University of Technology, Germany
Duminda Wijesekera, University George Mason, U.S.A.
Eduardo Fernández-Medina, University of Castilla-La Mancha, Spain
Eduardo B. Fernández, Florida Atlantic University, U.S.A.
Ernesto Damiani, Università degli Studi di Milano, Italy
Fabio Massacci, Università di Trento, Italy
Günther Pernul, University of Regensburg, Germany
Haralambos Mouratidis, University of East London, U.K.
Indrakshi Ray, Colorado State University, U.S.A.
Jaejoon Lee, Lancaster University, U.K.
Jaime Delgado, Universitat Politècnica de Catalunya, Spain
Joachim Posegga, University of Hamburg, Germany
Juan Carlos Trujillo, University of Alicante, Spain
Ketil Stoelen, Sintef, Norway
María Carmen Fernández, Universidad de Málaga, Spain
Mario Piattini, University of Castilla-La Mancha, Spain
Martin Olivier, University of Pretoria, South Africa
Michael Hafner, University of Innsbruck, Austria
Raimundas Matulevicius, University of Tartu, Estonia
Renato Iannella, Semantic Identity, Australia
Sabrina De Capitani di Vimercati, Università degli Studi di Milano, Italy
Samuel Redwine, James Madison University, U.S.A.
Sasa Radomirovic, University of Luxembourg, Luxembourg
Shinsaku Kiyomoto, KDDI R & D Laboratories Inc., Japan
Spyros Kokolakis, Athens University of Economics and Business, Greece
Stamatis Karnouskos, SAP AG, Germany
Stefan Fenz, Vienna University of Technology, Austria
Steven Furnell, University of Plymouth, U.K.
Thomas Santen, European Microsoft Innovation Center, Germany
Toshihiro Yamauchi, Okayama University, Japan
All accepted papers will be published in the workshop proceedings book, under an ISBN reference and on CD-ROM support.
Additionally, the best papers will have the chance to publish extended and revised versions in a special issue of the Journal of Universal Computer Science (J.UCS) in the ISI Journal Citation Reports. The Journal of Universal Computer Science is a high-quality electronic publication that deals with all aspects of computer science. J.UCS has been appearing monthly since 1995 and is thus one of the oldest electronic journals with uninterrupted publication since its foundation. J.UCS is published by Graz University of Technology, Austria, with the support of Know- Center, Austria and the University of Applied Sciences, Austria.
All papers presented at the conference venue will be available at the SciTePress Digital Library (http://www.scitepress.org/DigitalLibrary/). SciTePress is member of CrossRef (http://www.crossref.org/).