[Soups-announce] CFP Ext.DL 22.05: Workshop on Insecure Interfaces @ SOUPS 2014, July 9-11, 2014, Menlo Park, CA
Marc.Busch at ait.ac.at
Wed May 14 08:13:58 EDT 2014
Extended DL 22.05
[Apologies for cross-posting]
+++ CALL FOR PAPERS +++
* Workshop on Insecure Interfaces - Learning from User Interfaces that lead to Circumvention of Organizational Information Security Policies (http://cups.cs.cmu.edu/soups/2014/workshops/insecure.html)
* Co-located at SOUPS 2014 - July 9-11, 2014, Menlo Park, CA (http://cups.cs.cmu.edu/soups/2014/)
* NEW Submission deadline: May 22, 2014
* Notification of acceptance: May 30, 2014
* Camera-ready submission deadline: June 13, 2014
SCOPE AND FOCUS
We aim to bring together researchers and practitioners from different disciplines to create, explore, evaluate, and discuss cases for weaknesses in organizational security resulting from user interface and usability considerations. From these cases, we will derive anti-patterns, anti-guidelines, and anti-heuristics to apply the "learn from mistakes" approach, which can lead to better UI design practice in the area of corporate information security.
Employee compliance with information security policies is critical for companies. Breaches of information security caused by employees can have a range of negative consequences. Critical and sensitive information may be compromised, potentially harming customers and employees, benefitting competitors, inviting legal and regulatory challenges, and damaging the reputation of the company.
In the realm of information security policies, it is typically advocated that all business information technology be designed in a way that enables and promotes employee compliance with the employer's information security policies. User Interfaces play a critical role in communicating security policies and ensuring employee compliance.
This workshop, however, turns this design practice around. Similar to the previous workshop "A Turn for the Worse: Trustbusters for User Interfaces" at SOUPS 2013, we aim to "learn from mistakes" and will explore examples of user interfaces in enterprise systems that lead employees to circumvent security policies and undermine the company's information security. A deeper understanding of factors that underlie circumvention and non-compliance with official security guidance can then be applied to "make interfaces better".
We invite original papers in PDF format describing/providing examples in which security is undermined by interface and usability aspects, including:
* a position, research, or anecdotal paper on use of a design that leads to circumvention of corporate security policies,
* screenshots of design(s) leading to circumvention of official security policies, or
* videos or audio material that demonstrate how interface design and usability aspects could weaken corporate information security.
Papers should use the SOUPS formatting template (LaTeX or MS Word). Submissions should be 2 to 4 pages in length, excluding appendices. The paper should be self-contained without requiring readers to read the appendices. The appendices need not conform to the formatting template. Submissions should not be anonymized. Supplemental material such as screenshots and videos should be made available in downloadable format. Accepted submissions will not be considered archival. Authors may choose whether to include the full paper or only the abstract on the Workshop Web site.
Inquiries can be emailed to: marc.busch at ait.ac.at<mailto:marc.busch at ait.ac.at>
Please email submissions to: marc.busch at ait.ac.at<mailto:marc.busch at ait.ac.at> (Note: There is a 10MB size limit on email attachments; for larger submissions, please provide a link to downloadable content.)
Marc Busch & Christina Hochleitner
AIT Austrian Institute of Technology GmbH, marc.busch at ait.ac.at<mailto:marc.busch at ait.ac.at> & christina.hochleitner at ait.ac.at<mailto:christina.hochleitner at ait.ac.at>
CURE - Center for Usability Research & Engineering
ICT&S Center, University of Salzburg, manfred.tscheligi at sbg.ac.at<mailto:manfred.tscheligi at sbg.ac.at>
AIT Austrian Institute of Technology GmbH, manfred.tscheligi at ait.ac.at<mailto:manfred.tscheligi at ait.ac.at>
Helsinki Institute for Information Technology HIIT / Aalto University
sameer.patil at hiit.fi<mailto:sameer.patil at hiit.fi>
School of Informatics and Computing, Indiana University
ljcamp at indiana.edu<mailto:ljcamp at indiana.edu>
Innovation Systems Department
Business Unit Technology Experience
AIT Austrian Institute of Technology GmbH
Business Park Marximum
Modecenterstrasse 17/Object 2 | 1110 Vienna | Austria
T +43 50550-4535 | M +43 664 88964935 | F +43 50550-4599
marc.busch at ait.ac.at<mailto:marc.busch at ait.ac.at> | http://www.ait.ac.at
FN: 115980 i HG Wien | UID: ATU14703506
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Soups-announce