[Soups-announce] STAST 2023 - Call for Papers

Xengie Cheng DOAN xengie.doan at uni.lu
Wed Mar 1 14:30:42 EST 2023 

STAST 2023
13th International Workshop on Socio-Technical Aspects in SecuriTy
https://stast.uni.lu

Affiliated with the 8th IEEE European Symposium on Security and Privacy (IEEE S&P) https://eurosp2023.ieee-security.org/
*** IMPORTANT DATES
- Paper Submission: 31 March 2023 (AoE)
- Notification: 30 April 2023 (AoE)
- Camera Ready for pre-proceedings: TBA
- Camera Ready for post-proceedings: TBA
- Workshop Date: 7 July 2023

*** CONCEPT
Successful attacks on information systems often exploit not only IT systems and networks but also the human element in the system. Therefore, it is critical to limit technical vulnerabilities as well as insecure user behavior, poorly designed user interfaces, and unclear or unrealistic security policies. To improve the security of systems, technology designers and policymakers must consider user needs and characteristics. Social science and usable security researchers have shown that insecure user behavior stems from cognitive, emotional, and social perspectives. When there is a good 'fit' of technology for users, workable security policies and targeted behavioral support can augment technical security.

Finding the right balance between technical and social security measures remains largely unexplored, which motivates the need for the STAST workshop. Currently, different computer security communities (theoretical security, systems security, usable security, and security management) rarely work together. The respective communities tend to offload on each other parts of problems that they consider to be out of scope, an attitude that results in deficient or unsuitable security solutions. Thus, there remains a need for focused, holistic research on socio-technical security.

*** GOALS
The STAST workshop intends to stimulate an exchange of ideas on how to design systems that are secure in the real world where they interact with users of varying lived experiences and diverse needs. The workshop aims at bringing together experts working in various areas of computer security as well as in social and behavioral sciences.

*** WORKSHOP TOPICS
Contributions should focus on the interplay of technical, organizational, and human factors in achieving or breaking security, privacy, and trust. For example:
- Usability and user experience
- Models of user behaviour and user interactions with technology
- Perceptions of related risks, as well as their influence on humans
- Social engineering, persuasion, and other deception techniques
- Requirements for socio-technical systems
- Decision making in/for socio-technical systems
- Feasibility of policies, standards, and regulations from a socio-technical perspective
- Social factors in organizations' policies and processes
- Interplay of law, ethics, and politics with security and privacy measures
- Balance between technical measures and social strategies
- Threat models that combine technical and human-centered strategies
- Socio-technical analysis of incidents and vulnerabilities
- Studies of real-world vulnerabilities/incidents from a socio-technical perspective
- Lessons from design, deployment, and enforcement of mechanisms, policies, standards, and regulations
- Strategies and guidelines for analysis of intelligence and data from a socio-technical perspective
- Marginalized and disadvantaged user groups in the lifecycle of socio-technical systems
- Methodologies and methodological reflections in pursuit of these goals

*** TYPE OF CONTRIBUTIONS
We will accept papers in several formats. All papers must be original contributions and not simultaneously submitted to another workshop, conference, or journal. The following paper formats are welcome:
- Full Papers discussing original research, answering well-defined research questions, and presenting full and stable results;
- Position Papers discussing existing challenges and introducing and motivating new research problems;
- Work-in-Progress Papers describing original but unfinished piece of work, which is nevertheless based on solid research questions or hypotheses .
We welcome qualitative and quantitative research approaches from academia and industry. We welcome meta-analytic as well as replication studies and consider them as original research eligible for full papers. We also welcome negative or null results with sound methodology. As in previous years, accepted papers will be published as conference proceedings in the Springer’s Lecture Notes in Computer Science (LNCS) series.

*** PROCEEDINGS
The proceedings will be via publication through IEEE Xplore in a volume accompanying the main IEEE EuroS&P '23 proceedings.

*** WORKSHOP ORGANIZERS
- Giampaolo Bella (University of Catania)
- Gabriele Lenzini (University of Luxembourg)

*** PROGRAMME CHAIRS
- Maryam Mehrnezhad (Royal Holloway University of London, UK)
- Ruba Abu-Salma (King's College London, UK)

*** REVIEW AND PUBLICATION
Contributions should be submitted electronically via EasyChair (https://easychair.org/conferences/?conf=stast23). STAST adopts a double-blind review policy. Papers will be reviewed by at least three PC members. The authors can declare any conflicts of interest at the time of submission or by informing the PC chairs or organizers.


Xengie Doan (she/they)
Doctoral Researcher – LeADS Marie Curie ITN Fellow
IRISC group – Interdisciplinary Centre for Security, Reliability and Trust (SnT)

UNIVERSITÉ DU LUXEMBOURG | xengie.doan at uni.lu<mailto:xengie.doan at uni.lu>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.srv.cs.cmu.edu/pipermail/soups-announce/attachments/20230301/3bd447d6/attachment-0001.html>

More information about the Soups-announce mailing list