From yaxing at vt.edu Wed Jan 3 14:52:52 2024 From: yaxing at vt.edu (Yao, Yaxing) Date: Wed, 3 Jan 2024 19:52:52 +0000 Subject: [Soups-announce] Announcing Twentieth Symposium on Usable Privacy and Security (SOUPS 2024) Message-ID: <7A9374BD-08F4-4C78-A69B-1C672D9C9DC2@vt.edu> Greetings! The Twentieth Symposium on Usable Privacy and Security (SOUPS 2024) will take place at the Philadelphia Downtown Marriott in Philadelphia, PA, USA, on August 11?13, 2024. SOUPS brings together an interdisciplinary group of researchers and practitioners in human-computer interaction, security, and privacy. The Call for Papers will be available soon. The mandatory paper registration deadline is Thursday, February 8, 2024. The paper submission deadline is Thursday, February 15, 2024. Check the event website for more details: https://www.usenix.org/conference/soups2024. Yixin Zou & Yaxing Yao SOUPS 2024 Publicity Co-Chairs -------------- next part -------------- An HTML attachment was scrubbed... URL: From kapadia at indiana.edu Mon Jan 15 13:34:07 2024 From: kapadia at indiana.edu (Kapadia, Apu) Date: Mon, 15 Jan 2024 18:34:07 +0000 Subject: [Soups-announce] CFP: IEEE S&P Special Issue on Inclusive Privacy and Security Message-ID: Dear Colleagues, Please considering submitting your work to our Special Issue on Inclusive Privacy and Security. Important Dates * Submission Deadline: 14 February 2024 * Publication: September/October 2024 ________________________________ Computer security and privacy issues are prevalent in contemporary society, affecting everyone. However, certain groups may encounter distinct and heightened challenges related to their privacy and security. These groups might face specific barriers when trying to address these concerns, and their unique needs and worries may not be widely recognized outside of their communities. The security and privacy community has only recently begun to systematically study the security and privacy issues of systems in the context of diverse populations. This special issue aims to cover the state-of-art knowledge and to outline future directions of inclusive privacy and security, a vision where privacy and security policies, mechanisms, or tools can support a wide range of users including those who are vulnerable, marginalized, or at-risk. We encourage a broad and unbiased exploration and discussion of various groups and situations. Topics of Interest * Privacy and security challenges faced by diverse populations, for instance, in the context of existing (e.g., mobile devices) or emerging technologies (e.g., generative AI) * Open research questions and/or challenges for inclusive privacy and security * Public policy questions regarding inclusive privacy and security * Usability evaluations of existing tools and systems with diverse populations * Systems or tools designed to support diverse populations about their privacy and security needs * Theories to interpret or guide the research and design for inclusive privacy and security * Methodologies, frameworks or best practices of studying and designing for diverse populations about their privacy and security needs * Approaches or models of supporting diverse populations about their privacy and security needs (e.g., community peer support) * Lessons learned in conducting research for inclusive privacy and security * Ethical considerations for research on inclusive privacy and security * Design principles and/or guidelines for informing the design of tools to support inclusive privacy and security * Systemization of research on inclusive privacy and security ________________________________ Submission Guidelines For author information and submission criteria for full-papers, please visit the Author Information page. As stated there, full papers should be 4900 ? 7200 words in length. Please submit full papers through the ScholarOne system, and be sure to select the special-issue name. Manuscripts should not be published or currently submitted for publication elsewhere. There should be no more than 15 references. Related work should appear in a special separated box. Please submit only full papers intended for peer review, not opinion pieces, to the ScholarOne portal. ________________________________ Questions? Contact the guest editors at sp4-24 at computer.org. * Apu Kapadia, Indiana University Bloomington, USA * Yang Wang, University of Illinois at Urbana-Champaign, USA -- Apu Kapadia, PhD Chair, IU Bloomington Cybersecurity Risk Management Program Professor of Computer Science Associate Dean of Graduate Studies Luddy School of Informatics, Computing, and Engineering Indiana University Bloomington Email: kapadia at indiana.edu, LuddyDGS at iu.edu Web: https://homes.luddy.indiana.edu/kapadia/ IU Privacy Lab: http://privacy.luddy.indiana.edu/ Twitter: @apukapadia, @IUPrivLab -------------- next part -------------- An HTML attachment was scrubbed... URL: From mmazurek at umd.edu Fri Jan 19 14:53:02 2024 From: mmazurek at umd.edu (Michelle Mazurek) Date: Fri, 19 Jan 2024 14:53:02 -0500 Subject: [Soups-announce] ConPro deadline extended to 1/24! Message-ID: Hi folks, I'm co-chairing ConPro: The Workshop on Technology and Consumer Protection this year along with Laura Edelson (colocated with IEEE S&P in May). I'm a bit biased, but this is among my favorite events of the year, bringing together academics, industry, and government folks to talk about protecting people's privacy, security, and preventing scamming, etc. We've just extended the deadline to next Thursday, and we accept short papers and even one-page "research proposals" which allow you to present early-stage work and get really thoughtful feedback. If you have work that might be relevant, please consider submitting! More details at: https://www.ieee-security.org/TC/SPW2024/ConPro/ or feel free to drop me a note. -Michelle -- Michelle L. Mazurek Associate Professor, CS and UMIACS Director, Maryland Cybersecurity Center University of Maryland, College Park www.umiacs.umd.edu/~mmazurek 301-405-6463 she/her -------------- next part -------------- An HTML attachment was scrubbed... URL: From yaxing at vt.edu Wed Feb 7 21:51:58 2024 From: yaxing at vt.edu (Yao, Yaxing) Date: Thu, 8 Feb 2024 02:51:58 +0000 Subject: [Soups-announce] SOUPS 2024 Paper Registration Deadline - February 8, 2024 Message-ID: <979C371D-5C39-4320-BAEB-440F7D638CB6@vt.edu> Greetings! The Twentieth Symposium on Usable Privacy and Security (SOUPS 2024) will take place at the Philadelphia Downtown Marriott in Philadelphia, PA, USA, on August 11?13, 2024. SOUPS brings together an interdisciplinary group of researchers and practitioners in human-computer interaction, security, and privacy. This is a friendly reminder that the mandatory paper registration deadline is Thursday, February 8, 2024. The paper submission deadline is Thursday, February 15, 2024. Check the event website for more details: https://www.usenix.org/conference/soups2024. Yixin Zou & Yaxing Yao SOUPS 2024 Publicity Co-Chairs -------------- next part -------------- An HTML attachment was scrubbed... URL: From chiasson at scs.carleton.ca Fri Feb 16 09:36:41 2024 From: chiasson at scs.carleton.ca (Sonia Chiasson) Date: Fri, 16 Feb 2024 09:36:41 -0500 Subject: [Soups-announce] postdoc in inclusive security and privacy Message-ID: <9EFCBDE4-8F16-490D-8CDC-B39B28A39D53@scs.carleton.ca> Postdoctoral Fellow ? CHORUS lab Carleton?s Human Oriented Research in Usable Security (CHORUS) lab, led by Prof. Sonia Chiasson, is accepting applications for a 1-year postdoctoral fellowship for an NSERC-funded project on inclusive security and privacy. Position: Postdoctoral Fellow Application deadline: Screening of applicants will begin immediately Location: Carleton University, Ottawa, Canada Start date: The position is available immediately, to be started as soon as possible Duration: 1 year Information about the CHORUS lab can be found here: https://chorus.scs.carleton.ca We conduct mixed methods research in usable security and privacy. This research project involves the design of mechanisms or interaction techniques to facilitate inclusive security and privacy, the development of an associated framework and guidelines, and work with a variety of user populations. Please see position and application details here: https://chorus.scs.carleton.ca/wp-content/uploads/2024/02/Postdoc-Ad-CHORUS.pdf ........... Sonia Chiasson, PhD Co-Director, HCI Graduate Program Professor, School of Computer Science, Carleton University chiasson at scs.carleton.ca web: chorus.scs.carleton.ca Pronouns: She/her Name pronunciation: https://www.name-coach.com/sonia-chiasson ........... -------------- next part -------------- An HTML attachment was scrubbed... URL: From lorrie at cmu.edu Tue Feb 20 13:04:14 2024 From: lorrie at cmu.edu (Lorrie Cranor) Date: Tue, 20 Feb 2024 13:04:14 -0500 Subject: [Soups-announce] Fwd: Blackhat CFP open In-Reply-To: <20240220173557.GA322862@endor.shostack.org> References: <20240220173557.GA322862@endor.shostack.org> Message-ID: See info below about BlackHat Human Factors track. ---------- Forwarded message --------- From: Adam Shostack Date: Tue, Feb 20, 2024 at 12:59?PM Subject: Blackhat CFP open To: Lorrie Cranor Hi Lorrie, Would you mind letting SOUPS-announce know that the Blackhat call for papers is open, that I have a short blog that both emphasizes what's new and adds a little color for the academic audience about what's good content [1], and that I'm happy to help members of the community if they have questions? Thanks! Adam [1] https://shostack.org/blog/blackhat-and-human-factors-2024/ -- Adam Shostack ? +1 917 391 2168 My next book is out now: ? Threats: What Every Engineer Can Learn from Star Wars ? threatsbook.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From soupspublicity at gmail.com Fri Mar 1 05:17:01 2024 From: soupspublicity at gmail.com (SOUPS Publicity) Date: Fri, 1 Mar 2024 11:17:01 +0100 Subject: [Soups-announce] [SOUPS 2024] Call for Workshops and Karat Award Message-ID: Greetings, The Twentieth Symposium on Usable Privacy and Security (SOUPS 2024) will occur at the Philadelphia Downtown Marriott in Philadelphia, PA, USA, on August 11?13, 2024. SOUPS brings together an interdisciplinary group of researchers and practitioners in human-computer interaction, security, and privacy. We would like to bring your attention to two calls related to SOUPS 2024. - The Workshops and Beyond CFP's submission deadline has been extended to March 7, 2024 EoD. We're looking for workshops, tutorials, hack-a-thons, design-a-thons, and more related to privacy and security. Submission site: https://soups2024workshops.usenix.hotcrp.com - The call for nominations for the 2024 John Karat Usable Privacy and Security Student Research Award is alive: https://www.usenix.org/conference/soups2024/karat-call-for-nominations. For the 2024 award, current graduate students and those who have graduated no earlier than January 2023 are eligible. The deadline for nominations is Thursday, May 23, 2024. Check the event website for more details: https://www.usenix.org/conference/soups2024. Yixin Zou & Yaxing Yao SOUPS 2024 Publicity Co-Chairs -------------- next part -------------- An HTML attachment was scrubbed... URL: From xengie.doan at uni.lu Mon Mar 4 09:19:26 2024 From: xengie.doan at uni.lu (Xengie Cheng DOAN) Date: Mon, 4 Mar 2024 14:19:26 +0000 Subject: [Soups-announce] [CfP] Socio-Technical Aspects in Security (STAST) 2024 Message-ID: STAST 2024 14th International Workshop on Socio-Technical Aspects in SecuriTy https://stast.uni.lu Affiliated with the 9th IEEE European Symposium on Security and Privacy (IEEE S&P) https://eurosp2024.ieee-security.org/ *** IMPORTANT DATES - Paper Submission: 15 March 2024 (AoE) - Notification: 30 April 2024 (AoE) - Workshop final papers: 15 May 2024 (AoE) - Workshop Date: 12 July 2024 *** CONCEPT Successful attacks on information systems often exploit not only IT systems and networks but also the human element in the system. Therefore, it is critical to limit technical vulnerabilities as well as insecure user behavior, poorly designed user interfaces, and unclear or unrealistic security policies. To improve the security of systems, technology designers and policymakers must consider user needs and characteristics. Social science and usable security researchers have shown that insecure user behavior stems from cognitive, emotional, and social perspectives. When there is a good 'fit' of technology for users, workable security policies and targeted behavioral support can augment technical security. Finding the right balance between technical and social security measures remains largely unexplored, which motivates the need for the STAST workshop. Currently, different computer security communities (theoretical security, systems security, usable security, and security management) rarely work together. The respective communities tend to offload on each other parts of problems that they consider to be out of scope, an attitude that results in deficient or unsuitable security solutions. Thus, there remains a need for focused, holistic research on socio-technical security. *** GOALS The STAST workshop intends to stimulate an exchange of ideas on how to design systems that are secure in the real world where they interact with users of varying lived experiences and diverse needs. The workshop aims at bringing together experts working in various areas of computer security as well as in social and behavioral sciences. *** WORKSHOP TOPICS Contributions should focus on the interplay of technical, organizational, and human factors in achieving or breaking security, privacy, and trust. For example: - Usability and user experience - Models of user behaviour and user interactions with technology - Perceptions of related risks, as well as their influence on humans - Social engineering, persuasion, and other deception techniques - Requirements for socio-technical systems - Decision making in/for socio-technical systems - Feasibility of policies, standards, and regulations from a socio-technical perspective - Social factors in organizations' policies and processes - Interplay of law, ethics, and politics with security and privacy measures - Balance between technical measures and social strategies - Threat models that combine technical and human-centered strategies - Socio-technical analysis of incidents and vulnerabilities - Studies of real-world vulnerabilities/incidents from a socio-technical perspective - Lessons from design, deployment, and enforcement of mechanisms, policies, standards, and regulations - Strategies and guidelines for analysis of intelligence and data from a socio-technical perspective - Marginalized and disadvantaged user groups in the lifecycle of socio-technical systems - Methodologies and methodological reflections in pursuit of these goals *** TYPE OF CONTRIBUTIONS We will accept papers in several formats. All papers must be original contributions and not simultaneously submitted to another workshop, conference, or journal. The following paper formats are welcome: - Full Papers discussing original research, answering well-defined research questions, and presenting full and stable results; - Position Papers discussing existing challenges and introducing and motivating new research problems; - Work-in-Progress Papers describing original but unfinished piece of work, which is nevertheless based on solid research questions or hypotheses. We welcome qualitative and quantitative research approaches from academia and industry. We welcome meta-analytic as well as replication studies and consider them as original research eligible for full papers. We also welcome negative or null results with sound methodology. As in previous years, accepted papers will be published as conference proceedings in the Springer?s Lecture Notes in Computer Science (LNCS) series. Full Papers shall not exceed 10 pages of body text, with unlimited additional pages for references and appendices. Position Papers and Work in Progress should be at most 6 pages long, excluding the bibliography and well-marked appendices. They must have at the beginning of the paper's title the words "Position Paper:" or "Work in Progress:", respectively. Reviewers are explicitly not expected to read the appendices while deciding whether to accept or reject the paper. Papers must be typeset in LaTeX in A4 format (not "US Letter") using the IEEE conference proceeding template detailed here: https://stast.uni.lu/papersubmission.html *** PROCEEDINGS The proceedings will be via publication through IEEE Xplore in a volume accompanying the main IEEE EuroS&P '24 proceedings. *** WORKSHOP ORGANIZERS - Giampaolo Bella (University of Catania) - Gabriele Lenzini (University of Luxembourg) *** PROGRAMME CHAIRS - Ruba Abu-Salma (King's College London, UK) - Mark Warner (University College London) *** REVIEW AND PUBLICATION Contributions should be submitted electronically via EasyChair (https://easychair.org/conferences/?conf=stast24). STAST adopts a double-blind review policy. Papers will be reviewed by at least three PC members. The authors can declare any conflicts of interest at the time of submission or by informing the PC chairs or organizers. Submissions are anonymous. Papers should be submitted in Portable Document Format (PDF). All submissions should follow the up-to-date IEEE conference proceeding template at submission time. Committee members are not required to read the appendices, so the paper should be intelligible without them. All submissions must be written in English. Only PDF files will be accepted. Submissions not meeting these guidelines will be rejected without consideration of their merits. Authors of accepted papers must agree with IEEE Xplore copyright and guarantee that their papers will be presented at the workshop. Xengie Doan (she/they) Doctoral Researcher ? LeADS Marie Curie ITN Fellow IRISC group ? Interdisciplinary Centre for Security, Reliability and Trust (SnT) UNIVERSIT? DU LUXEMBOURG | xengie.doan at uni.lu -------------- next part -------------- An HTML attachment was scrubbed... URL: From mmazurek at umd.edu Thu Mar 7 11:36:22 2024 From: mmazurek at umd.edu (Michelle Mazurek) Date: Thu, 7 Mar 2024 11:36:22 -0500 Subject: [Soups-announce] Maryland Cybersecurity Center postdoctoral fellowship 2024 Message-ID: I'm excited to share this year's call for a postdoc fellow! The two-year fellowships offer an opportunity to work closely with MC2 faculty and graduate students in multiple areas, including theoretical and applied cryptography, data-driven security, human-centered/usable security, network and wireless security, machine learning and security, blockchain and cryptocurrency security, and programming languages security. In most cases we would expect the fellow to start in (approximately) August or Sept 2024, although this could be adjusted a bit for specific circumstances. More details: https://cyber.umd.edu/joinus Applications are due March 28. Feel free to drop me a note with any questions. Cheers, Michelle -- Michelle L. Mazurek Associate Professor, CS and UMIACS Director, Maryland Cybersecurity Center University of Maryland, College Park www.umiacs.umd.edu/~mmazurek 301-405-6463 she/her -------------- next part -------------- An HTML attachment was scrubbed... URL: From yaxing at vt.edu Thu Apr 18 10:07:37 2024 From: yaxing at vt.edu (Yao, Yaxing) Date: Thu, 18 Apr 2024 14:07:37 +0000 Subject: [Soups-announce] [SOUPS 2024 Publicity] Call for submissions in multiple tracks at SOUPS 2024 Message-ID: Greetings! The Twentieth Symposium on Usable Privacy and Security (SOUPS 2024) will occur at the Philadelphia Downtown Marriott in Philadelphia, PA, USA, on August 11?13, 2024. SOUPS brings together an interdisciplinary group of researchers and practitioners in human-computer interaction, security, and privacy. We would like to bring your attention to the following calls related to SOUPS 2024. * Call for nominations for the 2024 John Karat Usable Privacy and Security Student Research Award: https://www.usenix.org/conference/soups2024/karat-call-for-nominations * Deadline: May 23, 2024 * Call for Poster submissions: https://www.usenix.org/conference/soups2024/call-for-posters * Priority deadline: April 24, 2024 * Regular deadline: May 23, 2024 * Call for Lightening Talks submissions: https://www.usenix.org/conference/soups2024/call-for-lightning-talks * Priority deadline: April 24, 2024 * Regular deadline: May 23, 2024 * Call for SOUPS Mentoring Program: https://www.usenix.org/conference/soups2024/mentoring-program * Pre-conference mentoring program deadline: May 27, 2024 * In-person mentoring program deadline: July 30, 2024 * Call for Workshop submissions. SOUPS 2024 features 8 exciting workshops this year, including 5 in-person workshops and 3 virtual workshops, covering topics such as privacy in AI, privacy in immersive technologies, privacy and cybersecurity education, inclusive privacy, privacy threat modeling, privacy and security in information workers, and workshop on gender, online safety, and sexuality. Please refer to the website for details and instructions to submit. https://www.usenix.org/conference/soups2024/call-for-workshops-submissions * Deadline: May 23, 2024 Check the event website for more details: https://www.usenix.org/conference/soups2024. Thank you! Yixin Zou & Yaxing Yao SOUPS 2024 Publicity Co-Chairs -------------- next part -------------- An HTML attachment was scrubbed... URL: