From patrickgage at gmail.com Wed Jan 13 16:14:41 2016 From: patrickgage at gmail.com (Patrick Gage Kelley) Date: Wed, 13 Jan 2016 14:14:41 -0700 Subject: [Soups-announce] SOUPS 2016 Call for Papers, Posters, and Proposals In-Reply-To: <791208C4-FCEF-49B5-B889-D801A09FF16E@cs.cmu.edu> References: <791208C4-FCEF-49B5-B889-D801A09FF16E@cs.cmu.edu> Message-ID: <9AAB82F3-0A81-4D79-B159-8AD993FE797D@gmail.com> <> <> SOUPS 2016 is just around the corner with our first deadlines only two weeks away. We are pleased to announce that the Call for Papers and the Call for Posters and Proposals for the Twelfth Symposium on Usable Privacy and Security (SOUPS 2016) are now available. SOUPS 2016 will bring together an interdisciplinary group of researchers and practitioners in human computer interaction, security, and privacy. The program will feature technical papers, a poster session, workshops and tutorials, panels and invited talks, and lightning talks. Please see the Call? for Papers and/or the Call for Posters and Proposals for details. Some important dates to keep in mind: Friday, January 29, 2016: Proposals for Workshops, Tutorials, Invited Talks, and Panels due Tuesday, March 1, 2016: Paper registration deadline Monday, May 16, 2016: Poster abstracts and proposals for Lightning Talks and Demos due SOUPS 2016 will be co-located with the 2016 USENIX Annual Technical Conference and will take place June 22?24, 2016, in Denver, CO. Sunny Consolvo, Google Matthew Smith, University of Bonn soups16chairs at usenix.org Please use soups16chairs at usenix.org to contact Sunny Consolvo or Matthew Smith. For more details and announcements like and follow our Facebook page at: https://www.facebook.com/SOUPSconference -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: image.png Type: image/png Size: 117927 bytes Desc: not available URL: From patrickgage at gmail.com Mon Feb 1 12:35:35 2016 From: patrickgage at gmail.com (Patrick Gage Kelley) Date: Mon, 1 Feb 2016 10:35:35 -0700 Subject: [Soups-announce] SOUPS 2016 Deadline Extensions and John Karat Usable Privacy and Security Student Research Award Message-ID: <00FC646A-5B3C-4809-A6F7-3B2CBCC8DCF2@gmail.com> Deadline Extensions! Our early deadlines have been extended to this coming Sunday, February 7th, 2016. That includes: Workshops & Tutorials Invited Panels Invited Talks Submission details for all three of these deadlines can be found at: https://www.usenix.org/conference/soups2016/call-for-posters-proposals Please send in proposals for half-day or full-day workshop/tutorial programs and send over ideas for speakers you think the SOUPS community should be exposed to and the issues that we should be discussing this summer at SOUPS 2016 in Denver. 2016 John Karat Usable Privacy and Security Student Research Award In honor of John Karat's contributions to the usable privacy and security community, and his dedication to mentoring students, SOUPS has instituted the John Karat Usable Privacy and Security Student Research Award. The deadline for nominations is Friday April 15. Nomination details are available in full at: https://www.usenix.org/conference/soups2016/call-nominations SOUPS 2016 will be co-located with the 2016 USENIX Annual Technical Conference and will take place June 22?24, 2016, in Denver, CO. For more details and announcements like and follow our Facebook page at: https://www.facebook.com/SOUPSconference -------------- next part -------------- An HTML attachment was scrubbed... URL: From egelman at cs.berkeley.edu Tue Feb 2 11:43:21 2016 From: egelman at cs.berkeley.edu (Serge Egelman) Date: Tue, 2 Feb 2016 08:43:21 -0800 Subject: [Soups-announce] WEIS 2016 Registration and 2nd CFP Message-ID: The Workshop on the Economics of Information Security (WEIS) is now accepting paper submissions. WEIS 2016 registration is available here: http://weis2016.econinfosec.org/travel-registration/ Early registration rates end May 1st! Also, there are scholarships available for students at U.S. institutions, courtesy of NSF. Contact Serge Egelman (egelman at cs.berkeley.edu) for details. Also, please forward the call for papers to any interested colleagues. The submission deadline is just 3 weeks away (February 26th). ________________________________________________________________________________ CALL FOR PAPERS (http://weis2016.econinfosec.org/call-for-papers/) ________________________________________________________________________________ The 15th Annual Workshop on the Economics of Information Security (WEIS 2016) University of California, Berkeley, June 13-14, 2016 The Workshop on the Economics of Information Security (WEIS) is the leading forum for interdisciplinary scholarship on information security and privacy, combining expertise from the fields of economics, social science, business, law, policy, and computer science. Prior workshops have explored the role of incentives between attackers and defenders of information systems, examined human behavior surrounding security decision-making, identified market failures surrounding Internet security, quantified risks of personal data disclosure, and assessed investments in cyber-defense. WEIS 2016 will build on past efforts using empirical and analytic tools not only to understand threats, but also to strengthen security and privacy through novel evaluations of available solutions. We encourage economists, computer scientists, legal scholars, business school researchers, security and privacy specialists, as well as industry experts to submit their research and participate by attending the workshop. Suggested topics include (but are not limited to) empirical and theoretical studies of: - Optimal investment in information security - Models and analysis of online crime (including botnets, phishing, and spam) - Risk management and cyber-insurance - Security standards and regulation - Cyber-security and privacy policy - Security and privacy models and metrics - Economics of privacy and anonymity - Behavioral security and privacy - Vulnerability discovery, disclosure, and patching - Cyber-defense strategy and game theory - Incentives for information sharing and cooperation - Incentives for and against pervasive monitoring threats Manuscripts should represent significant and novel research contributions. Due to its interdisciplinary nature, WEIS has no formal formatting guidelines. Previous contributors spanned fields from economics and psychology to computer science and law, each with different norms and expectations about manuscript length and formatting. Selected papers will be invited for publication in a special issue of the Journal of Cybersecurity, a new, interdisciplinary, open access journal published by Oxford University Press. Thanks to our sponsors, a number of student travel grants are also available. For further information please email weis2016 at easychair.org or visit: http://weis2016.econinfosec.org/ #### IMPORTANT DATES Submission deadline 26 February 2016 Acceptance notification 11 April 2016 Final papers 9 May 2016 Conference dates 13-14 June 2016 #### PROGRAM CHAIR Serge Egelman, University of California, Berkeley / ICSI PROGRAM COMMITEE Alessandro Acquisti, Carnegie Mellon University Ross Anderson, Cambridge University Terrence August, University of California, San Diego Rainer B?hme, University of Innsbruck Huseyin Cavusoglu, University of Texas at Dallas Nicolas Christin, Carnegie Mellon University John Chuang, University of California, Berkeley Richard Clayton, University of Cambridge Michael Collins, RedJack George Danezis, University College London Benjamin Edelman, Harvard University Benjamin Edwards, University of New Mexico Michel van Eeten, Delft University of Technology Stephanie Forrest, University of New Mexico Allan Friedman Neil Gandal, Tel Aviv University Nathan Good, Good Research Jens Grossklags, Pennsylvania State University Marian Harbach, ICSI Cormac Herley, Microsoft Research M. Eric Johnson, Vanderbilt University Shriram Krishnamurthi, Brown University Pedro Leon, Stanford University Nektarios Leontiadis, Facebook Martin Loeb, University of Maryland Jonathan Mayer, Stanford University Damon McCoy, New York University Sarah Meiklejohn, University College London Tyler Moore, University of Tulsa Milton Mueller, Georgia Tech Arvind Narayanan, Princeton University Vern Paxson, University of California, Berkeley / ICSI Wolter Pieters, Delft University of Technology David Pym, University College London Brent Rowe, RTI International Stuart Schechter, Microsoft Research Bruce Schneier, Resilient Systems Richard Sullivan, Federal Reserve Bank of Kansas City Rahul Telang, Carnegie Mellon University Kurt Thomas, Google Catherine Tucker, MIT -- /* Serge Egelman, Ph.D. Research Scientist International Computer Science Institute (ICSI) and Department of Electrical Engineering and Computer Sciences (EECS) University of California, Berkeley */ -------------- next part -------------- An HTML attachment was scrubbed... URL: From zinaida.benenson at fau.de Tue Feb 23 06:37:54 2016 From: zinaida.benenson at fau.de (Zinaida Benenson) Date: Tue, 23 Feb 2016 12:37:54 +0100 Subject: [Soups-announce] 13 PhD positions in usable privacy In-Reply-To: <000f01d152fc$b9c2e990$2d48bcb0$@kau.se> References: <000f01d152fc$b9c2e990$2d48bcb0$@kau.se> Message-ID: <56CC4492.8060507@fau.de> We are happy to announce the availability of 13 PhD positions with a duration of 36 months within the EU Horizon 2020 Marie Sklodowska-Curie Innovative Training Network Privacy & Usability (MSCA ITN Privacy & Us, project 675730). https://privacyus.eu/ *** Important dates and facts *** - Application Deadline: 20th March 2016 - Starting Date (Strict): 1st August 2016 - Applications collected and processed by each institution, see https://privacyus.eu/ Consortium (Host Organizations of the ESRs) - Karlstad University (KAU, Sweden) -- Coordinator - Goethe Universitaet Frankfurt (GUF, Germany) - Tel Aviv University (TAU, Israel) - Unabhaengiges Landeszentrum fuer Datenschutz (ULD, Germany) - Uniscon Universal Identity Control GmbH (UNI, Germany) - University College London (UCL, UK) - Usecon Usability Consultants GmbH (USE, Austria) - CRONTO Limited/Vasco (VA, UK) - Wirtschaftsuniversitaet Wien (WU, Austria) *** Partner Organizations *** - The Austrian Data Protection Authority (DSB, Austria) - Preslmayr Rechtsanwaelte OG (PRE, Austria) - Friedrich-Alexander Universitaet Erlangen (FAU, Germany) - University of Bonn (UBO, Germany) - Bavarian Data Protection Authority (LDA, Germany) - EveryWare Technologies (EWT, Italy) - Sentor MSS AB (STR, Sweden) *** Eligibility *** - Not resided for more than 12 months between Aug 2013 and Aug 2016 in the host organization's country - Obtained the degree entitling them to enroll for a PhD program after Aug 2012 - Demonstrate high ability to understand and express themselves very well in both written and spoken English *** Secondments *** All positions involve secondments (i.e., internships) of 8-10 months to other host organizations or partners, aimed to broaden the students' training and enrich their skills and experiences. *** Salary & Benefits *** - Attractive monthly salary (specific amount depending on the hosting organization) - Competitive financial support including monthly living and mobility allowance - 500 EUR/month family allowance (when applicable) - Coverage of expenses related to the participation in the secondments, research, and training activities *** The Positions *** 1. Privacy Indicators in Smartphone Ecosystems (GUF) 2. Usable Transparency (KAU) 3. Measuring and Manipulating Privacy-related Attitudes and Behaviors (KAU) 4. Modeling Responses to Privacy-related Indications (TAU) 5. Informed Consent in Privacy: Functionality, Usability, and Legality (TAU) 6. Usable Privacy in the Internet of Things and Smart Spaces (ULD) 7. User Acceptance of the Sealed Cloud Concept (UNI) 8. Adaptive Data Privacy for Smart Environments (UNI) 9. Privacy-Preserving Personal Genomic Testing (UCL) 10. Privacy of Personal Health Data (UCL) 11. Privacy and Security in Commercial Transactions and Interactions (USE) 12. Privacy-preserving Transaction Authentication for Mobile Devices (VA) 13. Psychological Ownership of Personal Data (WU) *** Project Website *** https://privacyus.eu/ With questions, please email: e.decristofaro at ucl.ac.uk -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5403 bytes Desc: S/MIME Cryptographic Signature URL: From patrickgage at gmail.com Wed Feb 24 12:02:48 2016 From: patrickgage at gmail.com (Patrick Gage Kelley) Date: Wed, 24 Feb 2016 10:02:48 -0700 Subject: [Soups-announce] SOUPS 2016 Paper Registration and Submission Deadlines Next Week! Message-ID: We?d like to remind you that our own SUPER TUESDAY, that is, the registration deadline for papers for SOUPS 2016 is less than one week away, with paper submission just later next week: The paper registration deadline is Tuesday, March 1, 2016, 5:00 p.m. PST. The paper submission deadline is Friday, March 4, 2016, 5:00 p.m. PST (hard deadline). The Twelfth Symposium on Usable Privacy and Security will be co-located with the 2016 USENIX Annual Technical Conference and will take place June 22?24 in Denver, CO. We invite authors to submit original papers describing research or experience in all areas of usable privacy and security. We welcome a variety of research methods, including both qualitative and quantitative approaches. Topics include, but are not limited to: innovative security or privacy functionality and design new applications of existing models or technology field studies of security or privacy technology usability evaluations of new or existing security or privacy features security testing of new or existing usability features longitudinal studies of deployed security or privacy features studies of administrators or developers and support for security and privacy the impact of organizational policy or procurement decisions lessons learned from the deployment and use of usable privacy and security features reports of replicating previously published studies and experiments reports of failed usable privacy/security studies or experiments, with the focus on the lessons learned from such experience We look forward to receiving your submissions. And a reminder... 2016 John Karat Usable Privacy and Security Student Research Award In honor of John Karat's contributions to the usable privacy and security community, and his dedication to mentoring students, SOUPS has instituted the John Karat Usable Privacy and Security Student Research Award. The deadline for nominations is Friday April 15. Nomination details are available in full at: https://www.usenix.org/conference/soups2016/call-nominations For more details and announcements like and follow our Facebook page at: https://www.facebook.com/SOUPSconference -------------- next part -------------- An HTML attachment was scrubbed... URL: From egelman at cs.berkeley.edu Wed Feb 24 19:43:48 2016 From: egelman at cs.berkeley.edu (Serge Egelman) Date: Wed, 24 Feb 2016 16:43:48 -0800 Subject: [Soups-announce] WEIS 2016 Deadline Extended Message-ID: UPDATE: We have extended the paper submission deadline to March 4th, 2016 (next Friday). ________________________________________________________________________________ CALL FOR PAPERS (http://weis2016.econinfosec.org/call-for-papers/) ________________________________________________________________________________ The 15th Annual Workshop on the Economics of Information Security (WEIS 2016) University of California, Berkeley, June 13-14, 2016 The Workshop on the Economics of Information Security (WEIS) is the leading forum for interdisciplinary scholarship on information security and privacy, combining expertise from the fields of economics, social science, business, law, policy, and computer science. Prior workshops have explored the role of incentives between attackers and defenders of information systems, examined human behavior surrounding security decision-making, identified market failures surrounding Internet security, quantified risks of personal data disclosure, and assessed investments in cyber-defense. WEIS 2016 will build on past efforts using empirical and analytic tools not only to understand threats, but also to strengthen security and privacy through novel evaluations of available solutions. We encourage economists, computer scientists, legal scholars, business school researchers, security and privacy specialists, as well as industry experts to submit their research and participate by attending the workshop. Suggested topics include (but are not limited to) empirical and theoretical studies of: - Optimal investment in information security - Models and analysis of online crime (including botnets, phishing, and spam) - Risk management and cyber-insurance - Security standards and regulation - Cyber-security and privacy policy - Security and privacy models and metrics - Economics of privacy and anonymity - Behavioral security and privacy - Vulnerability discovery, disclosure, and patching - Cyber-defense strategy and game theory - Incentives for information sharing and cooperation - Incentives for and against pervasive monitoring threats Manuscripts should represent significant and novel research contributions. Due to its interdisciplinary nature, WEIS has no formal formatting guidelines. Previous contributors spanned fields from economics and psychology to computer science and law, each with different norms and expectations about manuscript length and formatting. Selected papers will be invited for publication in a special issue of the Journal of Cybersecurity, a new, interdisciplinary, open access journal published by Oxford University Press. Thanks to our sponsors, a number of student travel grants are also available. For further information please email weis2016 at easychair.org or visit: http://weis2016.econinfosec.org/ #### IMPORTANT DATES Submission deadline 4 March 2016 Acceptance notification 11 April 2016 Final papers 9 May 2016 Conference dates 13-14 June 2016 #### PROGRAM CHAIR Serge Egelman, University of California, Berkeley / ICSI PROGRAM COMMITEE Alessandro Acquisti, Carnegie Mellon University Ross Anderson, Cambridge University Terrence August, University of California, San Diego Rainer B?hme, University of Innsbruck Huseyin Cavusoglu, University of Texas at Dallas Nicolas Christin, Carnegie Mellon University John Chuang, University of California, Berkeley Richard Clayton, University of Cambridge Michael Collins, RedJack George Danezis, University College London Benjamin Edelman, Harvard University Benjamin Edwards, University of New Mexico Michel van Eeten, Delft University of Technology Stephanie Forrest, University of New Mexico Allan Friedman Neil Gandal, Tel Aviv University Nathan Good, Good Research Jens Grossklags, Pennsylvania State University Marian Harbach, ICSI Cormac Herley, Microsoft Research M. Eric Johnson, Vanderbilt University Shriram Krishnamurthi, Brown University Pedro Leon, Stanford University Nektarios Leontiadis, Facebook Martin Loeb, University of Maryland Jonathan Mayer, Stanford University Damon McCoy, New York University Sarah Meiklejohn, University College London Tyler Moore, University of Tulsa Milton Mueller, Georgia Tech Arvind Narayanan, Princeton University Vern Paxson, University of California, Berkeley / ICSI Wolter Pieters, Delft University of Technology David Pym, University College London Brent Rowe, RTI International Stuart Schechter, Microsoft Research Bruce Schneier, Resilient Systems Richard Sullivan, Federal Reserve Bank of Kansas City Rahul Telang, Carnegie Mellon University Kurt Thomas, Google Catherine Tucker, MIT -- /* Serge Egelman, Ph.D. Research Scientist International Computer Science Institute (ICSI) and Department of Electrical Engineering and Computer Sciences (EECS) University of California, Berkeley */ -------------- next part -------------- An HTML attachment was scrubbed... URL: From patrickgage at gmail.com Tue Mar 1 16:32:48 2016 From: patrickgage at gmail.com (Patrick Gage Kelley) Date: Tue, 1 Mar 2016 14:32:48 -0700 Subject: [Soups-announce] SOUPS Paper Registration Deadline is Today, Just Hours Away! Message-ID: <3F6F93B4-4582-49FA-B65E-069D7648D367@gmail.com> Final reminder! Today, SOUPS SUPER TUESDAY is the registration deadline for papers. You have only hours remaining to register your papers! The final SOUPS 2016 deadlines are today and Friday: The paper registration deadline is Tuesday, March 1, 2016, 5:00 p.m. PST. The paper submission deadline is Friday, March 4, 2016, 5:00 p.m. PST (hard deadline). The Twelfth Symposium on Usable Privacy and Security will be co-located with the 2016 USENIX Annual Technical Conference and will take place June 22?24 in Denver, CO. We invite authors to submit original papers describing research or experience in all areas of usable privacy and security. We welcome a variety of research methods, including both qualitative and quantitative approaches. Topics include, but are not limited to: innovative security or privacy functionality and design new applications of existing models or technology field studies of security or privacy technology usability evaluations of new or existing security or privacy features security testing of new or existing usability features longitudinal studies of deployed security or privacy features studies of administrators or developers and support for security and privacy the impact of organizational policy or procurement decisions lessons learned from the deployment and use of usable privacy and security features reports of replicating previously published studies and experiments reports of failed usable privacy/security studies or experiments, with the focus on the lessons learned from such experience For more details and announcements like and follow our Facebook page at: https://www.facebook.com/SOUPSconference -------------- next part -------------- An HTML attachment was scrubbed... URL: From elizabeth.stobert at gmail.com Tue Mar 8 03:21:31 2016 From: elizabeth.stobert at gmail.com (Elizabeth Stobert) Date: Tue, 8 Mar 2016 09:21:31 +0100 Subject: [Soups-announce] NSPW 2016 CFP Message-ID: <833F96BC-8918-4D0A-A544-F8C71F222DF2@gmail.com> Please consider submitting to NSPW 2016! Submissions are due April 29, 2016. ?????????????????????????????????? NSPW 2016: CFP Sept 26-29, 2016 C Lazy U Ranch, Colorado http://www.nspw.org/2016 Since 1992, the New Security Paradigms Workshop (NSPW) has offered a unique forum for information security research involving high-risk, high-opportunity paradigms, perspectives, and positions. The workshop itself is highly interactive with presentations by authors prepared for in-depth discussions, and ample opportunity to exchange views with open-minded peers. NSPW is also distinguished by its deep-rooted tradition of positive feedback, collegiality, and encouragement. NSPW seeks embryonic, disruptive, and unconventional ideas that benefit from early feedback. The ideas are almost always not yet proven, and sometimes infeasible to validate to the extent expected in traditional forums. NSPW seeks ideas pushing the boundaries of science and engineering beyond what would typically be considered mainstream; papers that would be strong candidates in "conventional" information security venues are, as a rule of thumb, a poor fit for NSPW. We welcome papers with perspectives that augment traditional information security, both from computer science and other disciplines that study adversarial relationships (e.g., biology, economics, the social sciences). Submissions typically address current limitations of information security, directly challenge long-held beliefs or the very foundations of security, or view problems from an entirely novel angle leading to new solutions. In 2015, more than 50% of the presenters had never attended NSPW before. We are actively trying to continue this trend, and therefore we encourage submissions from new NSPW authors. Submission Types REGULAR SUBMISSIONS: NSPW papers vary in approach and style, but often involve a systematic investigation supported by structured argument. Some involve an opinionated analysis, or explore a design space that emerges upon replacing a common assumption (even if this is beyond current technology). Successful submissions show strong scholarship, demonstrate sound knowledge of related literature while placing the contributions in context to it, and are often accompanied by early validation and a research agenda for broader validation. Ideal papers lead to spirited workshop discussion, but NSPW is not a debating society?the discussion should relate to new ideas and perspectives as characterized above, rather than well-known controversial topics. NSPHD SUBMISSIONS: This category is for students at an early stage in thesis research that meets the NSPW characteristics noted above, and ideally for thesis work and directions that would benefit from extensive expert feedback; the research thus must be preliminary (mature or completed theses are unsuitable). NSPHD papers may be held to a less rigorous standard than regular NSPW submissions. The format is flexible, but should outline ideas, work completed so far, and what is envisioned as future work. NSPHD papers are typically omitted from the main proceedings, but if desired, can be made available through links on the NSPW site. The NSPHD category is not intended for graduate students simply co-authoring with faculty advisors or work suitable as a regular submission. Student authors of accepted NSPHD papers are invited to present; typically their faculty advisors are not. PANEL PROPOSALS: NSPW often includes one or two stimulating panel discussions. Successful panel proposals will include a great idea, a list of potential panelists including moderator, an outline of the topic, and motivation for its suitability for NSPW. The proposers of accepted panels and the panelists are typically invited to prepare a short summary for the proceedings after the workshop. Attendance The workshop itself is invitation-only, with typically 30-35 participants consisting of authors of about 12 accepted papers, panelists, program committee members, and organizers. One author of each accepted paper must attend; additional authors may be invited if space permits. All participants must commit to a "social contract": no one arrives late, no one leaves early, no laptops, and all attend all sessions of the 2.5 day program, sharing meals in a group setting. The workshop is preceded by an evening reception allowing attendees to meet each other beforehand. We expect to offer a limited amount of financial aid to those who absolutely require it. Submission Instructions Submissions must be made in PDF format through EasyChair . Submissions must include a cover page with authors' names, affiliation, justification statement and attendance statement. Papers not including these risk desk rejection. The justification statement should specify exactly one category (Regular, NSPHD, or Panel), briefly explain why the submission is appropriate for NSPW, and summarize the new paradigm, perspective, or position. The attendance statement must specify which author(s) commit to attend upon acceptance/invitation. The cover page is part of the package given to the reviewers, hence NSPW submissions are not double-blind. All submissions should be in ACM SIG proceedings format. Regular and NSPHD submissions are expected to be 6-15 pages. All submissions are treated as confidential as a matter of policy. NSPW does not accept papers published elsewhere, nor submitted to other venues or journals concurrently. Final proceedings are published post-workshop, allowing revised papers to include feedback received during the workshop. Important Dates Submission deadline: April 29, 2016 23:59 (UTC-11) Notification of acceptance: June 17, 2016 Workshop: September 26-29, 2016 Final version: November 1, 2016 Program Chairs Rainer B?hme (rainer.boehme at uni-muenster.de ), University of Innsbruck, Austria Serge Egelman (egelman at cs.berkeley.edu ), University of California at Berkeley / ICSI, US Program Committee Matt Bishop (UC Davis, US) Kevin Butler (University of Florida, US) Bill Cheswick (University of Pennsylvania, US) Markus D?rmuth (Ruhr-Univ. Bochum, Germany) Benjamin Edwards (University of New Mexico, US) Maritza Johnson (Google, US) Mike Just (Heriot-Watt University, UK) Shriram Krishnamurthi (Brown Uinversity, US) M. Mannan (Concordia University, Canada) Sarah Meiklejohn (University College London, UK) Paul van Oorschot (Carleton University, Canada) Sean Peisert (UC Davis / Lawrence Berkeley Lab, US) Wolter Pieters (TU Delft, The Netherlands) Christian W. Probst (Technical University of Denmark) Elizabeth Stobert (ETH Zurich, Switzerland) Mary Ellen Zurko (Cisco, US) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Elizabeth Stobert Post-doctoral Researcher Systems Security Group ETH Z?rich elizabeth.stobert at inf.ethz.ch -------------- next part -------------- An HTML attachment was scrubbed... URL: From adam at shostack.org Fri Apr 8 13:29:17 2016 From: adam at shostack.org (Adam Shostack) Date: Fri, 8 Apr 2016 13:29:17 -0400 Subject: [Soups-announce] Blackhat conference seeking human factors talks Message-ID: <20160408172917.GA29885@calypso.stonekeep.com> Hi SOUPS community, I'm writing to encourage you to submit to BlackHat, where we have a human factors track this year. You can submit work which has been presented elsewhere, although I'll encourage you to think about the presentation in light of the BH audience. The submission deadline is Monday (and I apologize for not sending this note sooner). For work that you've published, you can likely fill out the submission form in under an hour. https://www.blackhat.com/us-16/call-for-papers.html BlackHat is the largest information security conference of the year, attracting thousands of security professionals to Las Vegas. The audience is looking for cutting edge content, presented in an edgy or fun way. They don't respond well to dry content. As a member of the BlackHat review board, I would love to see more work on usable security presented there. Yesterday, I wrote a short blog post which caused me to realize that I should reach out here. It provides what might be some useful framing. (http://emergentchaos.com/archives/2016/04/humans-in-security-blackhat-talks.html) I'm happy to try to answer questions you may have. Adam From patrickgage at gmail.com Tue Apr 12 19:36:35 2016 From: patrickgage at gmail.com (Patrick Gage Kelley) Date: Tue, 12 Apr 2016 17:36:35 -0600 Subject: [Soups-announce] SOUPS 2016 Registration Now Open! Upcoming Deadlines! Message-ID: <9FC28BD5-A549-42F6-A6B9-6A103211DBDE@gmail.com> SOUPS 2016 is coming up on June 22-24! With only about two months to go we have a bunch of upcoming deadlines: Online Registration is live John Karat Student Research Award Nominations Deadline: THIS Friday (April 15th) Workshop deadlines: May 1st and May 16th Posters, Lightning Talks, and Demos deadline: May 16th Online registration for SOUPS 2016 is live: https://www.usenix.org/conference/soups2016 Early bird rate registration is open through May 31st! 2016 John Karat Usable Privacy and Security Student Research Award In honor of John Karat's contributions to the usable privacy and security community, and his dedication to mentoring students, SOUPS has instituted the John Karat Usable Privacy and Security Student Research Award. The deadline for nominations is THIS Friday April 15. See the Call for Nominations for details : https://www.usenix.org/conference/soups2016/call-nominations SOUPS 2016 Workshops Invite Papers By May 1st/16th 2nd Workshop on Security Information Workers (full day) http://cyberdna.uncc.edu/wsiw16/ Deadline: May 16th Who are you?! Adventures in Authentication (full day) https://www.usenix.org/conference/soups2016/workshop-who-are-you Deadline: May 16th Workshop on Security Fatigue (half day) https://www.usenix.org/conference/soups2016/workshop-security-fatigue Deadline: May 1st Workshop on Privacy Indicators (half day) https://www.usenix.org/conference/soups2016/workshop-on-privacy-indicators Deadline: May 1st Workshop on the Future of Privacy Notices and Indicators: Will Drones Deliver My Privacy Policy? (half day) https://www.usenix.org/conference/soups2016/workshop-drones-deliver-privacy-policy Deadline: May 16th SOUPS 2016 Posters, Lightning Talks, and Demo Submissions Due May 16th https://www.usenix.org/conference/soups2016/call-for-posters-proposals Posters: High-quality poster presentations are an integral part of SOUPS. We seek poster abstracts describing recent or ongoing research related to usable privacy and security. SOUPS will include a poster session in which authors will exhibit their posters. Accepted poster abstracts will be distributed to symposium participants and made available on the symposium Web site. Interactive demos alongside posters are welcome and encouraged. We also welcome authors of recent papers on usable privacy and security (2015 to 2016) to present their work at the SOUPS poster session. Lightning Talks & Demos: A continuing feature of SOUPS is a session of 5-minute talks and 5- to 10-minute demos. These could include emerging hot topics, preliminary research results, practical problems encountered by end users or industry practitioners, a lesson learned, a research challenge that could benefit from feedback, a war story, ongoing research, a success, a failure, a future experiment, tips and tricks, a pitfall to avoid, exciting visualization, new user interface or interaction paradigm related to security and privacy. etc. For more details and announcements like and follow our Facebook page at: https://www.facebook.com/SOUPSconference -------------- next part -------------- An HTML attachment was scrubbed... URL: From egelman at cs.berkeley.edu Thu Apr 21 14:58:45 2016 From: egelman at cs.berkeley.edu (Serge Egelman) Date: Thu, 21 Apr 2016 11:58:45 -0700 Subject: [Soups-announce] WEIS Early Registration Ending! Message-ID: The 15th Annual Workshop on the Economics of Information Security (WEIS 2016) University of California, Berkeley, June 13-14, 2016 The Workshop on the Economics of Information Security (WEIS) is the leading forum for interdisciplinary scholarship on information security and privacy, combining expertise from the fields of economics, social science, business, law, policy, and computer science. Prior workshops have explored the role of incentives between attackers and defenders of information systems, examined human behavior surrounding security decision-making, identified market failures surrounding Internet security, quantified risks of personal data disclosure, and assessed investments in cyber-defense. WEIS 2016 will build on past efforts using empirical and analytic tools not only to understand threats, but also to strengthen security and privacy through novel evaluations of available solutions. Early registration for WEIS 2016 ends in just 10 days! Registration information and other details can be found here: http://weis2016.econinfosec.org/travel-registration/ Also, there are scholarships available for students at U.S. institutions, courtesy of NSF. Contact Serge Egelman (egelman at cs.berkeley.edu) for details. WEIS 2016 will feature a keynote by Hal Varian, Chief Economist at Google, as well as a panel on the security economics of surveillance, moderated by Ross Anderson (Professor of Security Engineering, Cambridge University). The panelists will include Jim Baker (General Counsel, FBI), Martin Libicki (Senior Management Scientist, RAND), Rick Salgado (Director for Law Enforcement and Information Security Matters, Google), and Ashkan Soltani (former Chief Technologist, FTC). We also received an unprecedented number of submissions this year, and as a result, we have an exciting list of accepted papers: Malware and Market Share Daniel Arce The Impact of DDoS and Other Security Shocks on Bitcoin Currency Exchanges: Evidence from Mt. Gox Neil Gandal, Tyler Moore, Amir Feder and James Hamrick Consumer Attitudes Toward Data Breach Notifications and Loss of Personal Information Lillian Ablon, Paul Heaton, Diana Lavery and Sasha Romanosky Identity Theft as a Teachable Moment Vyacheslav Mikhed, Michael Vogan, Robert Hunt, Julia Cheney and Dubravka Ritter Whack-a-mole: Asymmetric Conflict and Guerrilla Warfare in Web Security Pern Hui Chia, John Chuang and Yanling Chen Identifying How Firms Manage Cybersecurity Investment Tyler Moore, Scott Dynes and Frederick Chang Strategic News Bundling and Privacy Breach Disclosures Sebastien Gay The Days Before Zero Day: Investment Models for Secure Software Engineering Chad Heitzenrater, Rainer B?hme and Andrew Simpson Measuring Attitude towards Risk Treatment Actions amongst Information Security Professionals: an Experimental Approach Konstantinos Mersinas, Bjoern Hartig, Keith Martin and Andrew Seltzer Market Segmentation and Software Security: Pricing Patching Rights Terrence August, Duy Dao and Kihoon Kim Data Security in the Digital Age: Reputation and Strategic Interactions in Security Investment Ying Lei Toh MyTrackingChoices: Pacifying the Ad-Block War by Enforcing User Privacy Preferences Jagdish Prasad Achara, Javier Parra-Arnau and Claude Castelluccia Estimating the costs of consumer-facing cybercrime: A tailored instrument and representative data for six EU countries Markus Riek, Rainer Boehme, Michael Ciere, Carlos Ganan and Michel van Eeten Join Me on a Market for Anonymity Malte M?ser and Rainer B?hme Determining An Optimal Threshold on the Online Reserves of a Bitcoin Exchange Samvit Jain, Edward Felten and Steven Goldfeder Perverse Incentives in Security Contracts: A Case Study in the Colombian Power Grid Carlos Barreto and Alvaro A Cardenas Given Enough Eyeballs, All Bugs Shallow? Revisiting Eric Raymond with Bug Bounty Markets Thomas Maillart, Mingyi Zhao, Jens Grossklags and John Chuang International Comparison of Bank Fraud Reimbursement: Customer Perceptions and Contractual Terms Ingolf Becker, Alice Hutchings, Ruba Abu-Salma, Ross Anderson, Nicholas Bohm, Steven J. Murdoch, M. Angela Sasse and Gianluca Stringhini Privacy and Security Through the Lens of the Federal Trade Commission?s Bureau of Economics Chris Hoofnagle National-level risk assessment: A multi-country study of malware infections Fanny Lalonde L?vesque, Jos? M. Fernandez, Anil Somayaji and Dennis Batchelder Risk Management for Third Party Payment Networks Willem van Driel, Carlos Ga??n, Maikel Lobbezoo and Michel van Eeten -- /* Serge Egelman, Ph.D. Research Director, Usable Security & Privacy International Computer Science Institute (ICSI) Research Scientist, Electrical Engineering and Computer Sciences (EECS) University of California, Berkeley */ -------------- next part -------------- An HTML attachment was scrubbed... URL: From elizabeth.stobert at gmail.com Fri Apr 22 11:59:36 2016 From: elizabeth.stobert at gmail.com (Elizabeth Stobert) Date: Fri, 22 Apr 2016 17:59:36 +0200 Subject: [Soups-announce] NSPW 2016 CFP Message-ID: Please consider submitting to NSPW 2016! Submissions are due in one week, on April 29, 2016. ?????????????????????????????????? NSPW 2016: CFP Sept 26-29, 2016 C Lazy U Ranch, Colorado http://www.nspw.org/2016 Since 1992, the New Security Paradigms Workshop (NSPW) has offered a unique forum for information security research involving high-risk, high-opportunity paradigms, perspectives, and positions. The workshop itself is highly interactive with presentations by authors prepared for in-depth discussions, and ample opportunity to exchange views with open-minded peers. NSPW is also distinguished by its deep-rooted tradition of positive feedback, collegiality, and encouragement. NSPW seeks embryonic, disruptive, and unconventional ideas that benefit from early feedback. The ideas are almost always not yet proven, and sometimes infeasible to validate to the extent expected in traditional forums. NSPW seeks ideas pushing the boundaries of science and engineering beyond what would typically be considered mainstream; papers that would be strong candidates in "conventional" information security venues are, as a rule of thumb, a poor fit for NSPW. We welcome papers with perspectives that augment traditional information security, both from computer science and other disciplines that study adversarial relationships (e.g., biology, economics, the social sciences). Submissions typically address current limitations of information security, directly challenge long-held beliefs or the very foundations of security, or view problems from an entirely novel angle leading to new solutions. In 2015, more than 50% of the presenters had never attended NSPW before. We are actively trying to continue this trend, and therefore we encourage submissions from new NSPW authors. Submission Types REGULAR SUBMISSIONS: NSPW papers vary in approach and style, but often involve a systematic investigation supported by structured argument. Some involve an opinionated analysis, or explore a design space that emerges upon replacing a common assumption (even if this is beyond current technology). Successful submissions show strong scholarship, demonstrate sound knowledge of related literature while placing the contributions in context to it, and are often accompanied by early validation and a research agenda for broader validation. Ideal papers lead to spirited workshop discussion, but NSPW is not a debating society?the discussion should relate to new ideas and perspectives as characterized above, rather than well-known controversial topics. NSPHD SUBMISSIONS: This category is for students at an early stage in thesis research that meets the NSPW characteristics noted above, and ideally for thesis work and directions that would benefit from extensive expert feedback; the research thus must be preliminary (mature or completed theses are unsuitable). NSPHD papers may be held to a less rigorous standard than regular NSPW submissions. The format is flexible, but should outline ideas, work completed so far, and what is envisioned as future work. NSPHD papers are typically omitted from the main proceedings, but if desired, can be made available through links on the NSPW site. The NSPHD category is not intended for graduate students simply co-authoring with faculty advisors or work suitable as a regular submission. Student authors of accepted NSPHD papers are invited to present; typically their faculty advisors are not. PANEL PROPOSALS: NSPW often includes one or two stimulating panel discussions. Successful panel proposals will include a great idea, a list of potential panelists including moderator, an outline of the topic, and motivation for its suitability for NSPW. The proposers of accepted panels and the panelists are typically invited to prepare a short summary for the proceedings after the workshop. Attendance The workshop itself is invitation-only, with typically 30-35 participants consisting of authors of about 12 accepted papers, panelists, program committee members, and organizers. One author of each accepted paper must attend; additional authors may be invited if space permits. All participants must commit to a "social contract": no one arrives late, no one leaves early, no laptops, and all attend all sessions of the 2.5 day program, sharing meals in a group setting. The workshop is preceded by an evening reception allowing attendees to meet each other beforehand. We expect to offer a limited amount of financial aid to those who absolutely require it. Submission Instructions Submissions must be made in PDF format through EasyChair . Submissions must include a cover page with authors' names, affiliation, justification statement and attendance statement. Papers not including these risk desk rejection. The justification statement should specify exactly one category (Regular, NSPHD, or Panel), briefly explain why the submission is appropriate for NSPW, and summarize the new paradigm, perspective, or position. The attendance statement must specify which author(s) commit to attend upon acceptance/invitation. The cover page is part of the package given to the reviewers, hence NSPW submissions are not double-blind. All submissions should be in ACM SIG proceedings format. Regular and NSPHD submissions are expected to be 6-15 pages. All submissions are treated as confidential as a matter of policy. NSPW does not accept papers published elsewhere, nor submitted to other venues or journals concurrently. Final proceedings are published post-workshop, allowing revised papers to include feedback received during the workshop. Important Dates Submission deadline: April 29, 2016 23:59 (UTC-11) Notification of acceptance: June 17, 2016 Workshop: September 26-29, 2016 Final version: November 1, 2016 Program Chairs Rainer B?hme (rainer.boehme at uni-muenster.de ), University of Innsbruck, Austria Serge Egelman (egelman at cs.berkeley.edu ), University of California at Berkeley / ICSI, US Program Committee Matt Bishop (UC Davis, US) Kevin Butler (University of Florida, US) Bill Cheswick (University of Pennsylvania, US) Markus D?rmuth (Ruhr-Univ. Bochum, Germany) Benjamin Edwards (University of New Mexico, US) Maritza Johnson (Google, US) Mike Just (Heriot-Watt University, UK) Shriram Krishnamurthi (Brown Uinversity, US) M. Mannan (Concordia University, Canada) Sarah Meiklejohn (University College London, UK) Paul van Oorschot (Carleton University, Canada) Sean Peisert (UC Davis / Lawrence Berkeley Lab, US) Wolter Pieters (TU Delft, The Netherlands) Christian W. Probst (Technical University of Denmark) Elizabeth Stobert (ETH Zurich, Switzerland) Mary Ellen Zurko (Cisco, US) ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Elizabeth Stobert Post-doctoral Researcher Systems Security Group ETH Z?rich elizabeth.stobert at inf.ethz.ch -------------- next part -------------- An HTML attachment was scrubbed... URL: From richter at uncc.edu Mon May 16 09:51:07 2016 From: richter at uncc.edu (Lipford, Heather) Date: Mon, 16 May 2016 09:51:07 -0400 Subject: [Soups-announce] WSIW abstracts due TODAY, full papers due Thursday, May 19 Message-ID: The SOUPS Workshop on Security Information Workers has extended the deadline for paper submissions to Thursday, May 19. Paper abstracts are still due today, May 16. Please consider submitting your work on software developers, security administrators, and intelligence analysts! The WSIW organizing committee, Robert Biddle Bill Chu Heather Lipford Emerson Murphy-Hill -------------- next part -------------- An HTML attachment was scrubbed... URL: From patrickgage at gmail.com Tue May 17 21:22:39 2016 From: patrickgage at gmail.com (Patrick Gage Kelley) Date: Tue, 17 May 2016 19:22:39 -0600 Subject: [Soups-announce] SOUPS Deadline Extensions, Student Travel Grants Due Today! Message-ID: SOUPS 2016 is just over a month away and we hope everyone is getting ready and excited to attend this year in Denver. We have several updates with some very short time-horizons below! ? STUDENT TRAVEL GRANTS DUE TODAY ? Student Travel Grants are available but the form is due TODAY (May 17), so if you are student looking for travel support to attend SOUPS get that form filled out as soon as possible: ? https://www.usenix.org/conference/soups2016/students-and-grants (you will need to create a USENIX account to access the form). ? POSTERS DEADLINE EXTENDED TO FRIDAY May 20 ? The new submission deadline is Friday, May 20, 2016, 5:00 p.m. PDT. For more information, view the call: ? https://www.usenix.org/conference/soups2016/call-for-posters-proposals ? WORKSHOP DEADLINES EXTENDED TO THURSDAY May 19 ? There is just one more weekend to work on submissions for the five excellent workshops that we will be hosting at SOUPS 2016. The deadline for submissions has been extended to May 19 so get those submissions in! (And please email workshop organizers if you are planning to submit with titles, abstracts, and questions) A reminder and links for all five workshops: Workshop on Security Fatigue (half day) ? https://www.usenix.org/conference/soups2016/workshop-security-fatigue Workshop on Privacy Indicators (half day) ? https://www.usenix.org/conference/soups2016/workshop-on-privacy-indicators Workshop on the Future of Privacy Notices and Indicators: Will Drones Deliver My Privacy Policy? (half day) ? https://www.usenix.org/conference/soups2016/workshop-drones-deliver-privacy-policy 2nd Workshop on Security Information Workers (full day) ? https://www.usenix.org/conference/soups2016/workshop-security-information-workers Who are you?! Adventures in Authentication (full day) ? https://www.usenix.org/conference/soups2016/workshop-who-are-you ? EARLY REGISTRATION CLOSES MAY 31 ? ? https://www.usenix.org/conference/soups2016 Early bird rate registration is open through May 31st! Also we have a number of special discounts for academics and members of other non-profits as well as USENIX members. Be sure to check them out and get the best price to attend SOUPS 2016 ? https://www.usenix.org/conference/soups2016/registration-discounts For more details and announcements like and follow our Facebook page at: https://www.facebook.com/SOUPSconference -------------- next part -------------- An HTML attachment was scrubbed... URL: From patrickgage at gmail.com Wed Jun 1 13:56:35 2016 From: patrickgage at gmail.com (Patrick Gage Kelley) Date: Wed, 1 Jun 2016 11:56:35 -0600 Subject: [Soups-announce] SOUPS 2016 Registration/Hotel Deadlines Extended! Message-ID: <850AA69B-C9CA-4153-A11F-DD49205BC6E2@gmail.com> Register Today! The early bird registration discount and the hotel discount deadline have been extended to THIS Friday, June 3. Register: https://www.usenix.org/conference/atc16/registration-information Book: https://resweb.passkey.com/Resweb.do?mode=welcome_ei_new&eventID=14131371 (and remember to take advantage of registration discounts: https://www.usenix.org/conference/soups2016/registration-discounts ) - - - Still Accepting Lightning Talks and Demos! A continuing feature of SOUPS is a session of 5-minute talks and 5- to 10-minute demos. These could include emerging hot topics, preliminary research results, practical problems encountered by end users or industry practitioners, a lesson learned, a research challenge that could benefit from feedback, a war story, ongoing research, a success, a failure, a future experiment, tips and tricks, a pitfall to avoid, exciting visualization, new user interface or interaction paradigm related to security and privacy. etc. If you would like to participate in the lightning talk and demo session, please email soups16lightning at usenix.org with your name, affiliation, the title, and a brief abstract (up to 200 words) of your lightning talk or demo. - - - For more details and announcements like and follow our Facebook page at: https://www.facebook.com/SOUPSconference -------------- next part -------------- An HTML attachment was scrubbed... URL: From zinaida.benenson at fau.de Thu Aug 11 09:50:03 2016 From: zinaida.benenson at fau.de (Zinaida Benenson) Date: Thu, 11 Aug 2016 15:50:03 +0200 Subject: [Soups-announce] CfP: 6th STAST Workshop (Socio-Technical Aspects in Security and Trust) Message-ID: * ********************************************************** * 6th Int. Workshop on * Socio-Technical Aspects of Security and Trust * (STAST) - http://www.stast2016.uni.lu * December 5, 2016 * ---------------------------------------------------------- * Co-located with * 32nd Annual Computer Security Application Conference * Los Angeles, USA * ********************************************************** IMPORTANT DATES ---------------- Submission: 23 September 2016 Notification: 21 October 2016 Camera Ready: [after the workshop] SUBMISSION ---------- We accept (1) full papers; (2) position papers; (3) case studies For more details, please visit our web page: http://www.stast2016.uni.lu CONCEPT ------- Successful attacks on information systems often combine social engineering practices with technical skills, exploiting technical vulnerabilities, insecure user behavior, poorly designed user interfaces, and unclear or unrealistic security policies. To improve security, technology must adapt to the users, because research in social sciences and usable security has demonstrated that insecure behavior can be justified from cognitive, emotional, and social perspectives. However, also adherence to reasonable security policies and corresponding behavioral changes should augment and support technical security. Finding the right balance between the technical and the social security measures remains largely unexplored, which motivates the need for this workshop. Currently, different security communities (theoretical security, systems security, usable security, and security management) rarely work together. There is no established holistic research in security, and the respective communities tend to offload on each other parts of problems that they consider to be out of scope, an attitude that results in deficient or unsuitable security solutions. GOAL ---- The workshop intends to stimulate an exchange of ideas and experiences on how to design systems that are secure in the real world where they interact with non-expert users. It aims at bringing together experts in various areas of computer security and in social and behavioral sciences. INVITED SPEAKER ---------------- Matt Bishop (Univ. California Davis) WORKSHOP TOPICS -------------- Relevant topics include but are not limited to: * Requirements for socio-technical systems * Feasibility of policies from the socio-technical perspective * Threat models that combine technical and human-centred strategies * Technical and social factors that influence decision making in security and privacy * Balance between technical measures and social strategies in ensuring security and privacy * Studies of real-world security incidents from the socio-technical perspective * Social and technical factors that influence changes in security policies and processes * Lessons learned from holistic design and deployment of security mechanisms and policies * Models of user behaviour and user interactions with technology * Perceptions of security, risk and trust and their influence on human behaviour * Social engineering, persuasion, and other deception techniques * Root cause analysis and analysis of incidents for socio-technical security incidents * Strategies, methodology and guidelines for socio-technical and cyber-security intelligence analysis * Nudging to improve security * User experience with security technologies PROGRAM COMMITTEE ----------------- Blocki, Jeremiah (Purdue University) Coventry, Lynne (Northumbria University) Jakobsson, Markus (ZapFraud) Jenkinson, Graeme (Univ. of Cambridge) Kowalski, Stewart (Stockholm Univ.) Mannan, Mohammad (Concordia Univ.) Montoya, Lorena (Univ. of Twente) Oliveira, Daniela (Univ. of Florida) Parkin, Simon (Univ. College London) Petrocchi, Marinella (Inst. of Inf. and Telematics-CNR) Pieters, Wolter (Univ. of Twente & TU Delft) Radomirovic, Sasa (ETH Zurich) Renaud, Karen (Univ. of Glasgow) Ryan, Peter (Univ. Luxembourg) Volkamer, Melanie (TU Darmstadt & Karlstad Univ.) Weippl, Edgar (SBA Research) Yan, Jeff (Lancaster Univ.) Yu, Ilsun (Soonchunhyang Univ.) Zurko, Mary Ellen (Cisco Systems) ORGANIZING COMMITTEE -------------------- ** Programme Chairs Benenson, Zinaida (Univ. of Erlangen-Nuremberg ) Gates, Carrie (Independent Contractor) ** Workshop Organizers Bella, Giampaolo (Univ. of Catania) Lenzini, Gabriele (Univ. of Luxembourg) -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5403 bytes Desc: S/MIME Cryptographic Signature URL: From mtelahi at uwaterloo.ca Thu Aug 11 04:36:05 2016 From: mtelahi at uwaterloo.ca (Tariq Elahi) Date: Thu, 11 Aug 2016 04:36:05 -0400 (EDT) Subject: [Soups-announce] PoPETs 2017 issue 1 call for papers Message-ID: <20160811083605.A618CF4AF8C@ubuntu1404-102.cs.uwaterloo.ca> [Apologies to those who receive multiple copies of this CFP] CALL FOR PAPERS - PoPeTs 2017, Issue 2 / PETS 2017 The deadline for PoPETs 2017, Issue 2 is less than a month away: August 31, 2016. PoPETs/PETS now has 4 deadlines a year; submit whenever you feel ready! Read the CFP below for more details on our hybrid journal/symposium model, which includes the option to resubmit with major revisions to a subsequent deadline. See the web site for full information, including submission guidelines. Papers must be submitted via the submission server for Issue 2 at: https://submit.petsymposium.org/2017.2/ We look forward to your submissions! ----------------------------------------------------------------- Call for Papers =============== 17th Privacy Enhancing Technologies Symposium (PETS 2017) Minneapolis, Minnesota, USA July 2017 General information: https://petsymposium.org/ Submission server: https://submit.petsymposium.org/2017.1/ ================ The annual Privacy Enhancing Technologies Symposium (PETS) brings together privacy experts from around the world to present and discuss recent advances and new perspectives on research in privacy technologies. The 17th PETS event will be organised by the University of Minnesota and held in Minneapolis, Minnesota, USA, July 18 ??? 21, 2017. Papers undergo a journal-style reviewing process and accepted papers are published in the journal Proceedings on Privacy Enhancing Technologies (PoPETs). Submitted papers should present novel practical and/or theoretical research into the design, analysis, experimentation, or fielding of privacy-enhancing technologies. While PETS/PoPETs has traditionally been home to research on anonymity systems and privacy-oriented cryptography, we strongly encourage submissions on a number of both well-established and emerging privacy-related topics, for which examples are provided below. PoPETs, a scholarly, open access journal for timely research papers on privacy, has been established as a way to improve reviewing and publication quality while retaining the highly successful PETS community event. PoPETs is published by De Gruyter Open, the world's second largest publisher of open access academic content, and part of the De Gruyter group, which has over 260 years of publishing history. PoPETs does not have article processing charges (APCs) or article submission charges. Authors can submit papers to PoPETs four times a year, every three months on a predictable schedule. Authors are notified of the decisions about two months after submission. In addition to ???accept??? and ???reject??? decisions, papers may receive ???major revision??? decisions, in which case authors are invited to revise and resubmit their article to one of the following two submission deadlines. We endeavor to assign the same reviewers to revised versions. Papers accepted for publication within or before the February deadline round will be presented at that year's symposium. Note that accepted papers must be presented at PETS. PoPETs also solicits submissions for Systematization of Knowledge (SoK) papers. These are papers that critically review, evaluate, and contextualize work in areas for which a body of prior literature exists, and whose contribution lies in systematizing the existing knowledge in that area. To be suitable for publication, SoK articles must provide an added value beyond a literature review, such as novel insights, identification of research gaps, or challenges to commonly held assumptions. SoK papers will follow the same review process as other submissions, and will be published in PoPETs and presented at the PETS 2017 event. Submit papers for PoPETs 2017, Issue 2 at https://submit.petsymposium.org/2017.2/. Please see the submission guidelines below, and view our FAQ for more information about the process. Important Dates for PETS 2017 Issue 2 ====================================== All deadlines are 23:59:59 American Samoa time (UTC-11) Paper submission deadline: August 31, 2016 (firm) Rebuttal period: October 10 ??? 12, 2016 Author notification: October 31, 2016 Camera-ready deadline for accepted papers and minor revisions (if accepted by the shepherd): November 30, 2016 Papers which were submitted to a previous PoPETs deadline and invited to resubmit after major revisions can submit the revised (full) paper up to two weeks after the stated deadline. Such papers must however be registered with an abstract by the usual deadline. All other papers than these revised resubmissions must be submitted by the stated deadline, including papers submitted and rejected from a previous issue. Major revisions must be submitted in one of the two rounds following the decision; otherwise the paper will be treated as a new submission. Suggested topics include but are not restricted to: =================================================== Behavioural targeting Building and deploying privacy-enhancing systems Crowdsourcing for privacy Cryptographic tools for privacy Data protection technologies Differential privacy Economics of privacy and game-theoretical approaches to privacy Empirical studies of privacy in real-world systems Forensics and privacy Human factors, usability and user-centered design for PETs Information leakage, data correlation and generic attacks to privacy Interdisciplinary research connecting privacy to economics, law, ethnography, psychology, medicine, biotechnology Location and mobility privacy Measuring and quantifying privacy Obfuscation-based privacy Policy languages and tools for privacy Privacy and human rights Privacy and machine learning Privacy in ubiquitous computing and mobile devices Privacy in cloud and big-data applications Privacy in social networks and microblogging systems Privacy-enhanced access control, authentication, and identity management Profiling and data mining Reliability, robustness, and abuse prevention in privacy systems Surveillance Systems for anonymous communications and censorship resistance Traffic analysis Transparency enhancing tools Web privacy General Chair (gc17 at petsymposium.org) ===================================== Nick Hopper, University of Minnesota Program Chairs/Co-Editors-in-Chief (pets17-chairs at petsymposium.org) =================================================================== Claudia Diaz, KU Leuven Rachel Greenstadt, Drexel University Damon McCoy, New York University Program Committee/Editorial Board: ================================== Gunes Acar, KU Leuven Sadia Afroz, UC Berkeley William Aiello, University of British Columbia Mashael Al-Sabah, Qatar University Hadi Asghari, TU Delft N. Asokan, Aalto University Adam Aviv, United States Naval Academy Michael Backes, Saarland University Solon Barocas, Princeton University Lujo Bauer, Carnegie Mellon University Matt Blaze, University of Pennsylvania Ian Brown, Oxford Internet Institute Sonja Buchegger, KTH Royal Institute of Technology Kevin Butler, University of Florida Kelly Caine, Clemson University Aylin Caliskan-Islam, Princeton University Christopher Clifton, Purdue University George Danezis, University College London Anupam Datta, Carnegie Mellon University Emiliano De Cristofaro, University College London Tamara Denning, University of Utah Rinku Dewri, University of Denver Roger Dingledine, The Tor Project Orr Dunkelman, University of Haifa Serge Egelman, University of California, Berkeley Tariq Elahi, KU Leuven Giulia Fanti, University of Illinois at Urbana-Champaign David Fifield, University of California, Berkeley Simone Fischer-H??bner, Karlstad University Bryan Ford, Yale University / EPFL Vaibhav Garg, VISA Ian Goldberg, University of Waterloo Thomas Gro??, Newcastle University Jens Grossklags, Penn State Seda Gurses, NYU / Princeton University Marit Hansen, Independent Centre for Privacy Protection Schleswig-Holstein Ryan Henry, Indiana University Bloomington Raquel Hill, Indiana University Bloomington Jaap-Henk Hoepman, Radboud University Nijmegen Yan Huang, Indiana University Bloomington Rob Jansen, U.S. Naval Research Laboratory Aaron Johnson, U.S. Naval Research Laboratory Apu Kapadia, Indiana University Bloomington Jonathan Katz, University of Maryland Aggelos Kiayias, University of Athens Bart Knijnenburg, Clemson University Markulf Kohlweiss, Microsoft Research Yoshi Kohno, University of Washington Albert Kwon, MIT Susan Landau, Worcester Polytechnic Institute Peeter Laud, Cybernetica Adam Lee, University of Pittsburgh Boon Thau Loo, University of Pennsylvania Marc Libertori, University of Massachusetts, Amherst Aleecia McDonald, Stanford University Prateek Mittal, Princeton University Payman Mohassel, Yahoo!/Calgary Steven Murdoch, University College London Steven Myers, Indiana University Bloomington Arvind Narayanan, Princeton University Muhammad Naveed, University of Southern California Shirin Nilizadeh, UCSB Guevara Noubir, Northeastern University Vern Paxson, University of California, Berkeley Adrian Perrig, ETHZ Rob Reeder, Google Ahmad-Reza Sadeghi, University of Darmstadt Reihaneh Safavi-Naini, University of Calgary Hovav Schacham, UCSD Stuart Schechter, Microsoft Research Martin Schmiedeckre, SBA Research Peter Schwabe, Radboud University Nijmegen Mohamed Shehab, University of North Carolina at Charlotte Reza Shokri, ETH Zurich Jessica Staddon, NC State University Thorsten Strufe, TU Dresden Carmela Troncoso, IMDEA Software Institute Michael Tschantz, University of California, Berkeley Kami Vaniea, Indiana University Eugene Vasserman, Kansas State University Tao Wang, Hong Kong University of Science and Technology Philipp Winter, Princeton University Joss Wright, Oxford Internet Institute Publicity Chairs (publicity17 at petsymposium.org) Tariq Elahi, KU Leuven Kat Hanna Publications Chair (publication17 at petsymposium.org) Marc Juarez, KU Leuven Submission Guidelines ===================== Papers not following these instructions risk being rejected without consideration of their merits! Submitted papers must be at most 15 pages excluding bibliography and appendices and 20 pages total in De Gruyter Open format (LaTeX template). PC members are not required to read the appendices, which should only be used to provide additional supporting information. Unlike journals that publish extended versions of conference papers, PoPETs seeks to publish original, previously unpublished work. Submitted papers must not substantially overlap with papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings. The paper should start with the title and an abstract. The introduction should give some background and summarize the contributions of the paper at a level appropriate for a non-specialist reader. Anonymization of Submissions ============================ All submitted papers will be judged based on their quality and relevance through double-blind reviewing, where the identities of the authors are withheld from the reviewers. As an author, you are required to make a good-faith effort to preserve the anonymity of your submission, while at the same time allowing the reader to fully grasp the context of related past work, including your own. It is recognized that, at times, information regarding the identities of authors may become public outside the submission process (e.g., if a pre-print is published as a technical report or on a pre-print server) ??? the PC will ignore this external information. Minimally, please take the following steps when preparing your submission: -Remove the names and affiliations of authors from the title page. -Remove acknowledgment of identifying names and funding sources. -Use care in referring to related work, particularly your own. Do not omit references to provide anonymity, as this leaves the reviewer unable to grasp the context. Instead, reference your past work in the third person, just as you would any other piece of related work by another author. Security Proofs Some papers require lengthy security proofs to support the technical validity of the contribution. These papers should indicate this in the body of the paper and include the proof in the appendix. The acceptance or rejection notification for these papers may be delayed to allow for the proof to be reviewed, meaning that the paper may appear in the issue following the one to which it was submitted. A paper submitted to the February deadline may or may not be reviewed in time for the paper to be presented at that year???s symposium. If this occurs the paper will be published in Issue 1 of the following year and presented at that year???s symposium. Ethics ====== Papers describing experiments with users or user data (e.g., network traffic, passwords, social network information), should follow the basic principles of ethical research, e.g., beneficence (maximizing the benefits to an individual or to society while minimizing harm to the individual), minimal risk (appropriateness of the risk versus benefit ratio), voluntary consent, respect for privacy, and limited deception. Authors are encouraged to include a subsection on Ethical Principles if human subjects research is conducted, and such a discussion may be required if deemed necessary during the review process. This section should include a justification of the ethics of the work and information about whether the work was submitted to an external ethics panel such as an IRB. Research that is deemed to not have met adequate ethical standards may be rejected on those grounds. Authors are encouraged to contact PC chairs before submitting to clarify any doubts. Copyright ========= Accepted papers will be published as an open access journal by De Gruyter Open, the world's second largest publisher of open access academic content, and part of the De Gruyter group, which has over 260 years of publishing history. Authors retain copyright of their work. Papers will be published under an open access policy using a Creative Commons Attribution-NonCommercial-NoDerivs license. Best Student Paper Award ======================== The Andreas Pftzmann PETS 2017 Best Student Paper Award will be selected at PETS 2017. Papers written solely or primarily by a student who is presenting the work at PETS 2017 are eligible for the award. Submission ========== Papers must be submitted via the PETS 2017 submission server. The URL for Issue 2 is: https://submit.petsymposium.org/2017.2/. HotPETs ======= As with the last several years, part of the symposium will be devoted to HotPETs ??? the "hottest," most exciting research ideas still in a formative state. Further information will be published on the PETS 2017 website soon. From zinaida.benenson at fau.de Fri Sep 2 04:17:37 2016 From: zinaida.benenson at fau.de (Zinaida Benenson) Date: Fri, 2 Sep 2016 10:17:37 +0200 Subject: [Soups-announce] =?utf-8?q?CfP=3A_STAST_Workshop_on_Dec_5=2C_2016?= =?utf-8?q?_at_ACSAC=E2=80=9916_in_LA?= Message-ID: <15cc7470-b12c-b3d9-2320-91816a09b89b@fau.de> * ********************************************************** * 6th Int. Workshop on * Socio-Technical Aspects of Security and Trust * (STAST) - http://www.stast2016.uni.lu * December 5, 2016 * ---------------------------------------------------------- * Co-located with * 32nd Annual Computer Security Application Conference * Los Angeles, USA * ********************************************************** PUBLICATION ----------- ACM ICPS IMPORTANT DATES ---------------- Submission: 23 September 2016 Notification: 21 October 2016 Camera Ready: [after the workshop] SUBMISSION ---------- We accept (1) full papers; (2) position papers; (3) case studies For more details, please visit our web page: http://www.stast2016.uni.lu CONCEPT ------- Successful attacks on information systems often combine social engineering practices with technical skills, exploiting technical vulnerabilities, insecure user behavior, poorly designed user interfaces, and unclear or unrealistic security policies. To improve security, technology must adapt to the users, because research in social sciences and usable security has demonstrated that insecure behavior can be justified from cognitive, emotional, and social perspectives. However, also adherence to reasonable security policies and corresponding behavioral changes should augment and support technical security. Finding the right balance between the technical and the social security measures remains largely unexplored, which motivates the need for this workshop. Currently, different security communities (theoretical security, systems security, usable security, and security management) rarely work together. There is no established holistic research in security, and the respective communities tend to offload on each other parts of problems that they consider to be out of scope, an attitude that results in deficient or unsuitable security solutions. GOAL ---- The workshop intends to stimulate an exchange of ideas and experiences on how to design systems that are secure in the real world where they interact with non-expert users. It aims at bringing together experts in various areas of computer security and in social and behavioral sciences. INVITED SPEAKER ---------------- Matt Bishop (Univ. California Davis) WORKSHOP TOPICS -------------- Relevant topics include but are not limited to: * Requirements for socio-technical systems * Feasibility of policies from the socio-technical perspective * Threat models that combine technical and human-centred strategies * Technical and social factors that influence decision making in security and privacy * Balance between technical measures and social strategies in ensuring security and privacy * Studies of real-world security incidents from the socio-technical perspective * Social and technical factors that influence changes in security policies and processes * Lessons learned from holistic design and deployment of security mechanisms and policies * Models of user behaviour and user interactions with technology * Perceptions of security, risk and trust and their influence on human behaviour * Social engineering, persuasion, and other deception techniques * Root cause analysis and analysis of incidents for socio-technical security incidents * Strategies, methodology and guidelines for socio-technical and cyber-security intelligence analysis * Nudging to improve security * User experience with security technologies PROGRAM COMMITTEE ----------------- Blocki, Jeremiah (Purdue University) Budurushi, Jurlind (Univ. of Darmstadt/Secuso) Coventry, Lynne (Northumbria University) Jakobsson, Markus (Agari) Jenkinson, Graeme (Univ. of Cambridge) Kowalski, Stewart (Stockholm Univ.) Mannan, Mohammad (Concordia Univ.) Montoya, Lorena (Univ. of Twente) Neumann, Stephan (Univ. of Darmstadt/Secuso) Oliveira, Daniela (Univ. of Florida) Parkin, Simon (Univ. College London) Petrocchi, Marinella (IIT-CNR) Probst, Christian W. (DTU) Radomirovi?, Sa?a (ETH Zurich) Renaud, Karen (Univ. of Glasgow) Ryan, Peter (Univ. Luxembourg) Stobert, Elizabeth (Carleton University) Weippl, Edgar (SBA Research) Yan, Jeff (Lancaster Univ.) You, Ilsun (Soonchunhyang University) Zurko, Mary Ellen (Cisco Systems) ORGANIZING COMMITTEE -------------------- ** Programme Chairs Benenson, Zinaida (Univ. of Erlangen-Nuremberg ) Gates, Carrie (Independent Contractor) ** Workshop Organizers Bella, Giampaolo (Univ. of Catania) Lenzini, Gabriele (Univ. of Luxembourg) -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5403 bytes Desc: S/MIME Cryptographic Signature URL: From zinaida.benenson at fau.de Tue Sep 20 10:52:07 2016 From: zinaida.benenson at fau.de (Zinaida Benenson) Date: Tue, 20 Sep 2016 16:52:07 +0200 Subject: [Soups-announce] Deadline extended Sept. 30: STAST Workshop Message-ID: * ********************************************************** * 6th Int. Workshop on * Socio-Technical Aspects of Security and Trust * (STAST) - http://www.stast2016.uni.lu * December 5, 2016 * ---------------------------------------------------------- * Co-located with * 32nd Annual Computer Security Application Conference * Los Angeles, USA * ---------------------------------------------------------- * Proceedings published by ACM * ********************************************************** IMPORTANT DATES ---------------- Submission: 30 September 2016 (extended) Notification: 4 November 2016 Camera Ready: [after the workshop] SUBMISSION ---------- We accept (1) full papers; (2) position papers; (3) case studies For more details, please visit our web page: http://www.stast2016.uni.lu CONCEPT ------- Successful attacks on information systems often combine social engineering practices with technical skills, exploiting technical vulnerabilities, insecure user behavior, poorly designed user interfaces, and unclear or unrealistic security policies. To improve security, technology must adapt to the users, because research in social sciences and usable security has demonstrated that insecure behavior can be justified from cognitive, emotional, and social perspectives. However, also adherence to reasonable security policies and corresponding behavioral changes should augment and support technical security. Finding the right balance between the technical and the social security measures remains largely unexplored, which motivates the need for this workshop. Currently, different security communities (theoretical security, systems security, usable security, and security management) rarely work together. There is no established holistic research in security, and the respective communities tend to offload on each other parts of problems that they consider to be out of scope, an attitude that results in deficient or unsuitable security solutions. GOAL ---- The workshop intends to stimulate an exchange of ideas and experiences on how to design systems that are secure in the real world where they interact with non-expert users. It aims at bringing together experts in various areas of computer security and in social and behavioral sciences. INVITED SPEAKER ---------------- Matt Bishop (Univ. California Davis) WORKSHOP TOPICS -------------- Relevant topics include but are not limited to: * Requirements for socio-technical systems * Feasibility of policies from the socio-technical perspective * Threat models that combine technical and human-centred strategies * Technical and social factors that influence decision making in security and privacy * Balance between technical measures and social strategies in ensuring security and privacy * Studies of real-world security incidents from the socio-technical perspective * Social and technical factors that influence changes in security policies and processes * Lessons learned from holistic design and deployment of security mechanisms and policies * Models of user behaviour and user interactions with technology * Perceptions of security, risk and trust and their influence on human behaviour * Social engineering, persuasion, and other deception techniques * Root cause analysis and analysis of incidents for socio-technical security incidents * Strategies, methodology and guidelines for socio-technical and cyber-security intelligence analysis * Nudging to improve security * User experience with security technologies PROGRAM COMMITTEE ----------------- Blocki, Jeremiah (Purdue University) Budurushi, Jurlind (Univ. of Darmstadt/Secuso) Coventry, Lynne (Northumbria University) Jakobsson, Markus (Agari) Jenkinson, Graeme (Univ. of Cambridge) Kowalski, Stewart (Stockholm Univ.) Mannan, Mohammad (Concordia Univ.) Montoya, Lorena (Univ. of Twente) Neumann, Stephan (Univ. of Darmstadt/Secuso) Oliveira, Daniela (Univ. of Florida) Parkin, Simon (Univ. College London) Petrocchi, Marinella (IIT-CNR) Probst, Christian W. (DTU) Radomirovi?, Sa?a (ETH Zurich) Renaud, Karen (Univ. of Glasgow) Ryan, Peter (Univ. Luxembourg) Stobert, Elizabeth (ETH Zurich) Weippl, Edgar (SBA Research) Yan, Jeff (Lancaster Univ.) You, Ilsun (Soonchunhyang University) Zurko, Mary Ellen (Cisco Systems) ORGANIZING COMMITTEE -------------------- ** Programme Chairs Benenson, Zinaida (Univ. of Erlangen-Nuremberg ) Gates, Carrie (Independent Contractor) ** Workshop Organizers Bella, Giampaolo (Univ. of Catania) Lenzini, Gabriele (Univ. of Luxembourg) -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5403 bytes Desc: S/MIME Cryptographic Signature URL: From melanie.volkamer at cased.de Tue Oct 25 10:26:06 2016 From: melanie.volkamer at cased.de (Melanie Volkamer) Date: Tue, 25 Oct 2016 16:26:06 +0200 Subject: [Soups-announce] USEC 2017 Call for Papers Message-ID: <8d12ccc7-cf1d-0245-e7fe-8252e54c0b73@cased.de> We are proud to chair next year's USEC 2017 conference in San Diego after the successful EuroUSEC 2016 (during the security week). Usable Security (USEC) Workshop Call for Papers Paper Submission Deadline: 1 December 2016 One cannot have security and privacy without considering both the technical and human aspects thereof. If the user is not given due consideration in the development process, the system is likely to enable users to protect their privacy and security in the Internet. Usable security and security is more complicated than traditional usability. This is because traditional usability principles cannot always be applied. For example, one of the cornerstones of usability is that people are given feedback on their actions, and are helped to recover from errors. In authentication, we obfuscate password entry (a usability fail) and we give people no assistance to recover from errors. Moreover, security is often not related to the actual functionality of the system, so people often see it as a bolt-on, and an annoying hurdle. These and other usability challenges of security are the focus of this workshop. We invite submissions on all aspects of human factors including mental models, adoption, and usability in the context of security and privacy. USEC 2017 aims to bring together researchers already engaged in this interdisciplinary effort with other computer science researchers in areas such as visualization, artificial intelligence, machine learning and theoretical computer science as well as researchers from other domains such as economics, legal scientists, social scientists, and psychology. We particularly encourage collaborative research from authors in multiple disciplines. Topics include, but are not limited to: * Human factors related to the deployment of the Internet of Things (New topic for 2017) * Usable security / privacy evaluation of existing and/or proposed solutions. * Mental models that contribute to, or complicate, security or privacy * Lessons learned from designing, deploying, managing or evaluating security and privacy technologies * Foundations of usable security and privacy incl. usable security and privacy patterns * Ethical, psychological, sociological, economic, and legal aspects of security and privacy technologies We further encourage submissions that contribute to the research community?s knowledge base: * Reports of replicating previously published studies and experiments * Reports of failed usable security studies or experiments, with the focus on the lessons learned from such experience. It is the aim of USEC to contribute to an increase of the scientific quality of research in human factors in security and privacy. To this end, we encourage the use of replication studies to validate research findings. This important and often very insightful branch of research is sorely underrepresented in human factors in security and privacy research to date. Papers in these categories should be clearly marked as such and will not be judged against regular submissions on novelty. Rather, they will be judged based on scientific quality and value to the community. We also encourage reports of failed experiments, since their publication will serve to prevent others falling into the same traps. Location and Important Dates Paper submission: 1 December 2016 (11:59pm PST) - see note below on CHI submissions Notification: 21 January 2017 Camera ready copy due: 31 January 2017 Workshop: 26 February 2017 (co-located with NDSS 2017) Location: Catamaran Resort Hotel & Spa in San Diego, California. Submission Instructions Papers should be written in English. Full papers must be no more than 10 pages total (excluding references and appendices). Papers must be formatted for US letter size (not A4) paper in a two-column layout, with columns no more than 9.25 inch high and 3.5 inch wide. The text must be in Times font, 10-point or larger, with 11-point or larger line spacing. Authors are encouraged to use the NDSS provided templates (https://www.internetsociety.org/events/ndss-symposium/ndss-templates). We also invite short papers of up to 6 pages covering work in progress, short communications, as well as novel or provocative ideas. Short papers will be selected based on their potential to spark interesting discussions during the workshop. Papers that contribute to the research community?s knowledge base such as studies replicating previous results can be submitted as full or short papers. Submissions do not have to be anonymized for review. Please clearly refer to your own related work. Note: USEC would like to accommodate those who are waiting to hear back about their CHI 2017 submissions but who would like to also submit their work for consideration for USEC. The CHI decision notification is expected to be December 12, 2016. Owing to the overlapping dates for both conferences, we have made allowances *in this instance only* for duplicate submissions. Please read the following information carefully. You may submit work already submitted to the CHI "Papers & Notes" track to USEC 2017 before you receive your acceptance notification from CHI, provided that: 1. you clearly indicate on the manuscript that the work has been submitted to CHI 2017; 2. you email the PC chair (usec2017 at easychair.org) at the time of submission to USEC; 3. you inform the PC chair immediately when you are notified about the status of your CHI submission. Any work accepted for publication at CHI will be withdrawn from consideration for USEC 2017. The proceedings will be published by the Internet Society. Conference Website http://www.karenrenaud.com/usec Program Chairs Melanie Volkamer, Karlstad and Darmstadt Karen Renaud, Glasgow -- Dr. Melanie Volkamer Head of Group SecUSo- IT Security, Usability and Society Center for Advanced Security Research Darmstadt TU Darmstadt Hochschulstrasse 10 D - 64289 Darmstadt Phone: +49(0) 6151 16 5422 Fax: +49(0) 6151 16 4825 E-Mail: melanie.volkamer at cased.de Web: www.secuso.cased.de -------------- next part -------------- An HTML attachment was scrubbed... URL: From melanie.volkamer at cased.de Tue Nov 29 02:12:00 2016 From: melanie.volkamer at cased.de (Melanie Volkamer) Date: Tue, 29 Nov 2016 08:12:00 +0100 Subject: [Soups-announce] USEC 2017 Call for papers (deadline extended) In-Reply-To: <621f7299-ff25-99f6-827f-abd10ed5d5e2@secuso.org> References: <621f7299-ff25-99f6-827f-abd10ed5d5e2@secuso.org> Message-ID: <63cd4f8c-6bdf-801e-b831-63dd72b90641@cased.de> Usable Security (USEC) Workshop Call for Papers (Deadline Extended) Abstract Submission Deadline: 7 December 2016 Full paper Submission Deadline: 14 December 2016 Conference Website: http://www.karenrenaud.com/usec ================== USEC CFP ======== One cannot have security and privacy without considering both the technical and human aspects thereof. If the user is not given due consideration in the development process, the system is likely to enable users to protect their privacy and security in the Internet. Usable security and security is more complicated than traditional usability. This is because traditional usability principles cannot always be applied. For example, one of the cornerstones of usability is that people are given feedback on their actions, and are helped to recover from errors. In authentication, we obfuscate password entry (a usability fail) and we give people no assistance to recover from errors. Moreover, security is often not related to the actual functionality of the system, so people often see it as a bolt-on, and an annoying hurdle. These and other usability challenges of security are the focus of this workshop. We invite submissions on all aspects of human factors including mental models, adoption, and usability in the context of security and privacy. USEC 2017 aims to bring together researchers already engaged in this interdisciplinary effort with other computer science researchers in areas such as visualization, artificial intelligence, machine learning and theoretical computer science as well as researchers from other domains such as economics, legal scientists, social scientists, and psychology. We particularly encourage collaborative research from authors in multiple disciplines. Topics include, but are not limited to: * Human factors related to the deployment of the Internet of Things (New topic for 2017) * Usable security / privacy evaluation of existing and/or proposed solutions. * Mental models that contribute to, or complicate, security or privacy * Lessons learned from designing, deploying, managing or evaluating security and privacy technologies * Foundations of usable security and privacy incl. usable security and privacy patterns * Ethical, psychological, sociological, economic, and legal aspects of security and privacy technologies We also encourage submissions that contribute to the research community?s knowledge base: * Reports of replicating previously published studies and experiments * Reports of failed usable security studies or experiments, with the focus on the lessons learned from such experience. It is the aim of USEC to contribute to an increase of the scientific quality of research in human factors in security and privacy. To this end, we encourage the use of replication studies to validate research findings. This important and often very insightful branch of research is sorely underrepresented in human factors in security and privacy research to date. Papers in these categories should be clearly marked as such and will not be judged against regular submissions on novelty. Rather, they will be judged based on scientific quality and value to the community. We also encourage reports of failed experiments, since their publication will serve to prevent others falling into the same traps. Location and Important Dates ============================ Paper Abstract submission (already extended): 7 December 2016 (11:59pm PST) - see note below on CHI submissions Full Paper submission (already extended): 14 December 2016 (11:59pm PST) - see note below on CHI submissions Notification: 21 January 2017 Camera ready copy due: 31 January 2017 Workshop: 26 February 2017 (co-located with NDSS 2017) Location: Catamaran Resort Hotel & Spa in San Diego, California. Submission Instructions ====================== Papers should be written in English. Full papers must be no more than 10 pages total (excluding references and appendices). Papers must be formatted for US letter size (not A4) paper in a two-column layout, with columns no more than 9.25 inch high and 3.5 inch wide. The text must be in Times font, 10-point or larger, with 11-point or larger line spacing. Authors are encouraged to use the NDSS provided templates (https://www.internetsociety.org/events/ndss-symposium/ndss-templates). We also invite short papers of up to 6 pages covering work in progress, short communications, as well as novel or provocative ideas. Short papers will be selected based on their potential to spark interesting discussions during the workshop. Papers that contribute to the research community's knowledge base such as studies replicating previous results can be submitted as full or short papers. Submissions do not have to be anonymized for review. Please clearly refer to your own related work. USEC would like to accommodate those who are waiting to hear back about their CHI 2017 submissions. The CHI decision notification is expected to be December 12, 2016. If you think your CHI paper may not be accepted, please submit an abstract on the 7th December. Then if your paper *is* accepted you can (1) simply log into the system and withdraw the abstract. (2) email the PC chairs (usec2017 at easychair.org) to let them know you are withdrawing. The proceedings will be published by the Internet Society. Program Committee Chairs ======================== Melanie Volkamer, Karlstad and Darmstadt Karen Renaud, Glasgow -- Dr.-Ing. Jurlind Budurushi Postdoctoral resarcher Technische Universit?t Darmstadt Department of Computer Science SECUSO - Security, Usability and Society Mornewegstra?e 30, 64293 Darmstadt, GE Building S4|14, Room 3.1.15 Phone: +49(0) 6151 16 20813 Facebook: https://www.facebook.com/secuso Twitter: https://www.twitter.com/secusotu