 |
 |
CALL FOR PAPERS 2nd Evolving Security & Privacy Requirements Engineering Workshop: co-located with 23nd IEEE International Requirements Engineering Conference http://espre2015.org 25 August - Ottawa Canada * INTRODUCTION When specifying a system, security and privacy needs to be addressed as early as possible. Unfortunately, many people find doing so difficult in the face of conflicting priorities. When these concerns are addressed, we discover how intrinsically difficult specifying security and privacy can be, and the blurred distinction between requirements and security and privacy concepts. The Evolving Security and Privacy Requirements Engineering (ESPRE) Workshop will be a multi-disciplinary, one-day workshop that brings together practitioners and researchers interested in security and privacy requirements. ESPRE will probe the interfaces between Requirements Engineering and Security & Privacy, and take the first step in evolving security and privacy requirements engineering to meet a range of needs of stakeholders ranging from business analysts and security engineers, to technology entrepreneurs and privacy advocates. * KEYNOTE SPEAKERS ** Robert Biddle: Carleton University ** Steven Johnston: Office of the Privacy Commissioner of Canada * TOPICS Topics addressed by ESPRE are those that promote discussion about advancing Security & Privacy Requirements Engineering. These include, but are not excluded to: * Security and privacy requirements elicitation and analysis * Identification and management of all stakeholders (including attackers) * Modelling multilateral stakeholder perspectives on security and privacy * Scalability of security requirements engineering approaches * Modelling of domain knowledge for security and privacy requirements * Ontologies for security and privacy requirements engineering * Security and privacy requirements engineering processes * Evolution of security and privacy requirements * Security requirements-based testing * Consideration of legal compliance during security & privacy requirements engineering * Use of requirements engineering to create security and privacy standard-compliant software * Modelling of trust and risk * Validation and verification of security and privacy requirements * Teaching and training in security and privacy requirements engineering * The role of security and privacy requirements engineering to support design innovation * Positive (and especially negative) lessons learned applying security and requirements engineering in practice * IMPORTANT DATES * Submission deadline: June 9th, 2015 * Decisions to authors: June 30th, 2015 * Camera ready papers due: July 15th, 2015 * Workshop date: August 25th, 2015 * COMMITEES Organising Committee Kristian Beckers (University of Duisburg-Essen, Germany) Shamal Faily (Bournemouth University, UK) Seok-Won Lee (Ajou University, South Korea) Nancy Mead (Carnegie Mellon University, USA) Programme Committee Raian Ali (Bournemouth University, UK) Andrea Atzeni (Politecnico di Torino, Italy) Dan Berry (University of Waterloo, Canada) Travis Breaux (Carnegie Mellon University, USA) Stephan Fa·bender (University of Duisburg-Essen, Germany) Stefan Fenz (Vienna University of Technology, Austria) Carmen Fernandez Gago (University of Malaga, Spain) Eduardo Fernandez-Medina Pat¢n (Universidad de Castilla-La Mancha, Spain) Nalin Asanka Gamagedara Arachchilage (University of British Columbia, Canada) Sepideh Ghanavati (CRP Henri Tudor, Luxembourg) Martin Gilje Jaatun (SINTEF ICT, Norway) Marit Hansen (Independent Centre for Privacy Protection Schleswig-Holstein, Germany) Maritta Heisel (University of Duisburg-Essen, Germany) Denis Hatebur (ITESYS, Germany) Meiko Jensen (Syddansk Universitet, Denmark) Christos Kalloniatis (University of the Aegean, Greece) Anne Koziolek (Karlsruhe Institute of Technology, Germany) Raimundas Matulevicius (University of Tartu, Estonia) Haralambos Mouratidis (University of Brighton, UK) Martin Ochoa (Technical University Munich, Germany) Federica Paci (University of Trento, Italy) Jaehong Park (University of Texas at San Antonio, USA) Aljosa Pasic (ATOS, Spain) Thomas Santen (Microsoft Research, Germany) Riccardo Scandariato (KU Leuven, Belgium) Holger Schmidt (TöV Informationstechnik GmbH, Germany) Mohamed Shehab (University of North Carolina at Charlotte, USA) Bjørnar Solhaug (SINTEF ICT, Norway) Ketil Stølen (SINTEF ICT, Norway) Sven Wenzel (Fraunhofer ISST, Germany) Nicola Zannone (Eindhoven University of Technology, The Netherlands) Mohammad Zulkernine (Queen’s University, Canada) --- Dr Shamal Faily Lecturer in Systems Security Engineering Department of Computing and Informatics Faculty of Science and Technology Bournemouth University E: [log in to unmask]<mailto:[log in to unmask]> T: +44 (0)1202 962406 BU is a Disability Two Ticks Employer and has signed up to the Mindful Employer charter. Information about the accessibility of University buildings can be found on the BU DisabledGo webpages This email is intended only for the person to whom it is addressed and may contain confidential information. If you have received this email in error, please notify the sender and delete this email, which must not be copied, distributed or disclosed to any other person. Any views or opinions presented are solely those of the author and do not necessarily represent those of Bournemouth University or its subsidiary companies. Nor can any contract be formed on behalf of the University or its subsidiary companies via email.