[Owasp-brazilian] Fwd: CFP AppSec EU Athens

Lucas Ferreira lucas.ferreira at owasp.org
Sat Feb 4 23:01:40 UTC 2012


---------- Forwarded message ----------
From: Kate Hartmann <kate.hartmann at owasp.org>
Date: Fri, Feb 3, 2012 at 17:46
Subject: CFP AppSec EU Athens
To: owasp-all at lists.owasp.org

The Open Web Application Security Project

OWASP AppSec Research 2012
July 10-13th, Athens, Greece


Aims and Scope
The objective of OWASP AppSec Research 2012 is to discuss and
demonstrate the importance of security risks, threats, and
countermeasures in software applications.

The majority of recent high-profile security breaches are mainly

attributed to application-level vulnerabilities. Additionally, recent
surveys indicate that government applications demonstrate increased
vulnerabilities and at the same time elevated risk, as they store and
process critical information such as PII, health information, national
security data and furthermore operate critical systems.
Traditionally, the focus of the security community has been mainly
placed on the network perimeter, ignoring, to a large extent, the
increased risk of insecure software. In addition, the proliferation of
the use of web-based applications and services from traditional
desktop-based browsers to mobile devices, or even the “cloud” has only
increased the potential surface of attack and overall complexity. As a
result, the challenges in the field of application security have only
increased for those that build, test or defend software applications.
OWASP AppSec Research focuses on new threats and vulnerabilities but
also novel methodologies for testing and defending applications.

List of Topics
We welcome the submission of both presentation proposals and research
papers from the full spectrum of application security.
- Application security
- Security aspects of new/emerging web technologies/paradigms
(mashups, web 2.0,  offline support, etc)
- Security in web services, XML, REST, and service oriented architectures
- Security in cloud-based services
- Security of development frameworks (Struts, Spring, ASP.Net MVC etc)
- New security features in platforms or languages
- Next-generation browser security
- Security for the mobile web
- Secure application development (methods, processes etc) and secure
coding practices
- Business risks of Application Security
- Starting and Managing Secure Development Lifecycle Programs.
- Privacy Concerns regarding applications and Data Storage
- Threat modeling of applications
- Vulnerability analysis and application security testing (code
review, pentest, static analysis etc)
- Countermeasures for application vulnerabilities
- Metrics for application security
- Application security awareness and education
- Securing e-government applications and services
- Government Initiatives & Case Studies
- OWASP Tools and Projects
- Anything else relating to OWASP and Application Security.

Important Dates
Submission of papers by:        April 15th, 2012

Notification of acceptance:     May 18th, 2012
Camera-ready version of papers: June 3rd, 2012
Conference Dates:       July 12-13, 2012

We accept the following types of submissions:

All papers and presentation/demo proposals should be submitted through

Presentation/Demo Proposals
A presentation proposal should consist of a 2 page extended abstract
representing the essential matter proposed by the speaker(s).
Presentation slides and video takes will be posted on the OWASP wiki
after the conference.
A demo proposal should consist of a 1 page abstract summarizing the
matter proposed by the speaker(s) and 1 page containing demo
screenshot(s). Demos will have ordinary speaker slots but the speakers
are expected to run a demo during the talk (live coding counts as a
demo), not just a slideshow. Presentation slides and video takes will
be posted on the OWASP wiki after the conference.

Research Papers
Authors are invited to submit original research papers offering novel
contribution, written in English, with a very precise and concise
presentation of no more than 12 pages in Springer LNCS style for
"Proceedings and Other Multiauthor Volumes". Templates for preparing
papers in this style for LaTeX, Word, etc can be downloaded from:

Full papers must be submitted in a form suitable for anonymous review:
remove author names and affiliations from the title page, and avoid
explicit self-referencing in the text. Submission implies the
willingness of at least one of the authors to register and present the

paper. All papers will be anonymously reviewed by at least two members
of the program committee.

Full papers, presentation slides and video takes will be posted on the
OWASP wiki after the conference.
Extended versions of the best research papers on the topic of
“Security for E-Government Applications and Services” will be selected
for publication on the Special Issue of the International Journal of

E-Government (http://www.inderscience.com/ijeg).

OWASP AppSec Research 2012 Co-Chairs
Konstantinos Papapanagiotou, OWASP, Greece (Konstantinos at owasp.org)
Vasileios Vlachos, TEI of Larissa, Greece (vsvlachos at gmail.com)

OWASP AppSec Research 2012 Program Committee
Yiorgos Adamopoulos, TEE, Greece

Andreas Fuchsberger, Royal Holloway, UK

Panagiotis Georgiadis, University of Athens, Greece
Giles Hogben, ENISA, EU
Christos Ilioudis, TEI of Thessaliniki, Greece
Vassilis Katos, Democritus University of Thrace, Greece
Emmanouel Kellinis, UK
Angelos Keromytis, Columbia University, USA
Athanasios Kostopoulos, independent researcher, Greece
Harry Manifavas, TEI of Crete, Greece
Dimitris Mitropoulos, Athens University of Economics and Business, Greece
Alex Papanikolaou, TEI of Larissa, Greece
Carlos Serrao, ISCTE, Portugal
Stelios Tigkas, FortConsult, Denmark
Costas Vassilakis, University of Peloponnese, Greece
John Wilander, OWASP, Sweden

Kate Hartmann

Operations Director



Skype:  Kate.hartmann1

To unsubscribe from the Owasp-all mailing list, you will need to
unsubscribe yourself from all OWASP mailing lists you belong too. This
list is automatically generated to allow OWASP to contact all
it’s members in one distribution.

Best regards, OWASP

Homo sapiens non urinat in ventum.

More information about the Owasp-brazilian mailing list