[Owasp-italy] IBWAS'09 Announcement and Call for Papers

Matteo Meucci matteo.meucci at owasp.org
Sun Sep 20 11:53:35 EDT 2009

First Iberic Conference on Web-Applications Security (IBWAS’09)

Escuela Universitaria de Ingeniería Técnica de Telecomunicacíon -
Universidad Politécnica de Madrid

10th – 11th December 2009

Madrid, Spain


Announce and Call for Papers



There is a change in the information systems development paradigm. The
emergence of Web 2.0 technologies led to the extensive deployment and
use of web-based applications and web services as a way to developed
new and flexible information systems. Such systems are easy to
develop, deploy and maintain and demonstrate impressive features for
users, resulting in their current wide use.

As a result of this paradigm shift, the security requirements have
also changed. These web-based information systems have different
security requirements, when compared to traditional systems. Important
security issues have been found and privacy concerns have also been
raised recently. In addition, the emerging Cloud Computing paradigm
promises even greater flexibility; however corresponding security and
privacy issues still need to be examined. The security environment
should involve not only the surrounding environment but also the
application core.

This conference aims to bring together application security experts,
researchers, educators and practitioners from the industry, academia
and international communities such as OWASP, in order to discuss open
problems and new solutions in application security. In the context of
this track academic researchers will be able to combine interesting
results with the experience of practitioners and software engineers.

Keynote Speakers


* Bruce Schneier, acclaimed security guru, author, BT CSTO (confirmed)

* Inspector Jorge Martín, High Tech Crime Unit of the Spanish National Police

Conference Topics


Suggested topics for papers submission include (but are not limited to):

• Secure application development

• Security of service oriented architectures

• Security of development frameworks

• Threat modelling of web applications

• Cloud computing security

• Web applications vulnerabilities and analysis (code review,
pen-test, static analysis etc.)

• Metrics for application security

• Countermeasures for web application vulnerabilities

• Secure coding techniques

• Platform or language security features that help secure web applications

• Secure database usage in web applications

• Access control in web applications

• Web services security

• Browser security

• Privacy in web applications

• Standards, certifications and security evaluation criteria for web

• Application security awareness and education

• Security for the mobile web

• Attacks and Vulnerability Exploitation

Paper Submission Instructions


Authors should submit an original paper in English, carefully checked
for correct grammar and spelling, using the on-line submission
procedure (http://paperman.ibwas.com). Please check the paper formats
so you may be aware of the accepted paper page limits (8 pages, in
accordance to a supplied template).

The guidelines for paper formatting provided at the conference web
site must be strictly used for all submitted papers. The submission
format is the same as the camera-ready format. Please check and
carefully follow the instructions and templates provided.

Each paper should clearly indicate the nature of its
technical/scientific contribution, and the problems, domains or
environments to which it is applicable.

Papers that are out of the conference scope or contain any form of
plagiarism will be rejected without reviews.

Remarks about the on-line submission procedure:

1. A "double-blind" paper evaluation method will be used. To
facilitate that, the authors are kindly requested to produce and
provide the paper, WITHOUT any reference to any of the authors. This
means that is necessary to remove the author’s personal details, the
acknowledgements section and any reference that may disclose the
authors identity

2. Papers in ODF, PDF, DOC, DOCX or RTF format are accepted

3. The web submission procedure automatically sends an
acknowledgement, by e-mail, to the contact author.

Paper submission types


Regular Paper Submission

A regular paper presents a work where the research is completed or
almost finished. It does not necessary means that the acceptance is as
a full paper. It may be accepted as a "full paper" (30 min. oral
presentation), a "short paper" (15 min. oral presentation) or a

Position Paper Submission

A position paper presents an arguable opinion about an issue. The goal
of a position paper is to convince the audience that your opinion is
valid and worth listening to, without the need to present completed
research work and/or validated results. It is, nevertheless, important
to support your argument with evidence to ensure the validity of your
claims. A position paper may be a short report and discussion of
ideas, facts, situations, methods, procedures or results of scientific
research (bibliographic, experimental, theoretical, or other) focused
on one of the conference topic areas. The acceptance of a position
paper is restricted to the categories of "short paper" or "poster",
i.e. a position paper is not a candidate to acceptance as "full


After the reviewing process is completed, the contact author (the
author who submits the paper) of each paper will be notified of the
result, by e-mail. The authors are required to follow the reviews in
order to improve their paper before the camera-ready submission.


All accepted papers will be published in the conference proceedings,
under an ISBN reference, in paper and in CD-ROM support.




E-mail: secretariat at ibwas.com

Important Dates

Submission of papers due: 30th September 2009

Notification of acceptance: 20th October 2009

Camera-ready version of accepted contributions: 15th November 2009

Conference: 10th – 11th December 2009

Conference Chairs


Vicente Aguilera, OWASP Spain, Spain

Carlos Serrão, ISCTE-IUL Instituto Universitário de Lisboa, OWASP
Portugal, Portugal

Fabio Cerullo, OWASP Global Education Commitie, OWASP Ireland, Ireland

Conference Program Committee


André Zúquete, Universidade De Aveiro, Portugal

Candelaria Hernández-Goya, Universidad De La Laguna, Spain

Carlos Costa, Universidade De Aveiro, Portugal

Carlos Ribeiro, Instituto Superior Técnico, Portugal

Eduardo Neves, OWASP Education Committee, OWASP Brazil, Brazil

Francesc Rovirosa i Raduà, Universitat Oberta de Catalunya (UOC), Spain

Gonzalo Álvarez Marañón, Consejo Superior de Investigaciones
Científicas (CSIC), Spain

Isaac Agudo, University of Malaga, Spain

Jaime Delgado, Universitat Politecnica De Catalunya, Spain

Javier Hernando, Universitat Politecnica De Catalunya, Spain

Javier Rodríguez Saeta, Barcelona Digital, Spain

Joaquim Castro Ferreira, Universidade de Lisboa, Portugal

Joaquim Marques, Instituto Politécnico de Castelo Branco, Portugal

Jorge Dávila Muro, Universidad Politécnica de Madrid (UPM), Spain

Jorge E. López de Vergara, Universidad Autónoma de Madrid, Spain

José Carlos Metrôlho, Instituto Politécnico de Castelo Branco, Portugal

José Luis Oliveira, Universidade De Aveiro, Portugal

Kuai Hinojosa, OWASP Global Education Committee, New York University,
United States

Leonardo Chiariglione, Cedeo, Italy

Manuel Sequeira, ISCTE-IUL Instituto Universitário de Lisboa, Portugal

Marco Vieira, Universidade de Coimbra, Portugal

Mariemma I. Yagüe, University of Málaga, Spain

Miguel Correia, Universidade de Lisboa, Portugal

Miguel Dias, Microsoft, Portugal

Nuno Neves, Universidade de Lisboa, Portugal

Panos Kudumakis, Queen Mary University of London, United Kingdom

Paulo Sousa, Universidade de Lisboa, Portugal

Rodrigo Roman, University of Malaga, Spain

Rui Cruz, Instituto Superior Técnico, Portugal

Rui Marinheiro, ISCTE-IUL Instituto Universitário de Lisboa, Portugal

Sérgio Lopes, Universidade do Minho, Portugal

Víctor Villagrá, Universidad Politécnica de Madrid (UPM), Spain

Vitor Filipe, Universidade de Trás-os-Montes e Alto Douro, Portugal

Vitor Santos, Microsoft, Portugal

Vitor Torres, Universitat Pompeu Fabra, Spain

Wagner Elias, OWASP Brazil Chapter Leader, Brazil

(this list is not yet complete)

Carlos Serrão, Ph.D., M.Sc.: ISCTE/DCTI Assistant Professor |
NetMuST/Adetti Researcher - website - blog - allofads.com

contacts | carlos.serrao at iscte.pt, carlos.j.serrao at gmail.com skype |
pontocom msn | pontocom73 at hotmail.com | linkedin

Carlos Serrão, Ph.D., M.Sc.: ISCTE/DCTI Assistant Professor |
NetMuST/Adetti Researcher - website - blog - allofads.com
contacts | carlos.serrao at iscte.ptcarlos.j.serrao at gmail.com skype |
pontocom msn | pontocom73 at hotmail.com | linkedin

More information about the Owasp-italy mailing list