[Owasp-leaders] Reminder: First Iberic Conference on Web-Applications Security (IBWAS’09) - Extended deadline

Carlos Serrao carlos.serrao at iscte.pt
Thu Sep 24 19:03:46 EDT 2009

we would appreciate if you could promote this event that will be co- 
organized by OWASP Spain and OWASP Portugal.

Bellow you can find the Call for Papers, for the 1st Iberic Conference  
on Web-Applications Security.

Thanks in advance.

Best regards,

(Apologies for cross-posting.)
We would appreciate if you could distribute this information by your  
colleagues and co-workers.

First Iberic Conference on Web-Applications Security (IBWAS’09)
Escuela Universitaria de Ingeniería Técnica de Telecomunicacíon -  
Universidad Politécnica de Madrid
10th – 11th December 2009
Madrid, Spain
[organised by OWASP Spain and OWASP Portugal]

Announce and Call for Papers

There is a change in the information systems development paradigm. The  
emergence of Web 2.0 technologies led to the extensive deployment and  
use of web-based applications and web services as a way to developed  
new and flexible information systems. Such systems are easy to  
develop, deploy and maintain and demonstrate impressive features for  
users, resulting in their current wide use.

As a result of this paradigm shift, the security requirements have  
also changed. These web-based information systems have different  
security requirements, when compared to traditional systems. Important  
security issues have been found and privacy concerns have also been  
raised recently. In addition, the emerging Cloud Computing paradigm  
promises even greater flexibility; however corresponding security and  
privacy issues still need to be examined. The security environment  
should involve not only the surrounding environment but also the  
application core.

This conference aims to bring together application security experts,  
researchers, educators and practitioners from the industry, academia  
and international communities such as OWASP, in order to discuss open  
problems and new solutions in application security. In the context of  
this track academic researchers will be able to combine interesting  
results with the experience of practitioners and software engineers.

Conference proceedings will be published by Springer in the  
"Communications in Computer and Information Science" (CCIS) series.

Keynote Speakers
* Bruce Schneier, acclaimed security guru, author, BT CSTO (confirmed)
* Inspector Jorge Martín from the High Tech Crime Unit of the Spanish  
National Police (confirmed)

Conference Topics
Suggested topics for papers submission include (but are not limited to):
• Secure application development
• Security of service oriented architectures
• Security of development frameworks
• Threat modelling of web applications
• Cloud computing security
• Web applications vulnerabilities and analysis (code review, pen- 
test, static analysis etc.)
• Metrics for application security
• Countermeasures for web application vulnerabilities
• Secure coding techniques
• Platform or language security features that help secure web  
• Secure database usage in web applications
• Access control in web applications
• Web services security
• Browser security
• Privacy in web applications
• Standards, certifications and security evaluation criteria for web  
• Application security awareness and education
• Security for the mobile web
• Attacks and Vulnerability Exploitation

Paper Submission Instructions
Authors should submit an original paper in English, carefully checked  
for correct grammar and spelling, using the on-line submission  
procedure (http://paperman.ibwas.com). Please check the paper formats  
so you may be aware of the accepted paper page limits (10 pages, in  
accordance to a supplied template).

The guidelines for paper formatting provided at the conference web  
site must be strictly used for all submitted papers. The submission  
format is the same as the camera-ready format. Please check and  
carefully follow the instructions and templates provided.

Each paper should clearly indicate the nature of its technical/ 
scientific contribution, and the problems, domains or environments to  
which it is applicable.
Papers that are out of the conference scope or contain any form of  
plagiarism will be rejected without reviews.

Remarks about the on-line submission procedure:
1. A "double-blind" paper evaluation method will be used. To  
facilitate that, the authors are kindly requested to produce and  
provide the paper, WITHOUT any reference to any of the authors. This  
means that is necessary to remove the author’s personal details, the  
acknowledgements section and any reference that may disclose the  
authors identity
2. Papers in ODF, PDF, DOC, DOCX or RTF format are accepted
3. The web submission procedure automatically sends an  
acknowledgement, by e-mail, to the contact author.

Paper submission types
Regular Paper Submission
A regular paper presents a work where the research is completed or  
almost finished. It does not necessary means that the acceptance is as  
a full paper. It may be accepted as a "full paper" (30 min. oral  
presentation), a "short paper" (15 min. oral presentation) or a  

Position Paper Submission
A position paper presents an arguable opinion about an issue. The goal  
of a position paper is to convince the audience that your opinion is  
valid and worth listening to, without the need to present completed  
research work and/or validated results. It is, nevertheless, important  
to support your argument with evidence to ensure the validity of your  
claims. A position paper may be a short report and discussion of  
ideas, facts, situations, methods, procedures or results of scientific  
research (bibliographic, experimental, theoretical, or other) focused  
on one of the conference topic areas. The acceptance of a position  
paper is restricted to the categories of "short paper" or "poster",  
i.e. a position paper is not a candidate to acceptance as "full paper".

After the reviewing process is completed, the contact author (the  
author who submits the paper) of each paper will be notified of the  
result, by e-mail. The authors are required to follow the reviews in  
order to improve their paper before the camera-ready submission.

All accepted papers will be published in the conference proceedings.  
Conference proceedings will be published by Springer in the  
"Communications in Computer and Information Science" (CCIS) series.


E-mail: secretariat at ibwas.com

Important Dates
Submission of papers due: 31st October 2009
Notification of acceptance: 9th November 2009
Camera-ready version of accepted contributions: 15th November 2009
Conference: 10th – 11th December 2009

Conference Chairs
Vicente Aguilera Díaz, Internet Security Auditors, OWASP Spain, Spain
Carlos Serrão, ISCTE-IUL Instituto Universitário de Lisboa, OWASP  
Portugal, Portugal
Fabio Cerullo, OWASP Global Education Commitie, OWASP Ireland, Ireland

Conference Program Committee
André Zúquete, Universidade De Aveiro, Portugal
Candelaria Hernández-Goya, Universidad De La Laguna, Spain
Carlos Costa, Universidade De Aveiro, Portugal
Carlos Ribeiro, Instituto Superior Técnico, Portugal
Eduardo Neves, OWASP Education Committee, OWASP Brazil, Brazil
Francesc Rovirosa i Raduà, Universitat Oberta de Catalunya (UOC), Spain
Gonzalo Álvarez Marañón, Consejo Superior de Investigaciones  
Científicas (CSIC), Spain
Isaac Agudo, University of Malaga, Spain
Jaime Delgado, Universitat Politecnica De Catalunya, Spain
Javier Hernando, Universitat Politecnica De Catalunya, Spain
Javier Rodríguez Saeta, Barcelona Digital, Spain
Joaquim Castro Ferreira, Universidade de Lisboa, Portugal
Joaquim Marques, Instituto Politécnico de Castelo Branco, Portugal
Jorge Dávila Muro, Universidad Politécnica de Madrid (UPM), Spain
Jorge E. López de Vergara, Universidad Autónoma de Madrid, Spain
José Carlos Metrôlho, Instituto Politécnico de Castelo Branco, Portugal
José Luis Oliveira, Universidade De Aveiro, Portugal
Kuai Hinojosa, OWASP Global Education Committee, New York University,  
United States
Leonardo Chiariglione, Cedeo, Italy
Leonardo Lemes, Unisinos, Brasil
Manuel Sequeira, ISCTE-IUL Instituto Universitário de Lisboa, Portugal
Marco Vieira, Universidade de Coimbra, Portugal
Mariemma I. Yagüe, University of Málaga, Spain
Miguel Correia, Universidade de Lisboa, Portugal
Miguel Dias, Microsoft, Portugal
Nuno Neves, Universidade de Lisboa, Portugal
Osvaldo Santos, Instituto Politécnico de Castelo Branco, Portugal
Panos Kudumakis, Queen Mary University of London, United Kingdom
Paulo Sousa, Universidade de Lisboa, Portugal
Rodrigo Roman, University of Malaga, Spain
Rui Cruz, Instituto Superior Técnico, Portugal
Rui Marinheiro, ISCTE-IUL Instituto Universitário de Lisboa, Portugal
Sérgio Lopes, Universidade do Minho, Portugal
Tiejun Huang, Pekin University, China
Víctor Villagrá, Universidad Politécnica de Madrid (UPM), Spain
Vitor Filipe, Universidade de Trás-os-Montes e Alto Douro, Portugal
Vitor Santos, Microsoft, Portugal
Vitor Torres, Universitat Pompeu Fabra, Spain
Wagner Elias, OWASP Brazil Chapter Leader, Brazil

Carlos Serrão, Ph.D., M.Sc.: ISCTE/DCTI Assistant Professor | NetMuST/ 
Adetti Researcher - website - blog - allofads.com
contacts | carlos.serrao at iscte.pt, carlos.j.serrao at gmail.com skype |  
pontocom msn | pontocom73 at hotmail.com | linkedin

More information about the OWASP-Leaders mailing list