Overview
There is an increasing demand for techniques to deal with quantitative aspects of security assurance at several levels of the development life-cycle of systems & services, e.g., from requirements elicitation to run-time operation and maintenance. The aim of this workshop is to bring together researchers and practitioners interested in these research topics with a particular emphasis techniques for service oriented architectures. The scope of the workshop, is intended to be broad, including aspects as dependability, privacy, risk, and trust.
The list of topics includes, but it is not limited to:
- Probabilistic/stochastic model checking
- Quantitative information flow analysis
- Quantitative issues in access and usage control
- Security testing techniques
- Static/Dynamic code analysis techniques
- Metrics for security, trust and privacy
- Incremental/modular security assurance analysis
- Process compliance assurance techniques
- Tool support for quantitative techniques for security assurance
- Simulation techniques
- Model-driven techniques for security, trust, risk and privacy
- Assurance cases modelling and analysis
Important dates:
| Submission deadline for paper: | July 8 2014 (NEW!) |
| Notification: | July 30 2014 (NEW!) |
Workshop Organizers:
- Alessandro Aldini, U. of Urbino
- Fabio Martinelli, IIT-CNR
- Neeraj Suri, TU Darmstadt
Program Committee:
- Lujo Bauer, CMU
- Frédéric Cuppens, ENST-Bretagne
- Benoìt Delahaye, Université de Nantes, LINA
- Jesus Luna, CSA
- Charles Morisset, U. of Newcastle
- Pierangela Samarati, U. of Milan
- Andrei Sabelfeld, Chalmers
- Herbert Wiklicky, ICL
- Jorge Cuellar, SIEMENS
- Javier Lopez, U. of Malaga
- Cathy Meadows, NRL
- Flemming Nielson, DTU
- Reijo Savola, VTT
- Ketil Stoelen, SINTEF
- Lorenzo Strigini, City Univ. London
Programme and Proceedings
The program will consist of invited speakers as well as of submitted papers. The workshop post-proceedings will be published with LNCS Springer, in cooperation with DPM/SETOP workshops.
Submissions of full papers are in English, of at most 15 pages complying with the LNCS formatting and must be submitted electronically using the following link: https://www.easychair.org/conferences/?conf=qasa2014 .
Submission of short papers of at most 6 pages is also possible. Authors of short papers accepted for presentation will have the opportunity to produce long version to be further reviewed for possible inclusion in the post-proceedings.
Program
- 09:00-10:00 QASA/SETOP Session I
- Invited Talk Elisa Bertino. Assessing Data Trustworthiness - Concepts and Research Challenges
- 10:00-11:15 QASA Session II
- Wolter Pieters and Mohsen Davarynejad. Calculating adversarial risk from attack trees: Control strength and probabilistic attackers
- Kristian Beckers, Leanid Krautsevich and Artsiom Yautsiukhin. Analysis of Social Engineering Threats with Attack Graphs
- Cristian Prisacariu and Audun Jøsang. Probabilistic Modeling of Humans in Security Ceremonies (Short paper)
- 11:15-11:45 Coffee Break
- 11:45-13:00 QASA/SETOP Session III
- Tarek Bouyahia, Muhammad Sabir Idrees, Nora Cuppens-Boulahia, Frederic Cuppens and Fabien Autrel. Metric for Security Activities assisted by Argumentative Logic
- Smita Naval, Vijay Laxmi, Manoj Gaur, Sachin Raja, Muttukrishnan Rajarajan and Mauro Conti. Environment–Reactive Malware Behavior: Detection and Categorization
- Maxime Puys, Lionel Rivière, Thanh-Ha Le and Julien Bringer. High-Level Simulation for Multiple Fault Injection Evaluation (QASA Short paper)
- 13:00-14:00 Lunch
- 14:00-15:00 QASA Session IV
- Invited Talk Audun Josang. Defining assurance levels for user and server authentication
- 14:00-16:15 QASA Session V
- Jerry Den Hartog and Ilaria Matteucci. Introducing Probabilities in Controller Strategies
- Tom Chothia, Chris Novakovic and Rajiv Ranjan Singh. Automatically Calculating Quantitative Integrity Measures for Imperative Programs
- Alessandro Armando, Michele Bezzi, Nadia Metoui and Antonino Sabetta. Risk-Aware Information Disclosure
Contact
For any question, please contact the organizing committee at qasa2014@iit.cnr.it.
Sponsor
The workshop is also sponsored by the FP7 Network of Excellence NESSoSand the EU project SESAMO and SPECS.
|
|
|