1st Workshop on Designing Security for the Web (SecWeb 2020)

February 10, 2020

1st Workshop on Designing Security for the Web (SecWeb 2020) co-located with IEEE EuroS&P 2020 Department of Economics (DIEC) of the University of Genova, Genova, Italy June 19th, 2020 Back in the days, the Web was not designed with security or privacy in mind. Many key mechanisms we rely on today for critical functionality were arguably not designed for security (such as cookies for authentication purposes) and numerous mechanisms have been piecemeal retrofitted to the Web to add security to it. In this workshop, we want to move away from augmenting the Web with Security and rather design Security for the Web.

https://secweb.work

IMPORTANT DATES

  • Paper submissions due: February 28, 2020
  • Notification to authors: April 9, 2020
  • Camera-ready due for accepted submissions: April 24, 2020


CALL FOR RESEARCH PAPERS

All papers discussing Web security and Web privacy aspects are solicited for submission. SecWeb particularly welcomes position papers which propose provocative thoughts on how (parts of) the current Web platform could be heavily re-envisioned for security. This explicitly includes proposals that would break today’s Web to improve its security tomorrow.

Topics of interest include, but are not limited to, the following:

  • Browser security
  • Formal methods for Web security
  • Language-based Web security
  • Security policies for the Web
  • Usable Web security
  • Web application firewalls
  • Web attacks and defenses
  • Web authentication and authorization
  • Web protocol security
  • Web security architectures
  • Web tracking and online advertisement


PAPER SUBMISSION AND FORMAT

SecWeb solicits both full and short papers. All papers must be written in English and must not exceed 10 pages (full) and 6 pages (short) in A4 format using the IEEE conference proceeding template (excluding bibliography and well-marked appendixes). Submissions must be in PDF format and should print easily on simple default configurations. Submissions are anonymous, so information that might identify the authors must be excluded. It is the authors' responsibility to ensure that their anonymity is preserved when citing their own work. Failures to adhere to these requirements can be grounds for rejection.

The proceedings will be published by the IEEE after the workshop and will be made available in IEEE Xplore. During submission, authors can choose to have their paper excluded from the proceedings. At least one author of each accepted paper must register to the workshop for presentation.

All submissions considered for inclusion in the proceedings must contain an original contribution. That is, these papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal, conference or workshop. In particular, simultaneous submission of the same work is not 
allowed. This requirement is relaxed for submissions which will not be included in the proceedings: in particular, we also invite papers that are currently under submission or planned to be submitted before the SecWeb notification.


PRELIMINARY PROGRAM COMMITTEE

 

  • Stefano Calzavara (Università Ca' Foscari Venezia) -- Chair
  • Ben Stock (CISPA Helmholtz Center for Information Security) -- Chair
  • Gunes Acar (KU Leuven)
  • Devdatta Akhawe (Dropbox)
  • Yinzhi Cao (Johns Hopkins)
  • Luca Compagna (SAP)
  • Adam Doupé (Arizona State University)
  • Hugo Jonker (Open University)
  • Christoph Kerschbaumer (Mozilla)
  • Katharina Krombholz (CISPA Helmholtz Center for Information Security)
  • Sebastian Lekies (Google)
  • Nick Nikiforakis (Stony Brook)
  • Giancarlo Pellegrino (CISPA Helmholtz Center for Information Security)
  • Tamara Rezk (INRIA)
  • William Robertson (Northeastern)
  • Andrei Sabelfeld (Chalmers)
  • Emily Stark (Google)
  • Mauro Tempesta (TU Wien)
  • John Wilander (Apple) 


https://secweb.work