CfP: 7th STAST Workshop

September 4, 2017

7th Int. Workshop on Socio-Technical Aspects in Security and Trust (STAST) December 5, 2017

Affiliated with  the Annual Computer Security Application Conference (ACSAC 2017) San Juan, Puerto Rico, USA


  • Title and Abstract: September 20, 2017, 23.59 AoE (= UTC-12)
  • Full Paper: September 25, 2017, 23.59, AoE (= UTC-12)
  • Notification: October 30, 2017
  • Camera Ready: November 20, 2017



We accept

  • (1) Full Papers;
  • (2) Position Papers;
  • (3) Case Studies

For more details, please visit our web page


Successful attacks on information systems often combine social engineering practices with technical skills.  Research in social sciences and usable security has demonstrated that insecure behavior can be justified from cognitive, emotional, and social perspectives and to improve security, technology must adapt to the users.  However, finding the right balance between the technical and the social security measures remains largely unexplored, which motivates the need for this workshop.  There is no established holistic research in security, and the respective communities tend to offload on each other parts of problems that they consider to be out of scope, an attitude that results in deficient or unsuitable security solutions.

The workshop intends to stimulate an exchange of ideas and experiences on how to design systems that are secure in the real world where they interact with non-expert users. It aims at bringing together experts in various areas of computer security and in social and behavioral sciences.


The final proceedings will be published with the ACM International Conference Proceedings Series


  •  Requirements for socio-technical systems
  •  Feasibility of policies from the socio-technical perspective
  •  Threat models that combine technical and human-centered strategies
  •  Technical and social factors that influence decision making in security and privacy
  •  Balance between technical measures and social strategies in ensuring security and privacy
  •  Studies of real-world security incidents from the socio-technical perspective
  •  Social factors that influence changes in organizations security policies and processes
  •  Lessons learned from holistic design and deployment of security mechanisms and policies
  •  Models of user behaviour and user interactions with technology
  •  Perceptions of security, risk and trust and their influence on human behaviour
  •  Interplay of law, ethics and politics with security and privacy measures
  •  Social engineering, persuasion, and other deception techniques
  •  Socio-technical analysis of security incidents
  •  Strategies, methodology and guidelines for socio-technical and cyber-security intelligence analysis
  • We welcome qualitative and quantitative research approaches from academia and industry



(see web page


  • Robert L. Biddle (Carleton University)



 Programme Chairs

  • Zinaida Benenson (University of Erlangen-Nuremberg) Daniela Oliveira (University of Florida)


 Workshop Organizers

  • Giampaolo Bella (University of Catania)
  • Gabriele Lenzini (University of Luxembourg)