SAPSE: The 10th IEEE International Workshop on Security Aspects in Processes and Services Engineering

Call for Papers
The workshop aims to foster cooperation among software practitioners and researchers in order to exchange the latest industrial experience and research ideas on services and processes engineering. The area of processes and services engineering is a very attractive field for innovative research, particularly in the last years, when the outsourcing of business processes on the cloud has become a popular paradigm for both small and big companies. Collaborative processing and outsourcing of data, services, processes and infrastructures on remote platforms are posing new important challenges.  Security aspects in such scenario must be very carefully addressed, since the resulting software systems are expected to function correctly and resist also to malicious attacks. New techniques and methodologies are needed to be able to build better, more robust and more trusted systems, where security is taken into account and integrated in the whole  design process since the very first stages.

Scope of the workshop
Researchers and practitioners all over the world, from both academia and industry, working in the areas of process engineering, service-oriented computing and security, cloud security are invited to discuss state of the art solutions, novel issues, recent developments, applications, methodologies, techniques, experience reports, and tools for the development and use of secure service oriented systems. Topics of interest include, but are not limited to, the following:
•    Trust, security, and privacy in service-oriented and cloud-based systems
•    Secure business process composition
•    Security of business processes over the cloud
•    Risk management in business processes
•    Trust and policy management in clouds
•    Service dependability, survivability, and reliability
•    Design and development of secure service oriented systems
•    Security specification of service oriented systems
•    Certification of cloud-based and service oriented systems
•    Verification, validation and testing of security properties of service oriented systems

SAPSE Program Schedule

Friday July 27, 9:30 – 11:00am
Session 1
Location: Meeting 102
Session Chair: Stelvio Cimato, Universitá Degli Studi di Milano, Italy

A New Paradigm to Address Threats for Virtualized Services
Stefan Covaci, Matteo Repetto, Fulvio Risso

Detecting Web Spams Using Evidence Theory
Moitrayee Chatterjee, Akbar Siami Namin

LIoPY: A Legal Compliant Ontology to PreservePprivacy for the Internet of Things
Faiza Loukil, Chirine Ghedira-Guegan, Khouloud Boukadi, Aicha Nabila Benharkat

Evaluation of the Effectiveness of Risk Assessment and Security Fatigue Visualization Model for Internal E-crime
Takashi Hatashima, Keita Nagai, Asami Kishi, Hikaru Uekusa, Shigeaki Tanimoto, Atushi Kanai, Hitoshi Fuji, Kazuhiko Ohkubo

Friday July 27, 11:30 – 1:00pm
Session 2
Location: Meeting 102
Session Chair: Stelvio Cimato, Universitá Degli Studi di Milano, Italy

Understanding the Origins of Weak Cryptographic Algorithms Used for Signing Android Apps
Kanae Yoshida, Hironori Imai, Nana Serizawa, Tatsuya Mori, Akira Kanaoka

Experience Report: How to Extract Security Protocols’ Specifications from C Libraries
Itzel Vazquez Sandoval, Gabriele Lenzini