posted by user: CESAR || 7107 views || tracked by 14 users: [display]

C&ESAR 2012 : Cloud and Security - Threat or Opportunity?


When Nov 20, 2012 - Nov 22, 2012
Where Rennes, France
Submission Deadline Jun 11, 2012
Notification Due Jul 13, 2012
Final Version Due Sep 17, 2012
Categories    cloud   security   computer science   trust

Call For Papers

Computer & Electronics Security Applications Rendez-vous

** Key dates

Submission deadline: June 11,2012 (via

Notification to authors: July 13,2012

Camera ready version: September 17,2012

Conference: November 20-21-22,2012, Rennes, France

** About C&ESAR
Every year since 1997,the French Ministry of Defense has organised an IT Security event to bring together governmental, industrial, and academic stakeholders around important themes in the field of information systems security (C&ESAR is the continuation of the former “Journées SSI”).

This event is both educational and scientific, with experts from across the IT security community, ranging from researchers to practitioners and decision makers. The three-day conference explores an important topic within the field of information security. We always strive to approach chosen themes from both a theoretical and practical perspective, and to consider the range of technologies at stake, from hardware to software and IT services. C&ESAR emphasizes an educational approach to help information security professionals with different backgrounds share a common understanding of complex issues. It is this inter-disciplinary approach within the IT security profession that will allow operational practitioners to learn about and anticipate future technological inflexion points, and for industry and academia to confront research and product development to operational realities of the field.

** C&ESAR 2012: Cloud and Security, threat or opportunity?

The adoption of cloud computing challenges existing IT operations and associated risk management models. Many security questions arise because of the way cost reductions afforded by cloud computing approaches tend to come at the cost of increased multi-tenancy of computing resources and consumption “as-a-service” of hosted computing services. This year, C&ESAR will focus on discussing what is different about cloud computing models as relates to security, from the sharing of applications, services or infrastructure across multiple IT domains, to the impact of new business eco-systems and economic frameworks on traditional governance approaches, to decoupling of application delivery from client device management. This year,C&ESAR will focus on understanding the impact to security management and governance of the IT transformation driven by “cloud”.

The conference is interested in papers and communications that cover the following topics. It will cover technical advances,operational challenges, as well as economic or regulatory implications of the adoption of cloud computing.

- Multi-tenant isolation techniques at the Infrastructure, Platform, or Software as-a-Service layers (e. g. Computing, storage, and networking virtualisation; multi-tenant software, and platform services), and assessment of their security properties.

- Management of security (updates,patches,…) in cloud architectures: hypervisor, OSs, network components, security components, applications…

- Security implications of end-user and data mobility in cloud-based infrastructure where business applications must be available from anywhere, at any time.

- Information security techniques for cloud-based architectures (e. g. encryption, integrity, secure erase, access control, auditing, forensics,etc. ).

- Acceleration of end-user device ‘consumerisation’ (e. g. smartphones, tablets, notebooks, etc. ).

- Information security risks associated to cloud architectures (e. g. side channel attacks in multi-tenant environments).

- Methodologies and case studies for the risk assessment of information systems based on cloud architectures.

- Modelling of security properties in solution architectures based on the cloud paradigm.

- Information flow security in hybrid cloud environments (private and public).

- Threats and attacks specific to cloud-based architectures.

- Exploitation of the move to cloud-based computing models for offensive purposes.

- Economic and business model changes in a cloud eco-system,and related analysis of their impact to risk management and governance of cloud-based solutions.

- Traceability,transparency, and governance challenges in cloud-based solutions (e. g. assessment of solutions, geographic distribution of customer data, privacy, etc.).

- Certification and evaluation of security properties in cloud based solutions.

- Regulatory implications and necessary legal advances with the move to cloud computing.

- Norms and standards for interoperability, compatibility and reversibility of cloud solutions and their security properties.

** Submission process

Submission proposals for communications and presentations should reach the program committee by June 11,2012 (3 to 8 pages). Submissions will be converted to PDF format and posted to the C&ESAR website ( Each submission will include a title, the authors’ names, affiliations, and emails, a proposed category among « educational », « general », and « specialised »,as well as an abstract (approx. 15 lines) and a list of key words. The authors will be notified of acceptance by July 13,2012.

In a second phase,the authors whose papers are accepted must commit to address reviewer comments, and submit a final version of their papers (8 to 16 pages) by September 17,2012. This final submission will be done via the C&ESAR website in PDF format.

For C&ESAR 2012, every paper and communication will be submitted in English, in order to facilitate review by international experts. Selection criteria will include efforts to be clear and educational, as well as contribution to address and explore the topics highlighted in the call of papers. Specialized technical papers will be taken into consideration to the extent that they contribute to explaining and analysing the state of the art or its deficiencies, rather than presenting individual technical contributions. Accepted papers will be published in both online and printed versions in the proceedings of the conference.

**Steering Committee

José Araujo ANSSI, French Govt
Florent Chabaud DGSIC, MoD, French Govt
Yves Correc (Chair) DGA-MI, MoD, French Govt
Olivier Heen Technicolor
Ludovic Mé Supélec
Eric Wiatrowski Orange Business Services

** Program Committee

Gabriel Antoniu INRIA Rennes / IRISA
Jean-Francois Audenard Orange Business Services
Boris Balacheff (Chair) HP Labs
Emmanuel Bouillon NC3A,NATO
Yves Correc DGA-MI, MoD, French Govt
Hervé Debar Telecom Sud-Paris
Fabrice Derepas CEA
Paul England Microsoft
David Grawrock Intel
Olivier Heen Technicolor
Isabelle Hirayama ANSSI,SGDSN,French Govt
Trent Jaeger PennState University
Derrick Kondo INRIA / LIG
Volkmar Lotz SAP Labs
Andrew Martin Oxford University
Thierry Priol INRIA Rennes
Hervé Putigny ANSSI, SGDSN, French Govt
Dominique Rodrigues NanoCloud / CNRS GRD ASR
Ahmad Sadeghi T.U. Darmstadt
Simon Shiu HP Labs
Paul Waller CESG, UK Govt

Related Resources

S&P 2022   IEEE Symposium on Security and Privacy (Third deadline)
CyberHunt 2021   IEEE Workshop on Cyber Threat Intelligence and Hunting with AI
EI-CFAIS 2021   2021 International Conference on Frontiers of Artificial Intelligence and Statistics (CFAIS 2021)
CEVVE 2022   2022 International Conference on Electric Vehicle and Vehicle Engineering (CEVVE 2022)
ICISSP 2022   8th International Conference on Information Systems Security and Privacy
C&ESAR 2021   Automation in Cybersecurity
ICCSEA 2021   11th International Conference on Computer Science, Engineering and Applications
SI on AdCTI 2021   Special Issue on Advances in Cyber Threat Intelligence, Security and Communication Networks, Wiley & Hindawi
CSW 2022   2022 International Workshop on Cyber Security (CSW 2022)
IWoSR 2021   2021 International Workshop on Service Robotics (IWoSR 2021)