posted by user: kristian || 3801 views || tracked by 7 users: [display]

ESPRE 2014 : Evolving Security & Privacy Requirements Engineering Workshop: co-located with 22nd IEEE International Requirements Engineering Conference


When Aug 25, 2014 - Aug 25, 2014
Where Sweden @RE conference
Abstract Registration Due May 26, 2014
Submission Deadline May 30, 2014
Notification Due Jun 16, 2014
Final Version Due Jun 30, 2014
Categories    requirements engineering   security   privacy

Call For Papers

1st Evolving Security & Privacy Requirements Engineering Workshop: co-located with 22nd IEEE International Requirements Engineering Conference
25 August - Karlskrona Sweden


When specifying a system, security and privacy needs to be addressed as early as possible. Unfortunately, many people find doing so difficult in the face of conflicting priorities. When these concerns are addressed, we discover how intrinsically difficult specifying security and privacy can be, and the blurred distinction between requirements and security and privacy concepts.

The Evolving Security and Privacy Requirements Engineering (ESPRE) Workshop will be a multi-disciplinary, one-day workshop that brings together practitioners and researchers interested in security and privacy requirements. ESPRE will probe the interfaces between Requirements Engineering and Security & Privacy, and take the first step in evolving security and privacy requirements engineering to meet a range of needs of stakeholders ranging from business analysts and security engineers, to technology entrepreneurs and privacy advocates.


Topics addressed by ESPRE are those which will promote discussion about advancing Security & Privacy Requirements Engineering. These include, but are not excluded to:

- Security and privacy requirements elicitation and analysis
- Identification and management of all stakeholders (including attackers)
- Modelling multilateral stakeholder perspectives on security and privacy
- Scalability of security requirements engineering approaches
- Modelling of domain knowledge for security and privacy requirements
- Ontologies for security and privacy requirements engineering
- Security and privacy requirements engineering processes
- Evolution of security and privacy requirements
- Security requirements-based testing
- Consideration of legal compliance during security & privacy requirements engineering
- Use of requirements engineering to create security and privacy standard-compliant software
- Modelling of trust and risk
- Validation and verification of security and privacy requirements
- Teaching and training in security and privacy requirements engineering
- The role of security and privacy requirements engineering to support design innovation
- Positive (and especially negative) lessons learned applying security and requirements engineering in practice


We invite research and position papers that address any of the workshop topics. Papers should be no more than 6 pages, conform to the IEEE Conference Publishing Services, and submitted electronically in PDF format to EasyChair:

Accepted papers will be published in the workshop proceedings, and made available via IEEE Xplore.


Selected revised and extended papers from the workshop will be submitted to a special issue of the International Journal of Secure Software Engineering (IJSSE).

- Submission Deadline: 21st April, 2014
- Author Notification: 26th May, 2014
- Publication ready versions: 20th June, 2014
- Workshop date: 25th August, 2014


** Organising Committee
- Kristian Beckers (University of Duisberg-Essen, Germany)
- Shamal Faily (Bournemouth University, UK)
- Seok-Won Lee (Ajou University, South Korea)
- Nancy Mead (Carnegie Mellon University, USA)

** Programme Committee
- Raian Ali (Bournemouth University, UK)
- Andrea Atzeni (Politecnico di Torino, Italy)
- Steffan Bartsch (Technical University Darmstadt/CASED, Germany)
- Travis Breaux (Carnegie Mellon University, USA)
- Stephan Faßbender (University of Duisburg-Essen, Germany)
- Stefan Fenz (Vienna University of Technology, Austria)
- Carmen Fernandez Gago (University of Malaga, Spain)
- Sepideh Ghanavati (CRP Henri Tudor, Luxembourg)
- Martin Gilje Jaatun (SINTEF ICT, Norway)
- Stefanos Gritzalis (University of the Aegean, Greece)
- Seda Gürses (KU Leuven, Belgium)
- Marit Hansen (Independent Centre for Privacy Protection Schleswig-Holstein, Germany)
- Maritta Heisel (University of Duisburg-Essen, Germany)
- Denis Hatebur (ITESYS, Germany)
- Meiko Jensen (Independent Centre for Privacy Protection Schleswig-Holstein, Germany)
- Christos Kalloniatis (University of the Aegean, Greece)
- Anne Koziolek (Karlsruhe Institute of Technology, Germany)
- Emmanuel Letier (UCL, UK)
- Fabio Martinelli (CNR, Italy)
- Andreas Metzger (University of Duisburg-Essen, Germany)
- Federica Paci (University of Trento, Italy)
- Aljosa Pasic (ATOS, Spain)
- Gerald Quirchmayr (University of Vienna, Austria)
- Thomas Santen (Microsoft Research, Germany)
- Riccardo Scandariato (KU Leuven, Belgium)
- Holger Schmidt (TÜV Informationstechnik GmbH, Germany)
- Bjørnar Solhaug (SINTEF ICT, Norway)
- Ketil Stølen (SINTEF ICT, Norway)
- Sven Wenzel (Fraunhofer ISST, Germany)

Related Resources

ICIEM 2016   International Conference on Integrated Environmental Management for Sustainable Development
ICISSP 2017   3rd International Conference on Information Systems Security and Privacy
ESPRE 2016   3rd Evolving Security & Privacy Requirements Engineering Workshop
AsiaCCS 2017   Call for paper: ACM Asia Conference on Computer and Communications Security
IJISS 2016   International Journal of Information Security Science (IJISS)
IEEE TDSC Journal SI 2016   IEEE TDSC Special Issue on Data-Driven Dependability and Security
SMGSSP 2017   Smart Micro-Grid Systems Security and Privacy
Future_Internet-SI 2016   Futute Internet - Special Issue on Security and Privacy in Wireless and Mobile Networks
IJMSA 2016   International Journal of Modelling, Simulation and Applications
WICSPIT 2017   IoTBDS/SMARTGREENS Workshop -- Innovative CyberSecurity and Privacy for Internet of Things: Strategies, Technologies, and Implementations