posted by user: kristianbeckers || 5366 views || tracked by 8 users: [display]

ESPRE 2015 : Evolving Security and Privacy Requirements Engineering (ESPRE) Workshop


When Aug 25, 2015 - Aug 25, 2015
Where Ottawa
Submission Deadline Jun 9, 2015
Notification Due Jun 30, 2015
Final Version Due Jul 15, 2015
Categories    security   requirements engineering   privacy   models

Call For Papers


2nd Evolving Security & Privacy Requirements Engineering Workshop:
co-located with 23nd IEEE International Requirements Engineering Conference
Main Conference:

25 August - Ottawa Canada


When specifying a system, security and privacy needs to be addressed as early as possible. Unfortunately, many people find doing so difficult in the face of conflicting priorities. When these concerns are addressed, we discover how intrinsically difficult specifying security and privacy can be, and the blurred distinction between requirements and security and privacy concepts.

The Evolving Security and Privacy Requirements Engineering (ESPRE) Workshop will be a multi-disciplinary, one-day workshop that brings together practitioners and researchers interested in security and privacy requirements. ESPRE will probe the interfaces between Requirements Engineering and Security & Privacy, and take the first step in evolving security and privacy requirements engineering to meet a range of needs of stakeholders ranging from business analysts and security engineers, to technology entrepreneurs and privacy advocates.


Robert Biddle is Professor of Human-Computer Interaction at Carleton University in Ottawa, Canada. He is appointed both to the School of Computer Science and the Institute of Cognitive Science. He has won awards for teaching and research, and his research program involves active collaboration with a range of government and industry partners.

His current research is primarily in human factors in cyber-security and software design, especially creating and evaluating innovative designs for computer security software.

Steven Johnston is the Senior Security and Technology Advisor at the Office of the Privacy Commissioner of Canada, he is the most senior technical specialist within the Commission. He provides expert advice on general information technology, information technology security and national security/public safety issues to the Commissioners, senior management and staff at OPC.

Specific responsibilities include monitoring, assessing, analysing and reporting on the privacy implications of current and emerging technologies. This includes, among a myriad of other topics, biometrics, electronic health initiatives, Radio Frequency Identification (RFID), nanotechnology and ubiquitous computing. He also supports the legal, investigation and audit functions within the OPC by providing general technology and security advice and guidance.


Topics addressed by ESPRE are those which will promote discussion about advancing Security & Privacy Requirements Engineering. These include, but are not excluded to:

* Security and privacy requirements elicitation and analysis
* Identification and management of all stakeholders (including attackers)
* Modelling multilateral stakeholder perspectives on security and privacy
* Scalability of security requirements engineering approaches
* Modelling of domain knowledge for security and privacy requirements
* Ontologies for security and privacy requirements engineering
* Security and privacy requirements engineering processes
* Evolution of security and privacy requirements
* Security requirements-based testing
* Consideration of legal compliance during security & privacy requirements engineering
* Use of requirements engineering to create security and privacy standard-compliant software
* Modelling of trust and risk
* Validation and verification of security and privacy requirements
* Teaching and training in security and privacy requirements engineering
* The role of security and privacy requirements engineering to support design innovation
* Positive (and especially negative) lessons learned applying security and requirements engineering in practice


* Submission deadline: June 16th, 2015 (extended)
* Decisions to authors: July 7th, 2015 (extended)
* Camera ready papers due: July 15th, 2015
* Workshop date: August 25th, 2015


Organising Committee

Kristian Beckers (Technical University Munich, Germany)
Shamal Faily (Bournemouth University, UK)
Seok-Won Lee (Ajou University, South Korea)
Nancy Mead (Carnegie Mellon University, USA)

Programme Committee

Raian Ali (Bournemouth University, UK)
Andrea Atzeni (Politecnico di Torino, Italy)
Dan Berry (University of Waterloo, Canada)
Travis Breaux (Carnegie Mellon University, USA)
Stephan Fa·bender (University of Duisburg-Essen, Germany)
Stefan Fenz (Vienna University of Technology, Austria)
Carmen Fernandez Gago (University of Malaga, Spain)
Eduardo FernÖndez-Medina Pat¢n (Universidad de Castilla-La Mancha, Spain)
Nalin Asanka Gamagedara Arachchilage (University of British Columbia, Canada)
Sepideh Ghanavati (CRP Henri Tudor, Luxembourg)
Martin Gilje Jaatun (SINTEF ICT, Norway)
Marit Hansen (Independent Centre for Privacy Protection Schleswig-Holstein, Germany)
Maritta Heisel (University of Duisburg-Essen, Germany)
Denis Hatebur (ITESYS, Germany)
Meiko Jensen (Syddansk Universitet, Denmark)
Christos Kalloniatis (University of the Aegean, Greece)
Anne Koziolek (Karlsruhe Institute of Technology, Germany)
Raimundas Matulevicius (University of Tartu, Estonia)
Haralambos Mouratidis (University of Brighton, UK)
Martin Ochoa (Technical University Munich, Germany)
Federica Paci (University of Trento, Italy)
Jaehong Park (University of Texas at San Antonio, USA)
Aljosa Pasic (ATOS, Spain)
Thomas Santen (Microsoft Research, Germany)
Riccardo Scandariato (KU Leuven, Belgium)
Holger Schmidt (TüV Informationstechnik GmbH, Germany)
Mohamed Shehab (University of North Carolina at Charlotte, USA)
Bjørnar Solhaug (SINTEF ICT, Norway)
Ketil Stølen (SINTEF ICT, Norway)
Sven Wenzel (Fraunhofer ISST, Germany)
Nicola Zannone (Eindhoven University of Technology, The Netherlands)
Mohammad Zulkernine (Queen’s University, Canada)

Related Resources

CEVVE 2022   2022 International Conference on Electric Vehicle and Vehicle Engineering (CEVVE 2022)
EvoCompAISecurity&Privacy 2022   Evolutionary Computing for AI-Driven Security and Privacy: Advancing the state-of-the-art applications
NordSec 2022   The 27th Nordic Conference on Secure IT Systems
CSW 2022   2022 International Workshop on Cyber Security (CSW 2022)
SPACE 2022   12th International Conference on Security, Privacy and Applied Cryptographic Engineering (SPACE 2022)
TrustCom 2022   The 21st IEEE International Conference on Trust, Security and Privacy in Computing and Communications
EAI SecureComm 2022   18th EAI International Conference on Security and Privacy in Communication Networks
SI on ATD&IS II 2022   Special Issue on Advanced Technologies in Data and Information Security II, Applied Sciences, MDPI
CSP 2023   2023 7th International Conference on Cryptography, Security and Privacy (CSP 2023)
PDCAT 2022   The 23rd International Conference on Parallel and Distributed Computing, Applications and Technologies