posted by user: kristianbeckers || 2152 views || tracked by 8 users: [display]

ESPRE 2015 : Evolving Security and Privacy Requirements Engineering (ESPRE) Workshop


When Aug 25, 2015 - Aug 25, 2015
Where Ottawa
Submission Deadline Jun 16, 2015
Notification Due Jul 7, 2015
Final Version Due Jul 15, 2015
Categories    security   requirements engineering   privacy   models

Call For Papers


2nd Evolving Security & Privacy Requirements Engineering Workshop:
co-located with 23nd IEEE International Requirements Engineering Conference
Main Conference:

25 August - Ottawa Canada


When specifying a system, security and privacy needs to be addressed as early as possible. Unfortunately, many people find doing so difficult in the face of conflicting priorities. When these concerns are addressed, we discover how intrinsically difficult specifying security and privacy can be, and the blurred distinction between requirements and security and privacy concepts.

The Evolving Security and Privacy Requirements Engineering (ESPRE) Workshop will be a multi-disciplinary, one-day workshop that brings together practitioners and researchers interested in security and privacy requirements. ESPRE will probe the interfaces between Requirements Engineering and Security & Privacy, and take the first step in evolving security and privacy requirements engineering to meet a range of needs of stakeholders ranging from business analysts and security engineers, to technology entrepreneurs and privacy advocates.


Robert Biddle is Professor of Human-Computer Interaction at Carleton University in Ottawa, Canada. He is appointed both to the School of Computer Science and the Institute of Cognitive Science. He has won awards for teaching and research, and his research program involves active collaboration with a range of government and industry partners.

His current research is primarily in human factors in cyber-security and software design, especially creating and evaluating innovative designs for computer security software.

Steven Johnston is the Senior Security and Technology Advisor at the Office of the Privacy Commissioner of Canada, he is the most senior technical specialist within the Commission. He provides expert advice on general information technology, information technology security and national security/public safety issues to the Commissioners, senior management and staff at OPC.

Specific responsibilities include monitoring, assessing, analysing and reporting on the privacy implications of current and emerging technologies. This includes, among a myriad of other topics, biometrics, electronic health initiatives, Radio Frequency Identification (RFID), nanotechnology and ubiquitous computing. He also supports the legal, investigation and audit functions within the OPC by providing general technology and security advice and guidance.


Topics addressed by ESPRE are those which will promote discussion about advancing Security & Privacy Requirements Engineering. These include, but are not excluded to:

* Security and privacy requirements elicitation and analysis
* Identification and management of all stakeholders (including attackers)
* Modelling multilateral stakeholder perspectives on security and privacy
* Scalability of security requirements engineering approaches
* Modelling of domain knowledge for security and privacy requirements
* Ontologies for security and privacy requirements engineering
* Security and privacy requirements engineering processes
* Evolution of security and privacy requirements
* Security requirements-based testing
* Consideration of legal compliance during security & privacy requirements engineering
* Use of requirements engineering to create security and privacy standard-compliant software
* Modelling of trust and risk
* Validation and verification of security and privacy requirements
* Teaching and training in security and privacy requirements engineering
* The role of security and privacy requirements engineering to support design innovation
* Positive (and especially negative) lessons learned applying security and requirements engineering in practice


* Submission deadline: June 16th, 2015 (extended)
* Decisions to authors: July 7th, 2015 (extended)
* Camera ready papers due: July 15th, 2015
* Workshop date: August 25th, 2015


Organising Committee

Kristian Beckers (Technical University Munich, Germany)
Shamal Faily (Bournemouth University, UK)
Seok-Won Lee (Ajou University, South Korea)
Nancy Mead (Carnegie Mellon University, USA)

Programme Committee

Raian Ali (Bournemouth University, UK)
Andrea Atzeni (Politecnico di Torino, Italy)
Dan Berry (University of Waterloo, Canada)
Travis Breaux (Carnegie Mellon University, USA)
Stephan Fa·bender (University of Duisburg-Essen, Germany)
Stefan Fenz (Vienna University of Technology, Austria)
Carmen Fernandez Gago (University of Malaga, Spain)
Eduardo FernÖndez-Medina Pat¢n (Universidad de Castilla-La Mancha, Spain)
Nalin Asanka Gamagedara Arachchilage (University of British Columbia, Canada)
Sepideh Ghanavati (CRP Henri Tudor, Luxembourg)
Martin Gilje Jaatun (SINTEF ICT, Norway)
Marit Hansen (Independent Centre for Privacy Protection Schleswig-Holstein, Germany)
Maritta Heisel (University of Duisburg-Essen, Germany)
Denis Hatebur (ITESYS, Germany)
Meiko Jensen (Syddansk Universitet, Denmark)
Christos Kalloniatis (University of the Aegean, Greece)
Anne Koziolek (Karlsruhe Institute of Technology, Germany)
Raimundas Matulevicius (University of Tartu, Estonia)
Haralambos Mouratidis (University of Brighton, UK)
Martin Ochoa (Technical University Munich, Germany)
Federica Paci (University of Trento, Italy)
Jaehong Park (University of Texas at San Antonio, USA)
Aljosa Pasic (ATOS, Spain)
Thomas Santen (Microsoft Research, Germany)
Riccardo Scandariato (KU Leuven, Belgium)
Holger Schmidt (TüV Informationstechnik GmbH, Germany)
Mohamed Shehab (University of North Carolina at Charlotte, USA)
Bjørnar Solhaug (SINTEF ICT, Norway)
Ketil Stølen (SINTEF ICT, Norway)
Sven Wenzel (Fraunhofer ISST, Germany)
Nicola Zannone (Eindhoven University of Technology, The Netherlands)
Mohammad Zulkernine (Queen’s University, Canada)

Related Resources

ICIEM 2016   International Conference on Integrated Environmental Management for Sustainable Development
ICISSP 2017   3rd International Conference on Information Systems Security and Privacy
ESPRE 2016   3rd Evolving Security & Privacy Requirements Engineering Workshop
AsiaCCS 2017   Call for paper: ACM Asia Conference on Computer and Communications Security
IJISS 2016   International Journal of Information Security Science (IJISS)
IEEE TDSC Journal SI 2016   IEEE TDSC Special Issue on Data-Driven Dependability and Security
RE 2017   Requirements Engineering
Future_Internet-SI 2016   Futute Internet - Special Issue on Security and Privacy in Wireless and Mobile Networks
IJMSA 2016   International Journal of Modelling, Simulation and Applications
SMGSSP 2017   Smart Micro-Grid Systems Security and Privacy