BPS 2009 : 1st International Workshop on Business Processes Security
Conference Series : Business Processes Security
Call For Papers
1st International Workshop on Business Processes Security
In conjunction with DEXA 2009
August 31- September 4, 2009
University of Linz, Austria
As business-process automation started to take hold in the early 1990s, organizations began to replace people with mainframe applications and EDI transfers to perform mundane tasks including data entry and processing. However, for crucial business processes such as wire transfers, customer database queries, supply chain management and purchase orders, organizations continued to use human intervention, believing that auditor supervision was required to ensure accurate money transfers and appropriate access controls to sensitive information.
Today, no division of labor exists between the tasks for which applications and people are responsible. Conversely, human auditors and applications work together in concert to manage business processes and the Web servers, databases, and middleware on which they depend. However, many of these applications, especially Web-based ones, are rife with vulnerabilities, ranging from SQL injection to cross-site scripting. Even the Service Oriented Architectures they run on are far more vulnerable than their predecessors—mainframes and leased-line transfers. As a result, although SOA-based applications help expedite business processes, they at the same time expose organizations to a considerable amount of security risk.
Ensuring the secure functioning of SOAs and, by extension, the business processes they support, has become crucial to an enterprise’s success and managing application vulnerabilities has thereby grown vastly in importance.
The workshop on Business Processes Security invites the submission of papers.
Researchers and practitioners are encouraged to submit papers on all aspects of security and privacy concerning business processes including management processes, operational processes and supporting processes.
Paper submissions can be either research papers, or industry reports. Submissions from companies, practitioners and vendors are encouraged.
BPS 2009 invites research submissions on all topics related to all aspects of security and privacy concerning business processes, but are not limited to those listed below:
* Secure computation paradigms for business processes
* SOA Security
* Business Process dependability
* Business process privacy and access control
* Controlled information sharing in business coalitions
* Secure computation paradigms for business processes
* Submission of full papers: February 28, 2009
* Notification of acceptance: May 1, 2009
* Camera-ready copies due: May 31, 2009
* Ernesto Damiani, University of Milan, Italy
* Florian Kerschbaum, SAP, Germany
* Stefania Marrara, University of Milan, Italy
* Paolo Ceravolo, University of Milan, Italy
* Octavian Catrina, International University in Germany
* Stelvio Cimato, University of Milan, Italy
* Angelo Corallo, EBMS University of Lecce, Italy
* Fulvio Frati, University of Milan, Italy
* Cristiano Fugazza, University of Milan, Italy
* Gabriele Gianini, University of Milan, Italy
* Sebastiaan de Hoogh, Technische Universiteit Eindhoven, Netherlands
* Fernando Liesa, Zaragoza Logistics Center, Spain
* Richard Pibernik, European Business School International University, Germany
* Amitabh Saxena, International University in Germany
* Berry Schoemakers, Technische Universiteit Eindhoven, Netherlands
* Olga Scotti, University of Milan, Italy
* Davide Storelli, EBMS University of Lecce, Italy
* Lotz Volkmar, SAP AG, Germany
* Antonio Zilli, EBMS University of Lecce, Italy
Paper Submission Details
Authors are invited to submit original research contributions or experience reports in English.
* The submitted manuscript should closely reflect the final paper as it will appear in the Proceedings.
* Papers should not exceed 5 pages in IEEE format (http://www.computer.org/portal/site/cscps/index.jsp).
* Any submission that exceeds length limits or deviates from formatting requirements may be rejected without review.
For paper registration and electronic submission see DEXA website.
Submitted papers will be carefully evaluated based on originality, significance, technical soundness, and clarity of exposition. Authors are requested to submit their paper electronically before February 28, 2009.
Duplicate submissions are not allowed and will automatically be rejected without further review. A submission is considered to be a duplicate submission if, at any time during the time when the submission is under consideration, there is another paper with the following properties:
1. the main technical content of the paper substantially overlaps that of the submission to another conference, or
2. the paper is published or under consideration for publication in a refereed journal or proceedings (electronic or printed) that is generally available (e.g., not limited to conference attendees).
Authors do at with their submission automatically agree to the following terms:
"I understand that the paper being submitted must not overlap substantially with any other paper that I am a sole author or co-author of and that is currently submitted elsewhere. Furthermore, previously published papers with any overlap are cited prominently in this submission."
All accepted conference papers will be published in IEEE DEXA'09 workshop proceedings.