1st Workshop on Designing Security for the Web (SecWeb 2020)
co-located with IEEE EuroS&P 2020

Department of Economics (DIEC) of the University of Genova, Genova, Italy

June 19th, 2020

https://secweb.work

============================================================

Back in the days, the Web was not designed with security or privacy in mind. Many key mechanisms we rely on today for critical functionality were arguably not designed for security (such as cookies for authentication purposes) and numerous mechanisms have been piecemeal retrofitted to the Web to add security to it. In this workshop, we want to move away from augmenting the Web with Security and rather design Security for the Web.


IMPORTANT DATES
===============

Paper submissions due: February 28, 2020

Notification to authors: April 9, 2020

Camera-ready due for accepted submissions: April 24, 2020


CALL FOR RESEARCH PAPERS
========================

All papers discussing Web security and Web privacy aspects are solicited for submission. SecWeb particularly welcomes position papers which propose provocative thoughts on how (parts of) the current Web platform could be heavily re-envisioned for security. This explicitly includes proposals that would break today’s Web to improve its security tomorrow.

Topics of interest include, but are not limited to, the following:

Browser security
Formal methods for Web security
Language-based Web security
Security policies for the Web
Usable Web security
Web application firewalls
Web attacks and defenses
Web authentication and authorization
Web protocol security
Web security architectures
Web tracking and online advertisement


PAPER SUBMISSION AND FORMAT
========================

SecWeb solicits both full and short papers. All papers must be written in English and must not exceed 10 pages (full) and 6 pages (short) in A4 format using the IEEE conference proceeding template (excluding bibliography and well-marked appendixes). Submissions must be in PDF format and should print easily on simple default configurations. Submissions are anonymous, so information that might identify the authors must be excluded. It is the authors' responsibility to ensure that their anonymity is preserved when citing their own work. Failures to adhere to these requirements can be grounds for rejection.

The proceedings will be published by the IEEE after the workshop and will be made available in IEEE Xplore. During submission, authors can choose to have their paper excluded from the proceedings. At least one author of each accepted paper must register to the workshop for presentation.

All submissions considered for inclusion in the proceedings must contain an original contribution. That is, these papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal, conference or workshop. In particular, simultaneous submission of the same work is not
allowed. This requirement is relaxed for submissions which will not be included in the proceedings: in particular, we also invite papers that are currently under submission or planned to be submitted before the SecWeb notification.


PRELIMINARY PROGRAM COMMITTEE
========================

Stefano Calzavara, Università Ca' Foscari Venezia (Chair)
Ben Stock, CISPA Helmholtz Center for Information Security (Chair)
Gunes Acar (KU Leuven)
Devdatta Akhawe (Dropbox)
Yinzhi Cao (Johns Hopkins)
Luca Compagna (SAP)
Adam Doupé (Arizona State University)
Hugo Jonker (Open University)
Christoph Kerschbaumer (Mozilla)
Katharina Krombholz (CISPA Helmholtz Center for Information Security)
Sebastian Lekies (Google)
Nick Nikiforakis (Stony Brook)
Giancarlo Pellegrino (CISPA Helmholtz Center for Information Security)
Tamara Rezk (INRIA)
William Robertson (Northeastern)
Andrei Sabelfeld (Chalmers)
Mauro Tempesta (TU Wien)