[ecoop-info] CFP: Workshop on Web Applications and Secure Hardware (WASH’13)

John Lyle john.lyle at cs.ox.ac.uk
Thu Jan 31 11:09:22 CET 2013

Workshop on Web Applications and Secure Hardware (WASH’13)

20th June 2013. London, UK.


In conjunction with the International Conference on Trust and 
Trustworthy Computing.

Submission of papers:    5th April 2013
Notification of authors: 6th May 2013
Workshop:                20th June 2013

Web browsers are becoming the platform of choice for applications that 
need to work across a wide range of different devices, including mobile 
phones, tablets, PCs, TVs and in-car systems. However, for web 
applications which require a higher level of assurance, such as online 
banking, mobile payment, and media distribution (DRM), there are 
significant security and privacy challenges. A potential solution to 
some of these problems can be found in the use of secure hardware – such 
as TPMs, Arm TrustZone, virtualisation and secure elements – but these 
are rarely accessible to web applications or used by web browsers.

This workshop will focus on how secure hardware can enhance web 
applications and web browsers to provide functionality such as 
credential storage, attestation and secure execution. This includes 
challenges in compatibility (supporting the same security features 
despite different user hardware) as well as multi-device scenarios where 
a device with hardware mechanisms can help provide assurance for systems 
without.  Also of interest are proposals to enhance existing security 
mechanisms and protocols, security models where the browser is not 
trusted by the web application, and enhancements to the browser itself.

The primary goals of the workshop are to identify challenges in this 
area, share early results and work-in-progress, and identify new areas 
for research and development.

We invite submissions on the following topics:

* Trustworthy computing infrastructures for web applications
* Improvements to existing web protocols and APIs based on secure hardware
* APIs and standards for browser-based cryptography and access to secure 
* Uses of secure hardware in web browsers
* Enhancing the security of mobile web applications through trusted hardware
* Security models for web applications involving secure hardware
* Credential management and key storage in the browser
* Web application authentication
* Multi-screen secure web applications
* Web browser access control and isolation techniques

We strongly encourage work-in-progress papers, experience reports and 
position papers.

Important dates
* Submissions due: 5th April 2013
* Notification: 6th May 2013
* Workshop: 20th June 2013

We intend to publish the accepted papers with CEUR, an open access 
publisher of peer-reviewed workshops proceedings. CEUR proceedings can 
be indexed with DBLP and can be found from Google Scholar. Authors will 
retain the copyright for individual papers but will grant the 
proceedings editors non-exclusive and non-time limited publication 

Submission guidelines
Submissions should be submitted via EasyChair using this link: 
https://www.easychair.org/conferences/?conf=wash13 .

Please use the Springer LNCS template for submissions. Submissions must 
be in PDF format and should also meet the guidelines outlined on the 
CEUR submission webpage.  These include two important points:
  * All papers must be scientific or serve academic purposes. 
Advertisements (including logos of sponsor companies) are not permitted.
  * The papers must be original, i.e. not published in an earlier 
workshop or conference or journal.

We strongly recommend that papers are no more than 7 pages long. Longer 
papers may be accepted, but reviewers will be critical of papers which 
could have been made shorter.

All submissions that meet these guidelines will be peer reviewed.

Programme Committee
* Andrea Atzeni (Politecnico di Torino)
* Andrew Martin (University of Oxford )
* Chris Mitchell (Royal Holloway)
* John Lyle (University of Oxford)
* Jun Ho Huh (University of Illinois at Urbana-Champaign)
* Marcel Winandy  (Ruhr-University Bochum)
* Marcos Cáceres (Data.Driven)
* Nick Allott (Nquiringminds)
* Ronald Tögl (TU Graz)
* Shamal Faily (University of Oxford)
* Virginie Galindo (Gemalto)

For more information, please contact John Lyle ( john.lyle at cs.ox.ac.uk ).

More information about the ecoop-info mailing list