Call for Papers

Cloud computing has recently emerged as a new information technology infrastructure. In cloud computing, information is permanently stored in large data centers on the Internet and temporarily accessed and cached on clients that include desktops and portable PCs, sensors, etc. With the "cloud" as a metaphor for the Internet, cloud computing promises to deliver massively scalable IT-enabled data, software, and hardware capabilities as a service to external clients using Internet technologies. Cloud computing has been envisioned as the key technology to achieve economies of scale in the deployment and operation of IT solutions.

Cloud computing has unique attributes that raise many security and privacy challenges in areas such as data security, recovery, and privacy, as well as legal issues in areas such as regulatory compliance and auditing. In contrast to traditional enterprise IT solutions, where the IT services are under proper physical, logical and personnel controls, cloud computing moves the application software and databases to the servers in large data centers on the Internet, where the management of the data and services are not fully trustworthy. When clients store their data on the server without themselves possessing a copy of it, how the integrity of the data can be ensured if the server is not fully trustworthy? Will encryption solve the data confidentiality problem of sensitive data? How will encryption affect dynamic data operations such as query, insertion, modification, and deletion? Data in the cloud is typically in a shared environment alongside data from other clients. How the data segregation should be done, while data are stored, executed, and transmitted? How the virtulized resources is being managed and secured in the cloud? Due to the fundamental paradigm shift in cloud computing, many security concerns have to be better understood, unanticipated vulnerabilities identified, and viable solutions to critical threats devised, before the wide deployment of cloud computing techniques can take place. Topics of interests include (but are not limited to) the following subject categories:

  • Secure management of virtualized cloud resources
  • Secure network architecture for cloud computing
  • Joint security and privacy aware cloud protocol design
  • Access control and key management
  • Trust and policy management in clouds
  • Identification and privacy in cloud
  • Remote data integrity protection
  • Secure computation outsourcing
  • Dynamic data operation security
  • Software and data segregation security
  • Failure detection and prediction
  • Secure data management within and across data centers
  • Availability, recovery and auditing
  • Secure wireless cloud

Authors are invited to submit either Research Papers or Position Papers or both. Position Papers that define new problems in cloud computing security or provide visions and clarifications of cloud computing security are solicited. Regular Research Papers that present novel research results on security and privacy in cloud computing and Short Research Papers that describe work-in-progress ideas are also welcome. Research Papers and Position Papers will be reviewed separately.

Time Table

Manuscript submission: February 22, 2010 (extended firm deadline)
Acceptance notification: March 22, 2010
Final Manuscript due: Friday, April 16, 2010. (The PDF eXpress site will be available on or after Friday, 9 April 2010.)
Workshop Date: June 25, 2010

Paper Submission

Final Submission Instruction: Final Paper Formatting and Submission Instructions Webpage (Online Author Kit).

Download the Formatting Template: Latex, or MS Word.

Form of Manucript: All paper submissions should follow the IEEE 8.5" x 11" Two-Column Format. Regular Research Paper submission can have 10 pages plus up to 2 over-length pages. If the paper is accepted for publication, an over-length fee will be charged to each of the over-length pages, at $200 per page in the final camera-ready version. Position Papers and Short Research Papers, on the other hand, are allowed to be up to 5 pages.

Electronic Submission: https://www.easychair.org/login.cgi?conf=spcc20100.

Technical Program

08:45 - 09:00 Welcome
09:00 - 10:00 Keynote
Protecting confidentiality in external data storage
Prof. Pierangela Samarati, University of Milano
10:00 - 10:30 Coffee Break
10:30 - 12:30 Technical Session I (Chair: Kui Ren, Illinois Institute of Technology)
Security and Architectural Issues for National Security Cloud Computing
Anya Kim, John McDermott and Myong Kang, Naval Research Lab, USA
Network Forensics through Cloud Computing
Xinwen Fu, UMass Lowell, USA, Zhen Ling, Southeast University, China, Wei Yu, Towson University, and Junzhou Luo, Southeast University, China
Securing a Community Cloud
Fabrizio Baiardi and Daniele Sgandurra, University of Pisa, Italy
Encryption-based Policy Enforcement for Cloud Storage
Sabrina De Capitani di Vimercati, Sara Foresti, University of Milano, Sushil Jajodia, George Mason University, USA, Stefano Paraboschi, Gerardo Pelosi, University of Bergano, Italy, and Pierangela Samarati, University of Milano
SecCloud: Bridging Secure Storage and Computation in Cloud
Lifei Wei, Haojin Zhu, Zhenfu Cao, Weiwei Jia, Shanghai Jiaotong University, and Athanasios Vasilakos, University of Western Macedonia
12:30 - 14:00 Lunch Break
14:00 - 15:00 Panel
“New Research Directions of Security and Privacy in Cloud Computing”
Panelists: Krishna Kant, Intel Research & NSF, Sabrina De Capitani di Vimercati, University of Milano, Jack Brassil, HP Laboratories
Moderator: Kui Ren, Illinois Institute of Technology
15:00 - 15:30 Coffee Break
15:30 - 17:00 Technical Session II (Chair: Xinwen Fu, University of Massachusetts Lowell)
Architecture and Protocol for User-Controlled Access Management in Web 2.0 Applications
Maciej Machulak and Aad van Moorsel, Newcastle University, UK
IRRES: Intrusion Resilient Remote Email Storage
Di Ma, University of Michigan, Dearborn and Gene Tsudik, University of California, Irvine.
Physical Layer Network Isolation in Multi-tenant Clouds
Jack Brassil, HP Laboratories
On Trustworthiness of CPU Usage Metering and Accounting
Mei Liu and Xuhua Ding, Singapore Management University

Organizing Committees

Program Co-chairs

Peng Ning, North Carolina State University, Raleigh
Wenjing Lou, Worcester Polytechnic Institute

Publicity Chair

Kui Ren, Illinois Institute of Technology

Technical Program Committee

Vasanth Bala, IBM T.J. Watson Research
Guohong Cao, The Pennsylvania State University
Hao Chen, UC Davis
Shigang Chen, University of Florida
Bruno Crispo, University of Trento
Weidong Cui, Microsoft Research
Roberto Di Pietro, Universitat Rovira i Virgili
Yong Guan, Iowa State University
Xuxian Jiang, North Carolina State University
Ari Juels, RSA Laboratories
Yongdae Kim, University of Minnesota at Twin Cities
Wenke Lee, Georgia Institute of Technology
Karl Levitt, UC Davis
Refik Molva, EURECOM
Peter Mueller, IBM Zurich Research
Cristina Nita-Rotaru, Purdue University
Alina Oprea, RSA Laboratories
Michael Reiter, University of North Carolina at Chapel Hill
Kui Ren, Illinois Institute of Technology
Mark Ryan, University of Birmingham
Pierangela Samarati, Università degli Studi di Milano
Wade Trappe, Rutgers University
Mladen Vouk, North Carolina State University
Cliff Wang, US Army Research Office
Guilin Wang, University of Birmingham
Xinyuan Wang, George Mason University
Samuel Weber, National Science Foundation
Tilman Wolf, University of Massachusetts Amherst
Dongyan Xu, Purdue University
Dong Xuan, The Ohio State University
Lok-Kwong Yan, US Air Force Research Laboratory
Moti Yung, Google Inc.
Xiaolan Zhang, IBM T.J. Watson Research
Lenore D. Zuck, National Science Foundation and University of Illinois at Chicago

Steering Committee

Peng Ning, North Carolina State University, Raleigh
Jeffrey Chase, Duke University
David Du, University of Minnesota
Ari Juels, RSA Laboratories
Wenjing Lou, Worcester Polytechnic Institute
Michael Reiter, University of North Carolina at Chapel Hill
Moti Yung, Google Inc.