Cloud computing has recently emerged as a
new information technology infrastructure. In cloud computing,
information is permanently stored in large data centers on the Internet
and temporarily accessed and cached on clients that include desktops
and portable PCs, sensors, etc. With the "cloud" as a metaphor for the
Internet, cloud computing promises to deliver massively scalable
IT-enabled data, software, and hardware capabilities as a service to
external clients using Internet technologies. Cloud computing has been
envisioned as the key technology to achieve economies of scale in the
deployment and operation of IT solutions.
Cloud computing has unique attributes that raise many security and
privacy challenges in areas such as data security, recovery, and
privacy, as well as legal issues in areas such as regulatory compliance
and auditing. In contrast to traditional enterprise IT solutions, where
the IT services are under proper physical, logical and personnel
controls, cloud computing moves the application software and databases
to the servers in large data centers on the Internet, where the
management of the data and services are not fully trustworthy. When
clients store their data on the server without themselves possessing a
copy of it, how the integrity of the data can be ensured if the server
is not fully trustworthy? Will encryption solve the data
confidentiality problem of sensitive data? How will encryption affect
dynamic data operations such as query, insertion, modification, and
deletion? Data in the cloud is typically in a shared environment
alongside data from other clients. How the data segregation should be
done, while data are stored, executed, and transmitted? How the
virtulized resources is being managed and secured in the cloud? Due to
the fundamental paradigm shift in cloud computing, many security
concerns have to be better understood, unanticipated vulnerabilities
identified, and viable solutions to critical threats devised, before
the wide deployment of cloud computing techniques can take place.
Topics of interests include (but are not limited to) the following
subject categories:
- Secure management of virtualized cloud resources
- Secure network architecture for cloud computing
- Joint security and privacy aware cloud protocol design
- Access control and key management
- Trust and policy management in clouds
- Identification and privacy in cloud
- Remote data integrity protection
- Secure computation outsourcing
- Dynamic data operation security
- Software and data segregation security
- Failure detection and prediction
- Secure data management within and across data centers
- Availability, recovery and auditing
- Secure wireless cloud
Authors are invited to submit either Research Papers or Position Papers or both. Position Papers that define new problems in cloud computing security or provide visions and clarifications of cloud computing security are solicited. Regular Research Papers that present novel research results on security and privacy in cloud computing and Short Research Papers that describe work-in-progress ideas are also welcome. Research Papers and Position Papers will be reviewed separately.
Time Table
Manuscript submission: February 22, 2010 (extended firm deadline)
Acceptance notification: March 22, 2010
Final Manuscript due: Friday, April 16, 2010. (The PDF eXpress site will be available on or after Friday, 9 April 2010.)
Workshop Date: June 25, 2010
Paper Submission
Final Submission Instruction:
Final Paper Formatting and Submission Instructions Webpage (Online Author Kit).
Download the Formatting Template: Latex, or MS Word.
Form of Manucript: All paper submissions should follow the
IEEE 8.5" x 11" Two-Column Format.
Regular Research Paper submission can have 10 pages plus up to 2 over-length pages. If the paper is accepted for publication, an over-length fee will be charged to each of the over-length pages, at $200 per page in the final camera-ready version.
Position Papers and
Short Research Papers, on the other hand, are allowed to be up to 5 pages.
Electronic Submission:
https://www.easychair.org/login.cgi?conf=spcc20100.
Technical Program
| 08:45 - 09:00 |
Welcome |
| 09:00 - 10:00 |
Keynote |
|
Protecting confidentiality in external data storage
Prof. Pierangela Samarati, University of Milano |
| 10:00 - 10:30 |
Coffee Break |
| 10:30 - 12:30 |
Technical Session I (Chair: Kui Ren, Illinois Institute of Technology) |
| |
Security and Architectural Issues for National Security Cloud Computing
Anya Kim, John McDermott and Myong Kang, Naval Research Lab, USA
|
| |
Network Forensics through Cloud Computing
Xinwen Fu, UMass Lowell, USA, Zhen Ling, Southeast University, China, Wei Yu, Towson University, and Junzhou Luo, Southeast University, China
|
| |
Securing a Community Cloud
Fabrizio Baiardi and Daniele Sgandurra, University of Pisa, Italy
|
| |
Encryption-based Policy Enforcement for Cloud Storage
Sabrina De Capitani di Vimercati, Sara Foresti, University of Milano, Sushil Jajodia, George Mason University, USA, Stefano Paraboschi, Gerardo Pelosi, University of Bergano, Italy, and Pierangela Samarati, University of Milano
|
| |
SecCloud: Bridging Secure Storage and Computation in Cloud
Lifei Wei, Haojin Zhu, Zhenfu Cao, Weiwei Jia, Shanghai Jiaotong University, and Athanasios Vasilakos, University of Western Macedonia
|
| 12:30 - 14:00 |
Lunch Break |
| 14:00 - 15:00 |
Panel |
|
“New Research Directions of Security and Privacy in Cloud Computing”
Panelists: Krishna Kant, Intel Research & NSF, Sabrina De Capitani di Vimercati, University of Milano, Jack Brassil, HP Laboratories
Moderator: Kui Ren, Illinois Institute of Technology
|
| 15:00 - 15:30 |
Coffee Break |
| 15:30 - 17:00 |
Technical Session II (Chair: Xinwen Fu, University of Massachusetts Lowell) |
|
Architecture and Protocol for User-Controlled Access Management in Web 2.0 Applications
Maciej Machulak and Aad van Moorsel, Newcastle University, UK
|
| |
IRRES: Intrusion Resilient Remote Email Storage
Di Ma, University of Michigan, Dearborn and Gene Tsudik, University of California, Irvine.
|
| |
Physical Layer Network Isolation in Multi-tenant Clouds
Jack Brassil, HP Laboratories
|
| |
On Trustworthiness of CPU Usage Metering and Accounting
Mei Liu and Xuhua Ding, Singapore Management University
|
Organizing Committees
Program Co-chairs
Peng Ning, North
Carolina State University, Raleigh
Wenjing Lou, Worcester
Polytechnic Institute
Publicity Chair
Kui Ren, Illinois
Institute of Technology
Technical Program Committee
Vasanth Bala, IBM T.J. Watson Research
Guohong Cao, The Pennsylvania State University
Hao Chen, UC Davis
Shigang Chen, University of Florida
Bruno Crispo, University of Trento
Weidong Cui, Microsoft Research
Roberto Di Pietro, Universitat Rovira i Virgili
Yong Guan, Iowa State University
Xuxian Jiang, North Carolina State University
Ari Juels, RSA Laboratories
Yongdae Kim, University of Minnesota at Twin Cities
Wenke Lee, Georgia Institute of Technology
Karl Levitt, UC Davis
Refik Molva, EURECOM
Peter Mueller, IBM Zurich Research
Cristina Nita-Rotaru, Purdue University
Alina Oprea, RSA Laboratories
Michael Reiter, University of North Carolina at Chapel Hill
Kui Ren, Illinois Institute of Technology
Mark Ryan, University of Birmingham
Pierangela Samarati, Università degli Studi di Milano
Wade Trappe, Rutgers University
Mladen Vouk, North Carolina State University
Cliff Wang, US Army Research Office
Guilin Wang, University of Birmingham
Xinyuan Wang, George Mason University
Samuel Weber, National Science Foundation
Tilman Wolf, University of Massachusetts Amherst
Dongyan Xu, Purdue University
Dong Xuan, The Ohio State University
Lok-Kwong Yan, US Air Force Research Laboratory
Moti Yung, Google Inc.
Xiaolan Zhang, IBM T.J. Watson Research
Lenore D. Zuck, National Science Foundation and University of Illinois at Chicago
Steering Committee
Peng Ning, North
Carolina State University, Raleigh
Jeffrey Chase,
Duke University
David Du,
University of Minnesota
Ari Juels,
RSA Laboratories
Wenjing Lou, Worcester
Polytechnic Institute
Michael Reiter,
University of North Carolina at Chapel Hill
Moti Yung,
Google Inc.
