Revision as of 02:44, 18 February 2010

2nd. Ibero-American Web Application Security Conference (IBWAS'10)

ISCTE - Lisbon University Institute |

IBWAS'09 (last year editon)

11 - 12 November 2010

Welcome

Call for Papers

Introduction

There is a change in the information systems development paradigm. The emergence of Web 2.0 technologies led to the extensive deployment and use of web-based applications and web services as a way to developed new and flexible information systems. Such systems are easy to develop, deploy and maintain and demonstrate impressive features for users, resulting in their current wide use.

As a result of this paradigm shift, the security requirements have also changed. These web-based information systems have different security requirements, when compared to traditional systems. Important security issues have been found and privacy concerns have also been raised recently. In addition, the emerging Cloud Computing paradigm promises even greater flexibility; however corresponding security and privacy issues still need to be examined. The security environment should involve not only the surrounding environment but also the application core.

This conference aims to bring together application security experts, researchers, educators and practitioners from the industry, academia and international communities such as OWASP, in order to discuss open problems and new solutions in application security. In the context of this track academic researchers will be able to combine interesting results with the experience of practitioners and software engineers.

Conference Topics

Suggested topics for papers submission include (but are not limited to):

• Secure application development
• Security of service oriented architectures
• Security of development frameworks
• Threat modelling of web applications
• Cloud computing security
• Web applications vulnerabilities and analysis (code review, pen-test, static analysis etc.)
• Metrics for application security
• Countermeasures for web application vulnerabilities
• Secure coding techniques
• Platform or language security features that help secure web applications
• Secure database usage in web applications
• Access control in web applications
• Web services security
• Browser security
• Privacy in web applications
• Standards, certifications and security evaluation criteria for web applications
• Application security awareness and education
• Security for the mobile web
• Attacks and Vulnerability Exploitation

Paper Submission Instructions

Authors should submit an original paper in English, carefully checked for correct grammar and spelling, using the on-line submission procedure (http://paperman.ibwas.com). Please check the paper formats so you may be aware of the accepted paper page limits (12 pages, in accordance to a supplied template).

The guidelines for paper formatting provided at the conference web site must be strictly used for all submitted papers. The submission format is the same as the camera-ready format. Please check and carefully follow the instructions and templates provided.

Each paper should clearly indicate the nature of its technical/scientific contribution, and the problems, domains or environments to which it is applicable.

Papers that are out of the conference scope or contain any form of plagiarism will be rejected without reviews.

Remarks about the on-line submission procedure: 1. A "double-blind" paper evaluation method will be used. To facilitate that, the authors are kindly requested to produce and provide the paper, WITHOUT any reference to any of the authors. This means that is necessary to remove the author’s personal details, the acknowledgements section and any reference that may disclose the authors identity

2. Papers in ODF, PDF, DOC, DOCX or RTF format are accepted

3. The web submission procedure automatically sends an acknowledgement, by e-mail, to the contact author.

Organization and Program Committee

IBWAS09 Chairs and Organization

Carlos Serrão, ISCTE-IUL Instituto Universitário de Lisboa, OWASP Portugal, Portugal
Vicente Aguilera Díaz, Internet Security Auditors, OWASP Spain, Spain
Fabio Cerullo, OWASP Global Education Commitie, OWASP Ireland, Ireland

IBWAS09 Program Committee

André Zúquete, Universidade De Aveiro, Portugal
Candelaria Hernández-Goya, Universidad De La Laguna, Spain
Carlos Costa, Universidade De Aveiro, Portugal
Carlos Ribeiro, Instituto Superior Técnico, Portugal
Eduardo Neves, OWASP Education Committee, OWASP Brazil, Brazil
Francesc Rovirosa i Raduà, Universitat Oberta de Catalunya (UOC), Spain
Gonzalo Álvarez Marañón, Consejo Superior de Investigaciones Científicas (CSIC), Spain
Isaac Agudo, University of Malaga, Spain
Jaime Delgado, Universitat Politecnica De Catalunya, Spain
Javier Hernando, Universitat Politecnica De Catalunya, Spain
Javier Rodríguez Saeta, Barcelona Digital, Spain
Joaquim Castro Ferreira, Universidade de Lisboa, Portugal
Joaquim Marques, Instituto Politécnico de Castelo Branco, Portugal
Jorge Dávila Muro, Universidad Politécnica de Madrid (UPM), Spain
Jorge E. López de Vergara, Universidad Autónoma de Madrid, Spain
José Carlos Metrôlho, Instituto Politécnico de Castelo Branco, Portugal
José Luis Oliveira, Universidade De Aveiro, Portugal
Kuai Hinojosa, OWASP Global Education Committee, New York University, United States
Leonardo Chiariglione, Cedeo, Italy
Leonardo Lemes, Unisinos, Brasil
Manuel Sequeira, ISCTE-IUL Instituto Universitário de Lisboa, Portugal
Marco Vieira, Universidade de Coimbra, Portugal
Mariemma I. Yagüe, University of Málaga, Spain
Miguel Correia, Universidade de Lisboa, Portugal
Miguel Dias, Microsoft, Portugal
Nuno Neves, Universidade de Lisboa, Portugal
Osvaldo Santos, Instituto Politécnico de Castelo Branco, Portugal
Panos Kudumakis, Queen Mary University of London, United Kingdom
Paulo Sousa, Universidade de Lisboa, Portugal
Rodrigo Roman, University of Malaga, Spain
Rui Cruz, Instituto Superior Técnico, Portugal
Rui Marinheiro, ISCTE-IUL Instituto Universitário de Lisboa, Portugal
Sérgio Lopes, Universidade do Minho, Portugal
Tiejun Huang, Pekin University, China
Víctor Villagrá, Universidad Politécnica de Madrid (UPM), Spain
Vitor Filipe, Universidade de Trás-os-Montes e Alto Douro, Portugal
Vitor Santos, Microsoft, Portugal
Vitor Torres, Universitat Pompeu Fabra, Spain
Wagner Elias, OWASP Brazil Chapter Leader, Brazil

Registration

Registration will be available as soon as possible.

Agenda/Schedule

The agenda will be available as soon as possible.

Papers

This will contain the list of accepted papers.

Speakers

The list of speakers will be available here as soon as possible.

Venue

IBWAS'10 will be taking place at the ISCTE - Lisbon University Institute in Lisbon, Portugal.

Location

Ed. ISCTE
Av. das Forças Armadas
1600- Lisboa
Portugal

Find the location on Google Maps.

<googlemap version="0.9" lat="38.749565" lon="-9.15277" zoom="15"> 38.748862, -9.152384, ISCTE-IUL </googlemap>

How to get there?

Car

• Go up the Av.ª das Forças Armadas.
• Turn north at the crossing with Av.ª Prof. Gama Pinto. The crossing is located at the highest point of Av.ª das Forças Armadas.
• Turn to the second street right.
• Turn to the first street right.
• The main entrance of ISCTE is at your left.

Train

• Leave the train at the Entrecampus station. Look for the exit leading to Av.ª da República.
• Walk north for about 250 m towards the Rotunda de Entrecampus (a circle).
• At the circle, turn left to the Av.ª das Forças Armadas.
• Climb west for about 300 m towards Sete Rios. Use the sidewalk on the right.
• The entry leading to ISCTE will be at your right, immediatly after the canteen of the University of Lisbon.

Bus

• Get on any Carris bus with numbers 54, 701, or 732.
• Leave the bus at the "Faculdade de Farmácia" stop, at the top of Av.ª das Forças Armadas, close to an old house with ia battlemented roof.
• Walk down the avenue for about 50 m. The entry leading to ISCTE will be at your left, immediatly before the canteen of the University of Lisbon.

Subway

First alternative:

• Leave the train at the Entrecampos station.
• Exit the station through the north exit, leading to the Rotunda de Entrecampos (a circle), close to Av.ª das Forças Armadas.
• From the circle, go west, up the Av.ª das Forças Armadas, for about 300 m.
• Use the sidewalk on the right.
• The entry leading to ISCTE will be at your right, immediatly after the canteen of the University of Lisbon.

Second alternative:

• Leave the train at the Cidade Universitária station.
• Exit the station through the passage leading to Hospital de Santa Maria.
• Walk south, along the left sidewalk of Av.ª Prof. Gama Pinto, for about 150 m (i.e., walk towards the Av.ª das Forças Armadas).
• After the crossing with the Av.ª Prof. Egas Moniz (at your right), turn into the first street at your left.
• Turn to the first street right.
• The main entrance of ISCTE is at your left.

Links

Metro: www.metrolisboa.pt
Buses www.carris.pt
Trains: www.cp.pt
Taxis: www.antral.pt

Hotels

Information about the recommended hotels will be here as soon as possible.

Sponsors

Sponsors

Tourism

Visit Lisbon

For Tourist Information and more: Visit Lisbon (website of the Lisbon Tourism Office). See also here. About Portugal, see here.

LISBON is beautiful, historic, modern, sunny & it never stops! It is an enchanting city with delightful cuisine and unforgettable sites. The city holds many pleasant surprises to visitors who wish to enjoy their stay. The capital of Portugal since its conquest from the Moors in 1147, Lisbon is a legendary city with over 20 centuries of History. The Alfama is one of the oldest quarters in Lisbon. It survived the earthquake of 1755 and still retains much of its original layout. In addition to Alfama are the likewise old quarters of Castelo and Mouraria, on the western and northern slopes of the hill that is crowned by St. George's Castle. Radiant skies brighten the monumental city, with its typical tile covered building façades and narrow medieval streets, where one can hear the fado being played and sung at night.

Here's a taste of what you can find.