Call For Papers - Refereed Papers Track at OWASP AppSec Europe 2006 Conference
The Open Web Application Security Project (OWASP, http://www.owasp.org) is dedicated to finding and fighting the causes of insecure software. OWASP has dozens of projects and over 50 chapters worldwide focused on application security. Our high quality tools and documentation are used everywhere, including the freely available book-length "Guide to Secure Web Applications and Services", the leading web application penetration testing tool called "WebScarab", and an advanced web application security training application called "WebGoat". The OWASP Foundation, a not-for-profit charitable organization, ensures the ongoing availability and support for this work. The OWASP AppSec conferences (http://www.owasp.org/conferences.html) bring together application security experts, researchers and practitioners from all over the world. Industry and academia can meet to discuss open problems and new solutions in application security. The conferences offer tutorials, keynotes, and invited presentations. For the first time, the 2006 OWASP AppSec Europe conference will feature refereed papers. Original research papers pertaining to all aspects of web application security are solicited. Papers should describe new ideas, new implementations, or experiences related to web application security. Topics of interest include, but are not limited to: - Web application security - Threat modeling of web applications - Vulnerability analysis of web applications (code review, pentest, static analysis, scanning) - Countermeasures for web application vulnerabilities - Secure coding techniques - Static and dynamic analysis of web application technologies - Platform or language (e.g. Java, .NET) security features that help secure web applications - Open source framework features that help secure web applications - How to use databases securely in web applications - Experiences or new ideas on Secure Development Lifecycles (SDLC) - Experiences using web application security scanning or code analysis tools - Access control in web applications - Web services security It is the intention of the organizers to publish accepted papers in a conference proceedings. Important dates: Submission deadline (Draft Paper): March 20 Notification of acceptance: April 20 Final version due: May 20 Conference: May 29-31, 2006 (May 29 training day) (May 30-31 Conference) Instructions for authors: Submitted papers should not substantially overlap with papers that have been published. Submissions should be at most 12 pages long in the Springer LNCS Style for Proceedings and Other Multiauthor Volumes. Templates for preparing papers in this style for LaTeX, Word, and other word processors can be downloaded from: http://www.springer.com/sgw/cda/frontpage/0,11855,5-164-2-72376-0,00.html All submissions should be sent in Adobe Portable Document Format (pdf) to Frank Piessens at Frank.Piessens_at_cs.kuleuven.ac.be. Programme Committee: Konstantin Beznosov, University of British Columbia, Canada Sebastien Deleersnyder, Ascure and OWASP Belgian Chapter, Belgium Andreas Fuchsberger, Royal Holloway, University of London, UK Andre Marien, Ubizen, Belgium Mattia Monga, Milan University, Italy Johan Peeters, secappdev.org, Belgium Frank Piessens, Katholieke Universiteit Leuven, Belgium (chair) Erik Poll, Radboud Universiteit Nijmegen, The Netherlands Maarten Rits, SAP Research, France Chris Vanden Berghe, IBM Research, Switzerland _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php