ACM SIGCHI General Interest Announcements (Mailing List)


Options: Use Forum View

Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Blink Yu <[log in to unmask]>
Reply To:
Tue, 15 Oct 2019 10:18:51 +0800
text/plain (107 lines)
(Apologies for any cross-posting)


Special Issue on
Cloud Security Risk Management

Guest Editor
Marco Cremonini, University of Milan, Italy

Information Journal
ISSN 2078-2489, EI, Scopus, et. al. indexed open access journal.

Submission: April 1, 2020

CfP and submission instructions at :

”Information security is Information Risk Management" proclaimed Dan
Geer at the beginning of the century. After almost two decades, the
design and development of effective risk-based management strategies for
modern information systems, in particular with regard to cybersecurity
threats, proved to be still ridden with difficult technical and
non-technical challenges, like the insufficient adoption of quantitative
risk assessment approaches, integration of security risk monitoring
features with development and operation functions, or understanding of
human errors leading to security incidents. The advent of cloud
computing and its "as-a-Service" centralized nature has changed the
scenario of modern information systems and applications, for both
organizations and end-users, sometimes in unforeseen ways, for example
with respect to data management and protection, the availability and
accountability of online services, and even the advertising based
revenue model playing a key role in the current digital society. This
evolution has also changed the risk landscape, introducing new threats,
threat agents, and vectors. Cloud-based systems also introduced
different, more complex, cause-effect relations between risks and the
subjects possibly affected by their consequences. Similarly, risk
mitigation solutions, for example with respect to the role of assurance
and certifications, are subject to changes in a cloud-based context.
Overall, cloud security risk management needs innovative approaches
(e.g., analysis methodologies, models, simulations) to take into account
risks resulting from the technical infrastructure and risks emerging
from the complex network of relations between services, data, and
stakeholders. The typical dynamic nature of cloud infrastructures adds
an additional layer of complexity to security risk management, in term
of monitoring of dynamic systems and networks. Recent important
advances, like the integration between edge and cloud computing, are
going to raise further the degree of complexity. Regulatory compliance,
contractual obligations, and accountability are also important aspects
to be considered. Authors are invited to submit papers tackling with the
technical or non-technical problems and challenges posed by cloud
security risk management.

Topics include:
•	Risk assessment of cloud security risks
•	Cloud security vulnerabilities and risk-based prioritization
•	Risk in edge/cloud computing
•	Systemic risk to cloud infrastructures
•	Risk scenarios analyses and simulations
•	Cloud security risk assurance
•	Human and organizational errors
•	Economics of cloud security risk management
•	Legal and regulatory compliance challenges

Academics and practitioners are invited to submit papers for
consideration in the Special Issue.  Extended conference papers are
welcome, provided they have been revised to include at least 25% new

To submit to this special issue and for Authors Instructions, please
visit the Manuscript Submission Information section at

Mr. Blink Yu
Managing Editor
E-Mail: [log in to unmask]
Skype: live:c91693ac8277e1f0
MDPI Wuhan Office
No.6 Jingan Road, 430064 Wuhan, China

Postfach, CH-4020 Basel, Switzerland
Disclaimer: MDPI recognizes the importance of data privacy and
protection. We treat personal data in line with the General Data
Protection Regulation (GDPR) and with what the community expects of us.
The information contained in this message is confidential and intended
solely for the use of the individual or entity to whom they are
addressed. If you have received this message in error, please notify me
and delete this message from your system. You may not copy this message
in its entirety or in part, or disclose its contents to anyone.

    For news of CHI books, courses & software, join CHI-RESOURCES
     mailto: [log in to unmask]

    To unsubscribe from CHI-ANNOUNCEMENTS send an email to
     mailto:[log in to unmask]

    For further details of CHI lists see