This is a workshop that may be of interest to subscribers of this mailing 

Workshop web site:    
2007 workshop web site:

Workshop Call for Position Papers
W2SP 2008: Web 2.0 Security and Privacy 2008
Thursday, May 22 The Claremont Resort, Oakland, California Sponsored by 
the 2008 IEEE Symposium on Security and Privacy 

The goal of this one day workshop is to bring together researchers and 
practitioners from academia and industry to focus on understanding Web 2.0 
security and privacy issues, and establishing new collaborations in these 
Web 2.0 is about connecting people and amplifying the power of working 
together. The mixing of technology and social interaction is occurring in 
the context of a wave of technologies supporting rapid development of 
these interpersonal and business interactions. Many of the new web 
technologies rely on the composition of content and services from multiple 
sources, resulting in complex technology compositions (mash-ups). The 
content composition trend is likely to continue. The lure of these 
technologies is the promise of simpler ways to compose software service 
and content, at lower cost. 
However, there are issues with respect to management of identities, 
reputation, privacy, anonymity, transient and long term relationships, and 
composition of function and content, both on the server side and at the 
client (web browser). While the security and privacy issues are not new, 
these issues are increasingly becoming acute as the technologies are 
adopted and adapted to appeal to wider audiences. Some of these 
technologies deliberately bypass existing security mechanisms. This 
workshop is intended to discuss the limitations of the current 
technologies and explore alternatives. 
The scope of W2SP 2008 includes, but is not limited to:
Identity, privacy, reputation and anonymity
End-to-end security architectures
Security of content composition
Security and privacy policy definition and modeling of content composition
Provenance and governance
Usable security and privacy models
Static and dynamic analysis for security
Security as a service
Click fraud
Software as a service
Web services/feeds/mashups
Next generation browser technology
Due to space limitations of the workshop, venue registration is limited to 
75 participants. Potential workshop participants should submit a paper on 
topics relevant to Web 2.0 security and privacy issues. We are seeking 
both short position papers (2–4 pages) and refereed papers (a maximum of 8 
pages). Papers longer than 8 pages may be automatically rejected by the 
co-chairs or workshop committee. From the submissions, the program 
committee will strive to select participants in a way that is balanced 
between academia and industry, as well as across topics. Selected papers 
will appear on the workshop web site. 
Workshop Co-Chairs: [log in to unmask] 
Larry Koved, IBM T. J. Watson Research Center
Dan S. Wallach, Rice University 
Important dates: 
Paper submission deadline: March 7, 2008, (11:59pm US-Eastern)
Workshop acceptance notification date: March 28, 2008
Workshop date: Thursday May 22, 2008
Workshop paper submission web site: 
Registration: Workshop registration will only be available via the 2008 
IEEE Symposium on Security and Privacy conference web site.