This is announcement of the call for papers for the third in a series of 
successful workshops on topics related to security and privacy for Web 

If you would, please pass this information on to your colleagues who may 
be interested in this workshop. 

Larry Koved
Co-Chair, W2SP

Workshop Call for Papers
W2SP 2009: Web 2.0 Security and Privacy 2009
Thursday, May 21
The Claremont Resort, Oakland, California 

Previous W2SP Workshops: 2008, 2007

The goal of this one day workshop is to bring together researchers and 
practitioners from academia and industry to focus on understanding Web 2.0 
security and privacy issues, and establishing new collaborations in these 
Web 2.0 is about connecting people and amplifying the power of working 
together. Enabled by a wave of new technology, these social and business 
interactions rely on composition of content and services from multiple 
sources, commonly called mash-ups, leading to systems with complex trust 
boundaries. This trend is likely to continue because individuals and 
businesses desire the efficiency and simplicity these technologies offer. 
Together with their virtues, these technologies raise issues about 
management of identities, reputation, privacy, anonymity, transient and 
long term relationships, and composition of function and content, both on 
the server and on the client (web browser). Although the underlying 
security and privacy issues are not new, the use of these technologies on 
a wide scale and by a broad audience raises new questions. This workshop 
is intended to discuss the limitations of current technologies and explore 
The scope of W2SP 2009 includes, but is not limited to:
Trustworthy cloud-based services
Privacy and reputation in social networks
Usable security and privacy
Security for the mobile web
Identity management and psuedonymity
Advertisement and affiliate fraud
Provenance and governance
Security and privacy as a service
Web services/feeds/mashups
Security and privacy policies for composible content
Next-generation browser technology
Potential workshop participants should submit a paper on topics relevant 
to Web 2.0 security and privacy issues. We are seeking both short position 
papers (2–4 pages) and refereed papers (a maximum of 8 pages). Papers 
longer than 8 pages may be automatically rejected by the chair or workshop 
committee. From the submissions, the program committee will strive to 
balance participation between academia and industry and across topics. 
Selected papers will appear on the workshop web site. 
Workshop Co-Chairs 
Larry Koved (IBM Research) 
Dan S. Wallach (Rice University) 
Program Chair 
Adam Barth (UC Berkeley) 
Program Committee 
Ben Adida (Harvard University) 
Dirk Balfanz (PARC) 
Adam Barth (UC Berkeley) 
Konstantin (Kosta) Beznosov 
Suresh Chari (IBM Research) 
Hao Chen (UC Davis) 
Douglas Crockford (Yahoo) 
Chris Karlof (UC Berkeley) 
Larry Koved (IBM Research) 
Shriram Krishnamurthi (Brown University) 
Collin Jackson (Stanford University) 
Rob Johnson (Stony Brook University) 
John C. Mitchell (Stanford University) 
Sean W. Smith (Dartmouth University) 
Helen Wang (Microsoft Research) 
Dan S. Wallach (Rice University) 
Important Dates
Paper submission deadline: March 6, 2009, (11:59pm US-Eastern)
Workshop acceptance notification date: March 31, 2009
Workshop date: Thursday, May 21, 2009
Workshop paper submission web site: To be announced.