Here is a one-page printable PDF version of the CFP for this track.

The flexibility and richness of the Web architecture have come at the price of increasing complexity and lack of a sound overall security architecture. The movement toward Web-based services, and the increasing dependency on the Web, have also made reliability a first-rate security concern. From malware and spyware, drive-by downloads, typo squatting, denial of service attacks, to phishing and identity theft, a variety of threats make the Web an increasingly hostile and dangerous environment. By undermining user trust, these problems are hampering e-commerce and the growth of online communities.

This track promotes the view that security, privacy, reliability, and sound guiding ethics must be part of the texture of a successful World Wide Web. In addition to devising practical tools and techniques, it is the duty of the research community to promote and guide business adoption of security technology for the Web and to help inform related legislation. We seek novel research (both theoretical and practical) in security, privacy, reliability, and ethics as they relate to the Web, including but not limited to the following areas:

• Authentication, authorization, and auditing on the web
• Availability and reliability of Web servers and services
• Intrusion detection and honeypots
• The Insider threat
• Privacy-enhancing technologies, including anonymity, pseudonymity and identity management, specifically for the web
• User interfaces and usability as they relate to use of cryptography and online scams such as phishing and pharming
• Applications of cryptography to the web, including PKI and supporting concepts like digital signatures, certification, etc.
• Electronic commerce, particularly security mechanisms for e-cash, auctions, payment, and fraud detection
• Economic / business analysis of Web security and privacy
• Legal and legislative approaches to issues of Web security and privacy
• Secure and robust management of server farms
• Dealing with client-side risks
• Security for new web services (blogs, RSS, wikis, etc.)
• Wireless web security (including RFID, sensors, and mobile phones)
• Content protection and abuse on the web (DRM, web/blog spam, etc.)

Paper formatting requirements are provided on the submissions page.

Track Chair: Angelos Keromytis (Columbia University, USA)

Deputy Chair: Dan Wallach (Rice University, USA)

Program Committee:

• Scott Alexander (Telcordia, USA)
• Weidong Cui (Microsoft Research, USA)
• George Danezis (KU Leuven, Belgium)
• Roberto Di Pietro (University of Roma "La Sapienza", Italy)
• Nick Feamster (Georgia Tech, USA)
• Bao Feng (Institute for Infocomm Research, Singapore)
• Kevin Fu (University of Massachusetts at Amherst, USA)
• John L. Griffin (BAE)
• Stuart Haber (HP Labs, USA)
• Goichiro Hanaoka (JAIST, Japan)
• Markus Jakobsson (University of Indiana, USA)
• Sam King (University of Illinois at Urbana-Champaign, USA)
• Yoshi Kohno (University of Washington, USA)
• Shriram Krishnamurthy (Brown University, USA)
• Christopher Kruegel (Technical University Vienna, Austria)
• Ninghui Li (Purdue University, USA)
• Patrick McDaniel (Penn State University, USA)
• Raphael C.-W. Phan (Swinburne University of Technology, Malaysia)
• Vassilis Prevelakis (Drexel University, USA)
• Eric Rescorla (RTFM Inc., USA)
• Jim Roskind (Roskind Consulting, USA)
• Ke Wang (Google, USA)
• Brent Waters (SRI, USA)
• Nick Weaver (ICSI, USA)
• Susanne Wetzel (Stevens Institute of Technology, USA)
• Matt Wright (University of Texas at Arlington, USA)

Photo Credits: Banff Lake Louise Tourism (unless stated otherwise)
Please report Web site problems to www2007webmaster@iw3c2.org
Last modified: April 07 2007.