Computer networked systems and services have become a crucial infrastructure element for the organization of modern society. These networks and services are required to be more and more open and new technology is designed to facilitate the interoperation between these networks composed of heterogeneous, communicating devices. Guaranteeing that they interoperate securely has become a major concern for individuals, enterprises and governments. In this framework paradigms such as cloud computing offer many benefits, however, security issues such as confidentiality and privacy are still major concerns to those intending to migrate to the cloud. Since the environment may be potentially hostile and contain malicious opponents, it is crucial to define frameworks to enforce secure interoperability. By secure interoperability we mean the property that two or more entities need to possess in order to communicate or exchange information even though they have different security policies. The workshop tries to answer to the issue of how models and techniques can help users to insure secure interoperability between heterogeneous systems. At the same time, the workshop tries to understand how to solve the challenging secure interoperability issue given that checking the secure of a system alone is already a fundamentally critical task, by providing new models and techniques to insure interoperability such as testing, formal models, and monitoring techniques. The objective of this workshop is to share ideas, methods, techniques, and tools about secure interoperability to improve the state of the art. In addition to scientific paper presentations, we intend to have one or two keynotes describing ongoing activities in the related areas and demonstrations of some innovative security testing tools.<br>1 Topics of Interest<br>The goal of STAM workshop is to bring together security practitioners and researchers to exchange ideas, perspectives on problems, and solutions. Papers proposing novel models, methods, and algorithms are welcomed as well as papers reporting experiences on the application of existing methods on case studies and industrial examples, and research project success stories.<br>The topics of interest include but are not restricted to:<br>Secure interoperability for multi–cloud systems.<br>Secure multi–cloud collaboration.<br>Formals models for secure interoperability.<br>Access control policies for secure interoperability.<br>Security interoperability requirements definition and modelling.<br>Runtime monitoring of secure interoperability of relevant applications.<br>Ontologies for secure interoperability.<br>Techniques to validate secure interoperability.<br>Comparisons between security–by–design and formal approaches.<br>Testing techniques for secure interoperability.<br>Secure interoperability testing automation.<br>Regression testing for security interoperability.<br>Robustness and fault tolerance to attacks.<br>Test–driven diagnosis of security interoperability weaknesses.<br>Fuzz testing for secure interoperability.<br>Application of mutation techniques to security interoperability.<br>Trust and privacy in secure interoperability.<br>Secure interoperability in Cloud–based environments.<br>Security testing & monitoring in multi–cloud environments.<br>Tools for security interoperability.<br>Industrial experience reports.<br>Project success stories.<br>
Abbrevation
STAM
City
Toulouse
Country
France
Deadline Paper
Start Date
End Date
Abstract