Fwd: [Soups-announce] Workshop on Insecure Interfaces @ SOUPS 2014, July 9-11, 2014, Menlo Park, CA

7 views
Skip to first unread message

Mark S. Miller

unread,
May 10, 2014, 11:44:30 AM5/10/14
to General discussions concerning capability systems., Belay


---------- Forwarded message ----------
From: Busch Marc <Marc....@ait.ac.at>
Date: Thu, May 8, 2014 at 8:59 AM
Subject: [Soups-announce] Workshop on Insecure Interfaces @ SOUPS 2014, July 9-11, 2014, Menlo Park, CA
To: "soups-a...@mailman.srv.cs.cmu.edu" <soups-a...@mailman.srv.cs.cmu.edu>


[Apologies for cross-posting]

 

-----------------------------------

+++ CALL FOR PAPERS +++

 

* Workshop on Insecure Interfaces – Learning from User Interfaces that lead to Circumvention of Organizational Information Security Policies (http://cups.cs.cmu.edu/soups/2014/workshops/insecure.html)

 

* Co-located at SOUPS 2014 – July 9-11, 2014, Menlo Park, CA (http://cups.cs.cmu.edu/soups/2014/)

 

-----------------------------------

 

IMPORTANT DATES

 

* Submission deadline: May 15, 2014

* Notification of acceptance: May 30, 2014

* Camera-ready submission deadline: June 13, 2014

 

 

SCOPE AND FOCUS

We aim to bring together researchers and practitioners from different disciplines to create, explore, evaluate, and discuss cases for weaknesses in organizational security resulting from user interface and usability considerations. From these cases, we will derive anti-patterns, anti-guidelines, and anti-heuristics to apply the “learn from mistakes” approach, which can lead to better UI design practice in the area of corporate information security.

 

Employee compliance with information security policies is critical for companies. Breaches of information security caused by employees can have a range of negative consequences. Critical and sensitive information may be compromised, potentially harming customers and employees, benefitting competitors, inviting legal and regulatory challenges, and damaging the reputation of the company.

 

In the realm of information security policies, it is typically advocated that all business information technology be designed in a way that enables and promotes employee compliance with the employer’s information security policies. User Interfaces play a critical role in communicating security policies and ensuring employee compliance.

This workshop, however, turns this design practice around. Similar to the previous workshop “A Turn for the Worse: Trustbusters for User Interfaces” at SOUPS 2013, we aim to “learn from mistakes” and will explore examples of user interfaces in enterprise systems that lead employees to circumvent security policies and undermine the company’s information security. A deeper understanding of factors that underlie circumvention and non-compliance with official security guidance can then be applied to “make interfaces better”.

 

 

SUBMISSIONS

We invite original papers in PDF format describing/providing examples in which security is undermined by interface and usability aspects, including:

 

* a position, research, or anecdotal paper on use of a design that leads to circumvention of corporate security policies,

* screenshots of design(s) leading to circumvention of official security policies, or

* videos or audio material that demonstrate how interface design and usability aspects could weaken corporate information security.

 

Papers should use the SOUPS formatting template (LaTeX or MS Word). Submissions should be 2 to 4 pages in length, excluding appendices. The paper should be self-contained without requiring readers to read the appendices. The appendices need not conform to the formatting template. Submissions should not be anonymized. Supplemental material such as screenshots and videos should be made available in downloadable format. Accepted submissions will not be considered archival. Authors may choose whether to include the full paper or only the abstract on the Workshop Web site.

Inquiries can be emailed to: marc....@ait.ac.at

 

Please email submissions to: marc....@ait.ac.at (Note: There is a 10MB size limit on email attachments; for larger submissions, please provide a link to downloadable content.)

 

 

ORGANIZERS

Marc Busch & Christina Hochleitner

AIT Austrian Institute of Technology GmbH, marc....@ait.ac.at & christina....@ait.ac.at

&

CURE – Center for Usability Research & Engineering

(busch,hochleitner)@cure.at

 

Manfred Tscheligi

ICT&S Center, University of Salzburg, manfred....@sbg.ac.at

&

AIT Austrian Institute of Technology GmbH, manfred....@ait.ac.at

 

Sameer Patil

Helsinki Institute for Information Technology HIIT / Aalto University

sameer...@hiit.fi

 

Jean Camp

School of Informatics and Computing, Indiana University

ljc...@indiana.edu

 

 

MARC BUSCH
Scientist

Innovation Systems Department
Business Unit Technology Experience

AIT Austrian Institute of Technology GmbH
Business Park Marximum

Modecenterstrasse 17/Object 2 | 1110 Vienna | Austria
T +43 50550-4535 | M +43 664 88964935 | F +43 50550-4599
marc....@ait.ac.at | http://www.ait.ac.at

FN: 115980 i HG Wien  |  UID: ATU14703506
www.ait.ac.at/Email-Disclaimer

 

 


_______________________________________________
Soups-announce mailing list
Soups-a...@mailman.srv.cs.cmu.edu
https://mailman.srv.cs.cmu.edu/mailman/listinfo/soups-announce



--
    Cheers,
    --MarkM
Reply all
Reply to author
Forward
0 new messages