2nd International Workshop on Security Assurance in the Cloud


The ongoing merge between Service-Oriented Architectures (SOAs) and the Cloud computing paradigm provides a new environment fostering the integration of services located within company boundaries with those in the Cloud. An increasing number of organizations implement their business processes and applications via runtime composition of services made available in the Cloud by external suppliers. This scenario is changing the traditional view of security introducing new service security risks and threats, and requires re-thinking of current assurance, development, testing, and verification methodologies. In particular, security assurance in the cloud is becoming a pressing need to increase the confidence of the cloud actors that the cloud and its services are behaving as expected, and requires novel approaches addressing SOA and cloud peculiarities. IWSAC 2015 is the third edition of the International Workshop on Security Assurance in the Cloud. It aims to address the security assurance issues related to the deployment of services in the Cloud, along with evaluating their impact on traditional security solutions for software and network systems.

The workshop seeks submissions from academia and industry presenting novel research on all theoretical and practical aspects of security and assurance of services implemented in the Cloud, as well as experimental studies in Cloud infrastructures, the implementation of services, and lessons learned.

Topics for the workshop include, but are not limited to:

  • Accountability in the cloud
  • Accountability in the cloud
  • Authentication and access control in the cloud
  • Big Data for security assurance
  • Big Data analytics monitoring and testing
  • Big Data analytics verification
  • Big Data security and privacy
  • Challenges in moving critical systems to the cloud
  • Cloud audit, certification, and compliance
  • Cloud transparency, introspection, and outrospection
  • Data security and privacy in the Cloud
  • Evidence-based assurance of cloud services
  • Information assurance and trust management
  • Intrusion detection in the cloud
  • Policy compliance
  • Security assurance in the cloud
  • Security assurance for big data
  • Security and assurance protocols in the cloud
  • Security and privacy in the cloud
  • Service level agreements
  • Service procurement in the cloud
  • Verification of cloud services

General Chair

Ernesto Damiani, Universita’ degli Studi di Milano, Italy

Workshop Co-Chairs

Marco Anisetti, Universita’ degli Studi di Milano, Italy
Claudio A. Ardagna, Universita’ degli Studi di Milano, Italy
Rasool Asal, British Telecommunications, UK/UAE

Publicity Chair

Valerio Bellandi, Universita’ degli Studi di Milano, Italy

Web Chair

Fulvio Frati, Universita’ degli Studi di Milano, Italy

Program committee

Rafael Accorsi, University of Freiburg, Germany
Valerio Bellandi, Universita’ degli Studi di Milano, Italy
Michele Bezzi, SAP, France
Mauro Conti, University of Padua, Italy
Nora Cuppens-Boulahia, Telecom Bretagne, France
Ernesto Damiani, Universita’ degli Studi di Milano, Italy
Eduardo Fernandez, Florida Atlantic University, USA
Atsuhiro Goto, Institute of Information Security, Japan
Nils Gruschka, NEC Laboratories Europe, Germany
Patrick Hung, University of Ontario Institute of Technology, Canada
Meiko Jensen, Southern Denmark University, Denmark
Florian Kerschbaum, SAP, Germany
Nicolas Larrieu, ENAC, France
Antonio Mana, Universidad de Malaga, Spain
Siani Pearson, HP Labs, UK
George Spanoudakis, City University of London, UK