Friday, December 4, 2009

OWASP AppSec Research 2010 2nd Call for Papers

Submission is now open for the upcoming OWASP AppSec Research conference, June 21-24, 2010 in Stockholm, Sweden.

Types of Submission

  1. Publish or Perish. Peer-reviewed 12 page papers to be published in formal proceedings by Springer-Verlag (Lecture Notes in Computer Science, LNCS). Presentation slides and video takes will be posted on the OWASP wiki after the conference.
  2. Demo or Die. A demo proposal should consist of a pdf with a 1 page abstract summarizing the matter proposed by the speaker(s) and 1 page containing demo screenshot(s). Presentation slides and video takes will be posted on the OWASP wiki after the conference.
  3. Present or Repent. A presentation proposal should consist of a 2 page extended abstract representing the essential matter proposed by the speaker(s). Presentation slides and video takes will be posted on the OWASP wiki after the conference.
Topics of Interest

We encourage the publication and presentation of new tools, new methods, empirical data, novel ideas, and lessons learned in the following areas:

• Web application security
• Security aspects of new/emerging web technologies/paradigms (mashups, web 2.0, offline support, etc)
• Security in web services, REST, and service oriented architectures
• Security in cloud-based services
• Security of frameworks (Struts, Spring, ASP.Net MVC etc)
• New security features in platforms or languages
• Next-generation browser security
• Security for the mobile web
• Secure application development (methods, processes etc)
• Threat modeling of applications
• Vulnerability analysis (code review, pentest, static analysis etc)
• Countermeasures for application vulnerabilities
• Metrics for application security
• Application security awareness and education

Full instructions can be found on the conference webpage,_Sweden#tab=CFP. If you have any questions regarding submissions etc, please email

Important Dates
Submission deadline: February 7th 23:59 (Apia, Samoa time).
Decision notification: April 7th
Conference: June 21st - 24th

Program Committee

• John Wilander, Omegapoint and Linköping University (chair)
• Alan Davidson, Stockholm University/Royal Institute of Technology (co-host)
• Lieven Desmet, Katholieke Universiteit Leuven
• Úlfar Erlingsson, Reykjavík University and Microsoft Research
• Martin Johns, University of Passau
• Christoph Kern, Google
• Engin Kirda, Institute Eurecom
• Ulf Lindqvist, SRI International
• Benjamin Livshits, Microsoft Research
• Sergio Maffeis, Imperial College London
• John Mitchell, Stanford University
• William Robertson, UC Berkeley
• Andrei Sabelfeld, Chalmers UT


The Open Web Application Security Project (OWASP) is an open community dedicated to enabling organizations to develop, purchase, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security. We advocate approaching application security as a people, process, and technology problem because the most effective approaches to application security include improvements in all of these areas. We can be found at

Kate Hartmann
OWASP Operations Director
9175 Guilford Road
Suite 300
Columbia, MD 21046

Skype: kate.hartmann1

No comments: