SECURECLOUD 2012 - SecureCloud 2012

Website cloudsecurityalliance.org/events/securecloud-2012 | Edit Freely

Category SECURECLOUD 2012

Deadline: January 20, 2012 | Date: May 09, 2012-May 10, 2012

Venue/Country: Frankfurt, Germany

Updated: 2011-12-09 20:12:47 (GMT+9)

Call For Papers - CFP

Proposals should be submitted according to the guidelines below. They can be submitted using the form on the Proposal Submission tab on this page.

Topics of interest

We encourage proposals for presentations, panels, or sessions on topics including but not limited to:

Legal and policy aspects of cloud computing security

Legal:

Implications and interpretation of relevant current legislation.

Potential changes in European data protection law and their implications for cloud computing and vice-versa.Implications of forthcoming changes in cybercrime law for cloud computing and vice versa.

Accountability and personal data processing.

Law enforcement and forensics in cloud environments.

Cloud computing agreements (comparison).

Liability regimes in cloud environments and their implications for information security.

Procurement and contractual guidelines to enhance security (for govs, and SMEs for example).

Coping with international differences in relevant data protection and privacy regulations.

Legal impact/value of certification frameworks for cloud computing.

Identity and access management in the cloud: legal aspects.

Cloud-centric regulatory compliance issues and mechanisms

Policy:

Incident and data breach reporting schemes for cloud computing

Security aspects of cloud computing as a policy tool ? e.g. business incubator clouds.

European or global cloud computing strategy.

The role of cloud computing in the context of CIP (Critical Infrastructure Protection) and CIIP (Critical Information Infrastructure Protection).

Cloud computing as a tool in resilient architectures, disaster and incident response and recovery including mutual assistance schemes using cloud computing.

The role of cloud computing in supporting social aspects of disaster recovery.

Managing security benefits and risks of cloud computing

Higher assurance cloud computing:

High assurance requirements and cloud technology for implementing them.

Setting security parameters in cloud SLAs and monitoring them.

Flexible and tiered levels of security and their pricing models (pay security as you go).

A comparison of different security classification regimes e.g. flexible vs tiered/predefined security levels.

Governance and assurance processes:

Governance, assurance, maturity and certification frameworks for cloud computing

Assurance across the cloud supply chain

Security policy enforcement and security testing in the cloud.

Data classification in cloud computing

Cloud computing security and resilience metrics

Business continuity and resilience for cloud computing customers

Security of cloud technologies:

Security of virtualisation

Secure computation in an outsourced environment

Security for emerging cloud programming models and PaaS

User interface and client-side risks and their mitigation

Security technologies:

Edge networks and client-based cloud applications

Identity, credential, key, and access management in cloud computing

Trust and policy management in clouds

Network security (DOS, IDS etc.) mechanisms for cloud contexts

End-to-end security and data confidentiality for customers (from the cloud to thin clients such as smartphones, tablets).

Security technologies and services in the cloud (HSM's, web filters, firewalls, IDSs etc.).

The use of trusted computing modules in clouds.

Trusted computing aspects

Standards to enhance cloud security, reduce lock-in and improve business continuity.

Other cloud computing risks and their mitigation