
* **********************************************************
*                   9th Int. Workshop on
*       Socio-Technical Aspects in Security (STAST)
*           	     http://stast.uni.lu
*                   26 September 2019
* ----------------------------------------------------------
*                    Affiliated with
* the European Symposium on Research in Computer Security
*                     (ESORICS 2019)
*                 Luxembourg City, Luxembourg
* **********************************************************

The workshop on Socio-Technical Aspects in Security
runs this year its 9th edition. 

IMPORTANT DATES
----------------
Full Paper (extended): July 10, 2019, 23:59, AoE (= UTC-12)
Notification:	        August 10, 2019
Camera Ready:	        August 16, 2019

SUBMISSION
----------
We accept

(1) Full Papers; 
(2) Position Papers; 
(3) Case Studies;
(4) Work in Progress.

For more details, please visit our web page:
http://stast.uni.lu

CONCEPT AND GOAL
----------------
Successful attacks on information systems often combine social engineering
practices with technical skills.  Research in social sciences and usable
security has demonstrated that insecure behavior can be justified from
cognitive, emotional, and social perspectives and to improve security,
technology must adapt to the users.  However, finding the right balance between
the technical and the social security measures remains largely unexplored,
which motivates the need for this workshop. There is no established holistic
research in security, and the respective communities tend to offload on each
other parts of problems that they consider to be out of scope, an attitude that
results in deficient or unsuitable security solutions.

The workshop intends to stimulate an exchange of ideas and experiences on how
to design systems that are secure in the real world where they interact with
non-expert users. It aims at bringing together experts in various areas of
computer security and in social and behavioral sciences.

PROCEEDINGS
-----------
Accepted papers will be published as post-proceedings with Springer in their
Lecture Notes in Computer Science series (final approval pending).

WORKSHOP TOPICS
--------------
* Usability and user experience in security 
* Requirements for socio-technical systems
* Feasibility of policies from the socio-technical perspective
* Threat models that combine technical and human-centered strategies
* Socio-technical factors in decision making in security and privacy
* Balance between technical measures and social strategies 
* Studies of real-world security incidents from a socio-technical perspective
* Social factors in organizations security policies and processes
* Lessons from design and deployment of security mechanisms and policies
* Models of user behaviour and user interactions with technology
* Perceptions of security, risk, and trust and their influence on humans
* Interplay of law, ethics and politics with security and privacy measures
* Social engineering, persuasion, and other deception techniques
* Socio-technical analysis of security incidents
* Strategies, methodology and guidelines cyber-security intelligence analysis

We welcome qualitative and quantitative research approaches from academia and industry

PROGRAM COMMITTEE
-----------------
(see web page)

KEYNOTE SPEAKER 
-----------------
Sascha Fahl (Leibniz University Hannover)

ORGANIZING COMMITTEE
--------------------
** Programme Chair
Theo Tryfonas (University of Bristol)
Thomas Gross (Newcastle University)

** Workshop Organizers
Giampaolo Bella (University of Catania)
Gabriele Lenzini (University of Luxembourg)

** Website and Publicity Chairs
Itzel Vazquez Sandoval (University of Luxembourg)
Borce Stojkovski (University of Luxembourg)