- From: Ian B. Jacobs <ij@w3.org>
- Date: Tue, 30 Sep 2008 14:51:53 +0000
- To: public-new-work@w3.org
Hello, I am pleased to announce the: W3C Workshop on Security for Access to Device APIs from the Web 10-11 December 2008 in London, UK Hosted by Vodafone Call for Participation: http://www.w3.org/2008/security-ws/ The goal of this workshop is to bring together people from a wide variety of backgrounds (API designers, security experts, usability experts, ...) to discuss the security challenges involved in allowing Web applications and wigets to access the APIs that allow to control these features, and to advise the W3C on appropriate next steps for any gap that needs to be addressed with new technical work. The Workshop is being chaired by Nick Allot (OMTP), and Thomas Roessler (W3C). If you are interested in serving on the Program Committee, please contact Dominique Hazaƫl-Massieux <dom@w3.org>. =============== Important Dates =============== 30 September: Call for Participation issued 30 October: Deadline for position papers 17 November: Acceptance notification sent 20 November: Program released 25 November: Deadline for Registration 10-11 December: Workshop Registration details and information about expected audience are in the Call for Participation. Please note that: - Attendance is open to everyone, including non-W3C Members, but each organization or individual wishing to participate must submit a position paper. - To ensure maximum diversity among participants, a limit may be imposed on the maximum number of participants per organization. - There is no registration fee. ===================== Scope of the Workshop ===================== The Workshop will focus on these areas: * Existing frameworks on desktop and mobile platforms to regulate security policies for specific APIs, * Similarities and differences of the security approaches in desktop and mobile platforms, in a browser and in a widgets environment, * Usability of security relevant user interactions; issues and opportunities in the mobile environment, * Safe language and API subsets, and models for application use of such subsets, * Policy based trust delegation mechanisms, * Reducing the attack surface exposed by Web page scripts * Role of authentication of users and applications in securing API access, * Increasing awareness of good security practices for Web applications, * Usability of security and privacy policies, We expect the discussions at this workshop to be relevant to the following Working Groups: * Web Applications Working Group * Geolocation Working Group * Ubiquitous Web Applications Working Group * HTML Working Group * Web Security Context Working Group -- Ian Jacobs (ij@w3.org) http://www.w3.org/People/Jacobs/ Tel: +1 718 260-9447
Received on Tuesday, 30 September 2008 14:53:17 UTC