1st OAuth Security Workshop
University of Trier
Trier, Germany
July 14-15, 2016
Workshop website: https://infsec.uni-trier.de/events/osw2016
The OAuth Security Workshop (OSW) brings together the IETF OAuth Working Group and security experts from research, industry, and standardization to improve the security of OAuth and related Internet protocols. The workshop is hosted by the Chair for Information Security and Cryptography at the University of Trier.
While the standardization process of OAuth ensures extensive reviews (both security and non-security related), further analysis by security experts from academia and industry is essential to ensure high quality specifications. Contributions to this workshop can help to improve the security of the Web and the Internet.
We seek position papers related to OAuth, OpenID Connect, and other technologies using OAuth under the hood. Contributions regarding technologies that are used in OAuth, such as JOSE, or impact the security of OAuth, such as Web technology, are also welcome.
We welcome position papers that describe existing work, raise new requirements, highlight challenges, write-ups of implementation and deployment experience, lessons-learned from successful or failed attempts, and ideas on how to improve OAuth and OAuth extensions.
Position papers submitted to the OAuth Security Workshop may report on (unpublished) work in progress, be submitted to other places, and may even have already appeared or been accepted elsewhere.
Submissions must be in PDF format and should feature reasonable margins and formatting. There is no page limit, but the submission should be brief (ideally not more than 3-5 pages). Submissions should not be anonymized.
One of the authors of the accepted position paper is expected to present the paper at the workshop.
All presentations and papers will be put online but there will be no formal proceedings. Authors of accepted papers will have the option to revise their papers before they are put online.
The workshop will have no expectation of IPR disclosure or licensing related to its submissions. Authors are responsible for obtaining appropriate publication clearances.