Committees

The Workshop on Web Applications and Secure Hardware

John Lyle

Shamal Faily

Marcel Winandy

marcel.winandy@trust.rub.de 1

Workshop Overview

0 Department of Computer Science, University of Oxford , UK 1 Horst Gortz Institute for IT-Security, Ruhr-University Bochum , Germany

Web browsers are becoming the platform of choice for applications that need to work across a wide range of di erent devices, including mobile phones, tablets, PCs, TVs and in-car systems. However, for web applications which require a higher level of assurance, such as online banking, mobile payment, and media distribution (DRM), there are signi cant security and privacy challenges. A potential solution to some of these problems can be found in the use of secure hardware { such as TPMs, ARM TrustZone, virtualisation and secure elements { but these are rarely accessible to web applications or used by web browsers. The First Workshop on Web Applications and Secure Hardware (WASH'13) focused on how secure hardware could be used to enhance web applications and web browsers to provide functionality such as credential storage, attestation and secure execution. This included challenges in compatibility (supporting the same security features despite di erent user hardware) as well as multi-device scenarios where a device with hardware mechanisms can help provide assurance for systems without. Also of interest were proposals to enhance existing security mechanisms and protocols, security models where the browser is not trusted by the web application, and enhancements to the browser itself.

Committees

We are grateful to the following people for making this workshop possible. { Andrea Atzeni (Politecnico di Torino) { Andrew Martin (University of Oxford ) { Chris Mitchell (Royal Holloway) { John Lyle (University of Oxford) { Jun Ho Huh (University of Illinois at Urbana-Champaign) { Kevin Jones (EADS Innovation Works, UK) { Marcel Winandy (Ruhr-University Bochum) { Marcos Caceres (Data.Driven) { Michael LeMay (Intel, USA) { Nick Allott (Nquiringminds) { Ronald Togl (TU Graz) { Shamal Faily (University of Oxford) { Virginie Galindo (Gemalto)

Additional Reviewers

{ Andrew Paverd (University of Oxford) { Atanas Filyanov (Ruhr-University Bochum) { Justin King-Lacroix (University of Oxford)

Local Organisation Review Process

{ Michael Huth, Imperial College London Every submitted paper received at least three reviews from quali ed academic reviewers. The acceptance rate was 43%.