Harvard University
2nd Workshop on Socio-Technical Aspects in Security and Trust
Harvard University, Cambridge, MA, USA

Co-located with
25th IEEE Computer Security Foundations Symposium (CSF)

Important Dates

    Papers due:
    15 April 2012
    23 April 2012 (extended)
  • Notification:
    18 May 2012
  • Pre-proceeding version due:
    23 June 2012
  • Final version due:
    13 July 2012
    (after the workshop)
  • Workshop:
    29 June 2012

Other Editions

STAST 2011:

STAST 2013:

STAST 2014:

Supported by








Proc. of 2nd Int. Worshop on Socio-Technical Aspects in Security and Trust (STAST)

G. Bella and G. Lenzini (eds.), IEEE, 2012
are now available at IEEEXlplore digital library
IEEE Catalog Number CFP1270P-CDR (ISBN-13: 978-0-7695-4822-7)


Due to the huge yet increasing number of people carrying out sensitive Internet transactions, security threats hardly ever reduce to sheer technical threats at present. Rather, they are socio-technical, as they come from adversaries who combine social engineering practices with technical skills to circumvent the defenses of information systems, often by exploiting the users' ill-understanding of security mechanisms, of poorly designed user interfaces, and of unusable security policies. Humans obviously cannot be treated as machines, as they take actions that may seem irrational although they are perfectly justifiable from a cognitive and a social perspective. Computer security hence appears to acquire more and more the facets of an interdisciplinary science with roots in both interpretive and positivist research traditions.


The workshop intends to foster an interdisciplinary discussion on how to model and analyse the socio-technical aspects of modern security systems and on how to protect such systems from socio-technical threats and attacks. It aims to stimulate an active exchange of ideas and experiences from different communities of researchers in order to identify weaknesses potentially emerging from poor usability designs and policies, from social engineering, and from deficiencies hidden in flawed interfaces and implementations. It will bring together experts in computer security and in cognitive, social, and behavioral sciences; it will collect the state of the art, identify open and emerging problems, and propose future research directions.


STAST2012 is a one day workshop.


Supported by the National Research Fund Luxembourg C11/IS1183245/STAST.