Cipher
Calls for Papers



IEEE Computer Society's Technical Committee on Security and Privacy


 

Last Modified:04/06/15

Note: Please send new calls to cipher-cfp@ieee-security.org and take a moment to read the submission guidelines. And please see the Cipher Calendar for events sorted in date order. For all other questions, please contact cipher-cfp@ieee-security.org by email.

Contents

 

Special Issues of Journals and Handbooks


Elsevier Future Generation Computer Systems, Special Issue on Cloud Cryptography: State of the Art and Recent Advances. (Submission Due 1 May 2015) [posted here 01/19/15]
Editors: Kim-Kwang Raymond Choo (University of South Australia, Australia), Josep Domingo-Ferrer (Universitat Rovira i Virgili, Catalonia), and Lei Zhang (East China Normal University, China)

Cloud computing is widely used by organisations and individuals. Despite the popularity of cloud computing, cloud security is still an area needing further research. A particularly promising approach to achieve security in this new computing paradigm is through cryptography, but traditional cryptographic techniques are not entirely suitable for cloud implementation due to computational efficiency limitations and other constraints. This special issue is dedicated to providing both scientists and practitioners with a forum to present their recent research on the use of novel cryptography techniques to improve the security of the underlying cloud architecture or ecosystem, particularly research that integrates both theory and practice. For example, how do we design an efficient cloud cryptography system that offers enhanced security without compromising on usability and performance? An efficient fully homomorphic encryption scheme might be an option. Such a scheme should guarantee that the cloud service provider is unable to view the content of the data he stores (thereby ensuring data confidentiality to users). However, sufficiently efficient fully homomorphic encryption is not yet available. We encourage authors to be exploratory in their submissions – that is, to report on advances beyond the state of the art in research and development of cryptographic techniques that result in secure and efficient means of ensuring security and privacy of cloud data. Topics of interest include but are not limited to:
- Anonymity
- Access control
- Cloud key agreement
- Distributed authentication and authority
- Implementation of cryptographic schemes
- Homomorphic encryption
- Multi-cloud security
- Privacy-preserving provisioning
- Remote proofs of storage
- Searchable encryption
- Secure computation

For more information, please see http://www.journals.elsevier.com/future-generation-computer-systems/call-for-papers/special-issue-on-cloud-cryptography-state-of-the-art-and-rec/.

IEICE Transactions on Information and Systems, Special Issue on Information and Communication System Security. (Submission Due 22 May 2015) [posted here 01/19/15]
Editors: Toshihiro Yamauchi (Okayama University, Japan), Yasunori Ishihara (Osaka University, Japan), and Atsushi Kanai (Hosei University, Japan).

The major topics include, but are not limited to:
- Security Technologies on AdHoc Network, P2P, Sensor Network, RFID, Wireless Network, Mobile Network, Home Network, Cloud, and SNS
- Access Control, Content Security, DRM, CDN, Privacy Protection, E-Commerce, PKI, Security Architecture, Security Protocol, Security Implementation, Technologies, Secure OS, Security Evaluation/Authentication

For more information, please see http://www.ieice.org/~icss/index.en.html.

IEEE Transactions on Services Computing, Special Issue on Security and Dependability of Cloud Systems and Services. (Submission Due 31 May 2015) [posted here 02/16/15]
Editors: Marco Vieira (University of Coimbra, Portugal) and Stefano Russo (Università di Napoli Federico II, Italy).

Service-based cloud systems are being used in business-, mission- and safety-critical scenarios to achieve operational goals. Their characteristics of complexity, heterogeneity, and fast-changing dynamics bring difficult challenges to the research and industry communities. Among them, security and dependability (Sec. & Dep.) have been widely identified as increasingly relevant issues. Crucial aspects to be addressed include: metrics, techniques and tools for assessing Sec. & Dep.; modeling and evaluation of the impact of accidental and malicious threats; failure and recovery analysis; Sec. & Dep. testing, testbeds, benchmarks; infrastructure interdependencies, interoperability in presence of Sec. & Dep. guarantees. The objective of this Special Issue is to bring together sound original contributions from researchers and practitioners on methodologies, techniques and tools to assess or improve the security and dependability of cloud systems and services. Suggested topics include, but are not limited to:
- Design, deployment and management of secure and dependable cloud systems and services
- Secure and dependable Service-Oriented Architecture (SOA)
- Secure and dependable Big Data services
- Specification and design methodologies (e.g., model-driven, component-based)
- Modeling and simulation of security and dependability of cloud systems and services
- Metrics for quantifying services dependability and security
- Dependability and security benchmarking of cloud systems
- Verification and validation (V&V) for dependability and security evaluation of services
- Formal verification, testing, analytical and experimental evaluation of services
- Off-line versus on-line dependability and security services assessment
- Protocols and network technologies for dependable and secure mobile cloud applications
- Virtualization for dependable cloud networks
- Future Internet architectures and protocols for mobile cloud computing
- Design and use of supporting tools for creating dependable and secure services
- Case studies illustrating challenges and solutions in designing secure and dependable cloud systems and services

For more information, please see http://www.computer.org/cms/Computer.org/transactions/cfps/cfp_tscsi_sdcss.pdf.

Journal of Computer and System Sciences, Special Issue on Cyber Security in the Critical Infrastructure: Advances and Future Directions. (Submission Due 31 August 2015) [posted here 02/02/15]
Editors: Jemal Abawajy (Deakin University, Australia), Kim-Kwang Raymond Choo (University of South Australia, Australia), and Rafiqul Islam (Charles Sturt University, Australia).

This special issue invites original research papers that reports on state-of-the-art and recent advancements in securing our critical infrastructure and cyberspace, with a particular emphasis on novel techniques to build resilient critical information infrastructure. Topics of interest include but are not limited to:
- Cyber security mitigation techniques for critical infrastructures such as banking and finance, communications, emergency services, energy, food chain, health, mass gatherings, transport and water
- Cyber threat modelling and analysis
- Cyber forensics
- Visual analytics and risk management techniques for cyber security
- Cyber security test beds, tools, and methodologies

For more information, please see http://www.journals.elsevier.com/journal-of-computer-and-system-sciences/call-for-papers/cyber-security-in-the-critical-infrastructure-advances-and-f/.

Conference and Workshop Call-for-papers

April 2015

WISTP 2015 9th WISTP International Conference on Information Security Theory and Practice, Crete, Greece, August 24-25, 2015. (Submission Due 10 April 2015) [posted here 02/23/15]
Future ICT technologies, such as the concepts of Ambient Intelligence, Cyber-physical Systems, and Internet of Things provide a vision of the Information Society in which: a) people and physical systems are surrounded with intelligent interactive interfaces and objects, and b) environments are capable of recognising and reacting to the presence of different individuals or events in a seamless, unobtrusive, and invisible manner. The success of future ICT technologies will depend on how secure these systems are and to what extent they protect the privacy of individuals and individuals trust them. In 2007, Workshop in Information Security Theory and Practice (WISTP) was created as a forum for bringing together researchers and practitioners in related areas and to encourage interchange and cooperation between the research community and the industrial/consumer community. Based on the growing interest of the participants, 2015 edition is becoming a conference - The 9th WISTP International Conference on Information Security Theory and Practice (WISTP'2015). WISTP 2015 seeks original submissions from academia and industry presenting novel research on all theoretical and practical aspects of security and privacy, as well as experimental studies of fielded systems, the application of security technology, the implementation of systems, and lessons learned. We encourage submissions from other communities such as law, business, and policy that present these communities' perspectives on technological issues. Topics of interest include, but are not limited to:
- Security and Privacy in Smart Devices
- Security and Privacy in Networks
- Security and Privacy in Architectures, Protocols, Policies, Systems and Applications

For more information, please see http://www.wistp.org.

FCS 2015 Workshop on Foundations of Computer Security, Held in conjunction with IEEE CSF 2015, Verona, Italy, July 13, 2015. (Submission Due 10 April 2015) [posted here 03/02/15]
Computer security is an established field of both theoretical and practical significance. In recent years, there has been sustained interest in the formal foundations of methods used in computer security. The aim of the FCS 2015 workshop is to provide a forum for continued activity in this area. The scope of FCS 2015 includes, but is not limited to, the formal specification, analysis, and design of cryptographic protocols and their applications; the formal definition of various aspects of security such as access control mechanisms, mobile code security and denial-of-service attacks; the modelling of information flow and its application to confidentiality policies, system composition, and covert channel analysis. We are interested both in new theoretical results in computer security and also in more exploratory presentations that examine open questions and raise fundamental concerns about existing theories, as well as in new results on developing and applying automated reasoning techniques and tools for the formal specification and analysis of security protocols. We thus solicit submission of papers both on mature work and on work in progress. Please note that FCS has no published proceedings. Presenting a paper at the workshop should not preclude submission to or publication in other venues. Papers presented at the workshop will be made publicly available, but this will not constitute an official proceedings.

For more information, please see http://software.imdea.org/~bkoepf/FCS15/.

PTDCS 2015 Workshop on Privacy by Transparency in Data-Centric Services, Held in conjunction with the 18th International Conference on Business Information Systems (BIS 2015), Poznan, Poland, June 24-26, 2015. (Submission Due 12 April 2015) [posted here 02/02/15]
Big Data has developed into a key factor of the economy that benefits users and providers of data-centric services. However, the analysis of growing volumes of users data in data-centric services also presents significant privacy challenges. The objective of this workshop is to bring researchers and practitioners together to explore transparency-based mechanisms, such as dashboards, economic explanations of the use of privacy and value of data, as well as user behavior. In particular, the goal of this workshop is to set thematic milestones for the technical development of transparency mechanisms on the one hand, and on the other, trace ways in which technical progress, users and industry could profit from transparency. A major focus will be set on Transparency-Enhancing Technologies (TET) and, in particular, Privacy Dashboards. Topics of interest include, but are not limited to:
- Accountability in Data-Centric Services
- Economics of TET
- Privacy Dashboards
- Privacy Economics
- Privacy Policy Specification and Negotiation
- Privacy in Socio-Technical Systems
- Privacy-Enabled Business Models
- Requirements for TET
- Transparent Behavioral Targeting
- Transparent Usage Control

For more information, please see http://bis.kie.ue.poznan.pl/bis2015/workshops/ptdcs-2015/.

SPE 2015 IEEE 5th International Workshop on Security and Privacy Engineering, Co-located with 11th IEEE World Congress on Services (SERVICES 2015), New York, NY, USA, June 27 - July 2, 2015. (Submission Due 14 April 2015) [posted here 02/23/15]
Built upon the success of spectrum of conferences within the IEEE World Congress on Services and the Security and Privacy Engineering workshop, IEEE Security and Privacy Engineering (SPE 2015) theme is a unique place to exchange ideas of engineering secure systems in the context of service computing, cloud computing, and big data analytics. The emphasis on engineering in security and privacy of services differentiates the theme from other traditional prestigious security and privacy workshops, symposiums, and conferences. The practicality and value realization are examined by practitioners from leading industries as well as scientists from academia. In line with the engineering spirit, we solicit original papers presenting real solutions and visions on building secure service systems that can be applied to government procurement, digital medical records, cloud environments, social networking for business purposes, multimedia application, mobile commerce, education, and the like. Potential contributions could cover, but are not limited to, methodologies, protocols, tools, or verification and validation techniques. We also welcome review papers that analyze critically the status of current Security and Privacy (S&P) in a specific area. Papers from practitioners who encounter security and privacy problems and seek understanding are also welcome. Topics of interests of SPE 2015 include, but are not limited to:
- S&P Engineering of Service-Based Applications
- Security Engineering of Service Compositions
- Practical Approaches to Security Engineering of Services
- Privacy-Aware Service Engineering
- Industrial and Real Use Cases in S&P Engineering of (Cloud) Services
- S&P Engineering of Cloud Services
- Auditing and Assessment
- Assurance and Certification
- Cloud Transparency
- Security Management and Governance
- Privacy Enforcement in Clouds and Services
- Cybersecurity Issues of Clouds and Services
- Validation and Verification of S&P in Clouds and Services
- Applied Cryptography for S&P in Clouds and Services
- S&P Testing in Clouds and Services
- Security and Privacy Modeling
- Socio-Economics and Compliance
- Education and Awareness
- Big Data S&P Engineering
- Mobile Cloud S&P Engineering
- S&P Engineering into futuristic blue skies

For more information, please see http://sesar.di.unimi.it/SPE2015/.

Globecom-CISS 2015 IEEE Globecom 2015, Communication & Information System Security Symposium, San Diego, CA, USA, December 6-10, 2015. (Submission Due 15 April 2015) [posted here 02/09/15]
As communication and information systems become more indispensable to the society, their security has also become extremely critical. This symposium welcomes manuscripts on all aspects of the modeling, design, implementation, deployment, and management of security algorithms, protocols, architectures, and systems. Furthermore, contributions devoted to the evaluation, optimization, or enhancement of security and privacy mechanisms for current technologies, as well as devising efficient security and privacy solutions for emerging areas, from physical-layer technology up to cyber security, are solicited. The Communication & Information Systems Security Symposium seeks original contributions in the following topical areas, plus others that are not explicitly listed but are closely related:
- Anonymous communication, metrics and performance
- Attack, detection and prevention
- Authentication protocols and key management
- Availability and survivability of secure services and systems
- Biometric security: technologies, risks, vulnerabilities, bio-cryptography, mobile template protection
- Cloud, data center and distributed systems security
- Computer and network forensics
- Cryptography for network security
- Cyber security
- Digital rights management
- Firewall technologies
- Formal trust models, security modeling, and design of secure protocols
- Information systems security and security management
- Internet security and privacy
- Malware detection and damage recovery
- Network security metrics and performance
- Operating systems and application security
- Physical security and hardware/software security
- Post-quantum network security
- Privacy and privacy-enhancing technologies
- Security and privacy for mobile and wireless networks
- Security for cloud computing and networking
- Security for mobile and wireless networks
- Security for next-generation networks
- Security in virtual machine environments
- Security tools for communication and information systems
- Trustworthy computing
- Wired systems and optical network security

For more information, please see http://globecom2015.ieee-globecom.org/sites/globecom2015.ieee-globecom.org/files/u42/GC15_TPC_CFP_CISS_-_Communication_&_Information_System_Security.pdf.

NSS 2015 9th International Conference on Network and System Security, New York City, NY, USA, November 3-5, 2015. (Submission Due 15 April 2015) [posted here 01/05/15]
NSS is an annual international conference covering research in network and system security. The conference seeks submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of network security, privacy, applications security, and system security. Papers describing case studies, implementation experiences, and lessons learned are also encouraged. Topics of interest include but are not limited to:
- Active Defense Systems
- Adaptive Defense Systems
- Applied Cryptography
- Analysis, Benchmark of Security Systems
- Authentication
- Biometric Security
- Complex Systems Security
- Database and System Security
- Data Protection
- Data/System Integrity
- Distributed Access Control
- Distributed Attack Systems
- Denial-of-Service
- High Performance Network Virtualization
- Hardware Security
- High Performance Security Systems
- Identity Management
- Intelligent Defense Systems
- Insider Threats
- Intellectual Property Rights Protection
- Internet and Network Forensics
- Intrusion Detection and Prevention
- Key Distribution and Management
- Large-scale Attacks and Defense
- Malware
- Network Resiliency
- Network Security
- RFID Security and Privacy
- Security Architectures
- Security for Critical Infrastructures
- Security in P2P systems
- Security in Cloud and Grid Systems
- Security in E-Commerce
- Security in Pervasive/Ubiquitous Computing
- Security and Privacy in Smart Grid
- Security and Privacy in Wireless Networks
- Security Policy
- Secure Mobile Agents and Mobile Code
- Security Theory and Tools
- Standards and Assurance Methods
- Trusted Computing
- Trust Management
- World Wide Web Security

For more information, please see http://anss.org.au/nss2015/index.htm.

NSPW 2015 New Security Paradigms Workshop () , Twente, The Netherlands, September 8-11, 2015. (Submission Due 18 April 2015) [posted here 03/23/15]
Since 1992, the New Security Paradigms Workshop (NSPW) has offered a unique forum for computer security/information security research involving high-risk, high-opportunity paradigms, perspectives and positions. NSPW seeks embryonic, disruptive, and unconventional ideas that bene?t from early feedback. The ideas are almost always not yet proven, and sometimes infeasible to validate to the extent expected in traditional forums. Submissions typically address current limitations of computer/information security, directly challenge long-held beliefs or the very foundations of security, or view problems from an entirely novel angle leading to new solution paradigms. NSPW seeks ideas pushing the boundaries of science and engineering beyond what would typically be considered mainstream; papers that would be strong candidates in "conventional" computer/information security venues are, as a rule of thumb, a poor ?t for NSPW. We welcome papers with perspectives that augment traditional computer/information security, both from other computer science disciplines and other sciences that study adversarial relationships (e.g., biology, economics, the social sciences). For NSPW 2015, we especially welcome papers from ?rst-time NSPW authors. The workshop itself is highly interactive with presentations by authors prepared for in-depth discussions, and ample opportunity to exchange views with open-minded peers. NSPW is also distinguished by its deep-rooted tradition of positive feedback, collegiality, and encouragement.

For more information, please see http://www.nspw.org/2015/cfp.

CNS 2015 3rd IEEE Conference on Communications and Network Security, Florence, Italy, September 28-30, 2015. (Submission Due 24 April 2015) [posted here 01/19/15]
IEEE Conference on Communications and Network Security (CNS) is a new conference series in IEEE Communications Society (ComSoc) core conference portfolio and the only ComSoc conference focusing solely on cyber security. IEEE CNS is also a spin-off of IEEE INFOCOM, the premier ComSoc conference on networking. The goal of CNS is to provide an outstanding forum for cyber security researchers, practitioners, policy makers, and users to exchange ideas, techniques and tools, raise awareness, and share experience related to all practical and theoretical aspects of communications and network security. Building on the success of the past two years' conferences, IEEE CNS 2015 seeks original high-quality technical papers from academia, government, and industry. Topics of interest encompass all practical and theoretical aspects of communications and network security, all the way from the physical layer to the various network layers to the variety of applications reliant on a secure communication substrate. Submissions with main contribution in other areas, such as information security, software security, system security, or applied cryptography, will also be considered if a clear connection to secure communications/networking is demonstrated. Particular topics of interest include, but are not limited to:
- Anonymization and privacy in communication systems
- Biometric authentication and identity management
- Computer and network forensics
- Data and application security
- Data protection and integrity
- Availability of communications, survivability of networks in the presence of attacks
- Key management and PKI for networks
- Information-theoretic security
- Intrusion detection and prevention
- Location privacy
- Mobile security
- Outsourcing of network and data communication services
- Physical layer security methods, cross-layer methods for enhancing security
- Secure routing, network management
- Security for critical infrastructures
- Security metrics and performance evaluation
- Security and privacy for big data
- Security and privacy in body area networks
- Security and privacy in content delivery network
- Security and privacy in cloud computing and federated cloud
- Security and privacy in crowdsourcing
- Security and privacy in the Internet of Things
- Security and privacy in multihop wireless networks: ad hoc, mesh, sensor, vehicular and RFID networks
- Security and privacy in peer-to-peer networks and overlay networks
- Security and privacy in single-hop wireless networks: Wi-Fi, Wi-Max
- Security and privacy in smart grid, cognitive radio networks, and disruption/delay tolerant networks
- Security and privacy in social networks
- Security and privacy in pervasive and ubiquitous computing
- Social, economic and policy issues of trust, security and privacy
- Traffic analysis
- Usable security for networked computer systems
- Vulnerability, exploitation tools, malware, botnet, DDoS attacks
- Web, e-commerce, m-commerce, and e-mail security

For more information, please see http://cns2015.ieee-cns.org/.

ISC 2015 18th Information Security Conference, Trondheim, Norway, September 9-11, 2015. (Submission Due 27 April 2015) [posted here 03/23/15]
The Information Security Conference (ISC), which started as a workshop (ISW) in 1997,is a well-established and highly reputable international conference that is held yearly. It has been held in five different continents. The conference seeks submissions on novel theoretical and practical results in:
- access control
- accountability
- anonymity and pseudonymity
- applied cryptography
- authentication
- biometrics
- computer forensics
- critical infrastructure security
- cryptographic protocols
- database security
- data protection
- data/system integrity
- digital right management
- economics of security and privacy
- electronic frauds
- embedded security
- formal methods in security
- identity management
- information dissemination control
- information hiding & watermarking
- intrusion detection
- network security
- peer-to-peer security
- privacy
- secure group communications
- security in information flow
- security for Internet of Things
- security for mobile code
- secure cloud computing
- security in location services
- security modelling & architectures
- security and privacy in social networks
- security and privacy in pervasive and ubiquitous computing
- security of eCommerce, eBusiness and eGovernment
- security models for ambient intelligence environments
- trust models and trust policies

For more information, please see http://isc2015.item.ntnu.no.

May 2015

TRUST 2015 8th International Conference on Trust & Trustworthy Computing, Heraklion, Crete, Greece, August 24-26, 2015. (Submission Due 7 May 2015) [posted here 03/30/15]
TRUST 2015 is an international conference on the technical and socio-economic aspects of trustworthy infrastructures. It provides an excellent interdisciplinary forum for researchers, practitioners, and decision makers to explore new ideas and discuss experiences in building, designing, using and understanding trustworthy computing systems.TRUST 2015 solicits original papers on any aspect (technical, social or socio-economic) of the design, application and usage of trusted and trustworthy computing. Papers can address design, application and usage of trusted and trustworthy computing in a broad range of concepts including, but not limited to, trustworthy infrastructures, cloud computing, services, hardware, software and protocols.

For more information, please see http://www.ics.forth.gr/trust2015/.

SPeH 2015 IEEE International Workshop on Security and Privacy in eHealthcare, Held in conjunction with the 40th IEEE Conference on Local Networks (LCN), Clearwater, Florida, USA, October 26-29, 2015. (Submission Due 9 May 2015) [posted here 03/23/15]
The First IEEE International Workshop on Security and Privacy in eHealthcare (SPeH 2015) will address research in security and privacy of applications and tools in eHealthcare and provide a unique forum to present and discuss the key issues and innovative solutions to address the security and privacy concerns in eHealthcare. The major focus of the workshop will include, but not limited to the following:
- Authentication in wireless body networks
- Secure wireless network communication
- Data security and privacy in eHealthcare
- Secure connectivity in wearable devices
- eHealthcare security challenges in cloud
- Trustworthy wearable sensing devices

For more information, please see http://csusap.csu.edu.au/~tzia/SPeH.htm.

CRITIS 2015 10th International Conference on Critical Information Infrastructures Security, Berlin, Germany, October 5-7, 2015. (Submission Due 10 May 2015) [posted here 03/09/15]
CRITIS 2015 has four foci. Topic category 1, Resilience and protection of cyber-physical systems, covers advances in the classical CIIP sectors telecommunication, cyber systems and electricity infrastructures. Topic category 2 focuses on advances in C(I)IP policies and best practices in C(I)IP specifically from stakeholders' perspectives. In topic category 3, general advances in C(I)IP, we are explicitly inviting contributions from additional infrastructure sectors like energy, transport, and smart built infrastructure) and cover also cross-sector CI(I)P aspects. In 2013, the CRITIS series of conferences has started to foster contributions from young experts and researchers ("Young CRITIS"), and in 2014 this has been reinforced by the first edition of the CIPRNet Young CRITIS Award (CYCA). We will continue both activities at CRITIS 2015, since our demanding multi-disciplinary field of research requires open-minded talents.

For more information, please see http://www.critis2015.org.

ACM-CCS 2015 22nd ACM Conference on Computer and Communications Security, Denver, Colorado, USA, October 12-16, 2015. (Submission Due 15 May 2015) [posted here 02/02/15]
The ACM Conference on Computer and Communications Security (CCS) is the flagship annual conference of the Special Interest Group on Security, Audit and Control (SIGSAC) of the Association for Computing Machinery (ACM). The conference brings together information security researchers, practitioners, developers, and users from all over the world to explore cutting-edge ideas and results. It provides an environment to conduct intellectual discussions. From its inception, CCS has established itself as a high standard research conference in its area.

For more information, please see http://www.sigsac.org/ccs/CCS2015.

June 2015

DPM 2015 10th International Workshop on Data Privacy Management, Co-located with ESORICS 2015, Vienna, Austria, September 21-22, 2015. (Submission Due 1 June 2015) [posted here 04/06/15]
Organizations are increasingly concerned about the privacy of information that they manage (several people have filed lawsuits against organizations violating the privacy of customer's data). Thus, the management of privacy-sensitive information is very critical and important for every organization. This poses several challenging problems, such as how to translate the high-level business goals into system-level privacy policies, administration of privacy-sensitive data, privacy data integration and engineering, privacy access control mechanisms, information-oriented security, and query execution on privacy-sensitive data for partial answers. The aim of this workshop is to discuss and exchange the ideas related to privacy data management. We invite papers from researchers and practitioners working in privacy, security, trustworthy data systems and related areas to submit their original papers in this workshop.

For more information, please see http://deic.uab.cat/conferences/dpm/dpm2015/.

FPS 2015 8th International Symposium on Foundations & Practice of Security, Clermont-Ferrand, France, October 26-28, 2015. (Submission Due 14 June 2015) [posted here 03/23/15]
This conference, the 8th in an annual series, provides a forum for researchers world-wide working in security, privacy, trustworthy data systems and related areas. The aim of FPS is to discuss and exchange theoretical and practical ideas that address security issues in inter-connected systems. It aims to provide scientific presentations as well as to establish links, promote scientific collaboration, joint research programs, and student exchanges between institutions involved in this important and fast moving research field. We also invite papers from researchers and practitioners working in security, privacy, trustworthy data systems and related areas to submit their original papers. The main topics, but not limited to, include:
- Computer and Network Security
- Formal foundations in Information or Operational Security
- Security of Service Oriented Architectures
- Information Theoretic Security
- Security of Cloud Computing
- Security Management and Security Policies
- Policy-based Security Architectures
- Security of P2P systems
- Security & Privacy on Social Networks
- Access Control Languages
- Data Mining & Watermarking
- Cryptography & Cryptanalysis
- Threat Analysis and Trust Management
- Privacy & Sensitive Data Management
- Policy-based Distributed Information Systems
- Security in Sensor Networks and RFIDs
- Security of Cloud Computing, Grid Computing
- Security of Distributed Embedded Middleware
- Distributed Security Protocols & Policies
- Security and Privacy in Digital Currencies
- Malware, Botnet and Advanced Persistent Threats
- Code Reverse Engineering and Vulnerability Exploitation
- Side Channel & Physical Attacks
- Social Engineering

For more information, please see http://confiance-numerique.clermont-universite.fr/fps2015/.

CANS 2015 14th International Conference on Cryptology and Network Security, Morocco, Marrakesh, December 8-12, 2015. (Submission Due 19 June 2015) [posted here 03/30/15]
Papers offering novel research contributions are solicited. The conference focus is on original, high-quality, unpublished research and implementation results. Especially encouraged are submissions of papers suggesting novel paradigms, original directions, or non-traditional perspectives. Also of particular interest this year are papers on network security, from modeling, measurement, engineering, and attack perspectives. Submitted papers must not substantially overlap with papers that have been published or that are submitted in parallel to a journal or a conference with formally published proceedings. Topics of Interest:
- Access Control for Networks
- Adware, Malware, and Spyware
- Anonymity & Pseudonymity
- Authentication, Identification
- Cloud Security
- Cryptographic Algorithms & Protocols
- Denial of Service Protection
- Embedded System Security
- Identity & Trust Management
- Internet Security
- Key Management
- Mobile Code Security
- Multicast Security
- Network Security
- Peer-to-Peer Security
- Security Architectures
- Security in Social Networks
- Sensor Network Security
- Virtual Private Networks
- Wireless and Mobile Security

For more information, please see http://www.cans2015.org/.

WISA 2015 16th International Workshop on Information Security Applications, Jeju Island, Korea, August 20-22, 2015. (Submission Due 20 June 2015) [posted here 04/06/15]
The primary focus of WISA 2015 is on systems and network security, and the secondary focus is on all other technical and practical aspects of security applications. The workshop will serve as a forum for new results from the academic research community as well as from the industry. The areas of interest include, but are not limited to:
- Analysis of network and security protocols
- Applications of cryptographic techniques
- Automated tools for source code/binary analysis
- Critical infrastructure security
- Digital Forensics
- Exploit techniques and automation
- HCI security and privacy
- Malware analysis
- Network-based attacks
- Operating system security
- Security policy
- Storage and file system security
- Trustworthy computing
- Web security
- Anonymity and censorship-resistant technologies
- Authentication and authorization
- Botnet defense
- Denial-of-service attacks and countermeasures
- Embedded systems security
- Hardware and physical security
- Intrusion detection and prevention
- Mobile/wireless/cellular system security
- Network infrastructure security
- Practical cryptanalysis (hardware, DRM, etc.)
- Side channel attacks and countermeasures
- Techniques for developing secure systems
- Vulnerability research

For more information, please see http://www.wisa.or.kr.

C&TC 2015 5th International Symposium on Cloud Computing, Trusted Computing and Secure Virtual Infrastructures -- Cloud and Trusted Computing, Rhodes, Greece, October 26-28, 2015. (Submission Due 23 June 2015) [posted here 03/30/15]
Current and future software needs to remain focused towards the development and deployment of large and complex intelligent and networked information systems, required for internet-based and intranet-based systems in organizations. Today software covers a very wide range of application domains as well as technology and research issues. This has found realization through Cloud Computing. Vital element in such networked information systems are the notions of trust, security, privacy and risk management. The conference solicits submissions from both academia and industry presenting novel research in the context of Cloud Computing, presenting theoretical and practical approaches to cloud trust, security, privacy and risk management. The conference will provide a special focus on the intersection between cloud and trust bringing together experts from the two communities to discuss on the vital issues of trust, security, privacy and risk management in Cloud Computing. Potential contributions could cover new approaches, methodologies, protocols, tools, or verification and validation techniques. We also welcome review papers that analyze critically the current status of trust, security, privacy and risk management in the cloud. Papers from practitioners who encounter trust, security, privacy and risk management problems and seek understanding are also welcome.

For more information, please see http://www.onthemove-conferences.org/index.php/cloud-trust-15.

July 2015

ICISS 2015 11th International Conference on Information Systems Security, Kolkata, India, December 16-20, 2015. (Submission Due 29 July 2015) [posted here 02/02/15]
The conference series ICISS (International Conference on Information Systems Security), held annually, provides a forum for disseminating latest research results in information and systems security. ICISS 2015, the eleventh conference in this series, will be held under the aegis of the Society for Research in Information Security and Privacy (SRISP). Submissions are encouraged from academia, industry and government, addressing theoretical and practical problems in information and systems security and related areas. Topics of interest include but are not limited to:
- Access and Usage Control
- Application Security
- Authentication and Audit
- Biometric Security
- Cloud Security
- Cryptographic Protocols
- Cyber-physical Systems Security
- Data Security and Privacy
- Digital Forensics
- Digital Rights Management
- Distributed Systems Security
- Formal Models in Security
- Identity Management
- Intrusion Detection and Prevention
- Intrusion Tolerance and Recovery
- Key Management
- Language-based Security
- Malware Analysis and Mitigation
- Network Security
- Operating Systems Security
- Privacy and Anonymity
- Secure Data Streams
- Security and Usability
- Security Testing
- Sensor and Ad Hoc Network Security
- Smartphone Security
- Software Security
- Usable Security
- Vulnerability Detection and Mitigation
- Web Security

For more information, please see http://www.iciss.org.in.

August 2015
September 2015
October 2015

PQCrypto 2016 7th International Conference on Post-Quantum Cryptography, Fukuoka, Japan, February 24-26, 2016. (Submission Due 7 October 2015) [posted here 03/23/15]
The aim of PQCrypto is to serve as a forum for researchers to present results and exchange ideas on the topic of cryptography in an era with large-scale quantum computers. The conference will be preceded by a winter school on February 22-23, 2016. Original research papers on all technical aspects of cryptographic research related to post-quantum cryptography are solicited. The topics include (but are not restricted to):
- Cryptosystems that have the potential to be safe against quantum computers such as: hash-based signature schemes, lattice-based cryptosystems, code-based cryptosystems, multivariate cryptosystems and quantum cryptographic schemes;
- Classical and quantum attacks including side-channel attacks on post-quantum cryptosystems;
- Security models for the post-quantum era.

For more information, please see https://pqcrypto2016.jp/.

November 2015

Archival Journals Regularly Specializing in Security and Privacy

Journal of Privacy Technology (JOPT),   Editor-in-Chief:  Latanya Sweeney
This online-only Journal, started in 2004 and  operated by Carnegie Mellon University, is a forum for the publication of original current research in privacy technology. It encourages the submission of any material dealing primarily with the technological aspects of privacy or with the privacy aspects of technology, which may include analysis of the interaction between policy and technology or the technological implications of legal decisions.  More information can be found at http://www.jopt.org/.

IEEE Security and Privacy Magazine,   Editor-in-Chief: Shari Lawrence Pfleeger
IEEE Security & Privacy provides a unique combination of research articles, case studies, tutorials, and regular departments covering diverse aspects of information assurance such as legal and ethical issues, privacy concerns, tools to help secure information, analysis of vulnerabilities and attacks, trends and new developments, pedagogical and curricular issues in educating the next generation of security professionals, secure operating systems and applications, security issues in wireless networks, design and test strategies for secure and survivable systems, and cryptology.  More information can be found at http://www.computer.org/portal/web/computingnow/securityandprivacy.

ACM Transactions on Information and System Security,   Editor-in-Chief: Gene Tsudik
ACM invites submissions for its Transactions on Information and System Security, inaugurated in November 1998. TISSEC publishes original archival-quality research papers and technical notes in all areas of information and system security including technologies, systems, applications, and policies. Papers should have practical relevance to the construction, evaluation, application, or operation of secure systems. Theoretical papers will be accepted only if there is convincing argument for the practical significance of the results. Theory must be justified by convincing examples illustrating its application. More information is given on the journal web page at http://www.acm.org/tissec.

IEEE Transactions on Dependable and Secure Computing,   Editor-in-Chief: Ravi Sandhu
The IEEE Transactions on Dependable and Secure Computing publishes archival research results related to research into foundations, methodologies, and mechanisms that support the achievement—through design, modeling, and evaluation—of systems and networks that are dependable and secure to the desired degree without compromising performance. The focus will also include measurement, modeling, and simulation techniques, and foundations for jointly evaluating, verifying, and designing for performance, security, and dependability constraints. More information is given on the journal web page at http://www.computer.org/portal/web/tdsc.

The Springer Series on ADVANCES IN INFORMATION SECURITY
The purpose of the Advances in Information Security book series is to establish the state of the art and set the course for future research in information security. The scope of this series includes not only all aspects of computer, network security, and cryptography, but related areas, such as fault tolerance and software assurance. The series serves as a central source of reference for information security research and developments. The series aims to publish thorough and cohesive overviews on specific topics in Information Security, as well as works that are larger in scope than survey articles and that will contain more detailed background information. The series also provides a single point of coverage of advanced and timely topics and a forum for topics that may not have reached a level of maturity to warrant a comprehensive textbook. Prospective Authors or Editors: If you have an idea for a book that would fit in this series, we would welcome the opportunity to review your proposal. Should you wish to discuss any potential project further or receive specific information regarding book proposal requirements, please contact Professor Sushil Jajodia (jajodia@gmu.edu,703-993-1653).
 
Journal of Computer Security,   Editor-in-Chief: John Mitchell and Pierangela Samarati
JCS is an archival research journal for significant advances in computer security. Subject areas include architecture, operating systems, database systems, networks, authentication, distributed systems, formal models, verification, algorithms, mechanisms, and policies. All papers must be submitted online at http://www.iospress.nl/journal/journal-of-computer-security/. More information is given on the journal web page at http://jcs.stanford.edu/.
 
Computers & Security,   Editor-in-Chief: Eugene H. Spafford
Computers & Security aims to satisfy the needs of managers and experts involved in computer security by providing a blend of research developments, innovations, and practical management advice. Original submissions on all computer security topics are invited, particularly those of practical benefit to the practitioner. All papers must be submitted online at http://ees.elsevier.com/cose/. More information can be found at http://www.elsevier.com/locate/issn/01674048.
 
International Journal of Information Security,   Editors-in-Chief: D. Gollmann; J. Lopez; E. Okamoto
The International Journal of Information Security, IJIS, aims to provide prompt publication of important technical work in information security, attracting any person interested in communications, commerce, banking, medicine, or other areas of endeavor affected by information security. Any research submission on theory, applications, and implementations of information security is welcomed. This includes, but is not limited to, system security, network security, content protection, applications and foundations of information security. More information is given on the journal web page at http://www.springer.com/computer/security+and+cryptology/journal/10207.
 
International Journal of Network Security,   Editors-in-Chief: Min-Shiang Hwang
International Journal of Network Security is an international official journal of Science Publications, publishing original articles, reviews and short communications of a high scientific and technology in network security. Subjects covered include: access control, computer security, cryptography, communications security, data security, database security, electronic commerce security, information security, multimedia security, and network security. Authors are strongly encouraged to submit their papers electronically by using online manuscript submission at http://ijns.nchu.edu.tw/, or submit their Word, ps or pdf file to the editor-in-chief (via Email: mshwang@isrc.nchu.edu.tw): Min-Shiang Hwang, at the Department of Management Information Systems, National Chung Hsing University, Taiwan, R.O.C.  More information can be found at http://ijns.femto.com.tw/.
 
International Journal of Security and Networks,   Editors-in-Chief: Yang Xiao
International Journal of Security and Networks is an archival research journal for significant advances in network security. Subject areas include attack models, security mechanisms, security services, authentication, authorization, access control, multicast security, data confidentiality, data integrity, non-repudiation, forensics, privacy protection, secure protocols, formal analyses, intrusion detection, key management, trust establishment, revocation of malicious parties, security policies, fraudulent usage, dependability and reliability, prevention of traffic analysis, network security performance evaluation, tradeoff analysis between performance and security, security standards, etc. All papers must be submitted online at http://www.inderscience.com/ijsn/. More information is given on the journal web page at http://www.inderscience.com/ijsn/.
 
International Journal of Critical Infrastructure Protection,   Editors-in-Chief: Sujeet Shenoi
International Journal of Critical Infrastructure Protection's primary aim is to publish high quality scientific and policy papers in all areas of critical infrastructure protection. Of particular interest are articles that weave science, technology and policy to craft sophisticated yet practical solutions that will secure information, computer and network assets in the various critical infrastructure sectors. All papers must be submitted online at http://www.elsevier.com/locate/ijcip. More information is given on the journal web page at http://www.elsevier.com/locate/ijcip.
 
IEEE Transactions on Information Forensics and Security,   Editors-in-Chief: C.-C. Jay Kuo
IEEE Transactions on Information Forensics and Security aims to provide a unified locus for archival research on the fundamental contributions and the mathematics behind information forensics, information security, surveillance, and systems applications that incorporate these features. Authors are strongly encouraged to submit their papers electronically to the online manuscript system, Manuscript Central, via sps-ieee.manuscriptcentral.com.  More information can be found at http://www.ieee.org/organizations/society/sp/tifs.html.
 
EURASIP Journal on Information Security,   Editors-in-Chief: Stefan Katzenbeisser
EURASIP Journal on Information Security aims to bring together researchers and practitioners dealing with the general field of information security, with a particular emphasis on the use of signal processing tools in adversarial environments. As such, it addresses all works whereby security is achieved through a combination of techniques from cryptography, computer security, machine learning and multimedia signal processing. Application domains lie, for example, in secure storage, retrieval and tracking of multimedia data, secure outsourcing of computations, forgery detection of multimedia data, or secure use of biometrics. The journal also welcomes survey papers that give the reader a gentle introduction to one of the topics covered as well as papers that report large-scale experimental evaluations of existing techniques. Pure cryptographic papers are outside the scope of the journal. The journal also welcomes proposals for Special Issues. All papers must be submitted online at http://jis.eurasipjournals.com/manuscript.  More information can be found at http://jis.eurasipjournals.com.