| |
Last Modified:01/25/10
Note: Please send new calls to
cipher-cfp@ieee-security.org and take a moment to read the
submission guidelines. And please
see the Cipher
Calendar for events sorted in date order. For all other
questions, please contact
cipher-cfp@ieee-security.org by email.
Contents
International Journal of Secure Software Engineering (IJSSE),
Special Issue on Software Safety & Dependability – the Art of Engineering
Trustworthy Software,
January 2011.
(Submission Due 1 February 2010) [posted here 10/5/09]
Guest editor: Lei Wu (University of Houston-Clear Lake, Houston, Texas, U.S.A)
and Yi Feng (Algoma University, Sault Ste. Marie, Ontario, Canada)
Software Safety is an element of the total safety program. It optimizes
system safety & dependability in the design, development, use, and maintenance
of software systems and their integration with safety critical application
systems in an operational environment. Increasing size and complexity of
software systems makes it harder to ensure their dependability. At the same
time, the issues of safety become more critical as we more and more rely on
software systems in our daily life. These trends make it necessary to support
software engineers with a set of techniques and tools for developing dependable,
trustworthy software. Software safety cannot be allowed to function
independently of the total effort. Both simple and highly integrated multiple
systems are experiencing an extraordinary growth in the use of software to
monitor and/or control safety-critical subsystems or functions. A software
specification error, design flaw, or the lack of generic safety-critical
requirements can contribute to or cause a system failure or erroneous human
decision. To achieve an acceptable level of dependability goals for software
used in critical applications, software safety engineering must be given
primary emphasis early in the requirements definition and system conceptual
design process. Safety-critical software must then receive continuous management
emphasis and engineering analysis throughout the development and operational
lifecycles of the system. In this special issue, we are seeking insights in
how we can confront the challenges of software safety & dependability
issues in developing dependable, trustworthy software systems.
Some suggested areas include, but not limited to
- Safety consistent with mission requirements
- Secure software engineering with software security & trustworthy software development
- State-of-arts literature review of technology dealing with software system security
- Identify and analysis of safety-critical functionality of complex systems
- Intrusion detection, security management , applied cryptography
- Derive hazards and design safeguards for mitigations
- Safety-Critical functions design and preliminary hazards analysis
- Identification, evaluation, and elimination techniques for hazards associated
with the system and its software, throughout the lifecycle
- Complexity of safety critical interfaces, software components
- Sound secure software engineering principles that apply to the design of the
software-user interface to minimize the probability of human error
- Failure & hazard models, including hardware, software, human and system are
addressed in the design of the software
- Software testing techniques targeting at software safety issues at
different levels of testing
For more information, please see
http://www.igi-global.com/journals/details.asp?id=34297.
Journal of Computer Security,
Special Issue on RFID System Security,
4th Quarter, 2010.
(Submission Due 22 February 2010) [posted here 11/23/09]
Guest editor: Yingjiu Li (Singapore Management University, Singapore)
and Jianying Zhou (Institute for Infocomm Research, Singapore)
Besides selected papers (after significant extensions) from the 2010 Workshop
on RFID Security (RFIDsec'10 Asia), other papers representing original research
in the theory and practice concerning RFID system security are solicited
for this special issue in Journal of Computer Security (IOS Press).
Topics of interest include, but are not limited to:
- New applications for secure RFID systems
- Data protection and privacy-enhancing techniques for RFID
- Cryptographic protocols for RFID (Authentication protocols, Key update mechanisms, Scalability issues)
- Integration of secure RFID systems (Middleware and security, Public-key infrastructures)
- Resource-efficient implementation of cryptography (Small-footprint hardware, Low-power architectures)
- Attacks on RFID systems such as RFID malwares
- RFID security hardware such as RFID with PUF
- Trust model, data protection and sharing for EPCglobal Network
For more information, please see
http://icsd.i2r.a-star.edu.sg/staff/jianying/JCS_CFP_final.pdf.
January 2010
IFIP-TC9-HCC9 2010
IFIP TC-9 HCC-9 Stream on Privacy and Surveillance,
Held in conjunction with the IFIP World Computer Congress 2010,
Brisbane, Australia, September 20-23, 2010.
(Submissions due 31 January 2010) [posted here 12/28/09]
New technical and legal developments pose greater and greater privacy
dilemmas. Governments have in the recent years increasingly established
and legalised surveillance schemes in form of data retention, communication
interception or CCTVs for the reason of fighting terrorism or serious crimes.
Surveillance Monitoring of individuals is also a threat in the private
sector: Private organisations are for instance increasingly using profiling
and data mining techniques for targeted marketing, analysing customer
buying predictions or social sorting. Work place monitoring practices
allow surveillance of employees. Emerging pervasive computing technologies,
where individuals are usually unaware of a constant data collection and
processing in their surroundings, will even heighten the problem that
individuals are effectively losing control over their personal spheres.
At a global scale, Google Earth and other corporate virtual globes may
have dramatic consequences for the tracking and sorting of individuals.
With CCTV, the controlling power of surveillance is in few hands. With
live, high resolution imagery feeds from space in the near future,
massive surveillance may soon be available to everybody, a development
whose consequences we do not yet grasp. New means of surveillance are
also enabled by social networks, in which individuals are publishing
many intimate personal details about themselves and others. Such social
networks are today already frequently analysed by employers, marketing
industry, law enforcement or social engineering. The aim of this conference
stream is to discuss and analyse such privacy risks of surveillance for
humans and society as well as countermeasures for protecting the individuals’
rights to informational self-determination from multi-disciplinary perspectives.
We are therefore especially inviting the submissions of papers addressing privacy
aspects in relation to topics such as (but not limited to):
- Surveillance technologies
- Corporate virtual globes (Google Earth and Microsoft Virtual Earth)
- Profiling & data mining
- Ambient Intelligence, RFID
- GPS, Location-Based Services
- Social Network Analysis
- ID cards
- Biometrics
- Data sharing
- Visual surveillance
- Workplace monitoring
- Communication interception
- Data retention
- Anonymity & Pseudonymity
- Privacy-enhancing technologies
- Privacy-enhancing Identity Management
For more information, please see
http://www.wcc2010.org/migrated/HCC92010/HCC92010_cfp.html.
February 2010
SADFE 2010
5th International Workshop on Systematic Approaches to Digital Forensic Engineering,
Held in conjunction with the IEEE Symposium on Security and Privacy (SP 2010),
Oakland, CA, USA, May 20, 2010.
(Submissions due 1 February 2010) [posted here 11/23/09]
The SADFE (Systematic Approaches to Digital Forensic Engineering) Workshop
promotes systematic approaches to computer investigations, by furthering
the advancement of digital forensic engineering as a disciplined
science and practice. Most previous SADFE papers have emphasized cyber
crime investigations and digital forensics tools. While these
are still key topics of the meeting, we also welcome digital
forensics papers that do not necessarily involve either crime
or digital forensics tools. General attack analysis, the insider
threat, insurance and compliance investigations, similar forms
of retrospective analysis, and digital discovery are all viable
topics. Digital forensic engineering is the application of
scientific principles to the collection and analysis of digital
artifacts, either for use within the legal system or to aid in
understanding past events with the goal of improving computer
system security.
For more information, please see
http://conf.ncku.edu.tw/sadfe/sadfe10/.
SECRYPT 2010
5th International Conference on Security and Cryptography,
Athens, Greece, July 26-28, 2010.
(Submissions due 3 February 2010) [posted here 01/12/10]
SECRYPT is an annual international conference covering research in information
and communication security. The 5th International Conference on Security
and Cryptography will be held in Athens, Greece.
The conference seeks submissions from academia, industry, and government presenting
novel research on all theoretical and practical aspects of data protection,
privacy, applications security, and cryptography. Papers describing the
application of security technology, the implementation of systems, and
lessons learned are also encouraged. Areas of interest include, but are not limited to:
- Data and Application Security and Privacy
- Access Control and Intrusion Detection
- Network Security and Protocols
- Cryptographic Techniques and Key Management
- Information Assurance
- Security in Information Systems and Software Engineering
For more information, please see
http://www.secrypt.icete.org.
D-SPAN 2010
1st International Workshop on Data Security and PrivAcy in wireless Networks,
Held in conjunction with WoWMoM 2010, Montreal, QC, Canada, June 14, 2010.
(Submissions due 4 February 2010) [posted here 12/21/09]
This workshop is focused on defining new problems and developing novel techniques
for data security and privacy issues in wireless and mobile networks. With the
emergence of data-intensive wireless networks such as wireless sensor networks
and data-centric mobile applications such as location-based services, the
traditional boundaries between these three disciplines are blurring. This
workshop solicits papers from two main categories: (1) papers that consider
the security and privacy of data collection, transmission, storage, publishing,
and sharing in wireless networks broadly defined, e.g., MANET, cellular, vehicular,
ad hoc, cognitive, as well as sensor networks, and (2) papers that use data
analytics techniques to address security and privacy problems in wireless
networks. The workshop provides a venue for researchers to present new ideas
with impact on three communities – wireless networks, databases, and security.
The list of topics includes, but not limited to:
- Fundamental theory of a security network science
- Key exchange, distribution and management in wireless networks
- Location privacy in wireless networks
- Secure data collection and aggregation for wireless sensor networks
- Secure data collection in body-area networks
- Secure data processing in mobile ad-hoc networks (MANET)
- Secure query processing over wireless sensor networks
- Security and privacy of RFID systems
- Security and privacy for data streaming
- Security for cognitive radio networks
- Tradeoffs between Security and Communication Performance
For more information, please see
http://home.gwu.edu/~nzhang10/DSPAN2010/.
ACNS 2010
8th International Conference on Applied Cryptography and Network Security,
Beijing, China, June 22-25, 2010.
(Submissions due 5 February 2010) [posted here 9/13/09]
Original papers on all aspects of applied cryptography and network security
are solicited for submission to ACNS '10. Topics of relevance include but are
not limited to:
- Applied cryptography and provably-secure cryptographic protocols
- Design and analysis of efficient cryptographic primitives: public-key
and symmetric-key cryptosystems, block ciphers, and hash functions
- Network security protocols
- Techniques for anonymity; trade-offs between anonymity and utility
- Integrating security into the next-generation Internet: DNS security,
routing, naming, denial-of-service attacks, TCP/IP, secure multicast
- Economic fraud on the Internet: phishing, pharming, spam, and click fraud
- Email and web security
- Public key infrastructure, key management, certification, and revocation
- Security and privacy for emerging technologies: sensor networks, mobile
(ad hoc) networks, peer-to-peer networks, bluetooth, 802.11, RFID
- Trust metrics and robust trust inference in distributed systems
- Security and usability
- Intellectual property protection and digital rights management
- Modeling and protocol design for rational and malicious adversaries
- Automated analysis of protocols
For more information, please see
http://www.tcgchina.org/acns2010/.
DBSec 2010
24th Annual IFIP WG 11.3 Working Conference on Data and Applications Security,
Rome, Italy, June 21-23, 2010.
(Submissions due 5 February 2010) [posted here 11/30/09]
DBSec is an annual international conference covering research in data and
applications security and privacy. The 24th Annual IFIP WG 11.3 Working
Conference on Data and Applications Security (DBSec 2010) will be held
in Rome, Italy. The conference seeks submissions from academia, industry,
and government presenting novel research on all theoretical and practical
aspects of data protection, privacy, and applications security. Topics of
interest include, but are not limited to:
- access control
- anonymity
- applied cryptography in data security
- authentication
- data and system integrity
- data protection
- database security
- digital rights management
- identity management
- intrusion detection
- knowledge discovery and privacy
- methodologies for data and application security
- network security
- organizational security
- privacy
- secure cloud computing
- secure distributed systems
- secure information integration
- secure Web services
- security and privacy in IT outsourcing
- security and privacy in location-based services
- security and privacy in P2P scenarios and social networks
- security and privacy in pervasive/ubiquitous computing
- security and privacy policies
- security management
- security metrics
- threats, vulnerabilities, and risk management
- trust and reputation systems
- trust management
- wireless and mobile security
For more information, please see
http://dbsec2010.dti.unimi.it.
DIMVA 2010
7th Conference on Detection of Intrusions and Malware & Vulnerability Assessment,
Bonn, Germany, July 8-9, 2010.
(Submissions due 5 February 2010) [posted here 11/30/09]
The annual DIMVA conference serves as a premier forum for advancing
the state of the art in intrusion detection, malware detection, and
vulnerability assessment. DIMVA’s scope includes, but is not restricted
to the following areas:
Intrusion Detection
- Novel approaches & new environments
- Insider detection
- Prevention and response
- Data leakage
- Result correlation & cooperation
- Evasion attacks
- Potentials & limitations
- Operational experiences
- Privacy, legal & social aspects
Malware
- Automated analysis, reversing & execution tracing
- Containment & sandboxed operation
- Acquisition of specimen
- Infiltration
- Behavioral models
- Prevention & containment
- Trends & upcoming risks
- Forensics & recovery
- Economic aspects
Vulnerability Assessment
- Vulnerability detection & analysis
- Vulnerability prevention
- Web application security
- Fuzzing techniques
- Classification & evaluation
- Situational awareness
For more information, please see
http://www.dimva.org/dimva2010.
USENIX-Security 2010
19th USENIX Security Symposium,
Washington, DC, USA, August 11–13, 2010.
(Submissions due 5 February 2010) [posted here 12/7/09]
The USENIX Security Symposium brings together researchers, practitioners,
system administrators, system programmers, and others interested in
the latest advances in the security of computer systems
and networks. All researchers are encouraged to submit papers covering
novel and scientifically significant practical works in security
or applied cryptography.
For more information, please see
http://www.usenix.org/events/sec10/cfp/.
EuroSec 2010
European Workshop on System Security,
Held in conjunction with the Annual ACM SIGOPS EuroSys conference,
Paris, France, April 13, 2010.
(Submissions due 7 February 2010) [posted here 11/30/09]
The workshop aims to bring together researchers, practitioners, system
administrators, system programmers, and others interested in the
latest advances in the security of computer systems and networks.
The focus of the workshop is on novel, practical, systems-oriented
work. EuroSec seeks contributions on all aspects of systems security.
Topics of interest include (but are not limited to):
- Operating systems security
- Web/network/distributed systems security
- New attacks and evasion techniques
- Hardware architectures
- Trusted computing and its applications
- Identity management, anonymity
- Small trusted computing bases
- Mobile systems security
- Measuring security
- Malicious code analysis and detection
- Systems-based forensics
- Systems work on fighting spam/phishing
For more information, please see
http://www.iseclab.org/eurosec-2010/.
OWASP-AppSec-Research 2010
OWASP AppSec Research 2010,
Stockholm, Sweden, June 21-24, 2010.
(Submissions due 7 February 2010) [posted here 12/14/09]
OWASP AppSec Research focuses on web application security and invites
both academia and industry. The conference features a full-paper research
track published by Springer-Verlag (LNCS) as well as industry talks and
demos. OWASP (the Open Web Application Security Project) is an open community
dedicated to enabling organizations to develop, purchase, and maintain
applications that can be trusted. We encourage the publication and presentation
of new tools, new methods, empirical data, novel ideas, and lessons
learned in the following areas:
- Web application security
- Security aspects of new/emerging web technologies/paradigms
(mashups, web 2.0, offline support, etc)
- Security in web services, REST, and service oriented architectures
- Security in cloud-based services
- Security of frameworks (Struts, Spring, ASP.Net MVC etc)
- New security features in platforms or languages
- Next-generation browser security
- Security for the mobile web
- Secure application development (methods, processes etc)
- Threat modeling of applications
- Vulnerability analysis (code review, pentest, static analysis etc)
- Countermeasures for application vulnerabilities
- Metrics for application security
- Application security awareness and education
For more information, please see
http://www.owasp.org/index.php/OWASP_AppSec_Research_2010_-_Stockholm,_Sweden.
POLICY 2010
IEEE International Symposium on Policies for Distributed Systems and Networks,
Fairfax, Virginia, USA, July 21-23, 2010.
(Submissions due 8 February 2010) [posted here 01/11/10]
The symposium brings together researchers and practitioners working on policy-based
systems across a range of application areas including policy-based networking,
privacy and security management, storage area networking, and enterprise systems.
POLICY 2010 has grown out of a highly successful series of workshops and this is
recognized by the elevation of the event to an IEEE symposium.
POLICY 2010 invites novel contributions on all aspects of policy-based management.
Topics of interest include (but are not limited to):
- Privacy and Security
- Policy Models and Languages
- Policy Applications
For more information, please see
http://www.ieee-policy.org.
SHPCS 2010
5th Workshop on Security and High Performance Computing Systems,
Held in conjunction with the 6th International Wireless Communications
and Mobile Computing Conference (IWCMC 2010),
Caen, Normandy, France, June 28 - July 2, 2010.
(Submissions due 15 February 2010) [posted here 12/28/09]
Providing high performance computing and security is a challenging task.
Internet, operating systems and distributed environments currently suffer
from poor security support and cannot resist common attacks. Adding
security measures typically degrade performance. This workshop addresses
relationships between security and high performance computing systems
in three directions. First, it considers how to add security properties
(authentication, confidentiality, integrity, non-repudiation, access
control) to high performance computing systems. In this case, safety properties can
also be addressed, such as availability and fault tolerance for high performance
computing systems. Second, it covers how to use high performance computing systems to solve
security problems. For instance, a grid computation can break an encryption code,
or a cluster can support high performance intrusion detection.
More generally, this topic addresses every efficient use of a high performance
computing systems to improve security. Third, it investigates the tradeoffs
between maintaining high performance and achieving security in computing systems
and solutions to balance the two objectives. In all these directions, various
performance analyses or monitoring techniques can be conducted to show the
efficiency of a security infrastructure. The workshop seeks submissions from academia
and industry presenting novel research on all theoretical and practical aspects of
computer and network security, as well as case studies and implementation experiences.
Papers should have practical relevance to the construction, evaluation, application,
or operation of secure systems. The Workshop topics include (but are not limited to)
the following:
- Access Control
- Accounting and Audit
- Anonymity
- Applied Cryptography
- Authentication
- Cloud Security
- Commercial and Industry Security
- Cryptographic Protocols
- Data and Application Security
- Data/System Integrity
- Database Security
- Digital Rights Management
- Formal Verification of Secure Systems
- Identity Management
- Inference/Controlled Disclosure
- Information Warfare
- Intellectual Property Protection
- Intrusion and Attack Detection
- Intrusion and Attack Response
- Key Management
- Privacy-Enhancing Technology
- Secure Networking
- Secure System Design
- Security Monitoring & Management
- Security for Mobile Code
- Security for Specific Domains (e.g., E-Government, E-Business, P2P)
- Security in IT Outsourcing
- Security in Mobile and Wireless Networks
- Security in Untrusted & Adversarial Environments and Systems
- Security in Operating Systems
- Security Location Services
- Security of Grid and Cluster Architectures
- Security Visualization
- Smartcards
- Trust Management Policies
- Trust Models
- Web Security
- Web Services Security
For more information, please see
http://leibniz.diiga.univpm.it/~spalazzi/caen/.
ICDCS-SPCC 2010
1st International Workshop on Security and Privacy in Cloud Computing,
Held in conjunction with the IEEE International Conference on Distributed
Computing Systems (ICDCS 2010),
Genoa, Italy, June 25, 2010.
(Submissions due 22 February 2010) [posted here 01/12/10]
Cloud computing has recently emerged as a new information technology infrastructure.
In cloud computing, information is permanently stored in large data centers on
the Internet and temporarily accessed and cached on clients that include
desktops and portable PCs, sensors, etc. With the "cloud" as a metaphor for
the Internet, cloud computing promises to deliver massively scalable IT-enabled
data, software, and hardware capabilities as a service to external clients using
Internet technologies. Cloud computing has been envisioned as the key technology
to achieve economies of scale in the deployment and operation of IT solutions.
Cloud computing has unique attributes that raise many security and privacy
challenges in areas such as data security, recovery, and privacy, as well as
legal issues in areas such as regulatory compliance and auditing. In contrast
to traditional enterprise IT solutions, where the IT services are under proper
physical, logical and personnel controls, cloud computing moves the application
software and databases to the servers in large data centers on the Internet,
where the management of the data and services are not fully trustworthy. When
clients store their data on the server without themselves possessing a copy of it,
how the integrity of the data can be ensured if the server is not fully trustworthy?
Will encryption solve the data confidentiality problem of sensitive data? How
will encryption affect dynamic data operations such as query, insertion,
modification, and deletion? Data in the cloud is typically in a shared environment
alongside data from other clients. How the data segregation should be done, while
data are stored, executed, and transmitted? How the virtulized resources is
being managed and secured in the cloud? Due to the fundamental paradigm shift
in cloud computing, many security concerns have to be better understood,
unanticipated vulnerabilities identified, and viable solutions to critical
threats devised, before the wide deployment of cloud computing techniques
can take place. Topics of interests include (but are not limited to) the
following subject categories:
- Secure management of virtualized cloud resources
- Secure network architecture for cloud computing
- Joint security and privacy aware cloud protocol design
- Access control and key management
- Trust and policy management in clouds
- Identification and privacy in cloud
- Remote data integrity protection
- Secure computation outsourcing
- Dynamic data operation security
- Software and data segregation security
- Failure detection and prediction
- Secure data management within and across data centers
- Availability, recovery and auditing
- Secure wireless cloud
For more information, please see
http://www.ece.iit.edu/~ubisec/workshop.htm.
WEIS 2010
9th Workshop on the Economics of Information Security,
Harvard University, Cambridge, MA, USA, June 7-8, 2010.
(Submissions due 22 February 2010) [posted here 11/9/09]
The Workshop on the Economics of Information Security (WEIS) is the leading
forum for interdisciplinary scholarship on information security, combining
expertise from the fields of economics, social science, business, law, policy
and computer science. Prior workshops have explored the role of incentives between
attackers and defenders, identified market failures dogging Internet security, and
assessed investments in cyber-defense. This workshop will build on past efforts using
empirical and analytic tools to not only understand threats, but also strengthen
security through novel evaluations of available solutions. How should information
risk be modeled given the constraints of rare incidence and high interdependence?
How do individuals’ and organizations’ perceptions of privacy and security color
their decision making? How can we move towards a more secure information
infrastructure and code base while accounting for the incentives of stakeholders?
We encourage economists, computer scientists, business school researchers, legal
scholars, security and privacy specialists, as well as industry experts to submit
their research and attend the workshop.
Suggested topics include (but are not limited to) empirical and theoretical studies of:
- Optimal investment in information security
- Online crime (including botnets, phishing and spam)
- Models and analysis of online crime
- Risk management and cyberinsurance
- Security standards and regulation
- Cybersecurity policy
- Privacy, confidentiality and anonymity
- Behavioral security and privacy
- Security models and metrics
- Psychology of risk and security
- Vulnerability discovery, disclosure, and patching
- Cyberwar strategy and game theory
- Incentives for information sharing and cooperation
For more information, please see
http://weis2010.econinfosec.org/cfp.html.
LEET 2010
3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats: Botnets, Spyware, Worms, and More,
Held in conjunction with the 7th USENIX Symposium on Networked Systems Design and Implementation (NSDI 2010),
San Jose, CA, USA, April 27, 2010.
(Submissions due 25 February 2010) [posted here 9/21/09]
LEET aims to provide a unique forum for the discussion of threats to the confidentiality
of our data, the integrity of digital transactions, and the dependability of the
technologies we increasingly rely on. We encourage submissions of papers that focus
on the malicious activities themselves (e.g., reconnaissance, exploitation, privilege
escalation, rootkit installation, attack), our responses as defenders (e.g., prevention,
detection, and mitigation), or the social, political, and economic goals driving these
malicious activities and the legal and ethical codes guiding our defensive responses.
Topics of interest include but are not limited to:
- Infection vectors for malware (worms, viruses, etc.)
- Botnets, command, and control channels
- Spyware
- Operational experience
- Forensics
- Click fraud
- Measurement studies
- New threats and related challenges
- Boutique and targeted malware
- Phishing
- Spam
- Underground markets
- Carding and identity theft
- Miscreant counterintelligence
- Denial-of-service attacks
- Hardware vulnerabilities
- Legal issues
- The arms race (rootkits, anti–anti-virus, etc.)
- New platforms (cellular networks, wireless networks, mobile devices)
- Camouflage and detection
- Reverse engineering
- Vulnerability markets and zero-day economics
- Online money laundering
- Understanding the enemy
- Data collection challenges
For more information, please see
http://www.usenix.org/events/leet10/cfp/.
TSP 2010
3rd IEEE International Symposium on Trust, Security and Privacy for Emerging Applications,
Bradford, UK, June 29-July 1, 2010.
(Submissions due 26 February 2010) [posted here 11/23/09]
Satisfying user requirements for trust, security and privacy in an efficient
way is one of the first considerations for almost all emerging applications,
using emerging technologies such as pervasive computing, peer to peer
computing, grid computing, cloud computing, virtualization and, mobile
and wireless technologies. Challenges arise as emerging applications
evolve to provide more scalable and comprehensive services. One of
the biggest challenges is that traditional security technologies and
measures may not meet user requirements in open, dynamic, heterogeneous,
and distributed computing environments. Therefore, we need to build
networks and systems in which emerging applications allow users to enjoy
more scalable and comprehensive services while preserving trust, security
and privacy at the same time. TSP-10 aims at bringing together researchers and
practitioners in the world working on trust, security, privacy, and related
issues such as technical, social, and cultural implications for all emerging
devices, services, applications, networks, and systems, and providing a
forum for them to present and discuss emerging ideas and trends in this
highly challenging research area.
For more information, please see
http://trust.csu.edu.cn/conference/tsp2010/Call_for_Papers.htm.
March 2010
SOUPS 2010
Symposium On Usable Privacy and Security,
Redmond, WA, USA, July 14-16, 2010.
(Submissions due 5 March 2010) [posted here 10/12/09]
The 2010 Symposium on Usable Privacy and Security (SOUPS) will bring
together an interdisciplinary group of researchers and practitioners
in human computer interaction, security, and privacy. We invite authors
to submit original papers describing research or experience in all
areas of usable privacy and security.
Topics include, but are not limited to:
- innovative security or privacy functionality and design
- new applications of existing models or technology
- field studies of security or privacy technology
- usability evaluations of new or existing security or privacy features
- security testing of new or existing usability features
- longitudinal studies of deployed security or privacy features
- the impact of organizational policy or procurement decisions
- lessons learned from the deployment and use of usable privacy and security features
For more information, please see
http://cups.cs.cmu.edu/SOUPS/.
CISSE 2010
14th Colloquium for Information Systems Security Education,
Baltimore, MD, USA, June 7-9, 2010.
(Submissions due 5 March 2010) [posted here 10/12/09]
This Colloquium, the fourteenth in an ongoing annual series, brings together leading
figures from academia, government, and industry to address the national need for
security and assurance of our information and communications infrastructure.
The Colloquium solicits participation from practitioners, students, educators,
and researchers. The topics areas should discuss course or lab development,
Information Assurance (IA) curricula, standards, best practices, existing or
emerging programs, trends, and future vision, as well as related issues.
This includes the following general topics:
- Assessment of need (e.g. how many information security workers/
researchers/ faculty are needed?)
- Integrating information assurance topics in existing graduate or
undergraduate curricula
- Experiences with course or laboratory development
- Alignment of curriculum with existing information assurance education
standards
- Emerging programs or centers in information assurance
- Best practices
- Vision for the future
- Tools, demonstrations, case studies, course modules, shareware, and worked
examples that participants (and others) can use to help educate
people in computer security.
For more information, please see
http://www.cisse.info.
MMM-ACNS 2010
5th International Conference on Mathematical Methods, Models, and
Architectures for Computer Networks Security,
St. Petersburg, Russia, September 6-9, 2010.
(Submissions due 7 March 2010) [posted here 01/12/10]
MMM-ACNS-2010 aims at bringing together leading researchers from academia and
governmental organizations as well as practitioners to advance the states
of the art and practice in the area of computer networks and information
security with a focus on novel theoretical aspects of computer network
security, facilitate personal interactions and discussions on various
aspects of information technologies in conjunction with computer network
and information security problems arising in large-scale computer networks.
MMM-ACNS-2010’s scope includes, but is not restricted to the
following areas:
- Adaptive security
- Anti-malware techniques: detection, analysis, prevention
- Anti-phishing, anti-spam, anti-fraud, anti-botnet techniques
- Authentication, Authorization and Access Control
- Computer and network forensics
- Covert channels
- Critical infrastructure protection
- Data and application security
- Data mining, machine learning, and bio-inspired approaches for security
- Deception systems and honeypots
- Denial-of-service attacks and countermeasures
- Digital Rights Management
- eCommerce, eBusiness and eGovernment security
- Formal analysis of security properties
- Information warfare
- Internet and web security
- Intrusion prevention, detection, and response
- Language-based security
- Network survivability
- New ideas and paradigms for security
- Operating system security
- Security and privacy in pervasive and ubiquitous computing
- Security event processing and predictive security monitoring
- Security for cloud computing
- Security for large-scale systems and critical infrastructures
- Security of emerging technologies: sensor, wireless/mobile,
peer-to-peer and overlay networks
- Security of autonomous agents and multi-agent systems
- Security modeling and simulation
- Security policies
- Security protocols
- Security verification
- Self-protecting and healing
- Software protection
- Trusted computing
- Trust and reputation management
- Vulnerability assessment, risk analysis and risk management
For more information, please see
http://comsec.spb.ru/mmm-acns10/.
IH 2010
12th Information Hiding Conference,
Calgary, Alberta, Canada, June 28 - 30, 2010.
(Submissions due 13 March 2010) [posted here 01/11/10]
For many years, Information Hiding has captured the imagination of
researchers. Digital watermarking and steganography protect information, conceal
secrets or are used as core primitives in digital rights management schemes.
Steganalysis and forensics pose important challenges to investigators; and privacy
techniques try to hide relational information such as the actors' identities in anonymous
communication systems. These and other topic share the notion that security is defined
by the difficulty to make (or avoid) inference on certain properties of host data,
which therefore has to be well understood and modeled.
Current research themes include:
- Anonymity and privacy
- Covert/subliminal channels
- Digital rights management
- Fingerprinting and embedding codes
- Multimedia and document security
- Multimedia forensics and counter forensics
- Novel applications of information hiding
- Other data hiding domains (e.g. text, software, etc.)
- Security metrics for information hiding
- Steganography and steganalysis
- Theoretical aspects of information hiding and detection
- Watermarking (algorithms, security, attacks)
For more information, please see
http://ih2010.cpsc.ucalgary.ca.
HOST 2010
IEEE International Symposium on Hardware-Oriented Security and Trust,
Anaheim, California, USA, June 13-14, 2010.
(Submissions due 19 March 2010) [posted here 12/7/09]
HOST covers security and trust issues in all types of electronic
devices and systems such as ASICs, COTS, FPGAs, microprocessors/DSPs,
and embedded systems. The mission of HOST is to provide a forum
for the presentation and discussion of research that is of critical
significance to the security of, and trust in, modern society's
microelectronic-supported infrastructures.
Papers and presentations that address any of the following "hot topics" are
of high interest to the symposium. Papers addressing HOST issues outside
of these areas will be considered equally relevant in the review process:
- Trojan Detection and Isolation
- Authenticating Foundry of Origin
- Side Channel Analysis/Attacks
- Watermarking
- FPGA Design Security
- Hardware focused Cryptography
- IC Metering
- Physical Unclonable Functions
- Embedded and Distributed Systems Security
- Hardware Intrusion Detection and Prevention
- Security Engineering
- Scan chain Encryption
For more information, please see
http://www.engr.uconn.edu/HOST/.
April 2010
ESORICS 2010
15th European Symposium on Research in Computer Security,
Athens, Greece, September 20-22, 2010.
(Submissions due 1 April 2010) [posted here 10/12/09]
ESORICS is the annual European research event in Computer Security. The
Symposium started in 1990 and has been held in several European countries,
attracting a wide international audience from both the academic and industrial communities.
Papers offering novel research contributions in computer security are solicited for
submission to the Symposium. The primary focus is on original, high quality,
unpublished research and implementation experiences. We encourage submissions
of papers discussing industrial research and development.
Papers should focus on topics such as:
- Access Control
- Accountability
- Anonymity
- Applied Cryptography
- Attacks and Viral Software
- Authentication and Delegation
- Data Integrity
- Database Security
- Inference Control
- Identity Management
- Information Flow Control
- Intrusion Tolerance
- Formal Security Methods
- Language-based Security
- Network Security
- Privacy Enhancing Technologies
- Risk Analysis and Management
- Secure Electronic Voting
- Security Architectures
- Security Economics
- Security for Mobile Code
- Security for Dynamic Coalitions
- Security in Location Services
- Security in Social Networks
- Security Models
- Security Verification
- System Security
- Trust Models and Management
- Trust Theories
- Trustworthy User Devices
For more information, please see
http://www.esorics2010.org.
IDMAN 2010
2nd IFIP WG 11.6 Working Conference on Policies & Research in Identity Management,
Oslo, Norway, November 18–19, 2010.
(Submissions due 1 April 2010) [posted here 11/23/09]
Papers offering research contributions focusing on identity management in
general and surveillance and monitoring in particular are solicited for
submission to the 2nd IFIP WG-11.6 International Conference on Identity
Management. Papers may present theory, applications or practical experiences
in the field of national identity management, from both a technical and a
social perspective, including, but not necessarily limited to:
- History
- Law
- Philosophical and ethical aspects
- Economics Impact of surveillance and monitoring in both the physical
world and in cyberspace
- Impact on society and politics
- Impact on e-government and e-government applications
- Consecutive developments in social tracking, -tracing and -sorting
- Quality of identity management in general
- Quality identity data, processes and applications
- Security and identity management
- User centered, usable and inclusive identity management
- Attacks on identity management infrastructure and procedures Central
storage of general and biometric identity data
- Effectiveness of surveillance and monitoring in fighting terrorism,
international crime and human trafficking
- Methods of identification and authentication
- Models of identification procedures
- Models of inclusive identification and authentication procedures
- Government PKI
- (Possible) role of pseudonymous and anonymous identity in identity management
- Electronic Ids European and worldwide policies and cooperation in the field of
identity management and surveillance and monitoring
- (Inter)national policies on unique identifiers /social security numbers / personalisation IDs
- (Inter)national applications of biometrics
- Vulnerabilities of electronic identification protocols
- Federative identity management and de-perimetrization
- Fraud, fraud detection, fraud resistence of technologies
- Biometric verification, assurance, metrics and measurements
- Fraud resistance of biometrics
- Junction between (large scale) applications of identity management and
surveillance and monitoring
- Data Protection
- Privacy and Privacy Enhancing Technologies (PETs) in identity management
- Privacy Intrusion Technologies (PITs) in identity management
- Privacy side-effects and privacy risks assessment of identity management
Intelligence and (inter)national threats
- Impersonation, identity fraud, identity forge and identity theft
- Tracing, monitoring and forensics
For more information, please see
http://ifipidman2010.nr.no/ifipidman2010/index.php5/Main_Page.
PST 2010
8th International Conference on Privacy, Security and Trust,
Ottawa, Canada, August 17-19, 2010.
(Submissions due 3 April 2010) [posted here 12/14/09]
PST2010 provides a forum for researchers world-wide to unveil
their latest work in privacy, security and trust and to show how
this research can be used to enable innovation. This year’s theme is
“Privacy, Security and Trust by Design: PbD - The Gold Standard.”
With the growth and ubiquity of data in today’s hyper-networked world,
the need for trust has become more critical than ever. We need new
paradigms that seek to integrate and build privacy, security and
trustworthiness directly into technologies and systems from the
outset and by default. PST2010 will include an Industry Day followed
by two days of high-quality research papers whose topics include,
but are NOT limited to, the following:
- Privacy Preserving / Enhancing Technologies
- Trust Technologies, Technologies for Building Trust in e-Business Strategy
- Critical Infrastructure Protection
- Observations of PST in Practice, Society, Policy and Legislation
- Network and Wireless Security
- Digital Rights Management
- Operating Systems Security
- Identity and Trust management
- Intrusion Detection Technologies
- PST and Cloud Computing
- Secure Software Development and Architecture
- Human Computer Interaction and PST
- PST Challenges in e-Services
- Implications of, and Technologies for, Lawful Surveillance
- Network Enabled Operations
- Biometrics, National ID Cards, Identity Theft
- Advanced Training Tools - PST and Web Services / SOA
- Information Filtering, Data Mining & Knowledge from Data
- Privacy, Traceability, and Anonymity
- National Security and Public Safety
- Trust and Reputation in Self-Organizing Environments
- Security Metrics
- Anonymity and Privacy vs. Accountability
- Recommendation, Reputation and Delivery Technologies -
Access Control and Capability Delegation
- Continuous Authentication
- Representations and Formalizations of Trust in
Electronic and Physical Social Systems
For more information, please see
http://pstnet.unb.ca/pst2010.
SECURECOMM 2010
6th International Conference on Security and Privacy in Communication Networks,
Singapore, September 7-10, 2010.
(Submissions due 5 April 2010) [posted here 10/26/09]
SecureComm’10 seeks high-quality research contributions in the form of well
developed papers. Topics of interest encompass research advances in
ALL areas of secure communications and networking. Topics in other
areas (e.g., formal methods, database security, secure software,
applied cryptography) will also be considered if a clear connection
to private or secure communications/networking is demonstrated.
For more information, please see
http://www.securecomm.org/.
HealthSec 2010
1st USENIX Workshop on Health Security and Privacy,
Washington, DC, USA, August 10, 2010.
(Submissions due 9 April 2010) [posted here 12/7/09]
HealthSec '10 is intended as a forum for lively discussion of aggressively
innovative and potentially disruptive ideas on all aspects of medical
and health security and privacy. A fundamental goal of the workshop is
to promote cross-disciplinary interactions between fields, including,
but not limited to, technology, medicine, and policy. Surprising results
and thought-provoking ideas will be strongly favored; complete papers
with polished results in well-explored research areas are comparatively
discouraged. Workshop topics are solicited in all areas relating to
healthcare information security and privacy, including:
- Security and privacy models for healthcare information systems
- Industrial experiences in healthcare information systems
- Deployment of open systems for secure and private use of healthcare
information technology
- Security and privacy threats against and countermeasures for
existing and future medical devices
- Regulatory and policy issues of healthcare information systems
- Privacy of medical records
- Usability issues in healthcare information systems
- Threat models for healthcare information systems
For more information, please see
http://www.usenix.org/healthsec10/cfpa/.
RFIDSec 2010
6th Workshop on RFID Security,
Istanbul, Turkey, June 8-10, 2010.
(Submissions due 20 April 2010) [posted here 11/23/09]
The workshop focuses on approaches to solve security and data-protection
issues in advanced contactless technologies like RFID. It stresses implementation
aspects imposed by resource constraints.
Topics of the conference include but are not limited to:
- New applications for secure RFID systems
- Data protection and privacy-enhancing techniques for RFID
- Cryptographic protocols for RFID (Authentication protocols, Key update mechanisms, Scalability issues)
- Integration of secure RFID systems (Middleware and security, Public-key infrastructures, Case studies)
- Resource-efficient implementation of cryptography (Small-footprint hardware, Low-power architectures)
- Attacks on RFID systems
- RFID security hardware e.g. RFID with PUF, RFID Trojans, …
For more information, please see
http://www.projectice.eu/rfidsec10/index.html.
SIN 2010
3rd International Conference on Security of Information and Networks,
Taganrog, Rostov-on-Don, Russia, September 7-11, 2010.
(Submissions due 20 April 2010) [posted here 01/11/10]
Papers addressing all aspects of security in information and networks are being sought.
Researchers working on the following and related subjects are especially encouraged:
realization of security schemes, new algorithms, experimenting with existing approaches;
secure information systems, especially distributed control and processing applications,
and security in networks; interoperability, service levels and quality issues in such
systems; information assurance, security, and public policy.
Topics of the conference include but are not limited to:
- Access control and intrusion detection
- Autonomous and adaptive security
- Cryptographic techniques and key management
- Information assurance
- Network security and protocols
- Security in information systems
- Security tools and development platforms
- Security ontology, models, protocols & policies
- Secure ontology-based systems
- Standards, guidelines and certification
- Security-aware software engineering
- Trust and privacy
For more information, please see
http://www.sinconf.org/sin2010/.
May 2010
SCC 2010
2nd International Workshop on Security in Cloud Computing,
Held in Conjunction with ICPP 2010,
San Diego, California, USA, September 13 – 16, 2010
(Submissions due 1 May 2010) [posted here 01/25/10]
Cloud Computing has generated interest from both industry and academia
since 2007. As an extension of Grid Computing and Distributed Computing,
Cloud Computing aims to provide users with flexible services in a
transparent manner. Services are allocated in a “cloud”, which is a
collection of devices and resources connected through the Internet.
Before this paradigm can be widely accepted, the security, privacy and
reliability provided by the services in the cloud must be well established.
SCC’2010 will bring researchers and experts together to present and discuss
the latest developments and technical solutions concerning various aspects
of security issues in Cloud Computing. SCC’2010 seeks original unpublished
papers focusing on theoretical analysis, emerging applications, novel
system architecture construction and design, experimental studies, and
social impacts of Cloud Computing. Both review/survey papers and technical
papers are expected. Topics of the conference include but
are not limited to:
- Emerging threats to cloud-based services
- Security models for new services
- Cloud-aware web service security
- Information hiding in Cloud Computing
- Securing distributed data storage in the cloud
- Privacy and security in Cloud Computing
- Forensics
- Robust network architecture
- Cloud Infrastructure Security
- Job deployment in the Cloud
- Intrusion detection/prevention
- Denial-of-Service (DoS) attacks and defense
- Robust job scheduling
- Secure resource allocation and indexing
- Secure payment for cloud-aware services
- User authentication in cloud-aware services
- Security for emerging cloud programming models
For more information, please see
http://bingweb.binghamton.edu/~ychen/SCC2010.htm.
June 2010
SA&PS4CS 2010
1st International Workshop on Scientific Analysis and Policy Support
for Cyber Security,
Held in conjunction with the 5th International Conference on Mathematical
Methods, Models, and Architectures for Computer Networks Security (MMM-ACNS 2010),
St. Petersburg, Russia, September 9, 2010.
(Submissions due 13 June 2010) [posted here 01/12/10]
The workshop is dedicated to the methods of scientific analysis and
policy support for response to cyber intrusions and attacks.
The main topics of the SA&PS4CS’2010 are detection, discrimination, and
attribution of various activities of malefactors and response to cyber
intrusions and attacks including national level information operations
as well as identifying emergent cyber technologies supporting social
and political activity management and trans-national distributed
computing management.
For more information, please see
http://www.comsec.spb.ru/saps4cs10/.
ISC 2010
13th Information Security Conference,
Boca Raton, Florida, USA, October 25-28, 2010.
(Submissions due 15 June 2010) [posted here 01/19/10]
ISC is an annual international conference covering research (both
theory and applications) in Information Security.
The conference seeks submissions from academia, industry, and government that
present novel research on all theoretical and practical aspects of
Information Security. Topics of interest include, but are not limited to:
- access control
- accountability
- anonymity and pseudonymity
- applied cryptography
- authentication
- biometrics
- computer forensics
- cryptographic protocols
- database security
- data protection
- data/system integrity
- digital right management
- economics of security and privacy
- electronic frauds
- formal methods in security
- identity management
- information dissemination control
- information hiding and watermarking
- intrusion detection
- network security
- peer-to-peer security
- privacy
- secure group communications
- security and privacy in pervasive/ubiquitous computing
- security in information flow
- security in IT outsourcing
- security for mobile code
- security of grid computing
- security of eCommerce, eBusiness and eGovernment
- security in location services
- security modeling and architectures
- security models for ambient intelligence environments
- security in social networks
- trust models and trust management policies
- embedded security
For more information, please see
http://math.fau.edu/~isc2010/.
HST 2010
10th IEEE International Conference on Technologies for Homeland Security,
Waltham, MA, USA, November 8-10, 2010.
(Submissions due 25 June 2010) [posted here 11/23/09]
The tenth annual IEEE Conference on Technologies for Homeland Security
will focus on innovative technologies for deterring and preventing attacks,
protecting critical infrastructure and individuals, and mitigating damage
and expediting recovery. Submissions are desired in the broad areas of
critical infrastructure and key resources protection (CIKR),
border protection and monitoring, and disaster recovery and response,
with application within about five years.
For more information, please see
http://ieee-hst.org/.
Journal of Privacy Technology (JOPT),
Editor-in-Chief: Latanya Sweeney
This online-only Journal, started in 2004 and operated by Carnegie
Mellon University, is a forum for the publication of original
current research in privacy technology. It encourages the submission
of any material dealing primarily with the technological aspects of
privacy or with the privacy aspects of technology, which may include
analysis of the interaction between policy and technology or the
technological implications of legal decisions. More information can
be found at http://www.jopt.org/.
IEEE Security and Privacy Magazine, Editor-in-Chief:
Carl E. Landwehr
IEEE Security & Privacy provides a unique combination of research
articles, case studies, tutorials, and regular departments covering
diverse aspects of information assurance such as legal and ethical
issues, privacy concerns, tools to help secure information, analysis
of vulnerabilities and attacks, trends and new developments,
pedagogical and curricular issues in educating the next generation
of security professionals, secure operating systems and
applications, security issues in wireless networks, design and test
strategies for secure and survivable systems, and cryptology. More
information can be found at
http://computer.org/security/.
ACM Transactions on Information and System Security,
Editor-in-Chief: Gene Tsudik
ACM invites submissions for its Transactions on Information and
System Security, inaugurated in November 1998. TISSEC publishes
original archival-quality research papers and technical notes in all
areas of information and system security including technologies,
systems, applications, and policies. Papers should have practical
relevance to the construction, evaluation, application, or operation
of secure systems. Theoretical papers will be accepted only if there
is convincing argument for the practical significance of the
results. Theory must be justified by convincing examples
illustrating its application. More information is given on the
journal web page at
http://www.acm.org/tissec.
IEEE Transactions on Dependable and Secure Computing,
Editor-in-Chief: Virgil D. Gligor
The IEEE Transactions on Dependable and Secure Computing publishes
archival research results related to research into foundations,
methodologies, and mechanisms that support the achievement—through
design, modeling, and evaluation—of systems and networks that are
dependable and secure to the desired degree without compromising
performance. The focus will also include measurement, modeling, and
simulation techniques, and foundations for jointly evaluating,
verifying, and designing for performance, security, and dependability
constraints. More information is given on the
journal web page at
http://www.computer.org/tdsc/.
The Kluwer International Series on ADVANCES IN INFORMATION
SECURITY.
The purpose of the Advances in Information Security book series is
to establish the state of the art and set the course for future
research in information security. The scope of this series includes
not only all aspects of computer and network security, but related
areas such as fault tolerance and software assurance. The series
will serve as a central source of reference for information security
research and developments. The series aims to publish thorough and
cohesive overviews on specific topics in Information Security, as
well as works that are larger in scope than survey articles and that
will contain more detailed background information. The series also
provides a single point of coverage of advanced and timely topics
and a forum for topics that may not have reached a level of maturity
to warrant a comprehensive textbook. Prospective Authors or Editors:
If you have an idea for a book that would fit in this series, we
would welcome the opportunity to review your proposal. Should you
wish to discuss any potential project further or receive specific
information regarding book proposal requirements, please contact
either Sushil Jajodia (jajodia@gmu.edu,703-993-1653) or Lance Wobus
(lance.wobus@wkap.com, 781-681-0602)
Journal of Computer Security,
Editor-in-Chief: Sushil Jadodia and Jonathan Millen
JCS is an archival research journal for significant advances in
computer security. Subject areas include architecture, operating systems,
database systems, networks, authentication, distributed systems,
formal models, verification, algorithms, mechanisms, and policies.
Submissions: send six copies to one of the editors in chief:
Sushil Jadodia, CSIS, George Mason University, 440 University Drive,
Fairfax, VA 22030, or Jonathan Millen, The MITRE Corporation,
202 Burlington Rd., Bedford, MA. Subscriptions: contact IOS Press,
Niewe Hemweg 6B, 1013 BG Amsterdam, Netherlands, (e-mail: order@iospress.nl)
for information about individual or institutional subscriptions or back issues.
More information is given on the journal web page at
http://www.mitre.org/jcs.
Computers & Security,
Editor-in-Chief: Dimitris Gritzalis
Computers & Security aims to satisfy the needs of managers
and experts involved in computer security by providing a blend of
research developments, innovations, and practical management advice.
Original submissions on all computer security topics are invited,
particularly those of practical benefit to the practitioner. Four
copies of papers from 5-10,000 words should be sent to the editor,
N. Dudley, at Elsevier Advanced Technology, P.O. Box 150,
Kidlington, Oxford, OX5 1AS, United Kingdom. Telephones: voice
+44(0)1865 843848 / 843000; fax +44 (0) 1865 843971. More
information can be found at
http://www.elsevier.com/locate/issn/01674048.
International Journal of Information Security,
Editors-in-Chief: D. Gollmann; J. Lopez; E. Okamoto
The International Journal of Information Security, IJIS, aims to
provide prompt publication of important technical work in
information security, attracting any person interested in
communications, commerce, banking, medicine, or other areas of
endeavor affected by information security. Any research submission
on theory, applications, and implementations of information security
is welcomed. This includes, but is not limited to, system security,
network security, content protection, applications and foundations
of information security. More information is given on the journal
web page at
http://link.springer.de/link/service/journals/10207/index.htm.
International Journal of Network Security,
Editors-in-Chief: Min-Shiang Hwang
International Journal of Network Security is an international
official journal of Science Publications, publishing original articles,
reviews and short communications of a high scientific and technology
in network security. Subjects covered include: access control,
computer security, cryptography, communications security, data security,
database security, electronic commerce security, information security,
multimedia security, and network security. Authors are strongly encouraged
to submit their papers electronically by using online manuscript submission
at
http://ijns.nchu.edu.tw/, or submit their Word, ps or pdf file
to the editor-in-chief (via Email: mshwang@isrc.nchu.edu.tw): Min-Shiang Hwang,
at the Department of Management Information Systems,
National Chung Hsing University, Taiwan, R.O.C. More
information can be found at
http://ijns.nchu.edu.tw/.
International Journal of Security and Networks,
Editors-in-Chief: Yang Xiao
International Journal of Security and Networks is an archival research journal
for significant advances in network security. Subject areas include attack models,
security mechanisms, security services, authentication, authorization, access control,
multicast security, data confidentiality, data integrity, non-repudiation, forensics,
privacy protection, secure protocols, formal analyses, intrusion detection,
key management, trust establishment, revocation of malicious parties, security policies,
fraudulent usage, dependability and reliability, prevention of traffic analysis,
network security performance evaluation, tradeoff analysis between performance and
security, security standards, etc. All papers must be submitted online
at
http://www.inderscience.com/ijsn/. More information is given on
the journal web page at
http://www.inderscience.com/ijsn/.
International Journal of Critical Infrastructure Protection,
Editors-in-Chief: Sujeet Shenoi
International Journal of Critical Infrastructure Protection's
primary aim is to publish high quality scientific and policy papers in all
areas of critical infrastructure protection. Of particular interest are
articles that weave science, technology and policy to craft
sophisticated yet practical solutions that will secure information,
computer and network assets in the various critical infrastructure
sectors. All papers must be submitted online
at
http://www.elsevier.com/locate/ijcip. More information is given on
the journal web page at
http://www.elsevier.com/locate/ijcip.
IEEE Transactions on Information Forensics and Security,
Editors-in-Chief: Nasir D. Memon
IEEE Transactions on Information Forensics and Security aims to
provide a unified locus for archival research on the fundamental contributions
and the mathematics behind information forensics, information security,
surveillance, and systems applications that incorporate these features.
Authors are strongly encouraged
to submit their papers electronically to the online manuscript system,
Manuscript Central, via
sps-ieee.manuscriptcentral.com. More
information can be found at
http://www.ieee.org/organizations/society/sp/tifs.html.
|