Cipher
Calls for Papers



IEEE Computer Society's Technical Committee on Security and Privacy


 

Last Modified:03/24/14

Note: Please send new calls to cipher-cfp@ieee-security.org and take a moment to read the submission guidelines. And please see the Cipher Calendar for events sorted in date order. For all other questions, please contact cipher-cfp@ieee-security.org by email.

Contents

 

Special Issues of Journals and Handbooks


IEEE Security & Privacy, Special issue on Key Trends in Cryptography, January/February 2015, (Abstract Due 15 March 2014, and Final Submission Due 1 May 2014) [posted here 01/13/14]

Editor: Hilarie Orman (purplestreak.com, USA) and Charles Pfleeger (pfleeger.com, USA)

Cryptography has advanced from an arcane craft to a mathematical discipline with established principles, widely-accepted standards, and daily use in Internet and many other computer applications. Yet its actual utility and future are clouded topics that hit at two widely separated poles: the limits of computation and the role of government. Articles for this special issue of IEEE Security & Privacy magazine will cover recent research trends in cryptology and their implications for emerging computing techniques (such as cloud computing), collaboration between researchers and governments in defining cryptographic standards, how physics and mathematics shape and limit cryptology, and how cryptology implements privacy and security in an interconnected world. Potential articles for this issue might address:
- Is cryptology an ongoing research area? What are the remaining challenges that have not been solved by public key systems and the AES cipher?
- What new cryptographic methods are on the horizon? How could techniques such as homomorphic encryption affect computers and applications? What synergies do new methods have with emerging technologies such as cloud computing, digital commerce, tablets and cellphones, personal health and safety systems, etc.?
- What are the known or potential failures of cryptology? Are mathematical advances eroding the fundamental "hard problems" such as discrete logarithms or factoring? How can one be sure that a system employing cryptographic techniques is implemented securely? Is it better to use specialized hardware instead of software? Should cryptographic software be open source? How will advances in computing hardware, such as graphics processors, affect the use of cryptography?
- Is quantum key distribution a realistic method for day-to-day applications? Is quantum computing a serious threat to the strength of cryptography? Do quantum principles have wider application to cryptology? When are these technologies likely to move from research to proof-of-concept to widespread use?
- As more and more small devices contain general purpose computers and wireless communication, should they also employ cryptography? What physical constraints such as size, power demand, ruggedness or heat dissipation affect the ability to integrate cryptography in all devices? If device-based cryptography is readily available, will it be used? Will it be used appropriately?
- Is there such a thing as "user-friendly cryptography"? How much of the arcane side of cryptography can be shielded from the user without weakening its impact? Do users care whether they employ cryptography or at what strength? Do users worry about traffic interception by criminals, businesses, or governments?
- How and why does the U.S. government develop standards for cryptography? What standards are being developed now? How have the Snowden disclosures affected that process? Are there non-governmental approaches to developing these standards?
- What are the scientific and political limits to actual secrecy and privacy? Malware, man-the-middle attacks, hardware Trojans, collusion by businesses and governments – in this environment, what protection is available to end users?

For more information, please see http://www.computer.org/portal/web/computingnow/spcfp1.

IEEE Transactions on Information Forensics and Security, Special Issue on Biometric Spoofing and Countermeasures, April 2015, (Submission Due 1 June 2014) [posted here 02/03/14]

Editor: Nicholas Evans (EURECOM, France), Sébastien Marcel (Idiap Research Institute, Switzerland), Arun Ross (Michigan State University, USA), and Stan Z. Li (Chinese Academy of Sciences, China)

While biometrics technology has revolutionized approaches to person authentication and has evolved to play a critical role in personal, national and global security, the potential for the technology to be fooled or 'spoofed' is widely acknowledged. Efforts to study such threats and to develop countermeasures are now well underway resulting in some promising solutions. While progress with respect to each biometric modality has attained varying degrees of maturity, there are some notable shortcomings in research methodologies. Current spoofing studies focus on specific, known attacks. Existing countermeasures designed to detect and deflect such attacks are often based on unrealistic a priori knowledge and typically learned using training data produced using exactly the same spoofing method that is to be detected. Current countermeasures thus have questionable application in practical scenarios where the nature of the attack can never be known. This special issue will focus on the latest research on the topic of biometric spoofing and countermeasures, with a particular emphasis on novel methodologies and generalized spoofing countermeasures that have the potential to protect biometric systems against varying or previously unseen attacks. The aim is to further the state-of-the-art in this field, to stimulate interactions between the biometrics and information forensic communities, to encourage the development of reliable methodologies in spoofing and countermeasure assessment and solutions, and to promote the development of generalized countermeasures. Papers on biometric obfuscation (e.g., fingerprint or face alteration) and relevant countermeasures will also be considered in the special issue. Novel contributions related to both traditional biometric modalities such as face, iris, fingerprint, and voice, and other modalities such as vasculature and electrophysiological signals will be considered. The focus includes, but is not limited to, the following topics related to spoofing and anti-spoofing countermeasures in biometrics:
- vulnerability analysis with an emphasis on previously unconsidered spoofing attacks;
- theoretical models for attack vectors;
- advanced machine learning and pattern recognition algorithms for anti-spoofing;
- information theoretic approaches to quantify spoofing vulnerability;
- spoofing and anti-spoofing in mobile devices;
- generalized countermeasures;
- challenge-response countermeasures;
- sensor-based solutions to spoof attacks;
- biometric obfuscation schemes;
- information forensic approaches to spoofing detection;
- new evaluation protocols, datasets, and performance metrics;
- reproducible research (public databases, open source software and experimental setups).

For more information, please see http://www.signalprocessingsociety.org/uploads/email/biometric_spoofing.html.

Elsevier Information Systems, Special Issue on Information Integrity in Smart Grid Systems, 2014, (Submission Due 1 July 2014) [posted here 03/03/14]

Editor: Al-Sakib Khan Pathan (International Islamic University Malaysia, Malaysia), Zubair Muhammad Fadlullah (Tohoku University, Japan), Mostafa M. Fouda (Benha University, Egypt), Muhammad Mostafa Monowar (King AbdulAziz University, Saudi Arabia), and Philip Korn (AT&T Labs Research, USA)

The smart grid is an electronically controlled electrical grid that connects power generation, transmission, distribution, and consumers using information and communication technology. One of the key characteristics of the smart grid is its support for bi-directional information flow between the consumer of electricity and the utility provider. A critical twist on the current electrical grid system, this kind of two-way interaction would allow electricity to be generated in real-time based on consumer demands and power requests. While the system would allow users to get more control over electricity use and supply, many security issues are raised to ensure information privacy of the users as well as authorization procedures for electricity use. Security loopholes in the system could, in fact, aggravate the electricity supply system instead of improving it. The quality of the information from billing and accounting is also a major concern. With this Special Issue, we open the door to encourage researchers to discuss issues related to information integrity and security services in the smart grid, particularly from the communication point of view to construct energy, control, and information processing systems for the smart grid. Any topic related to information integrity and security services in the smart grid, particularly from the communications and data management point of view, is to be considered. The topics include but are not limited to:
- Data quality in the smart grid
- Secure smart metering
- Secure Advanced Metering Infrastructure (AMI) communication and management
- Privacy protection in smart grid
- Smart grid security database architecture and models
- Security services for smart grid
- User authentication, access control for smart grid
- Hardware design for information protection in smart grid
- Simulation and performance analysis of smart grid security operations

For more information, please see http://www.journals.elsevier.com/information-systems/call-for-papers/special-issue-on-information-integrity-in-smart-grid-systems/.

ACM Transactions on Embedded Computing Systems, Special Issue on Embedded Platforms for Cryptography in the Coming Decade, First Quarter 2015, (Submission Due 1 July 2014) [posted here 03/03/14]

Editor: Patrick Schaumont (Virginia Tech, USA), Máire O'Neill (Queen's University Belfast, UK), and Tim Güneysu (Ruhr University Bochum, Germany)

Cryptography has made great strides in capability and variety over the past few years, enabling a broad range of new applications and extending the reach of security deep into the embedded world. A few examples include lightweight primitives that provide information security for a fraction of the energy and cost of traditional primitives; lattice-based crypto-engines that provide an alternative to public-key operations in a post-quantum-computing world; cryptographic sponges that can be configured as universal crypto-kernels; anonymous signatures that support electronic cash in portable, compact form factors; and homomorphic primitives and zero-knowledge proofs that allow privacy-friendly interaction of devices with the all-knowing cloud. These novel forms of cryptography will drive the embedded information infrastructure, and they will become a necessity to mix and merge our virtual life with our real life in a trustworthy and scalable manner. However, this is not your father's cryptography, and its efficient implementation needs new research efforts. It is based on different mathematical structures, novel transformations and data organizations, and in many cases its computational complexity is significantly higher than that of traditional cryptographic operations. For several primitives, such as for post-quantum cryptography and homomorphic computing, the optimal implementation strategies are still an open area of research. Furthermore, threats against these novel forms of cryptography, such as side-channel analysis or fault injection, are unexplored. This special issue of ACM Transactions on Embedded Computing Systems solicits state-of-the-art research results and surveys in embedded system engineering for these novel cryptographic primitives. The issue will cover both hardware and software implementations for performance-optimized, resource-constrained, energy-efficient platforms. Of special interest are implementations that demonstrate novel applications for cryptographic primitives. A few examples of topics of interest for the special issue include:
- Post-quantum Primitives for Constrained Platforms (RFID, microcontroller)
- Lattice-based Cryptography in Embedded Platforms
- Embedded Implementations that interact with the Homomorphic Cloud
- Custom-instruction Extensions and Hardware Primitives for Post-quantum Cryptography
- Performance Comparisons and Benchmarks for Multi-party Computation
- Privacy-friendly Cryptography in Embedded Platforms
- Privacy-friendly Car Electronics and Public-transport Infrastructure
- Implementations of Electronic Cash
- Implementations of Electronic Passports
- Hardware Acceleration of Privacy-friendly Cryptographic Primitives
- Implementations of Unified Cryptographic Primitives (eg Authenticated Encryption)
- Implementations of Leakage-resilient Cryptography

For more information, please see http://acmtecs.acm.org/special-issues/14/embcrypt2014.html.

Conference and Workshop Call-for-papers

March 2014

PST 2014 12th Annual Conference on Privacy, Security and Trust, Toronto, Canada, July 23-24, 2014. (Submission Due March 24, 2014) [posted here 02/03/14]
PST2014 provides a forum for researchers world-wide to unveil their latest work in privacy, security and trust and to show how this research can be used to enable innovation. PST2014 topics include, but are NOT limited to, the following:
- Privacy Preserving / Enhancing Technologies
- Critical Infrastructure Protection
- Network and Wireless Security
- Operating Systems Security
- Intrusion Detection Technologies
- Secure Software Development and Architecture
- PST Challenges in e-Services, e.g. e-Health, e-Government, e-Commerce
- Network Enabled Operations
- Digital forensics
- Information Filtering, Data Mining and Knowledge from Data
- National Security and Public Safety
- Cryptographic techniques for privacy preservation
- Security Metrics
- Recommendation, Reputation and Delivery Technologies
- Continuous Authentication
- Trust Technologies, Technologies for Building Trust in e-Business Strategy
- Observations of PST in Practice, Society, Policy and Legislation
- Digital Rights Management
- Identity and Trust management
- PST and Cloud Computing
- Human Computer Interaction and PST
- Implications of, and Technologies for, Lawful Surveillance
- Biometrics, National ID Cards, Identity Theft
- PST and Web Services / SOA
- Privacy, Traceability, and Anonymity
- Trust and Reputation in Self-Organizing Environments
- Anonymity and Privacy vs. Accountability
- Access Control and Capability Delegation
- Representations and Formalizations of Trust in Electronic and Physical Social Systems

For more information, please see http://pst2014.ryerson.ca.

SHPCS 2014 9th Workshop on Security and High Performance Computing Systems, Held in conjunction with the International Conference on High Performance Computing & Simulation (HPCS 2014), Bologna, Italy, July 21 - July 25, 2014. (Submission Due 28 March 2014) [posted here 02/03/14]
Providing high performance computing and security is a challenging task. Internet, operating systems and distributed environments currently suffer from poor security support and cannot resist common attacks. Adding security measures typically degrade performance. This workshop addresses relationships between security and high performance computing systems in three directions. First, it considers how to add security properties (authentication, confidentiality, integrity, non-repudiation, access control) to high performance computing systems and how they can be formally verified both at design-time (formal verification) and at run-time (run-time verification). In this case, safety properties can also be addressed, such as availability and fault tolerance for high performance computing systems. Second, it covers how to use high performance computing systems to solve security problems. For instance, a grid computation can break an encryption code, a cluster can support high performance intrusion detection or a distributed formal verification system. More generally, this topic addresses every efficient use of a high performance computing systems to improve security. Third, it investigates the tradeoffs between maintaining high performance and achieving security in computing systems and solutions to balance the two objectives. In all these directions, various formal analyses, as well as performance analyses or monitoring techniques can be conducted to show the efficiency of a security infrastructure. The workshop seeks submissions from academia and industry presenting novel research on all theoretical and practical aspects of computer and network security, as well as case studies and implementation experiences. Papers should have practical relevance to the construction, evaluation, application, or operation of secure systems.

For more information, please see http://hpcs2014.cisedu.info/.

SPE 2014 4th International Workshop on Security and Privacy Engineering, Co-located with IEEE SERVICES 2014, Anchorage, Alaska, USA, June 27 - July 2, 2014. (Submission Due 29 March 2014) [posted here 02/03/14]
Built upon the success of spectrum of conferences within the IEEE World Congress on Services, the Security and Privacy Engineering (SPE 2014) workshop is a unique place to exchange ideas of engineering secure systems in the context of service computing, cloud computing, and big data analytics. The emphasis on engineering in security and privacy of services differentiates the workshop from other traditional prestigious security and privacy workshops, symposiums, and conferences. The practicality and value realization are examined by practitioners from leading industries as well as scientists from academia. In line with the engineering spirit, we solicit original papers on building secure service systems that can be applied to government procurement, digital medical records, cloud environments, social networking for business purposes, multimedia application, mobile commerce, education, and the like. Potential contributions could cover, but are not limited to, methodologies, protocols, tools, or verification and validation techniques. We also welcome review papers that analyze critically the status of current Security and Privacy (S&P) in a specific area. Papers from practitioners who encounter security and privacy problems and seek understanding are also welcome.

For more information, please see http://sesar.dti.unimi.it/SPE2014/.

ECTCM 2014 2nd International Workshop on Emerging Cyberthreats and Countermeasures, Co-located with International Conference on Availability, Reliability and Security (ARES 2014), Fribourg, Switzerland, September 8-12, 2014. (Submission Due 31 March 2014) [posted here 03/03/14]
ECTCM aims at bringing together researchers and practitioners working in different areas related to cybersecurity. All unveilings regarding massive worldwide online surveillance in the past year led to a somewhat changed cyber world. We want to contribute to the current discussions about all technical aspects of this problem. Therefore this years' workshop focuses on new Targeted Attacks, Malware and all aspects of Privacy. Contributions demonstrating current weaknesses and threats as well as new countermeasures are warmly welcome.

For more information, please see http://www.ectcm.net/.

April 2014

SecATM 2014 International Workshop on Security in Air Traffic Management and other Critical Infrastructures, Held in conjunction with ARES 2014, University of Fribourg, Switzerland, September 9-12, 2014. (Submission Due 1 April 2014) [posted here 03/03/14]
Global air traffic management (ATM) is evolving from siloed, local, proprietary systems to interconnected wide-area information systems. There is rapid development, as demonstrated by the US NextGen and the European Single European Sky ATM Research programme. Increased automation and interconnection also translates into increased security risks, and this workshop will focus on security of next-generation air traffic management systems and similar critical information infrastructures. Throughout the recent years the understanding was developed that the security. Suggested topics include, but are not limited to the following in ATM and related critical infrastructures:
- Security Policy
- Risk assessment
- Security management
- Security validation
- Best practices
- Secure middleware solutions
- Experience reports
- Challenges of security assessment in a safety-oriented environment

For more information, please see http://www.secatm.org.

ESORICS 2014 19th European Symposium on Research in Computer Security, Wroclaw, Poland, September 7-11, 2014. (Submission Due 2 April 2014) [posted here 03/17/14]
ESORICS (European Symposium on Research in Computer Security) is the premier European research conference in computer security. ESORICS started in 1990 and has been held in several European countries, attracting an international audience from both the academic and industrial communities. ESORICS 2014, the 19th symposium in the series, will be held in Poland at the Institute of Mathematics and Computer Science, Wroclaw University of Technology. Papers offering novel research contributions in all aspects of computer security are solicited for submission to ESORICS 2014. The primary focus is on original, high quality, unpublished research, but submissions describing implementation experiences and industrial research and development are also encouraged. All topics related to security, privacy and trust in computer systems and networks are of interest and in scope. Purely theoretical papers, e.g. in cryptography, must be explicit about the relevance of the theory to the security of IT systems.

For more information, please see http://esorics2014.pwr.wroc.pl/index.html.

RAID 2014 17th International Symposium on Research in Attacks, Intrusions and Defenses, Gothenburg, Sweden, September 24-26, 2014. (Submission Due 9 April 2014) [posted here 03/03/14]
The 17th International Symposium on Research in Attacks, Intrusions and Defenses aims at bringing together leading researchers and practitioners from academia, government, and industry to discuss novel research contributions related to any area of computer and information security. As in previous years, all topics related to intrusion detection and prevention are within scope. In addition, topics of interest also include but are not limited to:
- Intrusion detection and prevention
- Malware and botnet analysis, detection, and mitigation
- Smartphone and other embedded systems security
- Network & active defenses
- Web application security
- New attacks against computers and networks
- Insider attack detection
- Formal models, analysis, and standards
- Deception systems and honeypots
- Vulnerability analysis
- Secure software development
- Machine learning for security
- Computer security visualization techniques
- Network exfiltration
- Online money laundering and underground economy
- Hardware vulnerabilities
- Binary analysis and reverse engineering
- Digital forensics
- Security and privacy

For more information, please see http://www.raid2014.eu/cfp.html.

NSPW 2014 New Security Paradigms Workshop, Victoria, British Columbia, Canada, September 15-18, 2014. (Submission Due 11 April 2014) [posted here 03/03/14]
The New Security Paradigms Workshop (NSPW) invites papers that address the current limitations of information security. By encouraging participants to think “outside the box” and giving them an opportunity to interact with open-minded peers, NSPW seeks to foster paradigm shifts in the field of information security. NSPW is a highly interactive venue, with informal paper presentations, lively, extended discussions, shared activities, and group meals, all in the spectacular setting of Victoria, British Columbia, Canada. Most of the papers accepted to NSPW push the boundaries of science and engineering beyond what would be considered mainstream in more traditional security conferences. We are particularly interested in perspectives that augment traditional computer security, both from other areas of computer science and other sciences that study adversarial relationships such as biology, economics, and the social sciences.

For more information, please see http://www.nspw.org/2014/cfp.

LISA 2014 28th Large Installation System Administration Conference, Seattle, WA, USA, November 9–14, 2014. (Submission Due 14 April 2014) [posted here 03/03/14]
USENIX’s Large Installation System Administration (LISA) conference - now in its 28th year - is the premier meeting place for professionals who make computing work across a variety of industries. If you’re an IT operations professional, site-reliability engineer, system administrator, architect, software engineer, researcher, or otherwise involved in ensuring that IT services are effectively delivered to others - this is your conference, and we’d love to have you here. At LISA, systems theory meets operational practice. This is the best environment for you to talk about what you’ve been working on with other professionals—both in industry and in academia. Giving a presentation at LISA is the path to real-world impact by highlighting your team’s or project’s achievements. We are actively soliciting talks in areas such as cloud computing, creating a positive ops culture, software-defined networking, large-scale computing, distributed systems, security, analytics, visualization, and IT management methods - but we will consider exciting, engaging talks on any topic relevant to LISA attendees.

For more information, please see https://www.usenix.org/sites/default/files/lisa14cfp_102813.pdf.

PLAS 2014 9th ACM SIGPLAN Workshop on Programming Languages and Analysis for Security, Uppsala, Sweden, July 29, 2014. (Submission Due 20 April 2014) [posted here 03/03/14]
PLAS aims to provide a forum for exploring and evaluating ideas on the use of programming language and program analysis techniques to improve the security of software systems. Strongly encouraged are proposals of new, speculative ideas, evaluations of new or known techniques in practical settings, and discussions of emerging threats and important problems. The scope of PLAS includes, but is not limited to:
- Compiler-based security mechanisms or runtime-based security mechanisms such as inline reference monitors
- Program analysis techniques for discovering security vulnerabilities
- Automated introduction and/or verification of security enforcement mechanisms
- Language-based verification of security properties in software, including verification of cryptographic protocols
- Specifying and enforcing security policies for information flow and access control
- Model-driven approaches to security
- Security concerns for web programming languages
- Language design for security in new domains such as cloud computing and embedded platforms
- Applications, case studies, and implementations of these techniques

For more information, please see http://researcher.ibm.com/researcher/view_project.php?id=5237.

OSDI 2014 11th USENIX Symposium on Operating Systems Design and Implementation, Broomfield, CO, USA, October 6–8, 2014. (Submission Due 24 April 2014) [posted here 03/03/14]
The 11th USENIX Symposium on Operating Systems Design and Implementation seeks to present innovative, exciting research in computer systems. OSDI brings together professionals from academic and industrial backgrounds in what has become a premier forum for discussing the design, implementation, and implications of systems software. The OSDI Symposium emphasizes innovative research as well as quantified or insightful experiences in systems design and implementation. OSDI takes a broad view of the systems area and solicits contributions from many fields of systems practice, including, but not limited to, operating systems, file and storage systems, distributed systems, cloud computing, mobile systems, secure and reliable systems, embedded systems, virtualization, networking as it relates to operating systems, management and troubleshooting of complex systems. We also welcome work that explores the interface to related areas such as computer architecture, networking, programming languages, and databases. We particularly encourage contributions containing highly original ideas, new approaches, and/or groundbreaking results.

For more information, please see https://www.usenix.org/conference/osdi14/call-for-papers.

May 2014

TGC 2014 9th Symposium on Trustworthy Global Computing, Co-located with Concur 2014, Rome, Italy, September 5-6, 2014. (Submission Due 2 May 2014) [posted here 01/13/14]
The Symposium on Trustworthy Global Computing is an international annual venue dedicated to secure and reliable computation in the so-called global computers, i.e., those computational abstractions emerging in large-scale infrastructures such as service-oriented architectures, autonomic systems, and cloud computing. The TGC series focuses on providing frameworks, tools, algorithms, and protocols for rigorously designing, verifying, and implementing open-ended, large-scaled applications. The related models of computation incorporate code and data mobility over distributed networks that connect heterogeneous devices and have dynamically changing topologies. We solicit papers in all areas of global computing, including (but not limited to):
- languages, semantic models, and abstractions
- security, trust, and reliability
- privacy and information flow policies
- algorithms and protocols
- resource management
- model checking, theorem proving, and static analysis
- tool support

For more information, please see http://www.cs.le.ac.uk/events/tgc2014/.

NordSec 2014 19th Nordic Conference on Secure IT Systems, Tromsø, Norway, October 15-17, 2014. (Submission Due 6 May 2014) [posted here 03/03/14]
NordSec addresses a broad range of topics within IT security with the aims of bringing together computer security researchers and encourage interaction between academia and industry. In 2014 the conference has special focus on Security and Privacy for Cloud Computing and Big Data. Contributions within, but not limited to, the following areas are welcome:
- Applied cryptography
- Communication and network security
- Internet and web-security
- Operating system security
- Software security
- Language-based techniques for security
- Security protocols
- Access control and security models
- Privacy and privacy-enhancing technologies
- Trust and reputation management
- Security evaluation and measurements
- Commercial security policies and enforcement
- Computer crime and information warfare
- Social engineering and phishing
- Intrusion detection
- Security management and audit
- New ideas and paradigms in security
- Usable security and privacy

For more information, please see http://site.uit.no/nordsec2014/.

ACC 2014 IEEE International Workshop on Autonomic Cloud Cybersecurity, Held in conjunction with the IEEE International Conference on Cloud and Autonomic Computing (CAC 2014), London, UK, September 8, 2014. (Submission Due 7 May 2014) [posted here 03/03/14]
Cloud computing services offer cost effective, scalable, and reliable outsourced platforms. Cloud adoption is becoming rapidly ubiquitous; therefore, private and sensitive data is being moved into the cloud. This move is introducing new security and privacy challenges, which should be diligently addressed in order to avoid severe security repercussions. The focus of this workshop is to offer a discussion forum about autonomous cybersecurity systems, which offer viable and well-suited solutions for cloud threat prediction, detection, mitigation, and prevention. The workshop is part of the IEEE International Conference on Cloud and Autonomic Computing (CAC 2014), and is collocated with The 8th IEEE Self-Adaptive and Self-Organizing System Conference and The 14th IEEE Peer-to-Peer Computing Conference. We are soliciting original and unpublished results of ongoing research projects, emerging trends, uses cases, and implementation experiences in autonomous cloud cybersecurity systems and solutions. The topics covered include, but are not limited to:
- Self-protection techniques of computing systems, networks and applications
- Performance evaluation and metrics of self-protection algorithms
- Metrics to characterize and quantify the cybersecurity algorithms (confidentiality, integrity, and availability of autonomic systems)
- Anomaly behavior analysis and discovery of autonomic systems and services
- Data mining, stochastic analysis and prediction of autonomic systems and applications
- Datasets and benchmarks to compare and evaluate different self-protection techniques
- Autonomic prediction of cyber crime
- Cloud cryptographic systems
- Autonomous cyber threat mitigation methods
- Cloud security protocols
- Automated cloud security analysis
- Cloud cybersecurity tools

For more information, please see http://sesar.dti.unimi.it/ACC2014.

ACM-CCS 2014 21st ACM Conference on Computer and Communications Security, The Scottsdale Plaza Resort, Scottsdale, Arizona, USA, November 3-7, 2014. (Submission Due 16 May 2014) [posted here 03/17/14]
The conference seeks submissions from academia, government, and industry presenting novel research results in all practical and theoretical aspects of computer and communications security. Papers should be related to the construction, evaluation, application, or operation of secure systems. Theoretical papers must make a convincing argument for the relevance of the results to secure systems. All topic areas related to computer and communications security are of interest and in scope. Accepted papers will be published by ACM Press in the conference proceedings. Outstanding papers will be invited for possible publication in a special issue of the ACM Transactions on Information and System Security. Further concrete instructions and submissions rules and regulations will be published in the Call for Papers which will be accessible via the conference web page.

For more information, please see http://www.sigsac.org/ccs/CCS2014/.

June 2014

CANS 2014 13th International Conference on Cryptology and Network Security, Aldemar Royal Mare Resort, Heraklion Crete, Greece, October 22-24, 2014. (Submission Due 10 June 2014) [posted here 02/03/14]
Papers offering novel research contributions are solicited for submission to the 13rd International Conference on Cryptology and Network Security (CANS-2014). The focus is on original, high quality, unpublished research and implementation experiences. We encourage submissions of papers suggesting novel paradigms, original directions, or non-traditional perspectives. Submitted papers must not substantially overlap with papers that have been published or that are submitted in parallel to a journal or a conference with formally published proceedings. Topics include (but not limited to):
- Access Control for Networks Mobile Code Security
- Anonymity & Pseudonymity Multicast Security
- Attacks & Malicious Code Network Security
- Authentication, Identification Peer-to-Peer Security
- Block & Stream Ciphers Public Key Cryptography
- Cloud Security Security Modeling
- Cryptographic Algorithms Security Architectures
- Cryptographic Protocols Security in Location Services
- Denial of Service Protection Security in Social Networks
- Embedded Platform Security Sensor Network Security
- Hash Functions Spam & SPIT Protection
- Identity & Trust Management Spyware Analysis and Detection
- (Future) Internet Security Virtual Private Networks
- Key Management Wireless and Mobile Security

For more information, please see http://www.ics.forth.gr/cans2014.

Archival Journals Regularly Specializing in Security and Privacy

Journal of Privacy Technology (JOPT),   Editor-in-Chief:  Latanya Sweeney
This online-only Journal, started in 2004 and  operated by Carnegie Mellon University, is a forum for the publication of original current research in privacy technology. It encourages the submission of any material dealing primarily with the technological aspects of privacy or with the privacy aspects of technology, which may include analysis of the interaction between policy and technology or the technological implications of legal decisions.  More information can be found at http://www.jopt.org/.

IEEE Security and Privacy Magazine,   Editor-in-Chief: Shari Lawrence Pfleeger
IEEE Security & Privacy provides a unique combination of research articles, case studies, tutorials, and regular departments covering diverse aspects of information assurance such as legal and ethical issues, privacy concerns, tools to help secure information, analysis of vulnerabilities and attacks, trends and new developments, pedagogical and curricular issues in educating the next generation of security professionals, secure operating systems and applications, security issues in wireless networks, design and test strategies for secure and survivable systems, and cryptology.  More information can be found at http://www.computer.org/portal/web/computingnow/securityandprivacy.

ACM Transactions on Information and System Security,   Editor-in-Chief: Gene Tsudik
ACM invites submissions for its Transactions on Information and System Security, inaugurated in November 1998. TISSEC publishes original archival-quality research papers and technical notes in all areas of information and system security including technologies, systems, applications, and policies. Papers should have practical relevance to the construction, evaluation, application, or operation of secure systems. Theoretical papers will be accepted only if there is convincing argument for the practical significance of the results. Theory must be justified by convincing examples illustrating its application. More information is given on the journal web page at http://www.acm.org/tissec.

IEEE Transactions on Dependable and Secure Computing,   Editor-in-Chief: Ravi Sandhu
The IEEE Transactions on Dependable and Secure Computing publishes archival research results related to research into foundations, methodologies, and mechanisms that support the achievement—through design, modeling, and evaluation—of systems and networks that are dependable and secure to the desired degree without compromising performance. The focus will also include measurement, modeling, and simulation techniques, and foundations for jointly evaluating, verifying, and designing for performance, security, and dependability constraints. More information is given on the journal web page at http://www.computer.org/portal/web/tdsc.

The Springer Series on ADVANCES IN INFORMATION SECURITY
The purpose of the Advances in Information Security book series is to establish the state of the art and set the course for future research in information security. The scope of this series includes not only all aspects of computer, network security, and cryptography, but related areas, such as fault tolerance and software assurance. The series serves as a central source of reference for information security research and developments. The series aims to publish thorough and cohesive overviews on specific topics in Information Security, as well as works that are larger in scope than survey articles and that will contain more detailed background information. The series also provides a single point of coverage of advanced and timely topics and a forum for topics that may not have reached a level of maturity to warrant a comprehensive textbook. Prospective Authors or Editors: If you have an idea for a book that would fit in this series, we would welcome the opportunity to review your proposal. Should you wish to discuss any potential project further or receive specific information regarding book proposal requirements, please contact Professor Sushil Jajodia (jajodia@gmu.edu,703-993-1653).
 
Journal of Computer Security,   Editor-in-Chief: John Mitchell and Pierangela Samarati
JCS is an archival research journal for significant advances in computer security. Subject areas include architecture, operating systems, database systems, networks, authentication, distributed systems, formal models, verification, algorithms, mechanisms, and policies. All papers must be submitted online at http://www.iospress.nl/journal/journal-of-computer-security/. More information is given on the journal web page at http://jcs.stanford.edu/.
 
Computers & Security,   Editor-in-Chief: Eugene H. Spafford
Computers & Security aims to satisfy the needs of managers and experts involved in computer security by providing a blend of research developments, innovations, and practical management advice. Original submissions on all computer security topics are invited, particularly those of practical benefit to the practitioner. All papers must be submitted online at http://ees.elsevier.com/cose/. More information can be found at http://www.elsevier.com/locate/issn/01674048.
 
International Journal of Information Security,   Editors-in-Chief: D. Gollmann; J. Lopez; E. Okamoto
The International Journal of Information Security, IJIS, aims to provide prompt publication of important technical work in information security, attracting any person interested in communications, commerce, banking, medicine, or other areas of endeavor affected by information security. Any research submission on theory, applications, and implementations of information security is welcomed. This includes, but is not limited to, system security, network security, content protection, applications and foundations of information security. More information is given on the journal web page at http://www.springer.com/computer/security+and+cryptology/journal/10207.
 
International Journal of Network Security,   Editors-in-Chief: Min-Shiang Hwang
International Journal of Network Security is an international official journal of Science Publications, publishing original articles, reviews and short communications of a high scientific and technology in network security. Subjects covered include: access control, computer security, cryptography, communications security, data security, database security, electronic commerce security, information security, multimedia security, and network security. Authors are strongly encouraged to submit their papers electronically by using online manuscript submission at http://ijns.nchu.edu.tw/, or submit their Word, ps or pdf file to the editor-in-chief (via Email: mshwang@isrc.nchu.edu.tw): Min-Shiang Hwang, at the Department of Management Information Systems, National Chung Hsing University, Taiwan, R.O.C.  More information can be found at http://ijns.femto.com.tw/.
 
International Journal of Security and Networks,   Editors-in-Chief: Yang Xiao
International Journal of Security and Networks is an archival research journal for significant advances in network security. Subject areas include attack models, security mechanisms, security services, authentication, authorization, access control, multicast security, data confidentiality, data integrity, non-repudiation, forensics, privacy protection, secure protocols, formal analyses, intrusion detection, key management, trust establishment, revocation of malicious parties, security policies, fraudulent usage, dependability and reliability, prevention of traffic analysis, network security performance evaluation, tradeoff analysis between performance and security, security standards, etc. All papers must be submitted online at http://www.inderscience.com/ijsn/. More information is given on the journal web page at http://www.inderscience.com/ijsn/.
 
International Journal of Critical Infrastructure Protection,   Editors-in-Chief: Sujeet Shenoi
International Journal of Critical Infrastructure Protection's primary aim is to publish high quality scientific and policy papers in all areas of critical infrastructure protection. Of particular interest are articles that weave science, technology and policy to craft sophisticated yet practical solutions that will secure information, computer and network assets in the various critical infrastructure sectors. All papers must be submitted online at http://www.elsevier.com/locate/ijcip. More information is given on the journal web page at http://www.elsevier.com/locate/ijcip.
 
IEEE Transactions on Information Forensics and Security,   Editors-in-Chief: C.-C. Jay Kuo
IEEE Transactions on Information Forensics and Security aims to provide a unified locus for archival research on the fundamental contributions and the mathematics behind information forensics, information security, surveillance, and systems applications that incorporate these features. Authors are strongly encouraged to submit their papers electronically to the online manuscript system, Manuscript Central, via sps-ieee.manuscriptcentral.com.  More information can be found at http://www.ieee.org/organizations/society/sp/tifs.html.
 
EURASIP Journal on Information Security,   Editors-in-Chief: Stefan Katzenbeisser
EURASIP Journal on Information Security aims to bring together researchers and practitioners dealing with the general field of information security, with a particular emphasis on the use of signal processing tools in adversarial environments. As such, it addresses all works whereby security is achieved through a combination of techniques from cryptography, computer security, machine learning and multimedia signal processing. Application domains lie, for example, in secure storage, retrieval and tracking of multimedia data, secure outsourcing of computations, forgery detection of multimedia data, or secure use of biometrics. The journal also welcomes survey papers that give the reader a gentle introduction to one of the topics covered as well as papers that report large-scale experimental evaluations of existing techniques. Pure cryptographic papers are outside the scope of the journal. The journal also welcomes proposals for Special Issues. All papers must be submitted online at http://jis.eurasipjournals.com/manuscript.  More information can be found at http://jis.eurasipjournals.com.