Last Modified:01/25/10

Note: Please send new calls to cipher-cfp@ieee-security.org and take a moment to read the submission guidelines. And please see the Cipher Calendar for events sorted in date order. For all other questions, please contact cipher-cfp@ieee-security.org by email.

Contents

Special Issues of Journals and Handbooks

International Journal of Secure Software Engineering (IJSSE), Special Issue on Software Safety & Dependability – the Art of Engineering Trustworthy Software, January 2011. (Submission Due 1 February 2010) [posted here 10/5/09]

Guest editor: Lei Wu (University of Houston-Clear Lake, Houston, Texas, U.S.A) and Yi Feng (Algoma University, Sault Ste. Marie, Ontario, Canada)

Software Safety is an element of the total safety program. It optimizes system safety & dependability in the design, development, use, and maintenance of software systems and their integration with safety critical application systems in an operational environment. Increasing size and complexity of software systems makes it harder to ensure their dependability. At the same time, the issues of safety become more critical as we more and more rely on software systems in our daily life. These trends make it necessary to support software engineers with a set of techniques and tools for developing dependable, trustworthy software. Software safety cannot be allowed to function independently of the total effort. Both simple and highly integrated multiple systems are experiencing an extraordinary growth in the use of software to monitor and/or control safety-critical subsystems or functions. A software specification error, design flaw, or the lack of generic safety-critical requirements can contribute to or cause a system failure or erroneous human decision. To achieve an acceptable level of dependability goals for software used in critical applications, software safety engineering must be given primary emphasis early in the requirements definition and system conceptual design process. Safety-critical software must then receive continuous management emphasis and engineering analysis throughout the development and operational lifecycles of the system. In this special issue, we are seeking insights in how we can confront the challenges of software safety & dependability issues in developing dependable, trustworthy software systems. Some suggested areas include, but not limited to
- Safety consistent with mission requirements
- Secure software engineering with software security & trustworthy software development
- State-of-arts literature review of technology dealing with software system security
- Identify and analysis of safety-critical functionality of complex systems
- Intrusion detection, security management , applied cryptography
- Derive hazards and design safeguards for mitigations
- Safety-Critical functions design and preliminary hazards analysis
- Identification, evaluation, and elimination techniques for hazards associated with the system and its software, throughout the lifecycle
- Complexity of safety critical interfaces, software components
- Sound secure software engineering principles that apply to the design of the software-user interface to minimize the probability of human error
- Failure & hazard models, including hardware, software, human and system are addressed in the design of the software
- Software testing techniques targeting at software safety issues at different levels of testing

For more information, please see http://www.igi-global.com/journals/details.asp?id=34297.

Journal of Computer Security, Special Issue on RFID System Security, 4th Quarter, 2010. (Submission Due 22 February 2010) [posted here 11/23/09]

Guest editor: Yingjiu Li (Singapore Management University, Singapore) and Jianying Zhou (Institute for Infocomm Research, Singapore)

Besides selected papers (after significant extensions) from the 2010 Workshop on RFID Security (RFIDsec'10 Asia), other papers representing original research in the theory and practice concerning RFID system security are solicited for this special issue in Journal of Computer Security (IOS Press). Topics of interest include, but are not limited to:
- New applications for secure RFID systems
- Data protection and privacy-enhancing techniques for RFID
- Cryptographic protocols for RFID (Authentication protocols, Key update mechanisms, Scalability issues)
- Integration of secure RFID systems (Middleware and security, Public-key infrastructures)
- Resource-efficient implementation of cryptography (Small-footprint hardware, Low-power architectures)
- Attacks on RFID systems such as RFID malwares
- RFID security hardware such as RFID with PUF
- Trust model, data protection and sharing for EPCglobal Network

For more information, please see http://icsd.i2r.a-star.edu.sg/staff/jianying/JCS_CFP_final.pdf.

Conference and Workshop Call-for-papers

IFIP-TC9-HCC9 2010 IFIP TC-9 HCC-9 Stream on Privacy and Surveillance, Held in conjunction with the IFIP World Computer Congress 2010, Brisbane, Australia, September 20-23, 2010. (Submissions due 31 January 2010) [posted here 12/28/09]
New technical and legal developments pose greater and greater privacy dilemmas. Governments have in the recent years increasingly established and legalised surveillance schemes in form of data retention, communication interception or CCTVs for the reason of fighting terrorism or serious crimes. Surveillance Monitoring of individuals is also a threat in the private sector: Private organisations are for instance increasingly using profiling and data mining techniques for targeted marketing, analysing customer buying predictions or social sorting. Work place monitoring practices allow surveillance of employees. Emerging pervasive computing technologies, where individuals are usually unaware of a constant data collection and processing in their surroundings, will even heighten the problem that individuals are effectively losing control over their personal spheres. At a global scale, Google Earth and other corporate virtual globes may have dramatic consequences for the tracking and sorting of individuals. With CCTV, the controlling power of surveillance is in few hands. With live, high resolution imagery feeds from space in the near future, massive surveillance may soon be available to everybody, a development whose consequences we do not yet grasp. New means of surveillance are also enabled by social networks, in which individuals are publishing many intimate personal details about themselves and others. Such social networks are today already frequently analysed by employers, marketing industry, law enforcement or social engineering. The aim of this conference stream is to discuss and analyse such privacy risks of surveillance for humans and society as well as countermeasures for protecting the individuals’ rights to informational self-determination from multi-disciplinary perspectives. We are therefore especially inviting the submissions of papers addressing privacy aspects in relation to topics such as (but not limited to):
- Surveillance technologies
- Corporate virtual globes (Google Earth and Microsoft Virtual Earth)
- Profiling & data mining
- Ambient Intelligence, RFID
- GPS, Location-Based Services
- Social Network Analysis
- ID cards
- Biometrics
- Data sharing
- Visual surveillance
- Workplace monitoring
- Communication interception
- Data retention
- Anonymity & Pseudonymity
- Privacy-enhancing technologies
- Privacy-enhancing Identity Management

For more information, please see http://www.wcc2010.org/migrated/HCC92010/HCC92010_cfp.html.

SADFE 2010 5th International Workshop on Systematic Approaches to Digital Forensic Engineering, Held in conjunction with the IEEE Symposium on Security and Privacy (SP 2010), Oakland, CA, USA, May 20, 2010. (Submissions due 1 February 2010) [posted here 11/23/09]
The SADFE (Systematic Approaches to Digital Forensic Engineering) Workshop promotes systematic approaches to computer investigations, by furthering the advancement of digital forensic engineering as a disciplined science and practice. Most previous SADFE papers have emphasized cyber crime investigations and digital forensics tools. While these are still key topics of the meeting, we also welcome digital forensics papers that do not necessarily involve either crime or digital forensics tools. General attack analysis, the insider threat, insurance and compliance investigations, similar forms of retrospective analysis, and digital discovery are all viable topics. Digital forensic engineering is the application of scientific principles to the collection and analysis of digital artifacts, either for use within the legal system or to aid in understanding past events with the goal of improving computer system security.

For more information, please see http://conf.ncku.edu.tw/sadfe/sadfe10/.

SECRYPT 2010 5th International Conference on Security and Cryptography, Athens, Greece, July 26-28, 2010. (Submissions due 3 February 2010) [posted here 01/12/10]
SECRYPT is an annual international conference covering research in information and communication security. The 5th International Conference on Security and Cryptography will be held in Athens, Greece. The conference seeks submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of data protection, privacy, applications security, and cryptography. Papers describing the application of security technology, the implementation of systems, and lessons learned are also encouraged. Areas of interest include, but are not limited to:
- Data and Application Security and Privacy
- Access Control and Intrusion Detection
- Network Security and Protocols
- Cryptographic Techniques and Key Management
- Information Assurance
- Security in Information Systems and Software Engineering

For more information, please see http://www.secrypt.icete.org.

D-SPAN 2010 1st International Workshop on Data Security and PrivAcy in wireless Networks, Held in conjunction with WoWMoM 2010, Montreal, QC, Canada, June 14, 2010. (Submissions due 4 February 2010) [posted here 12/21/09]
This workshop is focused on defining new problems and developing novel techniques for data security and privacy issues in wireless and mobile networks. With the emergence of data-intensive wireless networks such as wireless sensor networks and data-centric mobile applications such as location-based services, the traditional boundaries between these three disciplines are blurring. This workshop solicits papers from two main categories: (1) papers that consider the security and privacy of data collection, transmission, storage, publishing, and sharing in wireless networks broadly defined, e.g., MANET, cellular, vehicular, ad hoc, cognitive, as well as sensor networks, and (2) papers that use data analytics techniques to address security and privacy problems in wireless networks. The workshop provides a venue for researchers to present new ideas with impact on three communities – wireless networks, databases, and security. The list of topics includes, but not limited to:
- Fundamental theory of a security network science
- Key exchange, distribution and management in wireless networks
- Location privacy in wireless networks
- Secure data collection and aggregation for wireless sensor networks
- Secure data collection in body-area networks
- Secure data processing in mobile ad-hoc networks (MANET)
- Secure query processing over wireless sensor networks
- Security and privacy of RFID systems
- Security and privacy for data streaming
- Security for cognitive radio networks
- Tradeoffs between Security and Communication Performance

For more information, please see http://home.gwu.edu/~nzhang10/DSPAN2010/.

ACNS 2010 8th International Conference on Applied Cryptography and Network Security, Beijing, China, June 22-25, 2010. (Submissions due 5 February 2010) [posted here 9/13/09]
Original papers on all aspects of applied cryptography and network security are solicited for submission to ACNS '10. Topics of relevance include but are not limited to:
- Applied cryptography and provably-secure cryptographic protocols
- Design and analysis of efficient cryptographic primitives: public-key and symmetric-key cryptosystems, block ciphers, and hash functions
- Network security protocols
- Techniques for anonymity; trade-offs between anonymity and utility
- Integrating security into the next-generation Internet: DNS security, routing, naming, denial-of-service attacks, TCP/IP, secure multicast
- Economic fraud on the Internet: phishing, pharming, spam, and click fraud
- Email and web security
- Public key infrastructure, key management, certification, and revocation
- Security and privacy for emerging technologies: sensor networks, mobile (ad hoc) networks, peer-to-peer networks, bluetooth, 802.11, RFID
- Trust metrics and robust trust inference in distributed systems
- Security and usability
- Intellectual property protection and digital rights management
- Modeling and protocol design for rational and malicious adversaries
- Automated analysis of protocols

For more information, please see http://www.tcgchina.org/acns2010/.

DBSec 2010 24th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Rome, Italy, June 21-23, 2010. (Submissions due 5 February 2010) [posted here 11/30/09]
DBSec is an annual international conference covering research in data and applications security and privacy. The 24th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec 2010) will be held in Rome, Italy. The conference seeks submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of data protection, privacy, and applications security. Topics of interest include, but are not limited to:
- access control
- anonymity
- applied cryptography in data security
- authentication
- data and system integrity
- data protection
- database security
- digital rights management
- identity management
- intrusion detection
- knowledge discovery and privacy
- methodologies for data and application security
- network security
- organizational security
- privacy
- secure cloud computing
- secure distributed systems
- secure information integration
- secure Web services
- security and privacy in IT outsourcing
- security and privacy in location-based services
- security and privacy in P2P scenarios and social networks
- security and privacy in pervasive/ubiquitous computing
- security and privacy policies
- security management
- security metrics
- threats, vulnerabilities, and risk management
- trust and reputation systems
- trust management
- wireless and mobile security

For more information, please see http://dbsec2010.dti.unimi.it.

DIMVA 2010 7th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, Bonn, Germany, July 8-9, 2010. (Submissions due 5 February 2010) [posted here 11/30/09]
The annual DIMVA conference serves as a premier forum for advancing the state of the art in intrusion detection, malware detection, and vulnerability assessment. DIMVA’s scope includes, but is not restricted to the following areas:
Intrusion Detection
- Novel approaches & new environments
- Insider detection
- Prevention and response
- Data leakage
- Result correlation & cooperation
- Evasion attacks
- Potentials & limitations
- Operational experiences
- Privacy, legal & social aspects
Malware
- Automated analysis, reversing & execution tracing
- Containment & sandboxed operation
- Acquisition of specimen
- Infiltration
- Behavioral models
- Prevention & containment
- Trends & upcoming risks
- Forensics & recovery
- Economic aspects
Vulnerability Assessment
- Vulnerability detection & analysis
- Vulnerability prevention
- Web application security
- Fuzzing techniques
- Classification & evaluation
- Situational awareness

For more information, please see http://www.dimva.org/dimva2010.

USENIX-Security 2010 19th USENIX Security Symposium, Washington, DC, USA, August 11–13, 2010. (Submissions due 5 February 2010) [posted here 12/7/09]
The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the security of computer systems and networks. All researchers are encouraged to submit papers covering novel and scientifically significant practical works in security or applied cryptography.

For more information, please see http://www.usenix.org/events/sec10/cfp/.

EuroSec 2010 European Workshop on System Security, Held in conjunction with the Annual ACM SIGOPS EuroSys conference, Paris, France, April 13, 2010. (Submissions due 7 February 2010) [posted here 11/30/09]
The workshop aims to bring together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the security of computer systems and networks. The focus of the workshop is on novel, practical, systems-oriented work. EuroSec seeks contributions on all aspects of systems security. Topics of interest include (but are not limited to):
- Operating systems security
- Web/network/distributed systems security
- New attacks and evasion techniques
- Hardware architectures
- Trusted computing and its applications
- Identity management, anonymity
- Small trusted computing bases
- Mobile systems security
- Measuring security
- Malicious code analysis and detection
- Systems-based forensics
- Systems work on fighting spam/phishing

For more information, please see http://www.iseclab.org/eurosec-2010/.

OWASP-AppSec-Research 2010 OWASP AppSec Research 2010, Stockholm, Sweden, June 21-24, 2010. (Submissions due 7 February 2010) [posted here 12/14/09]
OWASP AppSec Research focuses on web application security and invites both academia and industry. The conference features a full-paper research track published by Springer-Verlag (LNCS) as well as industry talks and demos. OWASP (the Open Web Application Security Project) is an open community dedicated to enabling organizations to develop, purchase, and maintain applications that can be trusted. We encourage the publication and presentation of new tools, new methods, empirical data, novel ideas, and lessons learned in the following areas:
- Web application security
- Security aspects of new/emerging web technologies/paradigms (mashups, web 2.0, offline support, etc)
- Security in web services, REST, and service oriented architectures
- Security in cloud-based services
- Security of frameworks (Struts, Spring, ASP.Net MVC etc)
- New security features in platforms or languages
- Next-generation browser security
- Security for the mobile web
- Secure application development (methods, processes etc)
- Threat modeling of applications
- Vulnerability analysis (code review, pentest, static analysis etc)
- Countermeasures for application vulnerabilities
- Metrics for application security
- Application security awareness and education

For more information, please see http://www.owasp.org/index.php/OWASP_AppSec_Research_2010_-_Stockholm,_Sweden.

POLICY 2010 IEEE International Symposium on Policies for Distributed Systems and Networks, Fairfax, Virginia, USA, July 21-23, 2010. (Submissions due 8 February 2010) [posted here 01/11/10]
The symposium brings together researchers and practitioners working on policy-based systems across a range of application areas including policy-based networking, privacy and security management, storage area networking, and enterprise systems. POLICY 2010 has grown out of a highly successful series of workshops and this is recognized by the elevation of the event to an IEEE symposium. POLICY 2010 invites novel contributions on all aspects of policy-based management. Topics of interest include (but are not limited to):
- Privacy and Security
- Policy Models and Languages
- Policy Applications

For more information, please see http://www.ieee-policy.org.

SHPCS 2010 5th Workshop on Security and High Performance Computing Systems, Held in conjunction with the 6th International Wireless Communications and Mobile Computing Conference (IWCMC 2010), Caen, Normandy, France, June 28 - July 2, 2010. (Submissions due 15 February 2010) [posted here 12/28/09]
Providing high performance computing and security is a challenging task. Internet, operating systems and distributed environments currently suffer from poor security support and cannot resist common attacks. Adding security measures typically degrade performance. This workshop addresses relationships between security and high performance computing systems in three directions. First, it considers how to add security properties (authentication, confidentiality, integrity, non-repudiation, access control) to high performance computing systems. In this case, safety properties can also be addressed, such as availability and fault tolerance for high performance computing systems. Second, it covers how to use high performance computing systems to solve security problems. For instance, a grid computation can break an encryption code, or a cluster can support high performance intrusion detection. More generally, this topic addresses every efficient use of a high performance computing systems to improve security. Third, it investigates the tradeoffs between maintaining high performance and achieving security in computing systems and solutions to balance the two objectives. In all these directions, various performance analyses or monitoring techniques can be conducted to show the efficiency of a security infrastructure. The workshop seeks submissions from academia and industry presenting novel research on all theoretical and practical aspects of computer and network security, as well as case studies and implementation experiences. Papers should have practical relevance to the construction, evaluation, application, or operation of secure systems. The Workshop topics include (but are not limited to) the following:
- Access Control
- Accounting and Audit
- Anonymity
- Applied Cryptography
- Authentication
- Cloud Security
- Commercial and Industry Security
- Cryptographic Protocols
- Data and Application Security
- Data/System Integrity
- Database Security
- Digital Rights Management
- Formal Verification of Secure Systems
- Identity Management
- Inference/Controlled Disclosure
- Information Warfare
- Intellectual Property Protection
- Intrusion and Attack Detection
- Intrusion and Attack Response
- Key Management
- Privacy-Enhancing Technology
- Secure Networking
- Secure System Design
- Security Monitoring & Management
- Security for Mobile Code
- Security for Specific Domains (e.g., E-Government, E-Business, P2P)
- Security in IT Outsourcing
- Security in Mobile and Wireless Networks
- Security in Untrusted & Adversarial Environments and Systems
- Security in Operating Systems
- Security Location Services
- Security of Grid and Cluster Architectures
- Security Visualization
- Smartcards
- Trust Management Policies
- Trust Models
- Web Security
- Web Services Security

For more information, please see http://leibniz.diiga.univpm.it/~spalazzi/caen/.

ICDCS-SPCC 2010 1st International Workshop on Security and Privacy in Cloud Computing, Held in conjunction with the IEEE International Conference on Distributed Computing Systems (ICDCS 2010), Genoa, Italy, June 25, 2010. (Submissions due 22 February 2010) [posted here 01/12/10]
Cloud computing has recently emerged as a new information technology infrastructure. In cloud computing, information is permanently stored in large data centers on the Internet and temporarily accessed and cached on clients that include desktops and portable PCs, sensors, etc. With the "cloud" as a metaphor for the Internet, cloud computing promises to deliver massively scalable IT-enabled data, software, and hardware capabilities as a service to external clients using Internet technologies. Cloud computing has been envisioned as the key technology to achieve economies of scale in the deployment and operation of IT solutions. Cloud computing has unique attributes that raise many security and privacy challenges in areas such as data security, recovery, and privacy, as well as legal issues in areas such as regulatory compliance and auditing. In contrast to traditional enterprise IT solutions, where the IT services are under proper physical, logical and personnel controls, cloud computing moves the application software and databases to the servers in large data centers on the Internet, where the management of the data and services are not fully trustworthy. When clients store their data on the server without themselves possessing a copy of it, how the integrity of the data can be ensured if the server is not fully trustworthy? Will encryption solve the data confidentiality problem of sensitive data? How will encryption affect dynamic data operations such as query, insertion, modification, and deletion? Data in the cloud is typically in a shared environment alongside data from other clients. How the data segregation should be done, while data are stored, executed, and transmitted? How the virtulized resources is being managed and secured in the cloud? Due to the fundamental paradigm shift in cloud computing, many security concerns have to be better understood, unanticipated vulnerabilities identified, and viable solutions to critical threats devised, before the wide deployment of cloud computing techniques can take place. Topics of interests include (but are not limited to) the following subject categories:
- Secure management of virtualized cloud resources
- Secure network architecture for cloud computing
- Joint security and privacy aware cloud protocol design
- Access control and key management
- Trust and policy management in clouds
- Identification and privacy in cloud
- Remote data integrity protection
- Secure computation outsourcing
- Dynamic data operation security
- Software and data segregation security
- Failure detection and prediction
- Secure data management within and across data centers
- Availability, recovery and auditing
- Secure wireless cloud

For more information, please see http://www.ece.iit.edu/~ubisec/workshop.htm.

WEIS 2010 9th Workshop on the Economics of Information Security, Harvard University, Cambridge, MA, USA, June 7-8, 2010. (Submissions due 22 February 2010) [posted here 11/9/09]
The Workshop on the Economics of Information Security (WEIS) is the leading forum for interdisciplinary scholarship on information security, combining expertise from the fields of economics, social science, business, law, policy and computer science. Prior workshops have explored the role of incentives between attackers and defenders, identified market failures dogging Internet security, and assessed investments in cyber-defense. This workshop will build on past efforts using empirical and analytic tools to not only understand threats, but also strengthen security through novel evaluations of available solutions. How should information risk be modeled given the constraints of rare incidence and high interdependence? How do individuals’ and organizations’ perceptions of privacy and security color their decision making? How can we move towards a more secure information infrastructure and code base while accounting for the incentives of stakeholders? We encourage economists, computer scientists, business school researchers, legal scholars, security and privacy specialists, as well as industry experts to submit their research and attend the workshop. Suggested topics include (but are not limited to) empirical and theoretical studies of:
- Optimal investment in information security
- Online crime (including botnets, phishing and spam)
- Models and analysis of online crime
- Risk management and cyberinsurance
- Security standards and regulation
- Cybersecurity policy
- Privacy, confidentiality and anonymity
- Behavioral security and privacy
- Security models and metrics
- Psychology of risk and security
- Vulnerability discovery, disclosure, and patching
- Cyberwar strategy and game theory
- Incentives for information sharing and cooperation

For more information, please see http://weis2010.econinfosec.org/cfp.html.

LEET 2010 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats: Botnets, Spyware, Worms, and More, Held in conjunction with the 7th USENIX Symposium on Networked Systems Design and Implementation (NSDI 2010), San Jose, CA, USA, April 27, 2010. (Submissions due 25 February 2010) [posted here 9/21/09]
LEET aims to provide a unique forum for the discussion of threats to the confidentiality of our data, the integrity of digital transactions, and the dependability of the technologies we increasingly rely on. We encourage submissions of papers that focus on the malicious activities themselves (e.g., reconnaissance, exploitation, privilege escalation, rootkit installation, attack), our responses as defenders (e.g., prevention, detection, and mitigation), or the social, political, and economic goals driving these malicious activities and the legal and ethical codes guiding our defensive responses. Topics of interest include but are not limited to:
- Infection vectors for malware (worms, viruses, etc.)
- Botnets, command, and control channels
- Spyware
- Operational experience
- Forensics
- Click fraud
- Measurement studies
- New threats and related challenges
- Boutique and targeted malware
- Phishing
- Spam
- Underground markets
- Carding and identity theft
- Miscreant counterintelligence
- Denial-of-service attacks
- Hardware vulnerabilities
- Legal issues
- The arms race (rootkits, anti–anti-virus, etc.)
- New platforms (cellular networks, wireless networks, mobile devices)
- Camouflage and detection
- Reverse engineering
- Vulnerability markets and zero-day economics
- Online money laundering
- Understanding the enemy
- Data collection challenges

For more information, please see http://www.usenix.org/events/leet10/cfp/.

TSP 2010 3rd IEEE International Symposium on Trust, Security and Privacy for Emerging Applications, Bradford, UK, June 29-July 1, 2010. (Submissions due 26 February 2010) [posted here 11/23/09]
Satisfying user requirements for trust, security and privacy in an efficient way is one of the first considerations for almost all emerging applications, using emerging technologies such as pervasive computing, peer to peer computing, grid computing, cloud computing, virtualization and, mobile and wireless technologies. Challenges arise as emerging applications evolve to provide more scalable and comprehensive services. One of the biggest challenges is that traditional security technologies and measures may not meet user requirements in open, dynamic, heterogeneous, and distributed computing environments. Therefore, we need to build networks and systems in which emerging applications allow users to enjoy more scalable and comprehensive services while preserving trust, security and privacy at the same time. TSP-10 aims at bringing together researchers and practitioners in the world working on trust, security, privacy, and related issues such as technical, social, and cultural implications for all emerging devices, services, applications, networks, and systems, and providing a forum for them to present and discuss emerging ideas and trends in this highly challenging research area.

For more information, please see http://trust.csu.edu.cn/conference/tsp2010/Call_for_Papers.htm.

SOUPS 2010 Symposium On Usable Privacy and Security, Redmond, WA, USA, July 14-16, 2010. (Submissions due 5 March 2010) [posted here 10/12/09]
The 2010 Symposium on Usable Privacy and Security (SOUPS) will bring together an interdisciplinary group of researchers and practitioners in human computer interaction, security, and privacy. We invite authors to submit original papers describing research or experience in all areas of usable privacy and security. Topics include, but are not limited to:
- innovative security or privacy functionality and design
- new applications of existing models or technology
- field studies of security or privacy technology
- usability evaluations of new or existing security or privacy features
- security testing of new or existing usability features
- longitudinal studies of deployed security or privacy features
- the impact of organizational policy or procurement decisions
- lessons learned from the deployment and use of usable privacy and security features

For more information, please see http://cups.cs.cmu.edu/SOUPS/.

CISSE 2010 14th Colloquium for Information Systems Security Education, Baltimore, MD, USA, June 7-9, 2010. (Submissions due 5 March 2010) [posted here 10/12/09]
This Colloquium, the fourteenth in an ongoing annual series, brings together leading figures from academia, government, and industry to address the national need for security and assurance of our information and communications infrastructure. The Colloquium solicits participation from practitioners, students, educators, and researchers. The topics areas should discuss course or lab development, Information Assurance (IA) curricula, standards, best practices, existing or emerging programs, trends, and future vision, as well as related issues. This includes the following general topics:
- Assessment of need (e.g. how many information security workers/ researchers/ faculty are needed?)
- Integrating information assurance topics in existing graduate or undergraduate curricula
- Experiences with course or laboratory development
- Alignment of curriculum with existing information assurance education standards
- Emerging programs or centers in information assurance
- Best practices
- Vision for the future
- Tools, demonstrations, case studies, course modules, shareware, and worked examples that participants (and others) can use to help educate people in computer security.

For more information, please see http://www.cisse.info.

MMM-ACNS 2010 5th International Conference on Mathematical Methods, Models, and Architectures for Computer Networks Security, St. Petersburg, Russia, September 6-9, 2010. (Submissions due 7 March 2010) [posted here 01/12/10]
MMM-ACNS-2010 aims at bringing together leading researchers from academia and governmental organizations as well as practitioners to advance the states of the art and practice in the area of computer networks and information security with a focus on novel theoretical aspects of computer network security, facilitate personal interactions and discussions on various aspects of information technologies in conjunction with computer network and information security problems arising in large-scale computer networks. MMM-ACNS-2010’s scope includes, but is not restricted to the following areas:
- Adaptive security
- Anti-malware techniques: detection, analysis, prevention
- Anti-phishing, anti-spam, anti-fraud, anti-botnet techniques
- Authentication, Authorization and Access Control
- Computer and network forensics
- Covert channels
- Critical infrastructure protection
- Data and application security
- Data mining, machine learning, and bio-inspired approaches for security
- Deception systems and honeypots
- Denial-of-service attacks and countermeasures
- Digital Rights Management
- eCommerce, eBusiness and eGovernment security
- Formal analysis of security properties
- Information warfare
- Internet and web security
- Intrusion prevention, detection, and response
- Language-based security
- Network survivability
- New ideas and paradigms for security
- Operating system security
- Security and privacy in pervasive and ubiquitous computing
- Security event processing and predictive security monitoring
- Security for cloud computing
- Security for large-scale systems and critical infrastructures
- Security of emerging technologies: sensor, wireless/mobile, peer-to-peer and overlay networks
- Security of autonomous agents and multi-agent systems
- Security modeling and simulation
- Security policies
- Security protocols
- Security verification
- Self-protecting and healing
- Software protection
- Trusted computing
- Trust and reputation management
- Vulnerability assessment, risk analysis and risk management

For more information, please see http://comsec.spb.ru/mmm-acns10/.

IH 2010 12th Information Hiding Conference, Calgary, Alberta, Canada, June 28 - 30, 2010. (Submissions due 13 March 2010) [posted here 01/11/10]
For many years, Information Hiding has captured the imagination of researchers. Digital watermarking and steganography protect information, conceal secrets or are used as core primitives in digital rights management schemes. Steganalysis and forensics pose important challenges to investigators; and privacy techniques try to hide relational information such as the actors' identities in anonymous communication systems. These and other topic share the notion that security is defined by the difficulty to make (or avoid) inference on certain properties of host data, which therefore has to be well understood and modeled. Current research themes include:
- Anonymity and privacy
- Covert/subliminal channels
- Digital rights management
- Fingerprinting and embedding codes
- Multimedia and document security
- Multimedia forensics and counter forensics
- Novel applications of information hiding
- Other data hiding domains (e.g. text, software, etc.)
- Security metrics for information hiding
- Steganography and steganalysis
- Theoretical aspects of information hiding and detection
- Watermarking (algorithms, security, attacks)

For more information, please see http://ih2010.cpsc.ucalgary.ca.

HOST 2010 IEEE International Symposium on Hardware-Oriented Security and Trust, Anaheim, California, USA, June 13-14, 2010. (Submissions due 19 March 2010) [posted here 12/7/09]
HOST covers security and trust issues in all types of electronic devices and systems such as ASICs, COTS, FPGAs, microprocessors/DSPs, and embedded systems. The mission of HOST is to provide a forum for the presentation and discussion of research that is of critical significance to the security of, and trust in, modern society's microelectronic-supported infrastructures. Papers and presentations that address any of the following "hot topics" are of high interest to the symposium. Papers addressing HOST issues outside of these areas will be considered equally relevant in the review process:
- Trojan Detection and Isolation
- Authenticating Foundry of Origin
- Side Channel Analysis/Attacks
- Watermarking
- FPGA Design Security
- Hardware focused Cryptography
- IC Metering
- Physical Unclonable Functions
- Embedded and Distributed Systems Security
- Hardware Intrusion Detection and Prevention
- Security Engineering
- Scan chain Encryption

For more information, please see http://www.engr.uconn.edu/HOST/.

ESORICS 2010 15th European Symposium on Research in Computer Security, Athens, Greece, September 20-22, 2010. (Submissions due 1 April 2010) [posted here 10/12/09]
ESORICS is the annual European research event in Computer Security. The Symposium started in 1990 and has been held in several European countries, attracting a wide international audience from both the academic and industrial communities. Papers offering novel research contributions in computer security are solicited for submission to the Symposium. The primary focus is on original, high quality, unpublished research and implementation experiences. We encourage submissions of papers discussing industrial research and development. Papers should focus on topics such as:
- Access Control
- Accountability
- Anonymity
- Applied Cryptography
- Attacks and Viral Software
- Authentication and Delegation
- Data Integrity
- Database Security
- Inference Control
- Identity Management
- Information Flow Control
- Intrusion Tolerance
- Formal Security Methods
- Language-based Security
- Network Security
- Privacy Enhancing Technologies
- Risk Analysis and Management
- Secure Electronic Voting
- Security Architectures
- Security Economics
- Security for Mobile Code
- Security for Dynamic Coalitions
- Security in Location Services
- Security in Social Networks
- Security Models
- Security Verification
- System Security
- Trust Models and Management
- Trust Theories
- Trustworthy User Devices

For more information, please see http://www.esorics2010.org.

IDMAN 2010 2nd IFIP WG 11.6 Working Conference on Policies & Research in Identity Management, Oslo, Norway, November 18–19, 2010. (Submissions due 1 April 2010) [posted here 11/23/09]
Papers offering research contributions focusing on identity management in general and surveillance and monitoring in particular are solicited for submission to the 2nd IFIP WG-11.6 International Conference on Identity Management. Papers may present theory, applications or practical experiences in the field of national identity management, from both a technical and a social perspective, including, but not necessarily limited to:
- History
- Law
- Philosophical and ethical aspects
- Economics Impact of surveillance and monitoring in both the physical world and in cyberspace
- Impact on society and politics
- Impact on e-government and e-government applications
- Consecutive developments in social tracking, -tracing and -sorting
- Quality of identity management in general
- Quality identity data, processes and applications
- Security and identity management
- User centered, usable and inclusive identity management
- Attacks on identity management infrastructure and procedures Central storage of general and biometric identity data
- Effectiveness of surveillance and monitoring in fighting terrorism, international crime and human trafficking
- Methods of identification and authentication
- Models of identification procedures
- Models of inclusive identification and authentication procedures
- Government PKI
- (Possible) role of pseudonymous and anonymous identity in identity management
- Electronic Ids European and worldwide policies and cooperation in the field of identity management and surveillance and monitoring
- (Inter)national policies on unique identifiers /social security numbers / personalisation IDs
- (Inter)national applications of biometrics
- Vulnerabilities of electronic identification protocols
- Federative identity management and de-perimetrization
- Fraud, fraud detection, fraud resistence of technologies
- Biometric verification, assurance, metrics and measurements
- Fraud resistance of biometrics
- Junction between (large scale) applications of identity management and surveillance and monitoring
- Data Protection
- Privacy and Privacy Enhancing Technologies (PETs) in identity management
- Privacy Intrusion Technologies (PITs) in identity management
- Privacy side-effects and privacy risks assessment of identity management Intelligence and (inter)national threats
- Impersonation, identity fraud, identity forge and identity theft
- Tracing, monitoring and forensics

For more information, please see http://ifipidman2010.nr.no/ifipidman2010/index.php5/Main_Page.

PST 2010 8th International Conference on Privacy, Security and Trust, Ottawa, Canada, August 17-19, 2010. (Submissions due 3 April 2010) [posted here 12/14/09]
PST2010 provides a forum for researchers world-wide to unveil their latest work in privacy, security and trust and to show how this research can be used to enable innovation. This year’s theme is “Privacy, Security and Trust by Design: PbD - The Gold Standard.” With the growth and ubiquity of data in today’s hyper-networked world, the need for trust has become more critical than ever. We need new paradigms that seek to integrate and build privacy, security and trustworthiness directly into technologies and systems from the outset and by default. PST2010 will include an Industry Day followed by two days of high-quality research papers whose topics include, but are NOT limited to, the following:
- Privacy Preserving / Enhancing Technologies
- Trust Technologies, Technologies for Building Trust in e-Business Strategy
- Critical Infrastructure Protection
- Observations of PST in Practice, Society, Policy and Legislation
- Network and Wireless Security
- Digital Rights Management
- Operating Systems Security
- Identity and Trust management
- Intrusion Detection Technologies
- PST and Cloud Computing
- Secure Software Development and Architecture
- Human Computer Interaction and PST
- PST Challenges in e-Services
- Implications of, and Technologies for, Lawful Surveillance
- Network Enabled Operations
- Biometrics, National ID Cards, Identity Theft
- Advanced Training Tools - PST and Web Services / SOA
- Information Filtering, Data Mining & Knowledge from Data
- Privacy, Traceability, and Anonymity
- National Security and Public Safety
- Trust and Reputation in Self-Organizing Environments
- Security Metrics
- Anonymity and Privacy vs. Accountability
- Recommendation, Reputation and Delivery Technologies - Access Control and Capability Delegation
- Continuous Authentication
- Representations and Formalizations of Trust in Electronic and Physical Social Systems

For more information, please see http://pstnet.unb.ca/pst2010.

SECURECOMM 2010 6th International Conference on Security and Privacy in Communication Networks, Singapore, September 7-10, 2010. (Submissions due 5 April 2010) [posted here 10/26/09]
SecureComm’10 seeks high-quality research contributions in the form of well developed papers. Topics of interest encompass research advances in ALL areas of secure communications and networking. Topics in other areas (e.g., formal methods, database security, secure software, applied cryptography) will also be considered if a clear connection to private or secure communications/networking is demonstrated.

For more information, please see http://www.securecomm.org/.

HealthSec 2010 1st USENIX Workshop on Health Security and Privacy, Washington, DC, USA, August 10, 2010. (Submissions due 9 April 2010) [posted here 12/7/09]
HealthSec '10 is intended as a forum for lively discussion of aggressively innovative and potentially disruptive ideas on all aspects of medical and health security and privacy. A fundamental goal of the workshop is to promote cross-disciplinary interactions between fields, including, but not limited to, technology, medicine, and policy. Surprising results and thought-provoking ideas will be strongly favored; complete papers with polished results in well-explored research areas are comparatively discouraged. Workshop topics are solicited in all areas relating to healthcare information security and privacy, including:
- Security and privacy models for healthcare information systems
- Industrial experiences in healthcare information systems
- Deployment of open systems for secure and private use of healthcare information technology
- Security and privacy threats against and countermeasures for existing and future medical devices
- Regulatory and policy issues of healthcare information systems
- Privacy of medical records
- Usability issues in healthcare information systems
- Threat models for healthcare information systems

For more information, please see http://www.usenix.org/healthsec10/cfpa/.

RFIDSec 2010 6th Workshop on RFID Security, Istanbul, Turkey, June 8-10, 2010. (Submissions due 20 April 2010) [posted here 11/23/09]
The workshop focuses on approaches to solve security and data-protection issues in advanced contactless technologies like RFID. It stresses implementation aspects imposed by resource constraints. Topics of the conference include but are not limited to:
- New applications for secure RFID systems
- Data protection and privacy-enhancing techniques for RFID
- Cryptographic protocols for RFID (Authentication protocols, Key update mechanisms, Scalability issues)
- Integration of secure RFID systems (Middleware and security, Public-key infrastructures, Case studies)
- Resource-efficient implementation of cryptography (Small-footprint hardware, Low-power architectures)
- Attacks on RFID systems
- RFID security hardware e.g. RFID with PUF, RFID Trojans, …

For more information, please see http://www.projectice.eu/rfidsec10/index.html.

SIN 2010 3rd International Conference on Security of Information and Networks, Taganrog, Rostov-on-Don, Russia, September 7-11, 2010. (Submissions due 20 April 2010) [posted here 01/11/10]
Papers addressing all aspects of security in information and networks are being sought. Researchers working on the following and related subjects are especially encouraged: realization of security schemes, new algorithms, experimenting with existing approaches; secure information systems, especially distributed control and processing applications, and security in networks; interoperability, service levels and quality issues in such systems; information assurance, security, and public policy. Topics of the conference include but are not limited to:
- Access control and intrusion detection
- Autonomous and adaptive security
- Cryptographic techniques and key management
- Information assurance
- Network security and protocols
- Security in information systems
- Security tools and development platforms
- Security ontology, models, protocols & policies
- Secure ontology-based systems
- Standards, guidelines and certification
- Security-aware software engineering
- Trust and privacy

For more information, please see http://www.sinconf.org/sin2010/.

SCC 2010 2nd International Workshop on Security in Cloud Computing, Held in Conjunction with ICPP 2010, San Diego, California, USA, September 13 – 16, 2010 (Submissions due 1 May 2010) [posted here 01/25/10]
Cloud Computing has generated interest from both industry and academia since 2007. As an extension of Grid Computing and Distributed Computing, Cloud Computing aims to provide users with flexible services in a transparent manner. Services are allocated in a “cloud”, which is a collection of devices and resources connected through the Internet. Before this paradigm can be widely accepted, the security, privacy and reliability provided by the services in the cloud must be well established. SCC’2010 will bring researchers and experts together to present and discuss the latest developments and technical solutions concerning various aspects of security issues in Cloud Computing. SCC’2010 seeks original unpublished papers focusing on theoretical analysis, emerging applications, novel system architecture construction and design, experimental studies, and social impacts of Cloud Computing. Both review/survey papers and technical papers are expected. Topics of the conference include but are not limited to:
- Emerging threats to cloud-based services
- Security models for new services
- Cloud-aware web service security
- Information hiding in Cloud Computing
- Securing distributed data storage in the cloud
- Privacy and security in Cloud Computing
- Forensics
- Robust network architecture
- Cloud Infrastructure Security
- Job deployment in the Cloud
- Intrusion detection/prevention
- Denial-of-Service (DoS) attacks and defense
- Robust job scheduling
- Secure resource allocation and indexing
- Secure payment for cloud-aware services
- User authentication in cloud-aware services
- Security for emerging cloud programming models

For more information, please see http://bingweb.binghamton.edu/~ychen/SCC2010.htm.

SA&PS4CS 2010 1st International Workshop on Scientific Analysis and Policy Support for Cyber Security, Held in conjunction with the 5th International Conference on Mathematical Methods, Models, and Architectures for Computer Networks Security (MMM-ACNS 2010), St. Petersburg, Russia, September 9, 2010. (Submissions due 13 June 2010) [posted here 01/12/10]
The workshop is dedicated to the methods of scientific analysis and policy support for response to cyber intrusions and attacks. The main topics of the SA&PS4CS’2010 are detection, discrimination, and attribution of various activities of malefactors and response to cyber intrusions and attacks including national level information operations as well as identifying emergent cyber technologies supporting social and political activity management and trans-national distributed computing management.

For more information, please see http://www.comsec.spb.ru/saps4cs10/.

ISC 2010 13th Information Security Conference, Boca Raton, Florida, USA, October 25-28, 2010. (Submissions due 15 June 2010) [posted here 01/19/10]
ISC is an annual international conference covering research (both theory and applications) in Information Security. The conference seeks submissions from academia, industry, and government that present novel research on all theoretical and practical aspects of Information Security. Topics of interest include, but are not limited to:
- access control
- accountability
- anonymity and pseudonymity
- applied cryptography
- authentication
- biometrics
- computer forensics
- cryptographic protocols
- database security
- data protection
- data/system integrity
- digital right management
- economics of security and privacy
- electronic frauds
- formal methods in security
- identity management
- information dissemination control
- information hiding and watermarking
- intrusion detection
- network security
- peer-to-peer security
- privacy
- secure group communications
- security and privacy in pervasive/ubiquitous computing
- security in information flow
- security in IT outsourcing
- security for mobile code
- security of grid computing
- security of eCommerce, eBusiness and eGovernment
- security in location services
- security modeling and architectures
- security models for ambient intelligence environments
- security in social networks
- trust models and trust management policies
- embedded security

For more information, please see http://math.fau.edu/~isc2010/.

HST 2010 10th IEEE International Conference on Technologies for Homeland Security, Waltham, MA, USA, November 8-10, 2010. (Submissions due 25 June 2010) [posted here 11/23/09]
The tenth annual IEEE Conference on Technologies for Homeland Security will focus on innovative technologies for deterring and preventing attacks, protecting critical infrastructure and individuals, and mitigating damage and expediting recovery. Submissions are desired in the broad areas of critical infrastructure and key resources protection (CIKR), border protection and monitoring, and disaster recovery and response, with application within about five years.

For more information, please see http://ieee-hst.org/.

Archival Journals Regularly Specializing in Security and Privacy

Journal of Privacy Technology (JOPT),   Editor-in-Chief:  Latanya Sweeney
This online-only Journal, started in 2004 and  operated by Carnegie Mellon University, is a forum for the publication of original current research in privacy technology. It encourages the submission of any material dealing primarily with the technological aspects of privacy or with the privacy aspects of technology, which may include analysis of the interaction between policy and technology or the technological implications of legal decisions.  More information can be found at http://www.jopt.org/.

IEEE Security and Privacy Magazine,   Editor-in-Chief: Carl E. Landwehr
IEEE Security & Privacy provides a unique combination of research articles, case studies, tutorials, and regular departments covering diverse aspects of information assurance such as legal and ethical issues, privacy concerns, tools to help secure information, analysis of vulnerabilities and attacks, trends and new developments, pedagogical and curricular issues in educating the next generation of security professionals, secure operating systems and applications, security issues in wireless networks, design and test strategies for secure and survivable systems, and cryptology.  More information can be found at http://computer.org/security/.

ACM Transactions on Information and System Security,   Editor-in-Chief: Gene Tsudik
ACM invites submissions for its Transactions on Information and System Security, inaugurated in November 1998. TISSEC publishes original archival-quality research papers and technical notes in all areas of information and system security including technologies, systems, applications, and policies. Papers should have practical relevance to the construction, evaluation, application, or operation of secure systems. Theoretical papers will be accepted only if there is convincing argument for the practical significance of the results. Theory must be justified by convincing examples illustrating its application. More information is given on the journal web page at http://www.acm.org/tissec.

IEEE Transactions on Dependable and Secure Computing,   Editor-in-Chief: Virgil D. Gligor
The IEEE Transactions on Dependable and Secure Computing publishes archival research results related to research into foundations, methodologies, and mechanisms that support the achievement—through design, modeling, and evaluation—of systems and networks that are dependable and secure to the desired degree without compromising performance. The focus will also include measurement, modeling, and simulation techniques, and foundations for jointly evaluating, verifying, and designing for performance, security, and dependability constraints. More information is given on the journal web page at http://www.computer.org/tdsc/.

The Kluwer International Series on ADVANCES IN INFORMATION SECURITY.
The purpose of the Advances in Information Security book series is to establish the state of the art and set the course for future research in information security. The scope of this series includes not only all aspects of computer and network security, but related areas such as fault tolerance and software assurance. The series will serve as a central source of reference for information security research and developments. The series aims to publish thorough and cohesive overviews on specific topics in Information Security, as well as works that are larger in scope than survey articles and that will contain more detailed background information. The series also provides a single point of coverage of advanced and timely topics and a forum for topics that may not have reached a level of maturity to warrant a comprehensive textbook. Prospective Authors or Editors: If you have an idea for a book that would fit in this series, we would welcome the opportunity to review your proposal. Should you wish to discuss any potential project further or receive specific information regarding book proposal requirements, please contact either Sushil Jajodia (jajodia@gmu.edu,703-993-1653) or Lance Wobus (lance.wobus@wkap.com, 781-681-0602)
 
Journal of Computer Security,   Editor-in-Chief: Sushil Jadodia and Jonathan Millen
JCS is an archival research journal for significant advances in computer security. Subject areas include architecture, operating systems, database systems, networks, authentication, distributed systems, formal models, verification, algorithms, mechanisms, and policies. Submissions: send six copies to one of the editors in chief: Sushil Jadodia, CSIS, George Mason University, 440 University Drive, Fairfax, VA 22030, or Jonathan Millen, The MITRE Corporation, 202 Burlington Rd., Bedford, MA. Subscriptions: contact IOS Press, Niewe Hemweg 6B, 1013 BG Amsterdam, Netherlands, (e-mail: order@iospress.nl) for information about individual or institutional subscriptions or back issues. More information is given on the journal web page at http://www.mitre.org/jcs.
 
Computers & Security,   Editor-in-Chief: Dimitris Gritzalis
Computers & Security aims to satisfy the needs of managers and experts involved in computer security by providing a blend of research developments, innovations, and practical management advice. Original submissions on all computer security topics are invited, particularly those of practical benefit to the practitioner. Four copies of papers from 5-10,000 words should be sent to the editor, N. Dudley, at Elsevier Advanced Technology, P.O. Box 150, Kidlington, Oxford, OX5 1AS, United Kingdom. Telephones: voice +44(0)1865 843848 / 843000; fax +44 (0) 1865 843971.  More information can be found at http://www.elsevier.com/locate/issn/01674048.
 
International Journal of Information Security,   Editors-in-Chief: D. Gollmann; J. Lopez; E. Okamoto
The International Journal of Information Security, IJIS, aims to provide prompt publication of important technical work in information security, attracting any person interested in communications, commerce, banking, medicine, or other areas of endeavor affected by information security. Any research submission on theory, applications, and implementations of information security is welcomed. This includes, but is not limited to, system security, network security, content protection, applications and foundations of information security. More information is given on the journal web page at http://link.springer.de/link/service/journals/10207/index.htm.
 
International Journal of Network Security,   Editors-in-Chief: Min-Shiang Hwang
International Journal of Network Security is an international official journal of Science Publications, publishing original articles, reviews and short communications of a high scientific and technology in network security. Subjects covered include: access control, computer security, cryptography, communications security, data security, database security, electronic commerce security, information security, multimedia security, and network security. Authors are strongly encouraged to submit their papers electronically by using online manuscript submission at http://ijns.nchu.edu.tw/, or submit their Word, ps or pdf file to the editor-in-chief (via Email: mshwang@isrc.nchu.edu.tw): Min-Shiang Hwang, at the Department of Management Information Systems, National Chung Hsing University, Taiwan, R.O.C.  More information can be found at http://ijns.nchu.edu.tw/.
 
International Journal of Security and Networks,   Editors-in-Chief: Yang Xiao
International Journal of Security and Networks is an archival research journal for significant advances in network security. Subject areas include attack models, security mechanisms, security services, authentication, authorization, access control, multicast security, data confidentiality, data integrity, non-repudiation, forensics, privacy protection, secure protocols, formal analyses, intrusion detection, key management, trust establishment, revocation of malicious parties, security policies, fraudulent usage, dependability and reliability, prevention of traffic analysis, network security performance evaluation, tradeoff analysis between performance and security, security standards, etc. All papers must be submitted online at http://www.inderscience.com/ijsn/. More information is given on the journal web page at http://www.inderscience.com/ijsn/.
 
International Journal of Critical Infrastructure Protection,   Editors-in-Chief: Sujeet Shenoi
International Journal of Critical Infrastructure Protection's primary aim is to publish high quality scientific and policy papers in all areas of critical infrastructure protection. Of particular interest are articles that weave science, technology and policy to craft sophisticated yet practical solutions that will secure information, computer and network assets in the various critical infrastructure sectors. All papers must be submitted online at http://www.elsevier.com/locate/ijcip. More information is given on the journal web page at http://www.elsevier.com/locate/ijcip.
 
IEEE Transactions on Information Forensics and Security,   Editors-in-Chief: Nasir D. Memon
IEEE Transactions on Information Forensics and Security aims to provide a unified locus for archival research on the fundamental contributions and the mathematics behind information forensics, information security, surveillance, and systems applications that incorporate these features. Authors are strongly encouraged to submit their papers electronically to the online manuscript system, Manuscript Central, via sps-ieee.manuscriptcentral.com.  More information can be found at http://www.ieee.org/organizations/society/sp/tifs.html.