FORMATEX, a Spanish technological organization, in collaboration with the Computer Science and Physics Department of the University of Extremadura (Spain) is now editing a volume within our Information Society book series, on Techno-Legal aspects of Information Society. Some of the topics covered by this edition are: Security of Information Systems, Networking, E-commerce, Networks and Liberties, Informatic crimes, Public security vs. secret communications, Legal protection of software and digital contents, Digital Libraries, Rights Management in the Digital Era, Electronic signature, Electronic means of payment, Ethical issues, Law and Computer Science, Cryptography, Legal Expert Systems, Teleworking, e-Government, Cybersquatting, Typosquatting etc, Domain names and Trademarks, Thesaurus and documental techniques, Law Databases, Law in Internet. The Call for Papers' website is available at www.formatex.org/isbook/callforpaper.htm with details on deadlines, manuscripts format, etc. Submissions are due November 25, 2002.
IEEE Journal on
Selected Areas in Communications, Special issue on Design and Analysis
Techniques for Security Assurance. Publication: 1st quarter 2003. Editors:
Li Gong (SUN Microsystems), Joshua Guttman (The MITRE Corp), Peter Ryan (Carnegie
Mellon University), and Steve Schneider (University of London). Submission deadline is
March 1, 2002.
[posted here 7/26/01]
Information security plays a dominant and increasingly critical role in
society. It is therefore essential that we have effective
tools and techniques to design and evaluate secure
systems and demonstrate that they meet their
security requirements. The application of rigorous methods
to the specification, modeling, analysis, and design of security-critical
systems has made considerable strides in recent years, and
the field is rapidly gaining in maturity. The scope
of this issue will range over all rigorous, mathematically well
founded, approaches to all aspects of security system development. This
issue is intended to gather together the leading edge approaches in
this area. Papers are solicited in
the following areas:
* Security protocol analysis
* Computer security models and policies
* Information flow
* Secure architectures
* Mobility
* Tools for security analysis
* Languages
* Logics
* Static/typechecking techniques
* Smartcards
Original, unpublished contributions and invited articles will be
considered for the issue. The paper should be no longer
than 20 double-spaced pages, excluding illustrations
and graphs and follow the IEEE J-SAC manuscript
format described in the Information for Authors. Authors
wishing to submit papers should send an electronic version (postscript
or PDF files ONLY) to Steve Schneider at S.Schneider@rhul.ac.uk
by March 1, 2002.
Information and
Security: An International Journal. Special issue on agent-based
technologies. Publication: May 31, 2002.
Editor: Petya Ivanova (Center for National Security and
Defense Research, Bulgarian Academy of Sciences). Submission
date: abstract and intent to submit a paper - February 28, 2002;
final papers - March 31, 2002. [posted here 2/12/02]
The field of autonomous agents and multi-agent systems is an exciting and
rapidly expanding area of research and development. In the last few years,
there has been a growing interest in the application of agent-based systems
to various security-related and military domains. In this special issue of
Information & Security we shall present the results achieved in this area,
discuss the benefits (and drawbacks) that agent-based systems may bring to
the military and the broader security community, and provide a list of research
and practical challenges that should be tackled in the near future so that the
full potential of agent-based systems is realized. Topics include, but are not
limited to:
- General and specific architectures of agents in different settings and environments
- Cooperation and competition; coordination and collaboration
- Negotiation, consensus development, conflict detection and resolution
- Communication protocols and languages (communication standards)
- Intelligent cognitive activities jointly realized by multiple agents, e.g., distributed problem solving, planning, learning, and decision making
- Emergent behavior and organizational intelligence
- Organizational structuring and dynamics
- Mobile agents as general-purpose framework for distributed applications
- Performance issues; security, reliability, and robustness
- Agents and the interoperability of heterogeneous systems
- Human-agent interaction and interfaces
- Architectures, environments and languages for mobile and secure information services
- Agent capability requirements in military applications
We intend to present successful applications of agents and multi-agent systems
in the following domains:
- Military decision support systems and complex problem-solving
- Military training and education
- Collection and organization of knowledge available on the Internet
- Information retrieval, dissemination, and monitoring across multiple applications
For instructions and additional information on manuscript preparation, see:
www.isn.ethz.ch/publihouse/InfoSecurity. Questions can be addressed to
infosec@mbox.digsys.bg.
Computer
Communications, Special issue on Network Security. Publication: spring
2002. Editors: Brian Neil Levine, University of Massachusetts, and
Clay Shields, Purdue University. Submission deadline is October 5, 2001.
[posted here 2/20/01]
The Internet has become the cornerstone for the proliferation of networking
technology. The quality of the security and privacy of the services, protocols,
and infrastructure that make up the Internet is a key factor in its
continued growth and survivability. This special issue will collect and
archive the state of the art in Network Security for existing and future network
technologies, publishing research that explores: The security of infrastructure
and systems that form the network (such as routers, application-level proxies,
and servers); The security of protocols and services that work end-to-end (such
as DNS, HTTP, multimedia conferencing and virtual environments, and e-commerce);
Protocols that protect the privacy of users on the network. An emphasis on
deployable systems and the inclusion of an analysis of their network performance
in the presence of security mechanisms is ideal. Areas of interest include, but
are not limited to:
- Network privacy and anonymity
- Multicast and group-communication security
- Intrusion detection and response
- Network traceback
- Integrating security in Internet protocols
- Security analysis of Internet protocols
- Network performance evaluation of network security protocols;
- Denial-of-service attacks and counter measures
- Virtual private networks
- Security for wireless networks and technologies
Through the publication of this special issue, we wish to bring together researchers from the security and networking communities that have not
previously had a common forum in which to share methodologies and techniques.
Instructions for submitting a paper are given at signl.cs.umass.edu/comcom.
Information on Computer Communications can be found at www.troubador.co.uk/comcom/fp.htm
and www.troubador.co.uk/comcom/fp.htm.
IEEE Internet
Computing, Special Issue on Peer-to-Peer Networking. Guest editor: Li
Gong, Sun Microsystems. Publication date: January/February 2002. Submissions due June 1, 2001. [posted here
2/20/01]
The term peer-to-peer networking is applied to a wide range of technologies
that greatly increase the utilization of information, bandwidth, and
computing resources in the Internet. Frequently, these P2P technologies
adopt a network-based computing style that neither excludes nor inherently
depends on centralized control points. Apart from improving performance in
terms of information discovery, content delivery, and information processing,
such a style also can enhance the overall reliability and fault-tolerance
of the computing system. This special issue of Internet Computing will
showcase significant developments in the general area of peer-to-peer
networking. Topics of interest include (but are not limited to):
1. Peer naming, discovery, and organization
2. Peer-based communication and information sharing
3. Systems support for peer-to-peer networking
4. Security support for peer-to-peer networking
5. Peer-based network infrastructure including operating systems
6. Peer-based services and applications
Ideally, submissions will report advances that (a) use a simple and elegant solution to solve a seemingly complicated problem, (b) have a
solid theoretical foundation but a realistic implementation path, and (c) are readily deployable over currently existing Internet
infrastructure. We discourage strictly theoretical or mathematical papers on modeling of peer-to-peer computing. If you are uncertain
about your submission in terms of scope, please provide an abstract to the guest editor for clarification before submission.
(note: the complete call for papers has not been posted on the IEEE web
site yet. We will update this Cipher entry when the URL is
known. In the interim, you may choose to contact the guest editor,
Dr. Li Gong at li.gong@sun.com)
IEEE Computer, Special
issue on embedded system security. Guest editors: William A. Arbaugh,
University of Maryland, and Leendert Van Doorn, IBM Research.
Submission deadline is March 15, 2001.
[posted here 12/18/00]
Embedded systems range from personal digital
assistants to disk controllers and from home thermostats to microwave
regulators. These near-ubiquitous devices are often networked and
thus present security challenges similar to those already of concern on
the Internet. This special issue will consider the security and
privacy that networked embedded systems present. Submissions are
sought on all topics relating to embedded system security including risk
analysis, privacy issues, software security architectures, security
requirements for embedded operating systems, embedded cryptographic
devices, using embedded devices to build secure systems, and secure
firmware upgrades. For further information see www.cs.umd.edu/~waa/ieee-cfp.html.
Internet Computing
,
Call for papers on "Widely Deployed Internet Security Solutions",
November/December 2000, Guest Editors: Li Gong and Ravi Sandhu.
(Submissions due: April 28, 2000) [posted here January 28, 2000].
The goal of this special issue is two-fold. One is to reflect on
security technology that have made into mainstream products and have been
widely deployed within the past decade. An interesting perspective is why
these solutions were picked over other competing solutions and what made
them more attractive and acceptable. The other part of the goal is to
access the state of the art in security research and technology with the
hope that these investigations point to what may be deployed in the next
decade. Topics of Interest include (but are not limited to) descriptions
of and perspectives (historic, legal, etc.) on:
*
Security solutions that are widely deployed
*
Security solutions that were once fashionable but no longer in use
*
Prevailing security solutions that are becoming obsolete
*
Emerging security solutions that are likely to be widely deployed
We welcome submissions regarding security solutions covering all
aspect of computing, including operating systems, networking, databases, distributed systems, human-computer interaction, the web,
the Internet, information appliances, and wireless communication. However, we discourage abstract theory/idea papers, especially pure
cryptography theory or crypto protocol papers. Our focus is on security solutions that were, are, or will be widely deployed.
Submission instructions can be found on the journal web page at church.computer.org/internet/call4ppr.htm.
IEEE Software, Call for Articles & Reviewers, Malicious Information Technology: The Software vs. The People Publication: Sept./Oct. 2000. Guest Editors: Nancy Mead (nrm@sei.cmu.edu) and Jeffrey Voas (jmvoas@rstcorp.com). (Submissions due: April 1, 2000) [posted here November 3, 1999].
| * Intrusion detection | |
| * Information survivability | |
| * Federal critical infrastructure protection plans | |
| * Federal laws prohibiting encryption exports vs. US corporations | |
| * State-of-the-practice in security testing | |
| * The Internet's "hacker underground" | |
| * Corporate information insurance | |
| * Penalties for those convicted of creating viruses | |
| * Case studies in information security and survivability |
Journal of
Theoretical Computer Science, special issue on Dependable
Computing. Guest Editor: Gilles Motet.
(Submissions due: December 20, 1999)
[posted here October 15, 1999].
Papers should be sent as attached rtf, postscript or pdf files to
Guest Editor: Gilles Motet / LESIA DGEI, INSA, 135, avenue de
Rangueil / 31077 Toulouse cedex 4 / France. Email:
Gilles.Motet@insa-tlse.fr.
More information can be found at:
wwwdge.insa-tlse.fr/~lesia/tcs-call-for-paper.html.
Computer Communications Journal, special issue on
Advances in Research and Application of Network Security,
first quarter 2000. Guest Editors: Dr. M. Merabti (John Moores
University, UK), Dr. Q. Shi (John Moores University, UK),
and Dr. Rolf Oppliger (Swiss Federal Office of information
Technology & Systems) (full papers due September 1, 1999)
[posted here June 15, 1999].
The special issue aims to publish original research results of
both theoretical and practical significance. Topics of interest
include, but are not limited to
International Journal of Computer Systems: Science &
Engineering
Special Issue on Developing Fault-Tolerant Systems with Ada.
(Abstracts due June 1, 1999; full papers due: June 15, 1999)
[posted here: 2/5/99].
An electronic version of the abstract is to be sent to
A. Romanovsky
at: alexander.romanovsky@ncl.ac.uk (phone:+44 191 222 8135;
fax: +44 191 222 8232) by June 1, 1999. Full submissions are to be
forwarded by June 15, 1999 to one of the guest editors (electronic
submissions are encouraged): A. Romanovsky or A.J. Wellings at
andy@minster.cs.york.ac.uk More information:
www.cs.ncl.ac.uk/people/alexander.romanovsky/home.formal/ftada.html.
ACM Transactions on Software Engineering and Methodology
Special issue on Software Engineering and Security. Guest Editors:
Premkumar Devanbu (devanbu@cs.ucdavis.edu, UC Davis) and Stuart
Stubblebine, (stubblebine@cs.columbia.edu).
(DEADLINE EXTENDED TO JUNE 1, 1999) [posted here: 12/14/98].
Software system security issues are no longer only of primary
concern to military, government or infrastructure systems. Every
palmtop, desktop and TV set-top box contains or will soon contain
networked software. This software must preserve desired security
properties (authenticity, privacy, integrity) of activities ranging
from electronic commerce, electronic messaging, and browsing. From
being a peripheral concern of a limited and specialized group of
engineers, security has become a central concern for a wide range
of software professionals. In addition, software is no longer a
monolithic shrink-wrapped product created by a single development
organization with a well-defined software process. Instead, it is
composed of components constructed by many different vendors
following different practices. Indeed, software may even contain
elements that arrive and are linked in just prior to execution.
Customers need assurance that constituent components and mobile
code have certain desirable properties; this need conflicts with
the need for vendors to protect their proprietary information. The
issue of providing assurance without full disclosure has been
studied in security research, and needs to be applied to this problem.
To provide a focus for these and other interactions between security
and software engineering, ACM TOSEM will bring out a special issue
dedicated to the intersection of concerns between the two fields.
We solicit submissions that address the following issues and sub-areas:
IEEE Network Magazine, Special Issue on Network Security
(Nov/Dec 1999). Guest Editors: Bulent Yener, Bell Labs, Lucent
Technologies (yener@research.bell-labs.com), and Patrick Dowd,
Laboratory for Telecommunications Sciences, United States Department
of Defense (p.dowd@ieee.org). (Submission deadline: June 1, 1999)
[posted here: 3/15/99].
Network and Internet security has become a crucial requirement for
both users and service providers. The Internet is a commercial
infrastructure where sensitive and confidential personal and business
data are carried over public networks. Although security is often
treated as an after-thought, this attitude is changing. Security
within an application needs to be considered as a fundamental element
of the application, treated analogously to Quality of Service (QoS)
considerations. Security is often viewed as a one-size-fits-all
paradigm, but this is difficult to sustain due to the eclectic
collection of communications mediums that compose the Internet
infrastructure. The danger of a cookie-cutter strategy is that
security will contend with performance since it is not suited to the
environment. As the QoS requirements of applications and the physical
layer properties internetworking become more diverse, agile but robust
and consistent security solutions are needed. This is difficult, since
custom solutions typically have difficulty surviving in a mass market,
yet flexibility is needed for security use to become ubiquitous.
We are interested in tutorial-oriented research papers that describe
real services, software systems and experiments. Work-in-progress
papers describing the state of on-going research projects in Internet
security are encouraged. Research papers should demonstrate the
feasibility of the approach and describe the state of realization.
Case studies and applied papers should discuss the key factors that
made the system work and should also mention the pitfalls and problems
encountered and how they may be overcome. Topics of interest include:
| * Intrusion detection | * Authentication | |
| * Mobile code and agent security | * Privacy and anonymity | |
| * Key management | * Access control and Firewalls | |
| * Wireless, mobile network security | * Secure multicasting | |
| * Data integrity | * Security verification | |
| * Security protocols | * Policy modeling | |
| * Commercial security | * Electronic commerce | |
| * Security management |
IEEE Internet Computing, Special Issue on Survivable,
High-Confidence Distributed Systems (November/December 1999).
Guest Editor: Mike Reiter, Bell Labs (reiter@research.bell-labs.com)
(Submission deadline: 12 May 1999)
[posted here: 3/1/99].
As the world moves toward increasing reliance on computing networks,
it is essential to find ways of building distributed systems that
perform reliably under a wide range of circumstances that may
include both accidents and malicious attacks. A "survivable" system
is one that can make meaningful progress even when some (human or
computer) components fail to behave as expected, and particularly
when they behave in a way as to undermine the correct operation
of the system as a whole. Survivable systems may combine techniques
for detecting, masking, and adapting to such failures and attacks,
at the network level, a middleware layer, or in the higher-level
distributed application of interest. This issue examines the state
of the art in the design, implementation, and analysis of survivable
distributed systems and networks. Topics of interest include, but
are not limited to:
A special issue of
IEEE Transactions on Software Engineering ,
Special Issue on Current Trends in Exception Handling,
(abstracts due: February 15, 1999; papers: March 1, 1999)
[posted here December 8, 1998].
This special issue invites papers with focus on research results,
experience reports, and brief survey/tutorials on emerging research
challenges related to exception handling in (but not limited to) the
following areas:
A special issue of
IEEE Journal on
Selected Areas in Communications (JSAC)
Special Issue on Network Security. Publication date: January, 2000.
Guest Editors: Hilarie Orman, Ueli Maurer, Stephen Kent, and
Stephen Bellovin. (submissions due: February 5, 1999)
[posted here September 16, 1998].
This special issue of JSAC will be devoted to recent research
results that describe or forecast significant changes in the
feasibility of delivering security solutions (such as major
improvements in cryptographic efficiency), or describe progress in
areas that have been especially difficult, or are relevant to newer
technologies, such as optical or mobile wireless communication. Of
special interest are papers that relate their results to use on the
Internet today or to use on next generation networks. Papers are
solicited in the following areas: Cryptography-based network systems,
such as secure private networks and transactional security; Public-key
infrastructures; Applying new cryptographic methods to network
communication; New cryptographic protocols supporting secure network
systems; Anonymous communication; Recent cryptographic theory
advances; Optical network security; Mobile wireless network security;
Formal analysis of network security systems; Trends in network-based
attacks; Secure group communication; Policy expression and
enforcement. Papers in strongly related areas, especially those
involving novel technologies, are also encouraged. Manuscripts to be
considered for submission should be sent by email to Hilarie Orman
(ho@cs.arizona.edu) by February 5, 1999. The manuscripts must be in
Postscript, viewable in ghostscript, or six copies can be sent by
mail; contact Hilarie Orman well prior to the deadline for
the mailing address. Please note the IEEE formatting requirements;
information for authors can be found at:
gump.bellcore.com:5000/Guidelines/info.html
The JSAC home page is at
gump.bellcore.com:5000.
A special issue of
IEEE Computer , A baseline on security strategies
for the emerging broadband environment. Guest Editors:
Dr. Patrick Dowd, and Dr. John McHenry.
(submissions due: January 15, 1999)
[posted here December 8, 1999].
This special issue will focus attention on the integration of
networking and endpoint security. It will pull together both IP
and ATM networking security strategies and examine methods that
will allow homes and offices to safely explore the opportunities
provided by a "connected" environment. Topics including the emerging
broadband networking environment, IP and ATM security, integrated
security strategies, and security analysis are of particular interest.
Only electronic submissions (postscript, Adobe Acrobat, MS Word, or
Framemaker) will be considered - paper copies will not
be accepted. Please contact one of the guest editors if you have any
questions. GUEST EDITORS: Dr. Patrick W. Dowd, University of Maryland,
Department of Electrical Engineering, A.V. Williams Building,
College Park, MD 20742, and Dr. John McHenry, U.S. Department of
Defense, National Security Agency, Suite 6512, Ft Meade,
MD 20755-6512.
IEEE Communications Magazine Feature Topic Issue on The
Provision of Communication Services over Hybrid Networks
(publication: July 1999). Guest Editors: Jean-Pierre Hubaux and
David Nagel. (submissions due: January 5, 1999)
[posted here December 11, 1999].
This Feature Topic Issue is devoted to the architecture and provision
of services over hybrid networks. Topics of interest include:
A special issue of
Distributed and Parallel Databases: An International Journal
Kluwer Academic Publishers, Special issue Editors: Vijay Atluri
and Pierangela Samarati. (submissions due: September 30, 1998)
[posted here: July 6, 1998]
Recognizing the importance of the research in computer security,
Distributed and Parallel Databases: An International Journal
is organizing a special issue on security. The primary focus of this
special issue will be on high-quality original unpublished research,
case studies, as well as implementation experiences in any area of
computer and communication security. Suggested topics include but
are not limited to:
Accounting and Audit, Authorization and Access Control,
Authentication, Applied Cryptography, Computer Security and Public
Policy, Data/System Integrity, Electronic Commerce and Virtual
Banking, Information Warfare, Intrusion Detection, Intellectual
Property Protection, Privacy and Anonymity, Security for Digital
Libraries, Security in Data and Knowledge Bases, Security in Data
Warehouses, Security in Workflow Systems, Security in Mobile and
Wireless Systems, Security Management, Secure Networking and
Protocols. Manuscripts must be written in English and should
include a cover page with title, name and address (including e-mail
address) of author(s), an abstract, and a list of identifying
keywords. Manuscripts must be submitted as Postscript files via
electronic mail to Prof. Vijay Atluri at
atluri@andromeda.rutgers.edu.
In addition, send five hard copies of your submission to:
Melissa Parsons, Journals Editorial Office, Kluwer Academic
Publishers, 101 Philip Drive, Norwell, MA 02061, USA;
tel: (+1)781-871-6600; fax: (+1)781-878-0449; e-mail:
mparsons@wkap.com.
A special issue of Software Practice & Experience on Experiences
with Computer and Network Security. Guest editor: Gene Spafford
(spaf@cs.purdue.edu). (submissions due: July 1, 1998)
[Posted here: May 13, 1998]
Contact the editor for submission details. Papers describing both
`systems' and `applications' software in any computing environment
are acceptable. Typical topics include software design and
implementation, case studies, studies describing the evolution of
software systems, critical appraisals of systems, and the practical
aspects of software engineering. Theoretical discussions can be
included, but should illuminate the practical aspects of the work,
or indicate directions that might lead to better practical systems.
This special issue is specifically devoted to issues of computer
and network security software. We are seeking high-quality articles
relating to the above-mentioned themes. This includes papers on at
least the following topics: access control systems, auditing systems
and analysis, misuse and intrusion detection systems, applications
of cryptography, secure messaging systems, information protection
systems, security of mobile code, security of browsers and related
technology, security testing and assurance, firewall construction
and testing, experiences with new security programming paradigms,
development and experience with "hacking tools", experiences with
patching security flaws
The Journal of Computer Security,
JCS Special Issue
on Research in Intrusion Detection. Editor: Phillip A. Porras
(porras@csl.sri.com) (Submissions due: July 15, 1998)
[posted here: June 29, 1998]
This special issue seeks papers that describe research beyond the
scope or orthogonal to what the commercial intrusion-detection
community is producing. The intent is to capture results from key
efforts in the field, and to understand the directions and
motivations that are driving current and future research in this
area. Papers are solicited on all aspects of intrusion detection,
including the extension of intrusion-detection techniques to new
problem domains, as well as the application of other techniques to
intrusion detection. A complete list of topics is given in the
call-for-papers at
www.csl.sri.com/jcs-ids-call.html. Submissions should be
received by July 15, but earlier submissions are
encouraged. Manuscripts must be in English (dbl-spaced; 12 pt.).
Each copy should have a cover page with title, name and address
(including e-mail address) of author(s), an abstract of no more
than 200 words, and a list of identifying keywords. Editor:
Phillip A. Porras / Computer Science Laboratory / SRI International/
333 Ravenswood Avenue / Menlo Park CA 94025 / phone: 650-859-3232 /
fax: 650-859-2844 / porras@csl.sri.com.
The Journal of Computer Security is an archival journal published
quarterly. Its purpose is to present research and development results
of lasting significance in the theory, design, implementation,
analysis and application of secure computer systems. The Journal of
Computer Security represents today a main forum for ideas about the
meaning and implications of security and privacy, particularly those
with important consequences for the technical community.
IEEE Internet Computing
A special issue of IEEE Internet Computing, November/December 1998,
(submissions due: May 12, 1998) [Posted here: March 3, 1998]
Executable content systems like Java, DNA (ActiveX), JavaScript,
Postscript, Word Macros, and so on have had a fundamental impact on
computer security. The very concept of executable content involves
fetching and running data from a most-likely untrusted site. Often,
this happens behind the scenes without the client being aware of the
details. For example, when a Web user requests a page with a Java
applet embedded in it, the Java byte code is automatically downloaded
and begins to execute on a virtual machine in the user's browser.
This special issue will be devoted to security implications of mobile
code. In particular, we are interested in articles discussing:
Code signing technologies, including models for permissions,
capabilities, and principals;
Proof-carrying code and security policy resolution;
Implications of existing protocols such as SSL on proxy
scanning, intrusion detection, and firewalling;
Handling denial of service;
Design of secure interfaces for devices such as smart cards;
Security policy creation and management issues;
Injecting security into the software development process.
URL for submission process information:
computer.org/internet/
SIGMBOILE Mobile Computing and Communications Review, Volume 2, Issue 2.
(Submissions due: November 15, 1997) [posted here: 10/1/97].
The wireless communication revolution is bringing fundamental changes
to telecommunication and computing. Wide-area cellular systems and
wireless LANs promise to make integrated networks a reality and
provide fully distributed and ubiquitous mobile computing and
communications, thus bringing an end to the tyranny of
geography. Furthermore, services for the mobile user are maturing and
are poised to change the nature and scope of communication. This
publication serves to enhance the ability of ACM SIGMOBILE members to
keep up-to-date in this rapidly moving field, as well as serve as a
major focal point for the discussion of new directions of portable
computation and mobile networks for both the research and
market-driven communities. Papers on original research are solictited.
Please see the complete
call for papers for a list of topics of interest.
Paper submission will be handled electronically. Authors should Email
a PostScript version of their full paper to: editors_sigmobile@acm.org
Detailed submission instructions can be found on the MC2R web page
http://www.acm.org/sigmobile/MC2R
Special Issue of IEEE Personal Communications Magazine on Mobile
Systems and the Web (submissions are due November 1, 1997).
The information revolution that the pundits have been predicting seems
finally to be upon us. Instantaneous access to information, which has
always been dreamed of, is being realized today with the advent of the
World Wide Web. Browsing (surfing) the web is becoming an increasingly
common activity for computer users from all domains of life. A web
browser probably represents the most ubiquitous interface mechanism to
computers today, in terms of the number of people who are comfortable
in using it. Web access from mobile platforms would truly represent an
example of ubiquitous computing, realising the vision of computing
anytime, anywhere and by everyone. However, the reality is that HTTP
is not a mobile friendly protocol, and extremely wasteful of bandwidth.
The current model of browsing the web is also open to criticism along
the same lines. In general, the problems are one of resource
constrained browsing platforms connecting to the network via thin
pipes that are prone to disconnection. To facilitate web browsing from
mobile platforms, it is important to understand these limitations and
devise techniques and methodologies which will help alleviate these
problems. The special issue will be devoted to articles which describe
such techniques. A representative list (not all inclusive) of topics
would include the following as they impact web browsing from wireless
platforms:
* granularity reduction of multimedia data for wireless links
* information location and filtering
* prefetching and caching
* delayed fetching
* location dependent data
* improvements in HTTP protocol
* anticipatory caching
More information about submitting a paper can be found in the
call-for-papers.
IEEE Network Magazine Special Issue on PCS Network Management has a call for papers for topics on Internet computing. (Submissions due October 25, 1997.) [posted here 7/7/97]
IEEE Network Magazine Special Issue on Active and Programmable
Networks has a
call for papers for topics on Internet computing. (Submissions due
November 10, 1997.) [posted here 7/8/97]
New networking concepts, building on recent advances in mobile
software, have been proposed with the purposes of accelerating
services and enhancing network management. An active network can give
a high degree of control to users to customize their network services
dynamically. Users can in effect "program" their services by
injecting mobile programs in special packets that are executed at
network elements. These mobile programs can carry out management and
control functions as well, without the need for pre-programming
network elements. Such software-intensive networks rely on agreement
on a basic instruction set or primitives rather than consensus on
specific protocols and services. This special issue of IEEE Network will
present an overview of research in this area which is still in the early
stages. A complete list of topics can be found in the call for papers.
Authors are invited to submit hardcopies or electronic files of their
papers to tchen@gte.com. Papers should not exceed twenty double spaced
pages in length, excluding figures and diagrams. More information for
potential authors is available at the IEEE Network Home Page
http://www.comsoc.org/socstr/techcom/ntwrk/.
IEEE Internet Computing Magazine has a
call for papers for topics on Internet computing.
(submissions due July 9, 1997)
IEEE Internet Computing is a new bimonthly magazine from the IEEE
Computer Society designed to help the engineer productively use the
ever expanding technologies and resources of the Internet. Internet
Computing and IC on-line will provide developers and users with the
latest advances in Internet-based computer applications and supporting
technologies such as the World Wide Web, Java programming, and
Internet-based agents. Through the use of peer-reviewed articles as
well as essays, interviews, and roundtable discussions, IC will
address the Internet's widening impact on
engineering practice and society. Topics include system engineering
issues such as agents, agent message protocols, engineering ontologies,
web scaling, intelligent search, on-line catalogs, distributed document
authoring, electronic design notebooks, electronic libraries, security,
remote instruction, distributed project management, reusable service
access and validation, electronic commerce, and Intranets.
Author guidelines are available at
http://www.computer.org/pubs/internet/auguide.htm
Upcoming themes include: Agents (submissions due March 15, 1997),
Intranets (submissions due May 7, 1997), and Internet Economics
(submissions due July 9, 1997).
Theory and Applications of Object Systems (TAPOS):
special issue on Objects, Databases, and the WWW (submissions due
May 31, 1997).
As the Internet and the WWW become preferred media for broadcasting,
content dissemination, data access, personal communications, distance
education, electronic commerce, and other as yet unforeseen
applications, it becomes urgent to explore the interactions between
these new media and other well established technologies for information
access. This special issue will focus on the interaction among object
technology, database systems, and the WWW. The following is a
non-exhaustive list of topics of interest: Object technology on the
web; Accessing databases through the web; The web as a database;
Developing web-centered applications; and Applications. A complete
list of topics of interest alog with submission instructions can be
found in the
call for papers.
Journal of Telecommunication Systems, call for papers for a
special issue on multimedia systems.
(submissions due April 15, 1997).
Multimedia systems and applications have attracted significant
attention during the last few years. The ability to deliver
audio and video to end-users, in addition to data, has created
possibilities which will revolutionize industries ranging from
education and advertising, with applications such as digital
libraries, distant learning, expert advice and real-time video
clip playback, to tele-collaboration, electronic commerce and
entertainment, with such applications as video-conferencing,
telecommuting, video-on-demand, etc.
The Journal of Telecommunication Systems is planning a special
issue on multimedia to address this emerging technology. The
issue will address all issues of multimedia systems with special
focus on issues related to networking and telecommunication
systems. Papers are solicited for this issue in the following
areas (but not limited to): Multimedia information processing
compression/decompression); Multimedia storage and retrieval;
Network issues (QoS, protocols, performance/modeling, etc);
Telecommunication systems requirements for multimedia;
Telecommunication systems architecture and implementation;
Security issues; End-to-end multimedia system architecture;
and Multimedia applications and application design.
More information is available in the
call for papers and on the
journal web page.
ACM Mobile Computing and Communications Review.
The wireless communication
revolution is bringing fundamental changes to telecommunication and
computing. Wide-area cellular systems and wireless LANs promise to
make integrated networks a reality and provide fully distributed and
ubiquitous mobile computing and communications, thus bringing an end
to the tyranny of geography. Furthermore, services for the mobile user
are maturing and are poised to change the nature and scope of
communication. This publication serves to enhance the ability of ACM
SIGMOBILE members to keep up-to-date in this rapidly moving field, as
well as serve as a major focal point for the discussion of new
directions of portable computation and mobile networks for both the
research and market-driven communities. Specific topics of interest
include security, scalability and reliability issues for
mobile/wireless systems. More information can be found at the
web page.
Journal of Intelligent Information Systems (JIIS).
Special Issue on Data Mining. As a young, promising research area
with broad applications, data mining and knowledge discovery in
databases has attracted great interest in the research communities of
database systems, machine learning, statistics, high performance
computing, information retrieval, data visualization, and many others.
Security and social impact of data mining is a topic of interest.
Five hard copies of the paper, with the length limited to 20 pages,
should be submitted by November 1, 1996 to
the conference chair
. Also see web page.
Special Issue of the Journal on Special Topics in Mobile Networking
and Applications .
Journal Web
page. This special issue will concentrate on the problems
associated with mobile and wireless networking in the Internet,
primarily at the network layer and above. Internet security issues are
a relevant topic. Authors should email an electronic Postscript copy
of their paper to one of the guest editors by November 15, 1996.
Submissions should be limited to 20 double spaced pages, excluding
figures, graphs, and illustrations. Submissions can be sent to
perk@watson.ibm.com.
IEEE Software
Papers are solicited for a special issue of IEEE Software to
focus on security and privacy concerns and their impact on software
development. The full announcement
has all details. The goal of this special issue is to:
JCS Special issue on WWW security
.
The special issue of the Journal of Computer Security will
be focused on research and development efforts leading to identify
requirements and viable solutions for WWW security. Two kinds of
papers will be considered: regular papers presenting new research
results, and short papers describing ongoing projects. Editors of the
special issue: Elisa Bertino, Gianpaolo Rossi, and Pierangela
Samarati, Dipartimento di Scienze dell'Informazione, Universita' di
Milano, Via Comelico, 39/41, 20135-Milano, Italy; phone:
+39-2-55006227/257/272; fax: +39-2-55006253; e-mail:
bertino,rossi,samarati@dsi.unimi.it. More information at
http://www.dsi.unimi.it/Users/jcs-www.
Distributed Systems Engineering Journal
Special Issue on Future Directions for
Internet Technology. Contributions are invited on all aspects of
where the Internet is going technically including security. Guest
editors: Dr Brian E. Carpenter (brian@dxcoms.cern.ch,
WWW) and Prof J Crowcroft
(J.Crowcroft@cs.ucl.ac.uk, WWW).
ACM Journal, Wireless Networks
special issue on
Personal Communications. Personal communications provide
communication services anywhere, anytime, with anybody, and in any
form. To implement the personal communications concepts, extremely
sophisticated systems which integrate many diverse technologies are
required. This special focuses on the research and development of
advanced PCS technologies.
Journal of Computer-Mediated Communication (JCMC)
a quarterly electronic journal, has issued a call for papers for a
special issue on electronic commerce, including issues related to
security and privacy. The call for papers can be found at
http://cwis.usc.edu/dept/annenberg/steincfp.html.
Workshop on Data Mining for Counter Terrorism and Security,
(held in conjunction with the Third SIAM International Conference
on Data Mining), San Francisco, CA, USA, May 3, 2003. [posted here 10/15/02]
The purpose of this workshop is to discuss ways in which data mining
and machine learning can be used to analyze data from numerous sources
of high-complexity for the purpose of preventing future terrorist activity.
This is inherently a multidisciplinary activity, drawing from areas such
as intelligence, international relations, and security methodology.
From the data mining and machine-learning world this activity draws
from text mining, data fusion, data visualization, data warehousing,
and high scalability are necessary for a successful endeavor.
Papers in these areas with clear application to the issues of counter
terrorism are particularly solicited. Topics of interest include:
- Methods to integrate heterogeneous data sources, such as text, internet,
video, audio, biometrics, and speech
- Scalable methods to warehouse disparate data sources
-
Identifying trends in singular or group activities
-
Pattern recognition for scene and person identification
-
Data mining in the field of aviation security, port security, bio-security
-
Data mining on the web for terrorist trend detection.
More information can be found on the workshop web page at
http://ic.arc.nasa.gov/~ashok.
Second Annual PKI Research Workshop, NIST, Gaithersburg MD, USA, April 28-29, 2003. [posted here 10/30/02]
This workshop among leading security researchers will explore the issues relevant
to this area of security management, and will seek to foster a long-term research
agenda for authentication and authorization in populations large and small via
public key cryptography. We solicit papers, panel proposals, and participation.
The goals of this workshop are to cross-pollinate existing research
efforts, to identify the key remaining challenges in deploying public key
authentication and authorization, and to develop a research agenda addressing
those outstanding issues.
- What are the key areas in current PKI approaches that need further work?
- For each area, what approaches appear most promising?
- How do the approaches in one area affect the methodologies in other areas?
A complete list of topics of interest and the full call for papers can be found at the
workshop web site at
middleware.internet2.edu/pki03/.
ITCC 2003
International Conference on Information Technology: Coding and Computing,
Las Vegas, Nevada, April 28-30, 2003.
[posted here 6/27/02]
The rapid growth in information science and technology in general and the
complexity and volume of multimedia data in particular have introduced new
challenges for the research community. Of particular interest is the need
for a concise representation, efficient manipulation, and fast transmission
of multimedia data. Applications such as space science, tele-medicine, military,
and robotics deal with large volumes of data which need to be stored and
processed in real time. Topics of interest include:
- Digital Image, Video & Audio Processing - Information Hiding & Video Streaming
- Document Image Analysis
- Data Compression
- Authentication of Video and Audio Data
- Multimedia Computing
- Hybrid Source/Channel Coding
- Systems Interfacing and Integration
- Information Databases
- E-commerce Compressed Data Processing
- Data Storage Platforms
- Optical Data Transmission
- New Architectures for Multimedia Processing
- Graphics and Video Hardware
- Error Control Codes
- Video and Audio Codec Design
- Enterprise Architectures - Enterprise-wide Information Management
- Pervasive Computing
More information can be found on the conference web page at
www.cs.clemson.edu/~srimani/itcc2003/cfp.html.
ICEIS'2003
5th International Conference on Enterprise Information System,
Angers, France, April 23-26, 2003.
[posted here 9/17/02]
The purpose of the 5th International Conference on Enterprise Information
Systems (ICEIS) is to bring together researchers, engineers and practitioners
interested in the advances and business applications of information systems.
Four simultaneous tracks will be held, covering different aspects of Enterprise
Information Systems Applications, including Enterprise Database Technology,
Systems Integration, Artificial Intelligence, Decision Support Systems,
Information Systems Analysis and Specification, Internet Computing and
Electronic Commerce. Human factors issues in the development of these
applications are also considered. ICEIS focuses on real world applications;
therefore authors should highlight the benefits of Information Technology for
industry and services. Ideas on how to solve business problems, using IT,
will arise from the conference. Papers describing advanced prototypes,
systems, tools and techniques and general survey papers indicating future
directions are also encouraged. Both full research reports and work-in-progress
reports are welcome. More information can be found on the conference
web site at www.iceis.org.
BITE2003
The First International Workshop on Business Information Technology
Ethics (in conjunction with ICEIS 2003,
www.iceis.org), Angers, France,
April 22, 2003. [posted here 10/24/02]
"Praxis versus Theory" would best describe the overall theme of this
workshop in IT ethics. Computer ethics is a fledgling discipline that
is top-heavy with practical knowledge but desperately in need of a sound
theoretical base that it can claim as its own. Can original philosophical
theories or novel adaptations of other ethical paradigms better assist us
in improving the lot of professional practice in IT? Or must we always fall
back on the anachronistic greats of Western Philosophy to guide our moral
way through 21st century technologies? This workshop will serve as a forum
to gather researchers, practitioners, students and anyone with an interest
in the development of IT ethics as a means of improving professional practice.
Topics of interest include, but are not limited to:
- The social and cultural effects of IT on business practice
- Security and computer misuse
- Privacy and workplace monitoring
- Cross-cultural issues in IT ethics
- Ethics in project management
- Professional etiquette, standards and codes in IT
- Ethics in electronic commerce
- Empirical studies in IT ethics
- Ethics of software patents
- Professional responsibility in IT
- Corporate governance and IT
- Theoretical issues in IT professional practice
- Innovative training methods in IT ethics for professionals
- Submissions on other allied issues are also welcome
More information can be found on the workshop web page at
www.iceis.org/workshops/bite/bite2003-cfp.html.
IWWST'03
First International Workshop in Wireless Security Technologies,
London, UK, April 15-16, 2003.
[posted here 2/22/03]
Wireless Information Technology Research Centre in collaboration with
the British Computer Society, is organising the First International
Workshop in Wireless Security Technologies, IWWST '03. The complete
call for papers along with other conference information can be found at
http://iwwst.org.uk
CT-RSA 2003
Cryptographers' Track RSA Conference 2003, San Francisco, CA, USA, April 13-17, 2003. [posted here 8/1/02]
Following the success of the two previous editions, the Cryptographers' Track of RSA
Conference 2003 (CT-RSA 2003) will be run as an anonymously refereed conference with
proceedings. Original research papers pertaining to all aspects of cryptography as
well as tutorials or results presented in other conferences are solicited. Submissions
may present theory, techniques, applications and practical experience on topics
including, but not limited to: fast implementations, secure electronic commerce,
network security and intrusion detection, formal security models, comparison and
assessment, tamper-resistance, certification and time-stamping, cryptographic data
formats and standards, encryption and signature schemes, public key infrastructure,
protocols, elliptic curve cryptography, block cipher design, discrete logarithms
and factorization techniques, stream ciphers and Boolean functions, lattice reduction
and provable security. The program committee invites tutorials and research
contributions in the broad area of applications and theory of cryptography.
More information can be found at the workshop web page at
reg2.lke.com/rs3/rsa2003/crypto.html.
IPCCC'2003
The International Performance, Computing, and Communications Conference,
Phoenix, Arizona, USA, April 9-11, 2003 [posted here 9/17/02]
We encourage submission
of high-quality papers reporting original work in both theoretical and
experimental research that address the recent advances in algorithms,
architectures, protocols, wired and wireless network infrastructure, embedded
systems, and distributed and mobile systems and applications. Topics of
interest include, but are not limited to, the following:
- Network Security
- WDM Networks
- Power-aware Design and Computing
- Wireless Networks
- Grid Computing
- Web Server Performance
- Survivable Networks
- Internet Computing
- Performance Evaluation Methodologies
- Mobile and Networked Applications
- Embedded System Design and Integration
- High-Performance Computing
- Storage Systems (file systems, databases)
- Mobile and ad-hoc Networking
- Information Assurance
- Mobile and Ubiquitous Systems
- Network Protocols and Performance
More information can be found on the conference web page at
www.ipccc.org.
CHI2003
ACM Workshop on Human-Computer Interaction and Security Systems,
Fort Lauderdale, Florida, USA April 5 or 6, 2003
(position papers due January 17, 2003) [posted here 11/21/02]
The human factor is often described as the weakest part of a security system
and users are often described as the weakest link in the security chain.
This workshop will seek to understand the roles and demands placed on users
of security systems, and explore design solutions that can assist in making
security systems usable and effective. In addition to examining end-users,
this workshop will also examine the issues faced by security system developers
and operators. Security is a large topic so there are many areas where HCI
is important. Three obvious areas of interest are authentication (passwords,
biometrics, etc.), security operations (intrusion detection, vigilance, policies
and practices, etc.), and developing secure systems (developing for security,
understanding users, installation and operation support, etc.). We are interested
in receiving submissions on these topics, and suggestions of other possible topic
areas are also welcome. Position papers are due January 17, 2003. The
workshop will be held April 5 or 6, 2003 (to be finalized), in Fort Lauderdale,
Florida. The full CFP and other information is available here:
www.iit.nrc.ca/~patricka/CHI2003/HCISEC/.
WITS'03
Workshop on Issues in the Theory of Security (co-located with ETAPS'03),
Warsaw, Poland, April 5-6, 2003. [posted here 11/21/02]
WITS is the official workshop organised by the IFIP WG 1.7 on "Theoretical
Foundations of Security Analysis and Design", established to promote the
investigation on the theoretical foundations of security, discovering and
promoting new areas of application of theoretical techniques in computer
security and supporting the systematic use of formal techniques in the
development of security related applications. Extended abstracts of work
(accepted after selection and) presented at the Workshop are collected and
distributed to the participants. There will be no formally published
proceedings; however, selected papers will be invited for submission to
a special issue of the Journal of Computer Security. Suggested submission
topics include:
- formal definition and verification of the various aspects of
security:
confidentiality, privacy, integrity, authentication
and availability;
- new theoretically-based techniques for the formal analysis and
design of cryptographic
protocols and their manifold applications
(e.g., electronic commerce);
- information flow modeling and its application to the theory of
confidentiality policies,
composition of systems, and covert channel analysis;
- formal techniques for the analysis and verification of code
security, including mobile
code security;
- formal analysis and design for prevention of denial of
service;
- security in real-time/probabilistic systems
- security in coordination languages
The official web page of the conference is at the url
www.dsi.unive.it/IFIPWG1_7/wits2003.html.
SPI 2003
Security and Protection of Information, Brno, Czech Republic, March 28-30, 2003. [posted here 1/3/03]
The call for papers and a list of example topics may be found on the
conference web page at
www.vabo.cz/spi/defaulten.htm.
Speakers desiring to submit papers should e-mail an abstract of at
least 250 words along with a short CV/résumé of the speaker(s) to
Jaroslav Dockal (jaroslav.dockal@vabo.cz) by January 13th, 2003.
More details can be found in the call for papers.
Workshop on Privacy Enhancing Technologies 2003, Dresden, Germany, March 26-28, 2003.
[posted here 7/17/02]
Privacy and anonymity are increasingly important in the online world. Corporations
and governments are starting to realize their power to track users and their behavior,
and restrict the ability to publish or retrieve documents. Approaches to protecting
individuals, groups, and even companies and governments from such profiling and
censorship have included decentralization, encryption, and distributed trust.
The workshop seeks submissions from academia and industry presenting novel research
on all theoretical and practical aspects of privacy technologies, as well as
experimental studies of fielded systems. We encourage submissions from other communities
such as law and business that present their perspectives on technological issues. As
in past years, we will publish proceedings after the workshop. Suggested topics include
but are not restricted to:
- Efficient (technically or economically) realization of privacy services
- Techniques for censorship resistance
- Anonymous communication systems (theory or practice)
- Anonymous publishing systems (theory or practice)
- Attacks on anonymity systems (eg traffic analysis)
- New concepts in anonymity systems
- Protocols that preserve anonymity/privacy
- Models for anonymity and unobservability
- Models for threats to privacy
- Novel relations of payment mechanisms and anonymity
- Privacy-preserving/protecting access control
- Privacy-enhanced data authentication/certification
- Profiling, data mining, and data protection technologies
- Reliability, robustness, and attack resistance in privacy systems
- Providing/funding privacy infrastructures (eg volunteer vs business)
- Pseudonyms, identity, linkability, and trust
- Privacy, anonymity, and peer-to-peer
- Usability issues and user interfaces for PETs
- Policy, law, and human rights -- anonymous systems in practice
- Incentive-compatible solutions to privacy protection
- Economics of privacy systems
- Fielded systems and techniques for enhancing privacy in existing systems
More information can be found on the workshop web page at
www.petworkshop.org/.
The First International Workshop on Information Assurance, Darmstadt, Germany,
March 24, 2003. [posted here 8/13/02]
The IEEE Task Force on Information Assurance is sponsoring a workshop on information
assurance in cooperation with the ACM SIGSAC on research and experience in information
assurance. The workshop seeks submissions from academia and industry presenting novel
research on all theoretical and practical aspects of IA; possible topics include,
but are not limited to the following:
- Information Warfare and Operations
- Network Security
- Operating System Security
- Storage Security
- Intrusion Detection, Prediction, and Countermeasures
- Insider Attack Countermeasures
- Information Sharing in Coalition Settings
- Security Models
- Survivability and Resilient Systems
- Formal Methods for Security
- CCITSE Experience and Methodology
- IA Standardization Approaches
- Specification, Design, Development, and Deployment of IA Mechanisms
Papers with a systems perspective are especially welcome. In addition to the
dissemination of new research, another goal of the workshop is to bring together
researchers and practitioners from both governmental and civilian areas. More information
on the workshop can be found at
www.ieee-tfia.org/iwia2003/ .
SPC-2003
First International Conference on Security in Pervasive Computing,
Boppard, Germany, March 12-14, 2003.
[posted here 6/27/02]
The ongoing compression of computing facilities into small and
mobile devices like handhelds, portables or even wearable computers
will enhance an ubiquitous information processing. The basic paradigm
of such a pervasive computing is the combination of strongly
decentralized and distributed computing with the help of diversified
devices allowing for spontaneous connectivity via the internet.
The objective of this conference is to develop new security concepts
for complex application scenarios based on systems like handhelds,
phones, smartcards, and smart labels hand in hand with the emerging
technology of ubiquitous and pervasive computing. Particular
subjects are methods and technology concerning the identification
of risks, the definition of security policies, and the development
of security measures that are related to the specific aspects of
ubiquitous and pervasive computing like mobility, communication,
and secure hardware/software platforms. More information can be
found on the conference web page at
www.dfki.de/SPC2003.
NDSS'03
The 10th Annual Network and Distributed System Security Symposium,
San Diego, CA, USA, February 5-7, 2002.
[posted here 7/17/02]
The symposium fosters information exchange among research scientists and practitioners
of network and distributed system security services. The target audience includes those
interested in practical aspects of network and distributed system security, with a
focus on actual system design and implementation (rather than theory). A major goal
is to encourage and enable the Internet community to apply, deploy, and advance the
state of available security technology. Topics of interest include:
- Integrating security in Internet protocols: routing, naming, TCP/IP, multicast,
network management, and the Web.
- Intrusion avoidance, detection, and response: systems, experiences and architectures.
- Attack-resistant protocols and services:
* Network perimeter controls: firewalls, packet filters, application gateways
* Virtual private networks
* Public key infrastructure, key management, certification, and revocation
* Secure electronic commerce: e.g., payment, barter, EDI, notarization, time
stamping,
endorsement, and licensing
* Supporting security mechanisms and APIs; audit trails; accountability
* Implementation, deployment and management of network security policies
* Intellectual property protection: protocols, schemas, implementations, metering,
watermarking, digital rights management.
* Fundamental services on network and distributed systems: authentication, data integrity,
confidentiality, authorization, non-repudiation, and availability.
* Integrating security services with system and application security
facilities and protocols: e.g.,
message handling, file transport/access,
directories, time synchronization, data base
management, boot services,
mobile computing
* Security for
emerging technologies: sensor networks, specialized
test beds, wireless/mobile
(and ad hoc) networks, personal
communication systems, and large heterogeneous distributed systems.
* Special problems and case studies: e.g., interplay and tradeoffs
between security and efficiency,
usability, reliability and cost.
* Security for collaborative applications and services: teleconferencing
and video-conferencing,
group work, etc.
More information can be found on the
workshop web page at
www.isoc.org/isoc/conferences/ndss/03/index.shtml.
Workshop on Security and Assurance in Ad hoc Networks (in conjunction with
SAINT2003), Orlando, Florida, USA, January 28, 2003.
[posted here 9/17/02]
This half day workshop aims at providing a forum for the discussion of
security and assurance issues related to ad hoc networks as components
of the Internet. Technical papers describing original research are solicited.
Areas of particular interest include, but are not limited to:
- Security and fault tolerant issues in ad hoc networks
- Secure routing in ad hoc networks
- Applications of mobile agents and autonomous intelligent systems
- Tradeoffs between efficiency and security in ad hoc networks
- Bounds on efficiency in ad hoc networks
- Security protocols for group applications in ad hoc networks
- Self configuration in ad hoc networks
- Location discovery and management
- Timing and synchronization in ad hoc networks
- Secure, distributed algorithms for ad hoc networks
Please consult the Program Co-Chairs Alec Yasinsac (yasinsac@cs.fsu.edu) or
Mike Burmester (burmester@cs.fsu.edu) if you are uncertain whether your paper
falls within the scope of the workshop. Workshop information will be posted at
www.sait.fsu.edu/wsaan2003/.
SAINT2003
2003 Symposium on the Internet and Applications,
Orlando, Florida, USA, January 27-31, 2003. [posted here
3/15/02]
THEME: The Evolving Internet. The Symposium on Applications and the
Internet focuses on emerging and future Internet applications and
their enabling technologies. The symposium provides a forum for
researchers and practitioners from the academic, industrial, and
public sectors, to share their latest innovations on Internet
technologies and applications. Areas of particular interest include,
but are not limited to:
- Internet Agents
- Collaboration Technology: Groupware & telepresence and Internet communities
- Internet Content Management Systems: XML and semi-structured data,
information fusion, web-based databases, and data mining.
- Internet Content Delivery: web caching, multimedia, adaptations, QoS
- E-Business: infrastructure for e-services, brokering, negotiation,
B2B, Internet workflow, and virtual enterprise.
- Wireless and Mobile Internet: content adaptation, e-services, mobile
commerce
- Standards for Internet Applications: XML, SOAP, UDDI, WSDL, WSFL,
ebXML, Java, .NET, Sun One, others.
- GRID Computing
- Internet Appliances: smart phones, PDAs, sensor networks, smart home, etc.
- Novel Internet Applications
- Internet Security
- Network and Protocol Architecture
- Internet Operation and Performance
Information for prospective authors, including paper format and submission
instructions can be found in the symposium web page at
www.saint2003.org.
HICSS-36
Secure and Survivable Software Systems (Part of the Software Technology Track),
Big Island, Hawaii, USA, January 6-9, 2003. [posted here 3/28/02]
The focus of this minitrack is security and survivability in large, non-trivial,
software systems, with an emphasis on the last phases of the four stage
survivability model consisting of Resistance, Recognition, Recovery, and
Adaptation. Papers on Resistance and Recognition that address the need or
capacity for safety critical software systems to “fail-safe” and “fail-secure”
are also desired. Submissions will be sought from researchers in the area of
system survivability, software dependability, computer and network security,
fault-tolerance and intrusion tolerance, and economic or statistical modeling
of secure/survivable systems. Main minitrack topics include but are not limited to:
- System or software survivability
- Safety critical failure modes
- Network or system intrusion tolerance
- Modeling malicious behavior or attacks
- Mathematical models for verification of vulnerability to malicious acts
- Models for measurement, evaluation, or validation of survivability
- Software fault tolerance
- Design for dependability and/or survivability
- PRA and hybrid fault models accounting for malicious acts and events
More information can be found on the HICSS-36 conference web site is at www.hicss.hawaii.edu/ and the miitrack web site at
www.cs.uidaho.edu/~krings/HICSS36/HICSS36-cfp.htm
PKC2003
The Sixth International Workshop on Practice and Theory in Public Key
Cryptography, Miami, Florida, USA, January 6-8, 2003. [posted here 6/24/02]
PKC is the main annual workshop focusing on research on all aspects of public
key cryptography. PKC 2003 will for the first time be an IACR workshop.
Topics of interest include:
-
Certification and Time-stamping
- Computational Complexity Aspects
-
Cryptanalysis
- Discrete Logarithm
-
Electronic Cash/Payment
- Elliptic Curve Cryptography
-
Encryption Schemes
- Fast Implementations
-
Integer Factorization
- International Standards
-
Lattice Reduction
- Provable Security
-
Public Key Infrastructure
- Secure Electronic Commerce Signature Schemes
Further details are available at:
www.sait.fsu.edu/pkc2003.
BCS-FACS British Computer
Society Formal
Aspects of Security, Royal Holloway, University of London, UK,
December 19-20, 2002.
[posted here 7/17/02]
To celebrate its 25th Anniversary, the BCS-FACS (British Computer Society - Formal
Aspects of Computing) Specialist Group is planning to organize several events over
the next two years. The main aim is to highlight the use of formal methods, emphasize
their relevance to modern computing, and promote their wider applications. Papers
offering research contributions in formal aspects of computer security are solicited
for FASec. Topics of interest include:
-
Frameworks for formulating security requirements
-
Access control: requirements, models, mechanisms, and extensions
-
Theoretical foundations for access control models
-
Formal models for security management: keys, data integrity, accounting and audit.
-
Theoretical foundations of network and distributed systems security.
-
Specification, analysis, and verifications of cryptographic protocols.
- Theory of information flow.
-
Secure networking: authentication and intrusion detection.
-
Security for mobile code
-
Access control in distributed and mobile systems
-
Proof carrying code and byte-code verification
-
Smart-cards and secure PDAs
-
Safety and security: analogies and differences
-
Case studies and critical evaluations of formal methods for security
-
Tools based on formal methods for security requirements, analysis, and verification.
More information can be found on the workshop web page at
www.bcs-facs.org/.
ACSAC2002
18th Annual Computer Security Applications Conference, Las Vegas, Nevada, USA,
December 9-13, 2002. [posted here 3/16/02]
This internationally recognized conference provides a forum for experts in
information system security to exchange practical ideas about solving these
critical problems. We are looking for papers, panels and tutorials that address:
- Access control -Cryptographic protocols and applied cryptography
- Database Security - Denial of service protection
- Electronic commerce security - Firewalls and other boundary control devices
- Forensics - Identification and Authentication
- Information Survivability - Middleware and distributed systems security
- Mobile Security - Network security
- Operating systems security - PKI and certificate management
- Risk/vulnerability assessment - Intrusion detection
- Security engineering - Security against malicious mobile code
See the conference web page at www.acsac.org for details on submitting papers
and tutorial proposals.
ICISC
2002 Fourth International Conference on Information and
Communications Security, Kent Ridge Digital Labs, Singapore, December
9-12, 2002. [posted here
1/7/02]
Original papers on all aspects of information and communications security
are solicited for submission to ICICS’02. Areas of interests include but
not restricted to the following:
- Access Control Authentication and Authorization
- Biometric Security Cryptology
- Database Security Distributed System Security
- Electronic Commerce Security Fraud Control
- Information Hiding and Watermarking Intellectual Property Protection
- Internet and Intranet Security Intrusion Detection
- Key Management and Key Recovery Mobile System Security
- Network Security Operating System Security
- Protocols and Their Analysis Risk Evaluation and Security Certification
- Security Modeling and Architecture Virus and Worms
More information can be found on the conference web page at
www.krdl.org.sg/General/conferences/icics/Homepage.html.
ASIACRYPT
2002 Queenstown, New Zealand, December 1-5, 2002. [posted here 9/30/01]
Original papers on all technical aspects of cryptology are solicited for submission
to Asiacrypt 2002. The conference is organized by the International Association for
Cryptologic Research (IACR). Submissions must not substantially duplicate work that
any of the authors has published elsewhere or has submitted in parallel to any other
conference or workshop that has proceedings. More information can be found on the
conference web page at www.sis.uncc.edu/ac02.
WPES ACM Workshop on
Privacy in the Electronic Society (in association with 9th ACM Conference
on Computer and Communication Security), Washington, DC, USA, November 21, 2002 [posted here 5/28/02]
The increased power and interconnectivity of computer systems
available today provide the ability of storing and processing large
amounts of data, resulting in networked information accessible from
anywhere at any time. It is becoming easier to collect, exchange,
access, process, and link information. The goal of this workshop is to
discuss the problems of privacy in the global interconnected societies and
possible solutions to it. Topics of interest include, but are not
limited to:
- anonymity, pseudonymity, and unlinkability
- business model with privacy requirements
- data protection from correlation and leakage attacks
- electronic communication privacy
- information dissemination control
- privacy-aware access control
- privacy in the digital business
- privacy enhancing technologies
- privacy policies and human rights
- privacy and anonymity in Web transactions
- privacy threats
- privacy and confidentiality management
- privacy in the electronic records
- privacy in health care and public administration
- public records and personal privacy
- privacy and virtual identity
- personally identifiable information
- privacy policy enforcement
- privacy and data mining
- relationships between privacy and security
- user profiling
- wireless privacy
More information about the conference can be found at seclab.dti.unimi.it/~wpes.
SACT
First ACM Workshop on Scientific Aspects of Cyber Terrorism (in conjunction
with the ACM Conference on Computer and Communication Security), Washington,
DC, USA, November 21, 2002. [posted here 5/16/02]
The goal of this workshop is to address scientific contributions to understand
cyber terrorism and to fight cyber terrorism. Examples of possible topics of
interest include: methods to identify the most critical infrastructures,
methods to detect cyber terrorist attacks, methods to protect against cyber
terrorism (including survivability, quorum systems, PKI). Submissions should
clearly identify the relationship with cyber terrorism. Submissions on
cryptography/information security without proper motivation how these can be
used to address scientific issues on cyber terrorism will be rejected.
Non-scientific talks (such as surveys on efforts by different countries on
addressing cyber terrorism) will only be accepted if space permits. Talks
about political and non-scientific talks are not the main goal of the
workshop. Further details are available at www.sait.fsu.edu/sactworkshop/sact.html
DRM 2002
ACM Workshop on Digital-Rights Management (in conjunction with the
9th Annual ACM CCS Conference), Washington DC, USA,
November 18, 2002. [posted here 7/18/02]
The 2002 ACM Workshop on Digital-Rights Management (DRM 2002) will be held
on November 18, 2002 in Washington DC, in conjunction with the 9th Annual
ACM CCS Conference. The DRM 2002 submission deadline is August 1, 2002;
submissions on all technical, legal, and business aspects of DRM are solicited.
Additional information and submission instructions can be found at
crypto.stanford.edu/DRM2002/
CCS 2002 9th ACM
Conference on Computer and Communication Security, Washington DC, USA,
November 17-21, 2002. [posted here 3/15/02]
Papers offering novel research contributions in any aspect of computer
security are solicited for submission to the Ninth ACM Conference on Computer
and Communications Security. The primary focus is on high-quality original
unpublished research, case studies, and implementation experiences.
Papers should have practical relevance to the construction, evaluation,
application, or operation of secure systems. Theoretical papers must make
convincing argument for the practical significance of the results. Theory
must be justified by compelling examples illustrating its application.
Topics of interest include:
- access control
- security for mobile code
- cryptographic protocols
- key management
- information warfare
- authentication
- applied cryptography - e-business/e-commerce
- privacy and anonymity
- secure networking
- accounting and audit
- data/system integrity
- intrusion detection
- security management
- security verification
- database and system security
- smart-cards and secure PDAs
- inference/controlled disclosure
- intellectual property protection
- commercial and industry security
See the conference web site at www.acm.org/sigs/sigsac/ccs
for details on submitting a paper
IICIS 2002
Fifth IFIP TC-11 WG 11.5 Working Conference on Integrity and Internal
Control in Information Systems - New Perspectives from Academia and
Industry, Bonn, Germany, November 11-12, 2002. [posted here 3/28/01]
Confidentiality, integrity and availability are high-level objectives of IT
security. The IFIP TC-11 Working Group 11.5 has been charged with exploring
the area of the integrity objective within IT security and the relationship
between integrity in information systems and the overall internal control
systems that are established in organizations to support corporate
governance codes. This working conference series follows its tradition to
establish the basis for an ongoing dialog between IT security specialists
and internal control specialists so that both may work more effectively
together to assist in creating effective business systems in the future.
The goals for this conference are to find an answer to the following questions:
- what is the status quo of research and development in the area of integrity
and internal control
- where are the gaps between business needs on the one hand and research and
development
on the other and what needs to be done to bridge these gaps
- what precisely do business managers need to have confidence in the integrity
of their
information systems and their data
More information can be found on the conference web page http://www.db.cs.ucdavis.edu/IICIS2002/
NORDSEC2002
7th Nordic Workshop on Secure IT Systems, Karlstad University, Sweden,
November 7-8, 2002. [posted here 3/17/02]
The NordSec workshops were started in 1996 with the aim of bringing together researchers
and practitioners within computer security in the Nordic countries. The theme of the
workshops has been applied security, i.e., all kinds of security issues that could
encourage interchange and cooperation between the research community and the
industrial/consumer community. A main theme of NordSec 2002, to which a special track
within the workshop will be devoted, is Privacy Enhancing Technologies. NordSec 2002
will also specifically address the areas of Software Engineering and Quality of Service
in relation to IT security. Possible topics include, but are not limited to the following:
- Privacy and Privacy Enhancing Technologies
- Wireless Communication Security
- Inter/Intra/Extranet Security
- Security Protocol Modeling and Analysis
- E-and M-Business Security
- New Firewall Technologies
- Secure Infrastructures; TTP, PKI, Key Escrow/Recovery
- Computer Crime and Information Warfare
- Detecting Attacks, Intrusions and Computer Misuse
- Smart Card Applications
- Security Management and Audit
- Security Evaluations and Measurements
- Security in Commercial off-the-shelf Products, COTS
- Operating System Security
- Security Models
- New Ideas and Paradigms for Security
- Security Education and Training
- Quality of Service or Software Engineering in Relation to Security
More information can be found on the conference web page at www.cs.kau.se/nordsec2002.
ACSA Workshop on the Application of Engineering Principles to System
Security Design, Boston, MA, USA, November 6-8, 2002 [posted here
7/29/02]
The Applied Computer Security Associates (ACSA) is sponsoring a workshop
to examine engineering fundamentals, the principles and practice of
designing and building secure systems. The workshop will look at where we
have been in security engineering (formal methods, Orange book, Common
Criteria, penetrate and patch, Certification and Accreditation, Defense in
Depth) and where we should go. The workshop will consider such questions and
issues as:
- How can we do better at engineering secure systems?
- Do we need new paradigms?
- Have we not done a good job in applying the old techniques?
- Is the real problem just bad software engineering, not bad
security engineering?
- Is the problem poor maintenance, rather than poor
engineering?
- Is "Defense in Depth" a meaningful engineering concept or is
it bumper sticker engineering?
- Have we forgotten the past?
- Are we failing to teach new security engineers what we know?
The goal of the workshop is to begin a process of serious thinking about
these important issues. The output of the workshop will be a collection of
essays and technical papers on the issues discussed in the workshop. The
papers will be available on-line to the community. ACSA's intent is that the
output of the workshop becomes the kernel for a growing on-line collection
of theory, principles, and practice of security engineering. Over time this
site will maintain our history, our lessons learned, and principles for
getting it right the first time. More information can be
found on the workshop web page at
www.acsac.org/waepssd/cfp.html.
LawTech2002
ISLAT International Conference on Law and Technology, Cambridge, Massachusetts, USA,
November 6-8, 2002. [posted here
4/15/02]
This conference is an international forum for lawyers and engineers
interested in understanding the latest developments and implications of
technology in the field of law. It is an opportunity to exchange ideas and
information related to the intersection of these two areas. The conference
will address both the legal ramifications of new technology and how
technology advances the field of law. All papers submitted to this
conference will be peer reviewed by at least two members of the
International Program Committee. Acceptance will be based primarily on
originality and contribution.