Contents
ACSAC 19
The 19th Annual Computer Security Applications Conference, Las
Vegas, Nevada USA, December 8-12, 2003. [posted here 3/8/03]
The 19th Annual Computer Security Applications Conference is an
internationally recognized conference that provides a forum for
experts in information system security to exchange practical ideas
about solving real problems. Papers and proposals that address the
application of technology, the implementation of systems, and
lessons learned will be given special consideration. The ACSAC
Program Committee is looking for papers, panels, forums, case
studies presentations, tutorials, workshops, and works in progress
that address practical solutions to problems related to protecting
commercial enterprises or government information infrastructures. A
list of topics of interest along with other conference information
can be found at www.acsac.org.
CEC2003
Special session at the Congress on Evolutionary Computation,
Canberra, Australia, December 8-12, 2003. [posted here 5/11/03]
There is a growing interest from the computer security community
toward Evolutionary Computation techniques, as a result of these
recent successes, but there still are a number of open problems in
the field that should be addressed. This special session will try to
do it by asking for submissions in all areas of evolutionary
computation dealing with applications to computer security, and by
giving the interested researchers an opportunity to review the
current state-of-art of the topic, exchange recent ideas, and
explore promising new directions. We would like to invite your
participation in the special session Evolutionary Computation in
Computer Security at the CEC-2003, an opportunity to meet leading
researchers in the field, exchange ideas and initiate
collaborations. Relevant topics include, but are not limited to
Cellular automata, Genetic Algorithms, Genetic Programming,
Classifier Systems, Simulated Annealing, Evolutionary Strategies,
Tabu Search,Bio-inspired systems, etc. in:
- Design of cryptographic primitives, including: pseudo-random
number generators,
block ciphers, stream ciphers, hash functions, S-Boxes, etc...
- Analysis and/or cryptoanalysis of cryptographic primitives
- Cryptography
- Improvement of cryptographic primitives
- Network security
- Intrusion detection systems
- Host security
More information can be found at
http://tracer.uc3m.es/CFP-SS-CEC2003.html/.
WSTI'03
Workshop on Security of Information Technologies, Algiers, Algeria,
December 8-10, 2003. [posted here 6/19/03]
This workshop aims to provide a forum for information security
professionals to exchange practical experiences or theoretical
research efforts in information security about solving these
critical problems. Authors are invited to submit papers, and
tutorials that address:
- Access control -
Anonymity and Privacy
- Applied cryptography - Audit and
audit reduction
- Biometrics -
Certification and accreditation
- Cryptographic protocols - Database
Security
- Denial of service protection - Firewalls
- Forensics -
Formal models
- Identification and Authentication - Information hiding,
steganography
- Integrity -
Intellectual property rights protection
- Intrusion detection - Mobile
Environment Security
- Network Protocols security - Operating systems
security
- Risk/vulnerability assessment - Security
management
- Wireless Security
More information can be found on the conference web page at
http://leria.epitech.net/wsti03/en/home.htm.
Communications Security Symposium (part of
the IEEE GLOBECOM 2003 workshop), San Francisco, CA, USA, December
1-5, 2003. [posted here 11/13/02]
The inaugural symposium on Communications Security solicits
submissions of new results in all security topics for wireless,
mobile, ad hoc, peer-to-peer, or landline communication networks.
Please see the complete call posted at
www.globecom2003.com/CFP1.html (under GLOBECOM 2003 Symposia
Titles).
DMSEC'03
Workshop on Data Mining for Computer Security (at IEEE ICDM03),
Melbourne, Florida, USA, November 19, 2003. (submissions due August
22, 2003) [posted here 8/16/03]
Computer security is a broad field that encompasses issues both
theoretical and practical aspects. It is of incredible importance to
a wide variety of practical domains ranging from the banking
industry to multi-national corporations, from space exploration to
the intelligence community and so on. Of interest to this workshop
are methods that address two aspects of computer security. The first
relates to how computers can be used to secure the information
contained within an organizations. Issues of critical importance
here could include the detection and/or prevention of unauthorized
access or attacks on computers and networks local to an organization
or entity. The second relates to how computers can be used to detect
hostile activity (surveillance) in a sensitive area (such as in an
airport). It is likely that such techniques will require data mining
techniques that work hand-in-hand with state-of-the-art computer
vision techniques. More information can be found at the workshop web
page
www.cs.fit.edu/~pkc/dmsec03/.
Workshop on RDIF Privacy and Security, MIT,
Cambridge, MA, USA, November 15, 2003. [posted here 8/16/03]
Radio Frequency Identification technology is fast becoming a
lightning rod for consumer privacy activists. Is RFID destined to
become the enabling technology for massive state-sponsored
surveillance, Big Brother's "call-home" chip? Or is RFID really
nothing more than a supply-chain management technology, it's dangers
being over-hyped by alarmists who fundamentally misunderstand the
technology? The goal of the RFID Privacy Workshop is to bring
together RFID technologists, boosters, critics, privacy activists
and journalists covering the space to establish some technical
truths and a creating a framework for understanding the growing body
of RFID policy issues. FORMAT: A series of speakers including
academics, RFID innovators, and privacy activists will discuss RFID
technology, policy and privacy. There will be ample time for
discussion and Q & A. For more information, see
http://rfidprivacy.org/.
IICIS'2003 Sixth IFIP TC-11 WG 11.5 Working Conference on
Integrity and Internal Control in Information Systems, Lausanne,
Switzerland, November 13-14, 2003. [posted here 1/11/03]
Confidentiality, integrity and availability are high-level
objectives of IT security. The IFIP TC-11 Working Group 11.5 has
been charged with exploring the area of the integrity objective
within IT security and the relationship between integrity in
information systems and the overall internal control systems that
are established in organizations to support corporate governance
codes. The goals for this conference are to find an answer to the
following questions: what is the status quo of research and
development in the area of integrity and internal control; where are
the gaps between business needs on the one hand and research and
development on the other and what needs to be done to bridge these
gaps; and what precisely do business managers need to have
confidence in the integrity of their information systems and their
data. Topics of interest include:
- integrity and internal control in Enterprise Resource Planning
systems
- integrity and internal control in e- and m-commerce
applications and infrastructure
- integrity and internal control in financial systems
- developments in internal control concepts and the impact on
integrity requirements
- integrity standards
- methods for dealing with incomplete or inconsistent information
- efficient methods for checking integrity
- integrity requirements necessary to implement an internal
control structure within an organization
- integrity of archival data
- integrity and authentication of digital documents
- trustworthy computation
More information and the full call-for-papers can be found on the
conference web site at
http://lbd.epfl.ch/e/conferences/IICIS03/index.html.
Adaptive and Resilient Computing Security
(ARCS), Santa Fe Institute Workshop, SFI, NM, November 5-6, 2003.
[posted here 2/3/03]
This workshop is the second in the series and will focus on the
theme of adaptive defence of information and computing networks. The
aim is to stimulate novel approaches to securing the information
infrastructure. In particular the workshop will consider long-term
developments and research issues relating to the defence of
information networks. The driving scientific motivation for this
workshop is to further our understanding of adaptive and self-organising
mechanisms that can be applied to the development of resilient and
robust information networks. In particular it will provide a forum
for commercial and academic researchers to exchange concepts and
issues within this domain. Following a highly successful first
event, this workshop will be based on two specific sub-themes. These
are:
- Bio-inspired Defence Systems
- Adaptive Security Mechanisms
Some of the specific problems, which will be addressed, include:
- Design of self-healing networks
- Optimization versus robustness
- Machine learning and defence strategies
- Dynamic stability in large-scale networks
- Self & non-self recognition, Immunology models
If interested please submit an extended 4 page abstract to Dr.
Robert Ghanea-Hercock / BTexact technologies, Adastral Park, Admin
2, Martlesham, Suffolk, UK. Email: robert.ghanea-hercock@bt.com
SASN
2003 Workshop on Security of Ad Hoc and Sensor Networks,
Washington, D.C., USA, October 31, 2003. [posted here 5/13/03]
Ad hoc and sensor networks are expected to become an integral part
of the future computing landscape. However, these networks introduce
new security challenges due to their dynamic topology, severe
resource constraints, and absence of a trusted infrastructure. This
workshop seeks submissions from academia and industry presenting
novel research on all aspects of security for ad hoc and sensor
networks, as well as experimental studies of fielded systems.
Submission of papers based on work-in-progress is encouraged. Topics
of interest include, but are not limited to, the following as they
relate to wireless networks, mobile ad hoc networks, or sensor
networks:
- Security under resource constraints, e.g., energy, bandwidth,
memory, and computation constraints
- Performance and security tradeoffs
- Secure roaming across administrative domains
- Key management
- Authentication and access control
- Trust establishment, negotiation, and management
- Intrusion detection and tolerance
- Secure location services
- Privacy and anonymity
- Secure routing
- Secure MAC protocols
- Denial of service
- Prevention of traffic analysis
More information can be found at
www.cs.gmu.edu/sasn.
2003 ACM Workshop on Survivable and
Self-Regenerative Systems (in association with the 10th ACM
Conference on Computer and Communications Security), George Mason
University, Fairfax VA, October 31, 2003 [posted here 5/13/03]
One of the key areas of current research in the fields of computer
and communication security is survivability, where the objective is
to survive attacks that exploit inevitable security vulnerabilities,
rather than to strictly prevent or detect intrusions or
vulnerabilities. Survivability research has explored the
intersection of Fault Tolerance and Security, and recently, the
notion of using self-regenerative capabilities in the context of
survivability has generated a significant interest in the community.
This workshop aims to provide a venue for scholars in this area to
exchange ideas and to explore research issues involving survivable
and self-regenerative systems. Papers offering original research
contributions in any aspect of this emerging field are solicited for
submission to this workshop. Topics of interest include, but are not
limited to, the following:
- Survivable Systems & Networks
- Self-Regenerative Systems & Networks
- Use of Self-Healing Techniques in Surviving Attacks
- Security vs. Fault Tolerance in building survivable and
self-regenerative systems
- Use of Self-Stabilization Techniques in Surviving Attacks
- Role of Formal Models in Survivable and Self-Regenerative
Systems
- Self-Adapting and Self-Securing Systems and Techniques
- Measuring and Quantifying Survivability and Self-Regeneration
- Role of Redundancy, Diversity, Unpredictability and Deception in
Survivable and
Self-Regenerative Systems
- Impact of Detection Accuracy and Latency on Survivability and
Self-Regeneration
More information can be found at
www.acm.org/sigs/sigsac/ccs/CCS2003/workshops.html.
SISW 2003 The
Second IEEE International Security in Storage Workshop, Washington,
DC, USA, October 31, 2003. [posted here 6/22/03]
The ability to create large shared storage systems in a secure
manner is an area that has received little formal research or
results. A comprehensive, systems approach to storage security is
required if storage consolidation is to succeed. This workshop
serves as an open forum to discuss storage threats, technologies,
methodologies and deployment. The workshop seeks submissions from
academia and industry presenting novel research on all theoretical
and practical aspects of designing, building and managing secure
storage systems; possible topics include, but are not limited to the
following:
- Cryptographic Algorithms for Storage
- Key Management for Storage
- Key Management for File Systems
- Attacks on Storage Area Networks and Storage
- Security for Mobile Storage
- Defining and Defending Trust Boundaries in Storage
- Relating Storage Security to Network Security
- Cryptanalysis of Systems and Protocols
- Novel Implementations
- Unintended Data Recovery
- Insider Attack Countermeasures
- Deployment of Secure Storage Mechanisms
- Security in Federated Systems
- Security for Internet Storage Service Providers
More information about the conference can be found at
www.stortek.com/hughes/sisw2003.
FMSE 2003 Formal
Methods in Security Engineering: From Specifications to Code,
Washington, D.C., USA, October 30, 2003. [posted here 3/28/03]
Information security has become a crucial concern for the commercial
deployment of almost all applications and middleware. Despite this
commonly recognized fact, the incorporation of security requirements
in the software development process is not yet well understood. The
deployment of security mechanisms is often done in an ad-hoc manner
only, without a formal security specification, often without a
thorough security analysis and almost necessarily without a formal
security validation of the final product. That is, a process is
lacking for making the transition from high-level security models
and policies through development to code. We aim to bring together
researchers and practitioners from both the security and the
software engineering communities, from academia and industry, who
are working on applying formal methods to designing and validating
large-scale systems. We are seeking submissions addressing
foundational issues in:
- security specification techniques
- formal trust models
- combination of formal techniques with semi-formal techniques
like UML
- formal analyses of specific security properties relevant to
software development
- security-preserving composition and refinement of processes
- faithful abstractions of cryptographic primitives and protocols
in process abstractions
- integration of formal security specification, refinement and
validation techniques in development methods and tools
More information can be found at
www.zurich.ibm.com/~mbc/FMSE02.
WPES 2003 2nd
Workshop on Privacy in the Electronic Society, Washington, D.C.,
USA, October 30, 2003. [posted here 4/14/03]
Privacy issues have been the subject of public debates and the need
for privacy-aware policies, regulations, and techniques has been
widely recognized. Goal of this workshop is to discuss the problems
of privacy in the global interconnected societies and possible
solutions to it. The workshop seeks submissions from academia and
industry presenting novel research on all theoretical and practical
aspects of electronic privacy, as well as experimental studies of
fielded systems. We encourage submissions from other communities
such as law and business that present these communities'
perspectives on technological issues. Topics of interest include,
but are not limited to:
- anonymity, pseudonymity, and unlinkability
- business model with privacy requirements
- data protection from correlation and leakage attacks
- electronic communication privacy
- information dissemination control
- privacy-aware access control
- privacy in the digital business
- privacy enhancing technologies
- privacy policies and human rights
- privacy and anonymity in Web transactions
- privacy threats
- privacy and confidentiality management
- privacy in the electronic records
- privacy in health care and public administration
- public records and personal privacy
- privacy and virtual identity
- personally identifiable information
- privacy policy enforcement
- privacy and data mining
- relationships between privacy and security
- user profiling
- wireless privacy
More information about the conference can be found at
http://seclab.dti.unimi.it/wpes2003.
CCS2003
The 10th ACM Conference on Computer and Communications Security,
Washington, DC, USA, October 27-31, 2003. [posted here 3/22/03]
Papers offering novel research contributions in any aspect of
computer security are solicited. The primary focus is on
high-quality original unpublished research, case studies, and
implementation experiences. Papers should have practical relevance
to the construction, evaluation, application, or operation of secure
systems. Theoretical papers must make convincing argument for the
practical significance of the results. Theory must be justified by
compelling examples illustrating its application. The primary
criterion for appropriateness for CCS is demonstrated practical
relevance. CCS can therefore reject perfectly good papers that are
appropriate for theory-oriented conferences. Topics of interest
include:
- access control - accounting and
audit
- security for mobile code - data/ system integrity
- cryptographic protocols - intrusion detection
- key management - security management
- information warfare - security verification
- authentication - database and
system security
- applied cryptography - smart-cards and secure
PDAs
- e-business/ e-commerce - inference/ controlled
disclosure
- privacy and anonymity - intellectual property
protection
- secure networking - commercial and
industry security
More information can be found at
www.acm.org/sigs/sigsac/ccs/CCS2003/.
The Workshop on Rapid Malcode (in
association with 10th ACM Conference on Computer and Communications
Security), Washington, D.C., October 27, 2003. [posted here
3/20/03]
In the last several years, Internet-wide infectious epidemics have
emerged as one of the leading threats to information security and
service availability. The vehicle for these outbreaks, malicious
codes called "worms", leverage the combination of software
monocultures and the uncontrolled Internet communication model to
quickly compromise large numbers of hosts. Current operational
practices have not been able to manage these threats effectively and
the research community is only now beginning to address this area.
The goal of this workshop is to bring together ideas, understanding
and experience bearing on the worm problem from a wide range of
communities including academia, industry and the government. We are
soliciting papers from researchers and practitioners on subjects
including, but not limited to:
- Modeling and analysis of propagation dynamics
- Automatic detection, characterization, and prediction
- Analysis of worm construction, current & future
- Propagation strategies (fast & obvious vs slow and stealthy)
- Reactive countermeasures
- Proactive defenses
- Threat assessment
- Forensic methods of attribution
- Significant operational experiences
More information can be found at
http://pisa.ucsd.edu/worm03/.
DRM203
ACM Workshop on Digital Rights Management, Washington DC, USA,
October 27, 2003. [posted here 7/2/03]
Original Research Papers on all aspects of Digital Rights Management
are solicited for submission to the 2003 ACM Workshop on Digital
Rights Management. Topics of interest include anonymous publishing,
architectures for DRM systems, auditing, business models for online
content distribution, copyright-law issues, digital policy
management, privacy and anonymity, risk management, robust
identification of digital content, security issues (including but
not limited to authorization, encryption, tamper resistance, and
watermarking) threat and vulnerability assessment, usability aspects
of DRM systems, web services. For more information visit the
Web-page of the workshop:
www.acm.org/sigs/sigsac/ccs/CCS2003/drm.html.
ACNS'03 First MiAn International Conference on Applied
Cryptography and Network Security, Kunming, China, October 16-19,
2003. [posted here 1/19/03]
The first MiAn International Conference on Applied Cryptography and
Network Security (ACNS’03) will be held in Kunming, China on
October 16-19, 2003, organized by MiAn (ONETS) Pte Ltd and in
cooperation with the local government. Original paper on all aspects
of applied cryptography and network security are solicited for
submission to the conference. Areas of interests include but not
restricted to: Biometric Security Applications, Cryptographic and
Anti-cryptographic Analysis, Cryptographic Applications, Data
Recovery and Coding, Differential Power Attacks, Efficient
Implementation, Firewall and Intrusion Detection, GPRS and CDMA
Security, Identification and Entity Authentication, Key Management
Techniques, Network Protocol and Analysis, PKI/PMI and Bridge CA,
Secure e-commerce and e-government, Security Management and
Strategy, Smart Card Security, Verification and Testing of Secure
Systems, Virus and Worms, VPN and SVN, WLAN and Bluetooth Security.
More information can be found at the conference web page at
www.onets.com.cn/dhe.htm.
Nordsec2003
Nordic Workshop on Secure IT Systems, Gjøvik University College,
Norway, October 15-17, 2003. [posted here 4/20/03]
The NORDSEC workshops started in 1996 with the aim of bringing
together researchers and practitioners within computer security in
the Nordic countries. The theme of the workshops have been applied
security, i.e., all kinds of security issues that could encourage
interchange and cooperation between the research community and the
industrial/consumer community. Possible topics include, but are not
limited to the following:
- Privacy and Privacy Enhancing Technologies
- Wireless Communication Security
- Inter/Intra/Extranet Security
- Security Protocol Modelling and Analysis
- E-and M-Business Security
- New Firewall Technologies
- Secure Infrastructures; TTP, PKI, Key Escrow/Recovery
- Computer Crime and Information Warfare
- Detecting Attacks, Intrusions and Computer Misuse
- Smart Card Applications
- Security Management and Audit
- Security Evaluations and Measurements
- Security in Commercial off-the-shelf Products, COTS
- Operating System Security
- Security Models
- New Ideas and Paradigms for Security
- Security Education and Training
- Quality of Service or Software Engineering in Relation to
Security
More information can be found at
www.hig.no/esorics2003/nordsec2003/.
ESORICS 2003 8th European Symposium on Research in Computer
Security, Gjøvik, Norway, October 13-15, 2003 [posted here
1/11/03]
Papers offering novel research contributions in any aspect of
computer security are solicited for submission to the Eighth
European Symposium on Research in Computer Security (ESORICS 2003).
Organized in a series of European countries, ESORICS is confirmed as
the European research event in computer security. The symposium
started in 1990 and has been held on alternate years in different
European countries and attracts an international audience from both
the academic and industrial communities. From 2002 it will be held
yearly. The Symposium has established itself as one of the premiere,
international gatherings on Information Assurance. Papers may
present theory, technique, applications, or practical experience on
topics including:
- access control -
network security
- accountability -
non-interference
- anonymity -
privacy-enhancing technology
- applied cryptography -
pseudonymity
- authentication -
security as quality of service
- covert channels -
secure electronic commerce
- cryptographic protocols - security
administration
- cybercrime -
security evaluation
- data integrity
- security management
- denial of service attacks -
security models
- dependability -
security metrics
-
firewalls -
security requirements engineering
- formal methods in security - security
verification
- inference control -
smartcards
- information flow control -
steganography
- information warfare -
subliminal channels
- intellectual property protection -
survivability
- intrusion detection -
system security
- intrusion tolerance -
transaction management
- language-based security -
trustworthy user devices
More information about the conference can be found at
www.hig.no/esorics2003/.
Workshop at ACM Ubicomp'03: Ubicomp
communities - privacy as boundary negotiation, Seattle, Washington,
USA, October 12, 2003. [posted here 7/10/03]
Ubiquitous computing conjures visions of big and little brother, and
ever-diminishing privacy. But it also opens up new forms of
communication, collaboration and social relations. This workshop
takes a balancing perspective: it treats community participation as
a goal, and balances the need for disclosure against the need for
privacy. Privacy is not an abstract consideration, but a practical
process of negotiating and managing boundaries. The workshop will
explore both social perspectives and technical approaches to this
issue, and aims to provide a forum for ubicomp system developers and
researchers, security researchers, and social scientists to
collaboratively explore the future of trust-sensitive and community
tools in ubicomp. More information can be found at
http://guir.berkeley.edu/privacyworkshop2003/.
ICICS'03 5th
International Conference on Information and Communications Security,
Huhehaote City, Inner-Mongolia, China, October 10-13, 2003. [posted
here 1/19/03]
Information and communication security is a challenging topic at the
best of times. This conference series brings together researchers
and scholars to examine important issues in this area. Original
papers on all aspects of information and communications security are
solicited for submission to ICICS2003. Areas of interests include
but not limited to: Access control, Anonymity, Authentication and
Authorization, Biometric Security, Data and System Integrity,
Database Security, Distributed Systems Security, Electronic Commerce
Security, Fraud Control, Information Hiding and Watermarking,
Intellectual Property Protection, Intrusion detection, Key
Management and Key Recovery, Language-based Security, Operating
System Security, Network Security, Risk Evaluation and Security
Certification, Security for Mobile Computing, Security Models,
Security Protocols, Virus and Worms. More information can be found
on the conference web page at
www.cstnet.net.cn/icics2003/.
CMS 2003 The
Seventh IFIP Communications and Multimedia Security Conference
(joint working conference IFIP TC6 and TC11), Turin, Italy, October
2-3, 2003. [posted here 11/20/02]
CMS 2003 is the seventh working conference on Communications and
Multimedia Security since 1995. State-of-the-art issues as well as
practical experiences and new trends in these areas are the topics
of interest of the conference:
- applied cryptography
- biometry
- multimedia security
- digital signature and digital watermarking
- infrastructure protection
- network and communication security
- security policies
- security of e-commerce
This year the organizers especially encourage submissions on
advanced topics such as security of wireless networks, survivability
of critical communication infrastructures, and protection of
electronic documents. Visit the web site for further information, or
download the PDF call for papers at
security.polito.it/cms2003/cfp.pdf.
ISC'03 6th
Information Security Conference, Bristol, United Kingdom, October
1-3, 2003. [posted here 12/7/02]
Original papers are solicited for submission to ISC 2003. ISC aims
to bring together individuals involved in multiple disciplines of
information security to foster exchange of ideas. Topics of interest
include, but are not limited to:
Access
Control Key
Management
Applied Cryptography
Legal and Regulatory Issues
Cryptographic Protocols
Mobile Code & Agent Security
Digital Rights Management
Network & Wireless Security
E-Commerce Protocols
Software Security
Formal Aspects of Security
Security Analysis Methodologies
Information Hiding
Trust Management
Intrusion Detection
More information can be found on the conference web page at
www.hpl.hp.com/conferences/isc03.
SEFM'2003
International Conference on Software Engineering and Formal Methods,
Brisbane, Australia, September 22-27, 2003. [posted here 3/20/03]
The objective of the conference is to bring together practitioners
and researchers from academia, industry and government to exchange
views on the theoretical foundation of formal methods, their
application to software engineering and the socio-economic impact of
their use. Authors are invited to submit both research and tool
papers. The scientific program will include paper and tool
presentations, tool demonstrations, tutorials and invited talks.
More information can be found on the conference web page at
www.svrc.uq.edu.au/Events/SEFM03/cfp.html.
MMM-ACNS-2003
The Second International Workshop "Mathematical Methods, Models and
Architectures for Computer Networks Security", September 20-24,
2003, St. Petersburg, Russia. [posted here 3/1/03]
The objective of the 2003 workshop is to bring together leading
researchers from academia and governmental organizations as well as
practitioners in the area of computer networks and information
security and facilitate personal interactions and discussions on
various aspects of information technologies in conjunction with
security problems arising in large-scale computer networks engaged
in information storing, transmitting, and processing. The complete
call for papers, with a list of topics of interest and information
on local arrangements can be found on the work shop web page at
http://space.iias.spb.su/mmm-acns03/.
WiSe 2003
Workshop on Wireless Security (in conjunction with MobiCom 2003),
San Diego, CA, USA, September 19, 2003. [posted here 4/20/03]
The objective of this workshop is to bring together researchers from
research communities in wireless networking, security, applied
cryptography, and dependability; with the goal of fostering
interaction. With the proliferation of wireless networks, issues
related to secure and dependable operation of such networks are
gaining importance. Topics of interest include, but are not limited
to:
- Key management in wireless/mobile environments
- Trust establishment
- Intrusion detection, detection of malicious behaviour
- Revocation of malicious parties
- Secure PHY/MAC/routing protocols
- Secure location determination
- Denial of service
- User privacy
- Anonymity, prevention of traffic analysis
- Dependable wireless networking
- Monitoring and surveillance
More information can be found on the conference web site at
www.ece.cmu.edu/~adrian/wise2003.
ETFA'2003 The 9th IEEE International Conference on Emerging
Technologies and Factory Automation (Special session on IT Security
for Automation Systems), September 16-19, 2003, Lisbon, Portugal.
[posted here 2/22/03]
Due to the increased interconnection between plant-floor systems and
enterprise-level computer systems up to and including public
networks like the Internet, and based on Internet protocols
(HTTP/TCP/IP), IT security issues and concerns have also reached the
domains of automation IT systems and automation communication
networks. IT security needs, constraints, and mechanisms for
automation systems are in various ways different from those of the
office computing environment, which creates the necessity, but also
the opportunity, for novel approaches. For this special session
papers are solicited which are concerned with:
- Specific security needs of automation
systems, e.g. with respect to security objectives, usage
scenarios, system topologies/architectures or operating
environment.
- Specific security mechanisms, devices,
processes, protocols and architectures for automation systems.
- IT security audits for automation devices
and systems.
More information can be found at
www.uninova.pt/etfa2003.
CHES
2003 Workshop on Cryptographic Hardware and Embedded Systems,
Cologne, Germany, September 8-10, 2003. [posted here 12/6/02]
The focus of this workshop is on all aspects of cryptographic
hardware and security in embedded systems. The workshop will be a
forum of new results from the research community as well as from the
industry. Of special interest are contributions that describe new
methods for efficient hardware implementations and high-speed
software for embedded systems, e.g., smart cards, microprocessors,
DSPs, etc. We hope that the workshop will help to fill the gap
between the cryptography research community and the application
areas of cryptography. Consequently, we encourage submissions from
academia, industry, and other organizations. All submitted papers
will be reviewed. The topics of CHES 2002 include but are not
limited to:
- Computer architectures for public-key and secret-key
cryptosystems
- Efficient algorithms for embedded processors
- Reconfigurable computing in cryptography
- Cryptographic processors and co-processors
- Cryptography in wireless applications (mobile phone, LANs,
etc.)
- Security in pay-TV systems
- Smart card attacks and architectures
- Tamper resistance on the chip and board level
- True and pseudo random number generators
- Special-purpose hardware for cryptanalysis
- Embedded security
- Device identification
Additional information can be found on the conference web page at
www.chesworkshop.org
RAID'2003
Sixth International Symposium on Recent Advances in Intrusion
Detection, Pittsburgh, PA, USA, September 8-10, 2003 [posted here
3/20/03]
The RAID International Symposium series is intended to further
advances in intrusion detection by promoting the exchange of ideas
in a broad range of topics. Paper submission and panel proposals are
invited on the following types of topics:
- Assessing, measuring, and classifying intrusion-detection
systems
- IDS cooperation and integration
- IDS interoperability standards and standardization
- IDSs in high-performance and real-time environments
- Vulnerabilities and attacks
- Innovative Approaches
- Practical Considerations
More information can be found on the conference web page at
www.raid-symposium.org/raid2003.
7th International Conference on
Knowledge-Based Intelligent Information & Engineering Systems
(special session on Artificial Intelligence Applications to
Information Security), St Anne's College, University of Oxford,
U.K., September 3-5, 2003. [posted here 11/11/02]
In spite of the efforts from Information Security researchers, there
are still a considerable number of unsolved problems that may
benefit from the application of Artificial Intelligence techniques.
The increasing awareness in solving such problems has resulted in a
concerted effort of Artificial Intelligence and Information Security
researchers. Therefore, AI techniques like agents, evolutionary
computation, neural networks, cellular automata, classic and fuzzy
logic and machine learning may play an important role in specific
problems concerning Information Security. We particularly encourage
the discussion of the following topics:
- Semantic analysis of cryptologic protocols,
- Security of mobile agents,
- Security through agents,
- Representation and use of trust induced by PKIs,
- Optimisation heuristics in cryptanalysis
- Machine Learning techniques in cryptanalysis - AI techniques in
cryptology
- Any other work addressing information security problems by
means of AI techniques
This session aims at bringing together members from the two research
communities, information security and artificial intelligence.
Consequently, discussion papers, conceptual papers, theoretical
papers and application papers will be welcomed. Please visit the
conference web site at
scalab.uc3m.es/~docweb/AIIS_KES03.html for more detail on the
topics of interest as well as general conference information.
TrustBus'03 Trust and Privacy in Digital Business (in
conjunction with DEXA 2003),
Prague, Czech Republic, September 1-5, 2003. [posted here 12/23/02]
The purpose of this workshop is twofold: First, all issues of
digital business, focusing on trust and privacy problems will be
discussed. In particular, we are interested in papers that deal with
trust and privacy, confidence and security, reliability and
consistency, fairness and legality, and other issues critical for
the success of future digital business. Second, the workshop should
be a forum for the exchange of results and ongoing work performed in
R&D projects, either on a national or international level. We
invite papers, work-in-progress reports, industrial experiences
describing advances in all areas of digital business applications,
including, but not limited to:
- Privacy & confidentiality management
- Trust architectures and underlying infrastructures
- Electronic cash, wallets and pay-per-view systems
- Businesses models with security requirements
- Enterprise management and consumer protection
- Trust and privacy issues in mobile environments
- Global security architectures and infrastructures
- Protocols and transactional models
- Trustful management and negotiation
- Public administration, governmental services
- Anonymous or pseudonymous access to Web services
- Reliability and security of content and data
- Intellectual property rights, watermarking and fingerprinting
- Common practice, legal and regulatory issues
- Trust issues in E-Services, E-Voting and E-Polling
- PKI, biometrics, smart cards
- Intrusion detection and information filtering
More information can be found on the conference web page at
www.uni-regensburg.de/Fakultaeten/WiWi/pernul/dexa03ws/.
First International Mobile IPR Workshop:
Rights Management of Information Products on the Mobile Internet,
Helsinki, Finland, August 27-28, 2003. [posted here 3/23/03]
MobileIPR Workshop welcomes papers on all aspects of rights
management related to information products such as music, electronic
books, videos, multimedia, games, or software distributed on the
Mobile Internet commercially or otherwise. Relevant topics include,
but are not limited to:
- Digital rights management (DRM) and technical tools to protect
and manage rights,
e.g. cryptographic systems, watermarking, rights expression
languages, and rights
management databases.
- Intellectual property rights (IPR) copyright, database right,
patent, and trademark.
- Privacy in relation to rights management, including protection
of confidential information.
- Contracts, especially open source licensing models in software
and content production.
- Societal and policy issues, including the effect of
non-governmental organizations and
citizens activism.
- Control of information products - economic and ethical
rationales too.
- Business models related to rights management.
- User-contributed content and rights management.
- Rights management in peer-to-peer, super-distribution, and
other new distribution models.
- Related enabling technologies and their impact on digital
rights management.
We welcome both full and short (experience) papers as well as
extended abstracts that address different aspects of rights
management. More information can be found on the workshop web page
at
www.hiit.fi/de/mobileipr/workshop/.
WISA 2003 The 4th International Workshop on Information Security
Applications, Jeju Island, Korea, August 25-27, 2003. [posted here
3/28/03]
The areas of interest include, but are not limited to:
- Internet Security - Cyber Indication and Intrusion Detection
- E-Commerce and Financial Cryptosystems - Smart Cards
and Secure Hardware
- Access Control and Database Security - Network
Security, VPNs and Firewalls
- Mobile
Security -
Biometrics and Human Interfaces
- Applied
Cryptography - Privacy
and Anonymity
- Public Key Cryptography / Key Management - Security
Management
- Threats and Information Warfare -
Digital Rights Management
- Virus
Protection -
Secure Software, Systems and Applications
Additional information can be found on the conference web page at
http://icns.ewha.ac.kr/wisa2003.
ICET'03
The 2003 International Conference on Emerging Technologies,
Minneapolis, Minnesota, USA, August 25-26, 2003. [posted here
3/9/03]
The goal of this conference is to foster cross-disciplinary
interaction in emerging technologies that are approaching sufficient
maturity for initial commercialization. By providing insights from
academia, research, industry, and funding communities the conference
will foster discussions on interactions of emerging technologies,
and the insights that can be harvested from other disciplines. Major
areas of interest for this conference are: Trusted and Reliable
Systems; Interconnected Computing; and Integrated
Bio/hardware/software Systems. More information is available at
www.rfbinternational.com.
NSPW 2003
New Security Paradigms Workshop, Centro Stefano Francini, Ascona,
Switzerland, August 18-21, 2003. [posted here 2/22/03]
For eleven years the New Security Paradigms Workshop has provided a
stimulating and highly interactive forum for innovative approaches
to computer security. In order to preserve the small, focused
nature of the workshop, participation is limited to authors of
accepted papers and conference organizers. NSPW is highly
interactive in nature. Authors are encouraged to present ideas that
might be considered risky in some other forum. All participants are
charged with providing feedback in a constructive manner. The
resulting brainstorming environment has proven to be an excellent
medium for furthering the development of these ideas. The
proceedings, which are published after the workshop, have
consistently benefited from the inclusion of workshop feedback.
Because we expect new paradigms, we accept wide-ranging topics in
information security. Papers that present a significant shift in
thinking about difficult security issues or builds on a previous
shift are welcomed. Our program committee particularly looks for new
paradigms, innovative approaches to older problems, early thinking
on new topics, and controversial issues that might not make it into
other conferences but deserve to have their try at shaking and
breaking the mold. More information can be found on the conference
web page at www.nspw.org.
ECC 2003 The 7th
Workshop on Elliptic Curve Cryptography, University of Waterloo,
Waterloo, Ontario, Canada, August 11-13, 2003 [posted here 2/15/03]
ECC 2003 is the seventh in a series of annual workshops dedicated to
the study of elliptic curve cryptography and related areas. The main
themes of ECC 2003 will be:
- The discrete logarithm.
- Efficient parameter generation and point counting.
- Provably secure cryptographic protocols.
- Efficient software and hardware implementation.
- Side-channel attacks.
- Deployment of elliptic curve cryptography.
There will be approximately 15 invited lectures (and no contributed
talks), with the remaining time used for informal discussions. There
will be both survey lectures as well as lectures on latest research
developments. More information can be found at
www.cacr.math.uwaterloo.ca.
IFIP WG11.2 2003
7th Annual IFIP WG 11.3 Working Conference on Data and Applications
Security Estes Park, Colorado, U.S.A., August 4-6, 2003 [posted
here 1/3/03]
The conference provides a forum for presenting original unpublished
research results, practical experiences, and innovative ideas in
data and applications security. Papers and panel proposals are
solicited. Topics of interest include but is not limited to:
- Critical Infrastructure Protection
- Cyber Terrorism
- Information Warfare
- Intrusion Protection
- Damage assessment and repair
- Database Forensics
- PTN security
- Electronic Commerce Security.
More information about the conference can be found at
www.cs.colostate.edu/~ifip03.
USENIX Security 2003
12th USENIX Security Symposium, Washington, DC, USA August 4-8, 2003
[posted here 9/17/02]
The USENIX Security Symposium brings together researchers,
practitioners, system administrators, system programmers, and others
interested in the latest advances in security of computer systems.
Refereed paper submissions are being solicited in all areas relating
to systems and network security, including:
- Adaptive security and system management
- Analysis of malicious code
- Analysis of network and security protocols
- Applications of cryptographic techniques
- Attacks against networks and machines
- Automated tools for source code analysis
- Authentication and authorization of users, systems, and
applications
- Denial-of-service attacks
- File and file system security
- Firewall technologies
- Intrusion detection
- Privacy preserving (and compromising) systems
- Public key infrastructure
- Rights management and copyright protection
- Security in heterogeneous and large-scale environments
- Security of agents and mobile code
- Security of Internet voting systems
- Techniques for developing secure systems
- World Wide Web security
Since USENIX Security is primarily a systems security conference,
papers regarding new cryptographic algorithms or protocols, or
electronic commerce primitives, are in general discouraged.
ECOOP
2003 Workshop on Exception Handling in Object Oriented
Systems: towards Emerging Application Areas and New Programming
Paradigms, Darmstadt, Germany, July 21-25, 2003. [posted here
1/3/03]
The workshop will provide a forum for discussing the unique
requirements for exception handling in the existing and emerging
applications, including pervasive computing, ambient intelligence,
the Internet, e-science, self-repairing systems, collaboration
environments. We invite submissions on research in all areas of
exception handling related to object oriented systems, in
particular: formalisation, distributed and concurrent systems,
practical experience, mobile object systems, new paradigms (e.g.
object oriented workflows, transactions, multithreaded programs),
design patterns and frameworks, practical languages (Java, Ada 95,
Smalltalk, Beta), open software architectures, aspect oriented
programming, fault tolerance, component-based technologies. We
encourage participants to report their experiences of both benefits
and obstacles in using exception handling, reporting, practical
results in using advanced exception handling models and the best
practice in applying exception handling for developing modern
applications in the existing practical settings. To participate in
the workshop, the prospective attendees are required to submit 4-7
page position papers (in the LNCS format) to Alexander Romanovsky (alexander.romanovsky@ncl.ac.uk)
by April 25. Additional information can be found on the workshop web
page:
www.cs.ncl.ac.uk/~alexander.romanovsky/home.formal/ehoos2003.html.
Security in Distributed Computing (special
track of the 22nd Annual ACM SIGACT-SIGOPS Symposium on Principles
of Distributed Systems), Boston, Massachusetts, USA, July 13-16,
2003. [posted here 10/15/02]
We are soliciting research contributions on the design,
specification, implementation, application and theory of secure
distributed computing. We welcome submissions on any topic in the
intersection of security and distributed computing, including but
not limited to:
- Secure multiparty and two-party computations
- Secret sharing and verifiable secret sharing
- Resiliency to corruptions: distributed, forward and proactive
security
- Security, privacy and anonymity in the Internet and in mobile
communication systems
- Secure/security protocols and distributed algorithms
- Secure multicast and broadcast
- Denial of service (clogging) and its prevention
- Non-repudiation, certification and time stamping protocols
- Distribution of intellectual property and its (copyright)
protection
- Secure distributed marketplaces, auctions, and gambling
- Cryptographic protocols, including: authentication, key
management, etc.
- Secure electronic commerce, banking and payment protocols
- Security for Peer to Peer computing
- Secure bandwidth reservation and QOS
- Distributed access control and trust management
- Secure mobile agents and mobile code
- Security for Storage Area Networks
The special track is an integral part of PODC; see
www.podc.org/podc2003/
for additional information.
ACISP
2003 The Eighth Australasian Conference on Information
Security and Privacy, Wollongong, Australia, July 9-11, 2003.
[posted here 2/15/03]
Original papers pertaining to all aspects of computer systems and
information security are solicited for submission to the Eighth
Australasian Conference on Information Security and Privacy (ACISP
2003). Papers may present theory, techniques, applications and
practical experiences on a variety of topics including:
-
Cryptology
- Mobile communications security
- Authentication and authorization - Secure
operating systems
- Access
control - Security
management
- Network security
- Secure commercial applications
- Smart
cards - Key
management and auditing
- Risk assessment
- Secure electronic commerce
- Copyright protection -
Security architectures and models
- Mobile agents security -
Evaluation and certification
- Software protection and viruses -
Privacy and policy issues
- Security
protocols - Computer
forensics
- Distributed system security -
Intrusion detection
- Database security More information can be found on the
conference web page at
www.itacs.uow.edu.au/research/NSLabs/acisp03/.
CSFW16 16th IEEE
Computer Security Foundations Workshop, Asilomar, Pacific Grove, CA,
USA, June 30-July 2, 2003. [posted here 10/5/02]
This workshop series brings together researchers in computer science
to examine foundational issues in computer security. We are
interested both in new results in theories of computer security and
also in more exploratory presentations that examine open questions
and raise fundamental concerns about existing theories. Both papers
and panel proposals are welcome. Possible topics include, but are
not limited to:
- Access control - Authentication -
Data and system integrity
- Database security - Network security -
Distributed systems security
- Anonymity - Intrusion detection -
Security for mobile computing
- Security protocols - Security models -
Decidability issues
- Privacy - Executable content -
Formal methods for security
- Information flow - Language-based security
Information on submitting papers and panel proposals can be found on
the workshop web page at
www.csl.sri.com/csfw/csfw16.
ECIW 2003
European Conference on Information Warfare and Security, University
of Reading, United Kingdom, June 30-July 1, 2003. [posted here
12/3/02]
The second European Conference on Information Warfare and Security (ECIW)
is an opportunity for academics, practitioners and consultants from
Europe and elsewhere who are involved in the study, management,
development and implementation of systems and concepts to combat
information warfare or to improve information systems security to
come together and exchange ideas. The conference in July 2003 is
seeking qualitative, experience-based and quantitative papers as
well as case studies and reports of work in progress from academics,
information systems practitioners, consultants and government
departments. Topics may include, but are not limited to,
e-Intelligence/counter-intelligence, Perception management,
Information warfare theory, Electro-magnetic pulse weapons,
Information, computer and network security, Cryptography, Physical
security, Security policy, Information warfare policy, Information
warfare techniques, Hacking, Infra-structure warfare, National
security policy, Corporate defence mechanisms, Security for small to
medium enterprises, Cyber Terrorism, Ethical, Political and Social
Issues relating to Information Warfare, Information warfare and
security education, Legal issues concerned with information warfare
and e-Crime, Cyber-terrorism. In addition to multiple streams of
papers, the conference committee are inviting proposals for
workshops and tutorials on topics related to Information Warfare and
research methods applicable to this field. The full call-for-papers
and registration details can be found
www.mcil.co.uk/conf-management.htm.
SecCo
2003 1st International Workshop on Security Issues in
Coordination Models, Languages and Systems (affiliated with ICALP
2003), Eindhoven, the Netherlands, June 28-29, 2003. [posted here
12/19/02]
Coordination models and languages, which advocate a distinct
separation between the internal behaviour of the entities and their
interaction, represent a promising approach. However, due to the
openness of these systems, new critical aspects come into play, such
as the need to deal with malicious components or with a hostile
environment. Current research on network security issues (e.g.
secrecy, authentication, etc.) usually focuses on opening
cryptographic tunnels between fully trusted entities. For this to
work the structure of the system must be known beforehand.
Therefore, the proposed solutions in this area are not always
exploitable in this new scenario. The aim of the workshop is to
cover the gap between the security and the coordination
communities. More precisely, we intend to promote the exchange of
ideas, focus on common interests, gain in understanding/deepening of
central research questions, etc. Topics of interest include, but are
not limited to: Theoretical foundations, specification, analysis,
case-studies, applications for:
- authentication
coordination models
-
integrity
open-distributed systems
-
privacy
mobile ad-hoc networks
- confidentiality
agent-based infrastructures
- access control -in-
peer-to-peer systems
- denial of service
global computing
- service availability
context-aware computing
- safety aspects
component-based systems
- fault tolerance
ubiquitous computing
More information can be found at
cs.unibo.it/secco03
WISE 3/ WECS 5 Third World Conference on
Information Security Education and, Workshop on Education in
Computer Security, Naval Postgraduate School, Monterey California,
USA, June 26-28, 2003. [posted here 9/17/02]
IFIP Working Group 11.8 -Information Security Education and the
Workshop on Education in Computer Security invite you to contribute
to their activities by submitting papers for presentation at their
conference to be held at the Naval Postgraduate School in Monterey
California, USA. The conference aims to address interested
researchers and educators from universities, schools, industry or
government. The theme for the conference is Teaching the Role of
Information Assurance in Critical Infrastructure Protection.
Relevant topics include, but are not limited to the following:
- New Programs in Information Security and Privacy Education
- Training the Cyberwarrior
- Information Security Education in Non-Academic Contexts
- Computer Security and Infrastructure Protection
- Education of Citizens in Information Security
- Information Security Education in Schools
- Teaching Cyber Ethics
- Education in Computer Forensics and the Law
- Education in Electronic Commerce Security
- Education of Information Security Professionals
- Teaching Information Systems Auditing
- International Standards of Security Education
- Evaluation of Security Education
- Programs to Raise Information Security Awareness
- Holistic Approaches in Information Security Education
- Practical and Experimental approaches to Information Security
Education
- Information Security Distance Learning and Web-based teaching
The conference web site can be found at
cisr.nps.navy.mil/wise3/.
Special session on Web Services Security,
First International Conference on Web Services (ICWS'03), Las Vegas,
Nevada, USA, June 23-26, 2003. [posted here 12/15/02]
As is the case in many other applications, the information processed
in Web services might be commercially sensitive and it is similarly
important to protect this information against security threats such
as disclosure to unauthorized parties. This technical session mainly
focuses on different theoretical and technical approaches to handle
the security issues in Web services. More information can be found
on the conference web page at
tab.computer.org/tfec/icws03.
WISP 2003 Workshop on Issues in Security and Petri Nets,
Eindhoven (NL), June 23, 2003. [posted here 2/7/03]
The first international Workshop on Issues in Security and Petri
Nets (WISP) intends to promote research about theoretical
foundations of security analysis and design with Petri Nets as
system model. Hence, original papers as well as surveys on the use
of Petri Nets for security issues are particularly welcome. Also
original papers on security issues in other system models are
welcome, provided that they either present new results or offer a
new perspective to well-known problems. Suggested submission topics
include:
- comparison and classification of security models
- formal definition and verification of the various aspects of
security:
confidentiality, integrity, authentication and
availability
- tools and techniques for the formal analysis of cryptographic
protocols and their applications
- information flow security and related theories
- security issues in probabilistic and real-time models
- mobile code security
- applications to electronic commerce
- case studies
- surveys on security results in Petri Nets and related open
problems
- surveys on analysis techniques for Petri Nets that could be
used for security analysis
More information can be found on the conference web page at
www.iit.cnr.it/staff/fabio.martinelli/wisp-cfp.html.
PoDSy2003
Workshop on Principles of Dependable Systems (in conjunction with
The International Conference on Dependable Systems and Networks),
San Francisco, CA, USA, June 22,2003 (TBC). [posted here 1/19/02]
In this workshop we wish to bring together researchers and
practitioners from both the fault-tolerance and security communities
to discuss foundational topics (and related applied experiences) on
the similarities and differences between both areas. The main
research challenges in this context are to formulate consistent and
mutually understandable notions of the relevant dependable system
properties, to identify suitable models for studying these
properties, and to assess fundamental abstractions of systems which
are both fault-tolerant and secure. In this direction, papers are
solicited which address foundational issues around the "principles"
of dependable systems. Contributions of interest will address topics
related to, but not limited by, the following:
- Relationship between areas of fault-tolerance and security
- Relationship between fault-tolerance and security properties
- Metrics for fault-tolerance and security
- Specification, modeling and analysis of fault-tolerant and
secure systems
- Using fault-tolerance techniques to achieve security
- Using security techniques to achieve fault-tolerance
- Verification and validation of fault-tolerant and secure
systems
- Experiences with fault-tolerant and secure systems
More information can be found on the workshop web page at
http://lpdwww.epfl.ch/fgaertner/podsy2003/.
FCS'03
LICS Satellite Workshop on Foundations of Computer Security, Ottawa,
Canada, June 26-27, 2003. [posted here 1/3/03]
Computer security is an established field of Computer Science of
both theoretical and practical significance. In recent years, there
has been increasing interest in logic-based foundations for various
methods in computer security, including the formal specification,
analysis and design of cryptographic protocols and their
applications, the formal definition of various aspects of security
such as access control mechanisms, mobile code security and
denial-of-service attacks, and the modeling of information flow and
its application to confidentiality policies, system composition, and
covert channel analysis. The aim of this workshop is to provide a
forum for continued activity in this area, to bring computer
security researchers in contact with the LICS community, and to give
LICS attendees an opportunity to talk to experts in computer
security. We are interested both in new results in theories of
computer security and also in more exploratory presentations that
examine open questions and raise fundamental concerns about existing
theories. Possible topics include, but are not limited to:
Formal
specification
cryptographic protocols and applications
Foundations of verification
confidentiality and authentication
Logic-based
design integrity
and privacy
Information flow analysis
availability and denial of service
Security models
--for-- security policies
Language-based security
covert channels
Static
analysis
mobile code
Composition
issues intrusion
detection
Statistical methods malicious code
confinement
More information can be found at the workshop web page:
www.cs.stanford.edu/~iliano/fcs03/.
4th Annual IEEE Information Assurance
Workshop, United States Military Academy, West Point, New York, June
18-20, 2003. [posted here 12/15/02]
The workshop is designed to provide a forum for Information
Assurance researchers and practitioners to share their research and
experiences. Attendees hail from industry, government, and academia.
The focus of this workshop is on innovative, new technologies
designed to address important Information Assurance issues. Papers
will be divided into two broad categories. Approximately 2/3 of the
papers will focus on innovative new research in Information
Assurance. The remaining 1/3 of the papers will be recent experience
and lessons learned from Information Assurance practitioners. Areas
of particular interest at this workshop include, but are not limited
to:
- Innovative intrusion detection and response methodologies
- Information warfare
- Information Assurance education and professional development
- Secure software technologies
- Computer forensics
More details can be found at:
www.itoc.usma.edu/workshop/2003/.
IEEE Electro/Information Technology
Conference, June 5-6, 2003, Indianapolis, Indiana, USA. [posted
here 10/5/02]
Academic, industrial, and government researchers are invited to
submit papers reporting both theoretical and applied research in
topic areas broadly divided into four tracks: Information Technology
Systems and Applications, Communications, Digital Signal Processing,
and Professional Activities. Please visit the conference Web site at
www.cis-ieee.org/eit2003
for information on announcement, registration, and preliminary
program as they become available. The site also includes a Sample
Paper under Call For Papers.
SACMAT'03 18th ACM
Symposium on Access Control Models and Technologies, Como, Italy,
June 2-3, 2003. [posted here 9/27/02]
The mission of the symposium is to share novel access control
solutions that fulfill the needs of interesting applications and to
identify new directions for future research and development work.
SACMAT gives researchers and practitioners a unique opportunity to
share their perspectives with others interested in the various
aspects of access control. Areas of interest include:
- Access control within the context of emerging standards
- Access control models and extensions
- Access control for innovative applications
- Methodologies and tools for access control policy design
- Administration of access policies
- Authorization management
- Access control mechanisms, systems and tools
- Access control in distributed and mobile systems
- Safety analysis and enforcement
- Theoretical foundations for access control models
See the Web page at
www.acm.org/sigsac/sacmat/ for detailed calls for papers,
panels, tutorials and other useful information.
CISSE 2003
7th Colloquium for Information Systems Security Education,
Washington DC, June 1-5, 2003. [posted here 12/10/02]
This colloquium, the seventh in an ongoing annual series, will bring
together leading figures from academia, government, and industry to
address the national need for security and assurance of our
information and communications infrastructure. The colloquium
solicits papers from practitioners, students, educators, and
researchers. The papers should discuss course or lab development,
INFOSEC curricula, standards, best practices, existing or emerging
programs, trends, and future vision, as well as related issues. We
are especially interested in novel approaches to teaching
information security as well as what should be taught. This includes
the following general topics:
- Assessment of need (e.g. how many information security workers/
researchers/ faculty are needed?)
- Integrating information assurance topics in existing graduate
or undergraduate curricula
- Experiences with course or laboratory development
- Alignment of curriculum with existing information assurance
education standards
- Emerging programs or centers in information assurance
- Late breaking topics
- Best practices
- Vision for the future
We particularly encourage papers that discuss tools, demonstrations,
case studies, course modules, shareware, and worked examples that
participants (and others) can use to help educate people in computer
security. Papers reporting work in progress are also welcomed,
especially if enough information to evaluate the work will be
available at the time of the colloquium. The complete call for
papers can be found at
cisse.info/call_for_papers.htm
and the conference web site is at
www.ncisse.org.
WEIS2003
