|
Past Conferences and Journal Special Issues
Last Modified:01/13/05
Note: Please contact
cipher-cfp@ieee-security.org by email if you have any questions..
Contents
ACSAC 20
The 20th Annual Computer Security Applications Conference, Hilton
Tucson El Conquistador, Tucson, AZ, USA, December 6-10, 2004.
[posted here 5/14/04]
The 19th Annual Computer Security Applications Conference is an
internationally recognized conference that provides a forum for
experts in information system security to exchange practical ideas
about solving real problems. Papers and proposals that address the
application of technology, the implementation of systems, and
lessons learned will be given special consideration. The ACSAC
Program Committee is looking for papers, panels, forums, case
studies presentations, tutorials, workshops, and works in progress
that address practical solutions to problems related to protecting
commercial enterprises or government information infrastructures.
A list of topics of interest along with other
conference information can be found at
www.acsac.org.
ISWC2004 3rd
Workshop on Trust, Security, and Reputation on the Semantic Web,
Hiroshima, Japan, November 7, 2004. [posted here 5/29/04]
This workshop will bring together researchers from different
communities to examine cutting-edge approaches towards the
establishment of these security, trust, and
reputation
infrastructures. The emphasis will be to advance and integrate
security and trust related research from the semantic web, logical
reasoning, grid, agent, peer-to-peer, and web
services.
The workshop will include both presentations of research papers and
demonstrations of implemented systems. We envisage a wide variety of
contributions both from the area of traditional security and access
control research as well as from the area of reputation propagation
and social network theory.
<>Workshop topics include, but are not limited
to, the following:
- rule-based policies, contracts and business
rules
- natural-language and visual interfaces for policy
languages
- rules and ontologies for security, trust and
privacy
- digitally signed RDF
- security requirements
engineering
- trust establishment and automated trust
negotiation
- decentralized trust infrastructures for semantic web and grid
environments
- trust metrics and
models
- trust and
provenance
- trust and reputation management and
propagation
- friends of a friend networks / FOAF
- distributed computation of
trust
- security and trust for agents, peer-to-peer, grid and web
services
- case studies on security and trust
applications
For more info, see
http://trust.mindswap.org/trustWorkshop/
NORDSEC2004
9th Nordic Workshop on Secure IT Systems, Espoo, Finland, November
4-5, 2004. [posted here 5/13/04]
The NORDSEC workshops started in 1996 with the
aim of bringing researchers and practitioners within computer
security in the Nordic countries. The theme of the workshop has been
applied security, i.e. all kinds of security issues that could
encourage interchange and cooperation between the research community
and the industrial/consumer community. Possible topics include, but
are not limited to the following:
- Privacy and Privacy Enhancing Technologies
- Wireless Communication Security
- Inter/Intra/Extranet Security
- Security Protocol Modeling and Analysis
- E-and M-Business Security
- New Firewall Technologies
- Secure Infrastructures; TTP, PKI, Key Escrow/Recovery
- Computer Crime and Information Warfare
- Detecting Attacks, Intrusions and Computer Misuse
- Smart Card Applications
- Security Management and Audit
- Security Evaluations and Measurements
- Security in Commercial off-the-shelf Products, COTS
- Operating System Security
- Security Models
- New Ideas and Paradigms for Security
- Security Education and Training
- Quality of Service or Software Engineering in Relation to Security
The workshop will consist of paper sessions,
panel discussions and invited talks. For a complete call for papers,
see
http://www.tml.hut.fi/Nordsec2004/call_for_papers.html
PSDM04, ICDM
Workshop on Privacy and Security Aspects of Data Mining, November 1,
2004, Brighton, UK. [posted here 8/4/04]
The goal of this workshop is to discuss issues of privacy and
security in data mining, synergize different views of techniques and
policies, and
brainstorm future research directions. Although techniques, such as
random perturbation, cryptographic-based methods, and database
inference
control have been developed, many of the key problems still remain
open in this area. Especially, new privacy and security issues have
been
identified, and the scope of this problem has been expanded. In
addition to these existing technologies, people attempt to explore
new approaches
to tackle the problem.
Furthermore, special techniques may be needed
to deal with some data mining applications, such as
privacy-preserving mining of imbalanced
data, bioinformatics data, streaming data, etc. It would be valuable
to both the privacy and security community and the data
mining community to examine the progress achieved in this area.
Researchers with interest in the areas of privacy and
security as well as data mining and machine learning are strongly
encouraged to attend the
workshop.
Topics of
Interest
- Privacy and security protection during the phase of data
collection, including privacy and security policies, data
ownership, identity theft protection.
- Access control techniques and secure data models.
- Secure learning algorithms for randomized/perturbed data.
- Privacy-Preserving multi-party data mining.
- Trust management for data mining.
- Learning from imbalanced data, streaming data, and bioinformatics
data
- Trust management for data mining.
- Learning from imbalanced data, streaming data, and bioinformatics
data while preserving data privacy.
- Inference/disclosure related data mining.
- Privacy protection in E-Commerce.
- Privacy laws for fraud detection and for protecting personal data,
medical data, and the public release of
data.
- Secure link analysis and social network analysis.
- Data mining applications for terrorist detection.
- Privacy enhancement technologies in web
environments.
- Privacy guarantees and usability of perturbation and randomization
techniques.
- Analysis of confidentiality control
methods.
For complete call-for-paper information,
please see
http://chacs.nrl.navy.mil/psdm04
VizDMSEC
Workshop on Visualization and Data Mining for Computer Security,
Washington DC, USA, October 29, 2004. [posted here 5/29/04]
Information about security on large and complex computer networks is
high volume, heterogeneous, distributed, and dynamic over time.
Of
interest to this workshop are two complementary methods to process
high-dimensional data into knowledge: visualization and data mining.
Visualization represents high-dimension security data in 2D/3D
graphics and animations intended to facilitate quick inferences for
situational awareness and focusing of attention on potential
security events. Data mining focuses on algorithms to accurately
detect
patterns in high-dimension security data representing unauthorized
system access or computer network attacks. Papers with demonstrated
results will be given
priority.
More information on this workshop can be found at
http://www.cs.fit.edu/~pkc/vizdmsec04/ .
WPES'04 ACM
Workshop on Privacy in Electronic Society, George Mason University,
Washington DC, USA, October 28, 2004. [posted here 5/29/04]
This workshop is being held as part of the 11th ACM conference on
Computer and Communicutions Security. The workshop seeks submissions
from academia and industry presenting novel research on all
theoretical and practical aspects of electronic privacy, as well as
experimental studies of fielded systems. We encourage submissions
from other communities such as law and business that present these
communities' perspectives on technological issues.
Topics of interest include, but are not
limited to:
anonymity, pseudonymity, and unlinkability
privacy and confidentiality management
business model with privacy requirements
privacy in the electronic records
data protection from correlation and leakage attacks privacy
in health care and public administration
electronic communication privacy
public records and personal privacy
information dissemination control
privacy and virtual identity
privacy-aware access control
personally identifiable information
privacy in the digital business
privacy policy enforcement
privacy enhancing technologies
privacy and data mining
privacy policies and human rights
relationships between privacy and security
privacy and anonymity in Web transactions user
profiling
privacy threats
wireless privacy
For more information, please see:
http://seclab.dti.unimi.it/wpes2004/
ICICS 2004
Sixth
International Conference on Information and Communications Security,
Malaga, Spain, October 27-29, 2004. [posted here 2/18/04]
The 2004 International Conference on Information and Communications
Security will be the sixth event in the ICICS conference series,
started
in 1997, that brings together individuals involved in multiple
disciplines of Information and Communications Security in order to
foster exchange
of ideas. Original papers are solicited for submission.
Areas of interest include but are not limited to:
- Anonymity
- Authentication and Authorization
- Biometrics
- Computer Forensics
- Critical Infrastructures Protection
- Cryptography and its Applications
- Data and Systems Integrity
- Design and Analysis of Cryptosystems
- Electronic Commerce Security
- Fraud Control and Information Hiding
- Information and Security Assurance
- Intellectual Property Protection
- Intrusion Detection and Response
- Key Management and Key Recovery
- Mobile Communications Security
- Network Security
- Privacy Protection
- Risk Evaluation and Security Certification
- Security Models
- Security Protocols
- Software Protection
- Smart Cards
- Trust Management
- Watermarking
For more information, see
http://icics04.lcc.uma.es for details.
FMSE'04 2nd
ACM Workshop on Formal Methods in Security Engineering: From
Specifications to Code, Washington DC, USA, October 28, 2004.
[posted here 5/29/04]
This workshop is being held as part of the 11th ACM conference on
Computer and Communicutions Security.We aim to bring together
researchers and practitioners from both the security and the
software engineering communities, from academia and industry, who
are working on applying formal methods to designing and validating
large-scale systems. We are seeking submissions addressing
foundational issues in:
- security specification techniques
- formal trust models
- combination of formal techniques with semi-formal techniques
like UML
- formal analyses of specific security properties relevant to
software development
- security-preserving composition and refinement of processes
- faithful abstractions of cryptographic primitives and
protocols in process abstractions
- integration of formal security specification, refinement and
validation techniques in development methods and tools.
The primary focus is on high-quality original unpublished research
and case studies.
For more information, please see:
http://www.zurich.ibm.com/~mbc/FMSE04/call.html
ACM MOBIWAC ACM
International Workshop on Mobility Management and Wireless Access
(with Mobicom 2004), Philadelphia, PA, USA, October 25, 2004.
[posted here 6/30/04]
This workshop solicits papers, both form researchers and
practitioners, dealing with mobile computing and wireless access
technologies,
with an emphasis on mobility and location management, ubiquitous and
ad hoc access, awareness,
mobile computational ambient agents, natural interaction and
seamless access.
The workshop will include contributed technical papers, invited
papers, panel discussions and tools
demonstrations.
Authors are encouraged to submit both theoretical and practical
results of significance on all aspects of wireless and mobile access
technologies
with an emphasis on mobility management and wireless access.
The scope of this workshop includes, but is not limited, to:
- Wireless/Mobile Access Protocols
- Wireless Web Access
- Fault Tolerance in Wireless Access Networks
- Application development for embedded electronics and mobile
devices
(with J2ME Wireless Devices, etc.)
- Wireless Multimedia Protocols
- Design and architecture of wireless communication and mobile
computing
- Mobile service and QoS management
- Localization and tracking of mobile users
- Modeling of wireless devices and networks
- Large scale simulation
- Channel Allocation
- Analysis of correctness and efficiency of protocols
- Pervasive Computing
- Ubiquitous and mobile access
- Security and privacy issues
- Awareness-dependent wireless applications
- Interactive applications
- Awareness-dependent wireless applications
- Interactive applications
- Context-awareness
- Wireless, ad hoc and sensor access devices
- Wireless internet access technologies
- Mobile commerce technologies
For more info, see
http://ru1.cti.gr/mobiwac04/
SASN2004 ACM Workshop on
Security of Ad Hoc and Sensor Networks, Wyndham City Hotel,
Washington, DC, October 25, 2004. [posted here 5/13/04]
This workshop seeks submissions from academia and industry
presenting novel research on all aspects of security for ad hoc and
sensor networks, as well as experimental studies of fielded
systems. Submission of papers
based on work-in-progress is encouraged. Topics of interest
include, but are not limited to, the following as they relate to
wireless networks,mobile ad hoc networks, or sensor networks:
- Security under resource constraints, e.g., energy, bandwidth,
memory, and computation constraints
- Performance and security tradeoffs
- Secure roaming across administrative domains
- Key management
- Cryptographic protocols
- Authentication and access control
- Trust establishment, negotiation, and management
- Intrusion detection and tolerance
- Secure location services
- Privacy and anonymity
- Secure routing
- Secure MAC protocols
- Denial of service
- Prevention of traffic analysis
For more info, see
http://www.cs.gmu.edu/sasn
DRM2004 ACM
Workshop on Digital Rights Management, Wyndham City Hotel,
Washington, DC, October 25, 2004. [posted here 5/29/04]
This workshop seeks submissions from academia and industry
presenting novel research on all aspects of security for ad hoc and
sensor networks, as well as experimental studies of fielded
systems. Submission of papers
based on work-in-progress is encouraged. Topics of interest
include, but are not limited to, the following as they relate to
wireless networks,mobile ad hoc networks, or sensor networks:
- Security under resource constraints, e.g., energy, bandwidth,
memory, and computation constraints
- Performance and security tradeoffs
- Secure roaming across administrative domains
- Key management
- Cryptographic protocols
- Authentication and access control
- Trust establishment, negotiation, and management
- Intrusion detection and tolerance
- Secure location services
- Privacy and anonymity
- Secure routing
- Secure MAC protocols
- Denial of service
- Prevention of traffic analysis
For more info, see
http://mollie.engr.uconn.edu/DRM2004/
<>CCS
2004 11th ACM Conference on Computer and Communications
Security, Washington, DC, USA, October 25-29, 2004. [posted here
11/18/03]
(See the call at
http:///www.acm.org/sigsac/ccs/CCS2004 for details).
SASC2004 The
State of the Art of Stream Ciphers, Novotel Brugge Centrum, Brugge,
Belgium, October 14-15, 2004 [posted here 09/07/04]
The cryptographic community is well served by a variety of efficient
and trusted block ciphers. Yet there remains only a limited
selection of
trusted, non-proprietary, and royalty-free stream ciphers. SASC is
a special workshop that aims to provide a more complete
understanding of the
current state of stream cipher design and analysis. Sponsored by the
ECRYPT Network of Excellence (http://www.ecrypt.eu.org) SASC will
consider the
current state of stream cipher knowledge. In particular it is hoped
to expose new and existing stream cipher proposals, cryptanalytic
tools, and
design criteria to the wider attention of the cryptographic
community.
<>WiSe
2004 Workshop on Wireless Security (in conjunction with
MobiCom 2004), Philadelphia, PA, USA, October 1, 2004. [posted here
1/19/04]
The objective of this workshop is to bring together researchers from
research communities in wireless networking, security, applied
cryptography, and dependability; with the goal of fostering
interaction. With the proliferation of wireless networks, issues
related to secure and dependable operation of such networks are
gaining importance. Topics of interest include, but are not limited
to:
- Trust establishment
- Key management in wireless/mobile environments
- Economic incentives for collaboration
- Security modeling and protocol design in the context of
rational/malicious adversaries
- Light-weight cryptography, efficient protocols and
implementations
- Intrusion detection, detection of malicious behaviour
- Revocation of malicious parties
- Secure PHY/MAC/routing protocols
- Secure location determination
- Denial of service
- Privacy (location, contents, actions)
- Anonymity, prevention of traffic analysis
- Dependable wireless networking
- Monitoring and surveillance
More information can be found at
www.ece.cmu.edu/~adrian/wise2004.
VANET2004
First ACM Workshop on Vehicular Ad Hoc Networks (held in conjunction
with ACM MobiCom 2004), Loews Philadelphia Hotel, Philadelphia, PA,
USA, October 1, 2004. [posted here 5/13/04]
Creating high-performance, highly scalable,
and secure VANET technologies presents an extraordinary challenge to
the wireless research community. Yet, certain limitations commonly
assumed in ad hoc networks are mitigated in VANET. For example,
VANET may marshal relatively large computational resources. Ample
and recharging power sources can be assumed. Mobility patterns are
constrained by road paths and driving speed restrictions. VANET
represents high resource/performance wireless technology. As such,
VANET can use significantly different approaches than sensor
networks. VANET applications will include on-board active safety
systems leveraging vehicle-vehicle or roadside-vehicle networking.
These systems may assist drivers in avoiding collisions. Non-safety
applications include real-time traffic congestion and routing
information, high-speed tolling, mobile infotainment, and many
others.
We invite papers from researchers on all aspects of vehicular ad hoc
networks, such as new applications, networking protocols, security
paradigms, network management technologies, power control,
modulation, coding, channel modeling, etc. The session will bring
together visionary researchers for an exciting exchange of ideas.
For more info, please see:
http://www.path.berkeley.edu/vanet/
SAPS'04
Workshop on Specification and Automated Processing of Security
Requirements, Linz, Austria, September 20-25, 2004. [posted here
5/13/04]
This workshop is being held as part of the 19th IEEE International
Conference on Automated Software Engineering. The exchange of
concepts, prototypes, research ideas, and
other results which contribute to the academic arena and also
benefit business and industrial communities, is of particular
interest.
Original papers are solicited for submission to the workshop
related (but not limited) to the following topics of interest:
- Security requirements specification and analysis
- Formal semantics for security requirements
- Integration of Security engineering into software
engineering processes
- Automated tools supporting integrated security
engineering and software engineering processes
- Security in programming languages
- Automatic tools for secure software development
- Automatic analysis/enforcement of security policies
- Definition and analysis of security-related semantic
models
- Tools for formal analysis of security properties
- Specification, characterisation and integration of
security components and patterns
For more information, please see:
http://www.lcc.uma.es/SAPS04
NSPW2004
New Security Paradigms Workshop 2004, White Point Beach Resort,
Nova Scotia, Canada, September 20-23, 2004. [posted here 3/27/04]
For twelve years the New Security Paradigms Workshop (NSPW) has
provided
a stimulating and highly interactive forum for innovative approaches
to
computer security. The workshop offers a constructive environment
for
experienced researchers and practitioners as well as newer
participants
in the field. The result is a unique opportunity to exchange ideas.
NSPW
2004 will take place September 20 - 23 at theWhite Point Beach
Resort,
located on the southern shore of beautiful Nova Scotia. The resort
can
be reached by air via Halifax or by ferry from Portland, Maine.
In order to preserve the small, focused nature of the workshop,
participation is limited to authors of accepted papers and
conference
organizers. NSPW is unique in format and highly interactive in
nature. Each paper is typically the focus of 45 to 60 minutes of
presentation and discussion. Authors are encouraged to present ideas
that
might be considered risky in some other forum, and all participants
are charged with providing feedback in a constructive manner. The
resulting intensive brainstorming has proven to be an excellent
medium
for furthering the development of these ideas. The proceedings,
which
are published after the workshop, have consistently benefited from
the
inclusion of workshop feedback.
Because we expect new paradigms, we accept wide-ranging topics in
information security. Papers that present a significant shift in
thinking about difficult security issues or builds on a previous
shift
are welcomed. Our program committee particularly looks for new
paradigms,
innovative approaches to older problems, early thinking on new
topics,
and controversial issues that might not make it into other
conferences
but deserve to have their try at shaking and breaking the mold.
We welcome three categories of submission: research papers, 5 - 10
page position papers, and discussion topic proposals. Discussion
topic
proposals should include an in-depth description of the topic to be
discussed, a convincing argument that the topic will lead to a
lively
discussion, and supporting materials. Submissions must be
accompanied by
a justification statement (why this is a new paradigm) and an
attendance
statement (how many authors expect to attend). All attendees are
expected
to stay for the entire duration of the workshop.
Detailed submission information and instructions may be found at
http://www.nspw.org/.
PDCS 2004
International Workshop on Security in Parallel and Distributed
Systems (in conjunction with the 17th International Conference on
Parallel and Distributed Computing Systems), San Francisco, CA, USA,
September 15-17,2004. [posted here 5/13/04]
In recent years, interest has increased in the field of security of
parallel and distributed systems, which include the control
mechanisms, mobile code
security, denial-of-service attacks, trust management, modeling of
information flow and its application to confidentiality policies,
system composition,
and covert channel analysis. We will focus our program on issues
related to important properties of system security, such as
measurability,
sustainability, affordability, and usability in parallel and
distributed systems. Topics ofinterest include:
. Distributed Access Control and Trust Management
. Key Management and Authentication
. Privacy and Anonymity
. Benchmark and Security Analysis
. Security for Peer to Peer systems and Grid Computing Systems
. Secure Multicast and Broadcast
. Secure multiparty and two-party computations
. Computer and Network Forensics
. Denial-of-service Attacks and Countermeasures
. Secure E-Commerce/E-Business
. Security Verification
. Distributed Database Security
. Digital Rights Management
. Secure Mobile Agents and Mobile Code
. Intrusion detection
. Security in ad-hoc and sensor networks
. World Wide Web Security
More information can be found at the conference web site at
http://securityworkshop.ece.iastate.edu
RAID'2004 Seventh
International Symposium on Recent Advances in Intrusion Detection,
Institut Eurécom, Sophia-Antipolis, French Riviera, France,
September 15-17, 2004. [posted here 12/11/03]
For RAID 2004 there is a special theme: the interdependence between
intrusion detection and society. Thus, we will also welcome papers
that address issues that arise when studying intrusion detection,
including information gathering and monitoring, as a part of a
larger, not necessarily purely technical, perspective. The RAID 2004
program committee invites three types of submissions: full papers
presenting mature research results; practical experience reports
describing a valuable experience or a case study; and panel
proposals for presenting and discussing hot topics in intrusion
detection systems. The RAID 2004 web site elaborates on these themes
and also provides a full list of topics of interest (http://raid04.eurecom.fr)
ESORICS 2004 9th
European Symposium on Research in Computer Security, Institut
Eurécom, Sophia-Antipolis, French Riviera, France, September
13-15, 2004. [posted here 12/21/03]
Papers offering novel research contributions in any aspect of
computer security are solicited for submission to ESORICS 2004.
Organized in a series of European countries, ESORICS is confirmed as
the European research event in computer security. The primary focus
is on high-quality original unpublished research, case studies and
implementation experiences. We encourage submissions of papers
discussing industrial research and development. Information on
topics of interest, and instructions for submitting a paper can be
found at
http://esorics04.eurecom.fr.
SCN'04
Fourth Conference on Security in Communication Networks,Amalfi,
Italy, September 8-10, 2004. [posted here 5/13/04]
The Fourth Conference on Security in
Communication Networks (SCN '04) will be held in Amalfi (Italy) on
September 8-10 2004. SCN '04 aims at bringing
together researchers in the field of security in communication
networks to foster cooperation and exchange of ideas. Original
papers on all technical
aspects of cryptology and network security are solicited for
submission to SCN04. Topics of interest are (but not limited to):
Anonymity
Implementations
Authentication Key
Distribution
Block Ciphers Operating
Systems Security
Complexity-based Cryptography Privacy
Cryptanalysis Protocols
Digital Signatures Public Key
Encryption
Hash Functions Secret
Sharing
Identification Survey and
state of the art
For more information, please see
http://www.dia.unisa.it/conferences/SCN04/
Trustbus'04
Trust and Privacy in Digital Business, Zaragoza, Spain, August 30 -
September 3, 2004. [posted here 12/21/03]
The First International Conference on Trust and Privacy in Digital
Business (TrustBus’04) will be held in conjunction with the
15th International Conference on Database and Expert Systems
Applications (DEXA'04), (http://dexa.org/dexa2004/).
TrustBus’04 shall bring together researchers from different
disciplines, developers, and users all interested in the critical
success factors of digital business systems. We invite papers,
work-in-progress reports, industrial experiences describing advances
in all areas of digital business applications. A complete list of
topics of interest and instructions for submitting a paper can be
found on the conference web site at
http://www-ifs.uni-regensburg.de/trustbus04/
SecCo2004 2nd International
Workshop on Security Issues in Coordination Models, Languages and
Systems, London, United Kingdom. August 30, 2004. [posted here
5/13/04]
Coordination models, languages and
middlewares, which advocate a distinct separation between the
internal behaviour of the entities and
their interaction, represent a promising approach. However, due to
the openness of these systems, new critical aspects come into
play, such
as the need to deal with malicious components or with a
hostile environment. Current research on network security issues
(eg. secrecy,
authentication, etc.) usually focuses on opening
cryptographic point-to-point tunnels. Therefore, the proposed
solutions in this area
are not always exploitable to support the end-to-end
secureinteraction between entities whose availability or
location is not
known beforehand.
Topics of interest include, but are not
limited to:
Theoretical foundations, specification, analysis,
case-studies,
applications for
authentication coordination
models
integrity web service
technology
privacy mobile
ad-hoc networks
confidentiality agent-based
infrastructures
access control -in- peer-to-peer
systems
denial of service global computing
service availability context-aware
computing
safety aspects component-based
systems
fault tolerance
ubiquitous/pervasive computing
For more information, please see:
http://cs.unibo.it/secco04
VLDB2004 Workshop "Secure Data Management in a Connected World",
Royal York Hotel,
Toronto,
Canada,
August 30, 2004. [posted here 5/13/04]
Aim of the workshop is to bring together
people from the security research community and data management
research community in order to
exchange ideas on the secure management of data in the context of
emerging networked services and applications. The workshop will
provide
forum for discussing practical experiences and theoretical research
efforts that can help in solving these critical problems in secure
data
management. Authors from both academia and industry are invited to
submit papers presenting novel research on the topics of interest.
Topics of interest include (but are not limited to) the following:
- Data Hiding
- Secure Storage
- Secure Data Management in File Systems
- Digital Rights Management
- Data Encryption
- Search on Encrypted Data
- Metadata and Security
- XML Security
- Multimedia Security and Privacy
- Authorization and Access Control Techniques
- Security and Privacy Management
- Privacy Enhanced Data Management (indexing, access control)
- Private Information Retrieval
- User Profiling and Privacy
- Privacy Preserving Data Mining
- Statistical Database Security
- Security and Privacy Requirements for Ambient Applications
- Information Dissemination Control
- Protection of Personally Identifiable Information
For further info, please see
http://www.extra.research.philips.com/sdm-workshop/
CSES 2004
2nd International Workshop on Certification and Security in
Inter-Organizational E-Services, Toulouse, August 26-27, 2004.
[posted here 3/27/04]
The workshop is within IFIP-WCC 2004, the 18th World Computer
Congress of the IFIP. This is a uniquely rich event featuring a
variety of
initiatives on key issues in Information Technology. For more
information on it see http://www.wcc2004.org/.
Topics of interest include (but are not limited to):
- Traceability in e-services
- Certification in e-services
- Methods for guaranteeing non-repudiation in e-services
- Authentication and encryption in e-services
- Public Key Infrastructures
- Certification Authorities and management of trust
- Authorization and access control models for e-services
- Certification and security for mobile access to e-services
- User and e-service profiling
- Security and certification issues in GRID computing
- Risks analysis methods (new approaches and experiences)
- Risks through interception and tracking technologies
- Algorithmic issues in providing secure and certified e-services
- Information flow issues
- Firewall technology and e-services
- Administration and management of safeguards
- Security middleware solutions
- Web Services, certification and security
- Secure electronic markets
- Messaging Security in e-services
- Web Security in e-services
- Security Issues in e-Services
- Multilateral Security
- Network Protocol Security
- Users' security responsibilities
- Protecting users/usees by Privacy-Enhancing Technologies
- Critical Information Infrastructure Protection and Social
Implications
- Organizational issues in implementing security measures
Submissions describing real-life application experiences, research
results and methodological proposals are solicited, from
participants
belonging to the governmental, industrial and academic communities.
For more information, see the web page at:
http://www.nestor.uniroma2.it/cses2004.htm
ICETE
2004 International Conference on E-business and
Telecommunication Networks, Setúbal, Portugal, August 25-28,
2004. [posted here 7/28/03]
Topics of interest include: Global Communication Information Systems
and Services; Security and Reliability in Information Systems and
Networks; Wireless Communication systems and Networks; and
Multimedia Signal Processing. More information can be found at
www.icete.org, or contact the
ICETE secretariat at secretariat@icete.org.
CARDIS 2004 The 6th Smart
Card Research and Advanced Application IFIP Conferencet, Toulouse,
France, (as part of the 18th IFIP World Computer Congress), August
23-26, 2004. [posted here 1/25/04]
The program committee seeks papers describing the design,
development,
application, and validation of smart card technologies. Submissions
across
a broad range of smart card development phases are encouraged, from
exploratory research and proof-of-concept studies to practical
application
and deployment of smart card technology.
Topics of interest include, but are not limited to:
- Smart Device, Person Representation and Ambient Intelligence
- Smart Device, Identity, Privacy and Trust
- Smart Card and Smart Device software (OS, VM, API...)
- High-level data model and management (On-card data sharing
schemes...)
- Integrated development environments (automatic mask &
application generation)
- (Distributed) Application development and deployment
- Emerging opportunities for standardization
- From Smart Card to Smart Device (hardware, form factor,
display...)
- Biometrics and Smart Cards
- High-speed, small-footprint encryption
- Cryptographic accelerators
- Cryptographic protocols for Smart Cards (and Smart Devices)
- Attacks and countermeasures in hardware and software
- Hardware, software and service (application) validation and
certification
- Formal Modelling
- Benchmarking
- Smart Card (Smart Device) and Applications in Internet, WLAN,
DRM,...
More information can be found at
www.sec2004.org.
IFIP/Sec 2004 The 19th IFIP
International Information Security Conference (IFIP/Sec 2004),
Centre de Congrès Pierre Baudis, Toulouse, France, (as part of
the 18th IFIP World Computer Congress), August 23-26, 2004. [posted
here 1/25/04]
Papers offering novel research contributions in any aspect of
computer
security are solicited for submission to the 19th IFIP International
Information Security Conference. Papers may present theory,
applications
or practical experiences on topics including, but not limited to:
- Accounting and auditing - Multilateral security
- Authentication - Data and system
integrity
- Data protection - Authorization and
access control
- Privacy, Anonymity - Security models and
architectures
- Computer Forensics - Risk analysis and risk
management
- Internet and www security - Secure e-government
- Information hiding - e-business/e-commerce
security
- Information security - Secure information
systems development
- Intrusion detection - Security management
- Assurance - Security
verification
- Key management - Commercial and industrial
security
- Security policies - Mobility and
ubiquitous systems
- DRM & Content Protection - Information warfare and
Critical Infrastructure Protection
More information can be found at
www.sec2004.org.
<>
I-NetSec04 Third Working
Conference on Privacy and Anonymity Issues in Networked and
Distributed Systems (special track at the 19th IFIP International
Information Security Conference), Toulouse, France, August 23-26,
2004. [posted here 12/9/03]
Privacy and anonymity are increasingly important aspects in
electronic services. The workshop will focus on these aspects in
advanced distributed applications, such as m-commerce, agent-based
systems, P2P, ... Suggested topics include, but are not restricted
to:
- Models for threats to privacy/anonymity
- Models and measures for privacy/anonymity
- Secure protocols that preserve privacy/anonymity
- Privacy, anonymity and peer-to-peer systems
- Privacy, anonymity and mobile agents
- Privacy/anonymity in payment systems
- Privacy/anonymity in pervasive computing applications
- Anonymous communication systems
- Legal issues of anonymity
- Techniques for enhancing privacy in existing systems
More information can be found at
www.sec2004.org.
WISA 2004 The 5th
International Workshop on Information Security Applications, Ramada
Plaza,
Jeju Island, Korea, August 23-25, 2003. [posted here 3/27/04]
The 5th International Workshop on Information Security Applications
(WISA 2004)
will be held in Jeju Island, Korea on August 23-25, 2004. It is
sponsored by
the Korea Institute of Information and Cryptology (KIISC),
Electronics &
Telecommunications Research Institute (ETRI), and Ministry of
Information and
Communication (MIC). The focus of this workshop is on all technical
and
practical aspects of cryptographic and non-cryptographic security
applications.
The workshop will serve as a forum for new results from the academic
research
community as well as from the industry.
The areas of interest include, but are not limited to:
* Internet & Wireless Security *
Cyber Indication & Intrusion Detection
* E-Commerce Protocols *
Smart Cards & Secure Hardware
* Access Control & Database Security * Mobile
Security
* Biometrics & Human Interface *
Privacy & Anonymity
* Network Security Protocols *
Public Key Crypto Applications
* Security & Trust Management *
Threats & Information Warfare
* Digital Rights Management *
Virus Protection
* Secure Software & Systems *
Ubiquitous Computing Security
* Information Hiding
* Peer-to-Peer Security
More information can be found at
http://dasan.sejong.ac.kr/~wisa04
CHES
2004 Cryptographic Hardware and Embedded Systems, Cambridge
(Boston), USA, August 11-13,2004. [posted here 12/9/03]
The focus of this workshop is on all aspects of cryptographic
hardware and security in embedded systems. Of special interest are
contributions that describe new methods for efficient hardware
implementations and high-speed software for embedded systems, e.g.,
smart cards, microprocessors, DSPs, etc. We hope that the workshop
will help to fill the gap between the cryptography research
community and the application areas of cryptography. The topics of
CHES 2004 include but are not limited to:
- Computer architectures for public-key and secret-key
cryptosystems
- Efficient algorithms for embedded processors
- Reconfigurable computing in cryptography
- Cryptographic processors and co-processors
- Cryptography in wireless applications (mobile phone, LANs, etc.)
- Security in pay-TV systems
- Smart card attacks and architectures
- Tamper resistance on the chip and board level
- True and pseudo random number generators
- Special-purpose hardware for cryptanalysis
- Embedded security
- Device identification
More information can be found at
www.chesworkshop.org.
CEAS
The First Conference on Email and Anti-Spam, Mountain View, CA, USA,
July 30-31, August 1, 2004. [posted here 1/10/04]
The Conference on Email and Anti-Spam invites the submission of
papers for its first meeting, held in cooperation with AAAI (the
American Association for Artificial Intelligence). Papers are
invited on all aspects of email and spam, including research papers
(Computer science oriented academic-style research), industry
reports (Descriptions of important or innovative products), and law
and policy papers. A full list of topics can be found on the
conference web site at www.ceas.cc.
IFIP WG 11.3
18th Annual IFIP WG 11.3 Working Conference on Data and Application
Security, Sitges, Spain, July 25-28, 2004. [posted here 10/14/03]
The conference provides a forum for presenting original unpublished
research results, practical experiences, and innovative ideas in
data and applications security. Papers and panel proposals are
solicited. The conference is limited to about forty participants so
that ample time for discussion and interaction may occur. Papers may
present theory, technique, applications, or practical experience on
topics of interest of IFIP WG11.3:
- Techniques and methodologies for data and application security
- Threats, vulnerabilities, and risk management
- Web application security
- Secure Semantic Web technologies and applications
- Privacy
- Secure information integration
- Security planning and administration
- Security assessment methodologies
- Access Control
- Integrity maintenance
- Knowledge discovery and privacy
- Cryptography
- Concurrency control
- Sensor information management
- Fault-tolerance/recovery methods
- Organizational security
- Security tradeoffs
Additional topics of interest include but not limited to: Critical
Infrastructure Protection, Cyber Terrorism, Information Warfare,
Intrusion Protection, Damage assessment and repair, Database
Forensics, and Electronic Commerce Security. More information can be
found at
http://seclab.dti.unimi.it/~ifip113/2004/.
WOLFASI Workshop on Logical Foundations of an Adaptive
Security Infrastructure
(WOLFASI), a sub-workshop of the Logic in Computer Science (LICS)
Foundations of Computer Security (FCS'04) Workshop, Turku, Finland,
July 12-13, 2004. [posted here 3/27/04]
It was felt that the field of adaptive security is sufficiently
well-defined, sufficiently important, and sufficiently of current
interest to warrant a special session of its own in the framework of
FCS. The Workshop on Logical Foundations of an Adaptive Security
Infrastructure deals with the logical underpinnings of the following
scenario:
A distributed computer system operates in a semi-autonomous mode,
serving as a communications network, with nodes that perform control
functions pertaining to the network and to local hardware devices.
During a period of critical operation, the system detects an
intrusion
attempt in some nodes, along with a power glitch at other nodes, and
an intelligence report about an increase in a certain type of
threat. This information is analyzed and various responses are
executed: dealing with the perceived intrusion, rerouting network
traffic around suspect nodes, adjusting the power allocation,
adjusting the crptographic strength of certain message
authentication
functions, etc. This set of executed responses is chosen to best
achieve the desired result, within the confines of the security
policy, as currently re-evaluated, at the appropriate time, and with
currently available resources.
Papers are solicited in this context, for more details, see:
http://www.aero.org/wolfas
FCS 2004
Foundations of Computer Security Workshop, Turku, Finland, July
12-13, 2004. [posted here 1/25/04]
The aim of this workshop is to provide a forum for continued
activity in this area, to bring computer security researchers in
contact with the LICS'04 and ICALP'04 communities, and to give
LICS and ICALP attendees an opportunity to talk to experts in
computer security. We are interested both in new results in theories
of computer security and also in more exploratory presentations that
examine open questions and raise fundamental concerns about
existing theories.
Topics include, but are not limited to:
Composition issues authentication
Formal specification availability and denial of
service
Foundations of verification covert channels
Information flow analysis cryptographic protocols
Language-based security confidentiality
Logic-based design for integrity and privacy
Program transformation intrusion detection
Security models malicious code
Static analysis mobile code
Statistical methods mutual distrust
Trust management security policies
For more details, see:
http://www.cs.chalmers.se/~andrei/FCS04/.
DIMACS 2004
Workshop on Usable Privacy and Security Software, Rutgers
University, New Jersey, USA, July 7-9, 2004. [posted here 8/24/03]
This workshop and working group is intended to bring together
security and privacy experts with human-computer interaction experts
to discuss approaches to developing more usable privacy and security
software. Participation in the workshop is open to anyone who
registers (no submission necessary). Participation in the working
group on July 9 is limited because of the emphasis on achieving a
high degree of interactivity and discussion. Workshop participants
who are interested in participating in the working group session
should send a 1-page abstract or position paper describing their
work relevant to this workshop to lorrie@acm.org. Submissions are
especially encouraged that identify security and privacy areas in
need of examination by HCI researchers, as well as areas where HCI
researchers would like assistance from security and privacy
researchers. Details on the workshop can be found at
dimacs.rutgers.edu/Workshops/Tools/.
ICWS 2004
IEEE International Conference on Web Services, San Diego,
California, USA, July 6-9, 2004. [posted here 10/14/03]
ICWS is a forum for researchers and industry practitioner to
exchange information regarding advancements in the state of art
research and practice of Web Services, to identify emerging research
topics, and to define the future directions of Web Services
computing. ICWS 2004 has special interest in papers that contribute
to the convergence of Web Services, Grid Computing, e-Business and
Autonomic Computing, or those that apply techniques from one area to
another. A complete list of topics of interest (which includes
Trust, Security and Privacy in Web Services) can be found at
http://conferences.computer.org/icws/2004/.
DIMVA Workshop
on Detection of Intrusions and Malware & Vulnerability Assessment,
Dortmund, Germany, July 6-7, 2004. [posted here 9/2/03]
The workshop is intended to give an overview of the state of the
technology and practice and brings together the German-speaking
players in industry, services, government and research on the topics
Intrusion Detection, Malicious Agents (Malware) and Vulnerability
Assessment. The presentations aim particularly at results from
research, development and integration, relevant applications, new
technologies and resulting product developments on a conceptual
level. The discussion also embraces legal issues and commercial
factors. The program committee invites the submission of papers in
German and English language. Since the workshop brings together
German-speaking players, the call for papers and the web site are
yet available in German language only. See the workshop web site at
www.gi-fg-sidar.de/dimva2004 for topics of interest and
submission details.
ARSPA Automated
Reasoning for Security Protocols Analysis, University College Cork,
Cork, Ireland, July 04, 2004. [posted here 3/27/04]
The workshop aims to bring together researchers and practitioners
from
both the security and the automated reasoning communities, from
academia
and industry, who are working on developing and applying automated
reasoning techniques and tools for the formal specification and
analysis
of security protocols.
Contributions are welcomed on the following topics or related ones:
- Automated analysis and verification of security protocols.
- Languages, logics and calculi for the design and specification of
security protocols.
- Verification methods: accuracy, efficiency.
- Decidability and complexity of cryptographic verification
problems.
- Synthesis and composition of security protocols.
- Integration of formal security specification, refinement and
validation techniques in development methods and tools.
For more information, please see:
http://www.avispa-project.org/arspa
17th IEEE Computer Security Foundations
Workshop, Asilomar, Pacific Grove, CA, USA, June 28-30, 2004.
[posted here 10/16/03]
This workshop series brings together researchers in computer science
to examine foundational issues in computer security. We are
interested both in new results in theories of computer security and
also in more exploratory presentations that examine open questions
and raise fundamental concerns about existing theories. Both papers
and panel proposals are welcome. Possible topics include, but are
not limited to:
- Access control -
Authentication - Data and system integrity
- Database security - Network security
- Distributed systems security
- Anonymity - Intrusion
detection - Security for mobile computing
- Security protocols - Security models
- Decidability issues
- Privacy - Executable
content - Formal methods for security
- Information flow - Language-based security
For background information about the workshop, and an html version
of this Call for Papers, see
www.csl.sri.com/csfw/index.html (the CSFW home page).
Information about the location and the organization will be soon
available on the web page. (www.csl.sri.com/csfw/csfw17).
WISP 2004
2nd International Workshop on Security Issues with Petri Nets and
other Computational Models, Bologna, Italy, June 26, 2004. [posted
here 3/27/04]
The 2nd International Workshop on Security Issues with Petri
Nets and other Computational Models (WISP2004) aims at promoting
research about theoretical foundations of security analysis and
design with formal methods and languages. WISP2004 starts from
the positive experience with WISP2003, held in Eindhoven within
the 24th International Conference on Application and Theory of
Petri Nets (ICATPN'03). WISP2004 is co-located and will be held
just after the 25th International Conference on Application and
Theory of Petri Nets (ICATPN'04). Hence, original papers on the
application of Petri Nets for security issues are particularly
welcome. Also papers on security in other system models are
sought as well.
Suggested submission topics include:
- security issues in orchestration and composition of e-services
- comparison and classification of security models
- formal definition and verification of security, trust and privacy
- information flow analysis
- security issues in probabilistic and real-time models
- mobile code security
- tools and techniques for the formal analysis of security
properties
- applications to E/M-commerce
- case studies
WISP2004 is a one-day workshop sponsored by the IFIP WG 1.7 on
"Theoretical Foundations of Security Analysis and Design".
For more info, see:
http://www.iit.cnr.it/staff/fabio.martinelli/WISP2004cfp.htm
1st Euro PKI 1st European PKI Workshop Research and
Applications, Samos island, Greece, June 25-26, 2004. [posted here
12/21/03]
The 1st European PKI Workshop: Research and Applications is focusing
on research and applications on all aspects of Public Key
Infrastructure. Submitted papers may present theory, applications or
practical experiences on topics including, but not limited to:
- Modeling and Architecture - Key Management and
Recovery
- Bridge CA - Certificate
Status Information
- Cross Certification - Interoperability
- Directories - Repository
Protocols
- Mobile PKI - Timestamping
- Authentication - Verification
- Reliability in PKI - Standards
- Certificate Policy - Certification
Practice Statements
- Privacy - Legal
issues, Policies & Regulations
- Fault-Tolerance in PKI - Case Studies
- Privilege Management - Trust
- PKI and eCommerce, eBusinees, eGovernment applications
More information can be found on the conference web site at
www.aegean.gr/EuroPKI2004
CEC'2004 IEEE
CEC 2004 Special Session on Evolutionary Computation in Cryptology
and Computer Security, Portland, Oregon, USA, June 20-23, 2004.
[posted here 1/3/04]
Techniques taken from the field of Evolutionary Computation
(especially Genetic Algorithms, Genetic Programming, Artificial
Immune Systems, but also others) are steadily gaining ground in the
area of cryptology and computer security. In recent years,
algorithms which take advantage of approaches based on Evolutionary
Computation have been proposed, for example, in the design and
analysis of a number of new cryptographic primitives, ranging from
pseudorandom number generators to block ciphers, in the
cryptanalysis of state-of-the-art cryptosystems, and in the
detection of network attack patterns, to name but a few. The special
session encourages the submission of novel research at all levels of
abstraction (from the design of cryptographic primitives through to
the analysis of security aspects of ‘systems of
systems’). This special session will promote further
co-operation between specialists in evolutionary computation (and
its current partners such as biology), computer security,
cryptography and other disciplines, and will give interested
researchers an opportunity to review the current state-of-art of the
topic, exchange recent ideas, and explore promising new directions.
A list of topics of interest along with instructions for submitting
a paper can be found at the workshop web site at
http://tracer.uc3m.es/cec2004ss.html.
ACNS'04 The 2nd conference of Applied Cryptography and Network
Security, Yellow Mountain, China, June 8-11, 2004. [posted here
9/1/03]
Original research papers on all technical aspects of cryptology are
solicited for submission to ACNS 04. The full list of topics of
interest along with instructions for submitting a paper can be found
on the workshop web page at
www.rsasecurity.com/rsalabs/staff/bios/mjakobsson/acns.htm
DIMACS Workshop on Security Analysis of
Protocols, Piscataway, NJ, USA, June 7-9, 2004. (submissions due
ASAP, pre-register by May 20) [posted here 3/27/04]
The analysis of cryptographic protocols is a fundamental and
challenging area of network security research. Traditionally, there
have been two main approaches, the logic approach aimed at
developing
(automated) tools for the formal veri.cation of protocols and the
complexity theory approach that characterizes protocol security as a
set of computational tasks and proves protocol security via
reduction
to the strength of the underlying cryptographic functions. Although
these two lines of work share a common goal, there has been little
commonality between them.
The goal of this workshop is to generally promote work on security
analysis of protocols and foster cooperative research combining the
logical and complexity-based approaches. The workshop will include
tutorials on the basics of each approach and will allow
representatives from both communities to talk about their current
work.
Topics
- Analysis methods involving computational complexity
- Game-theoretic approaches
- Methods based on logic and symbolic computation
- Probabilistic methods
- Model checking and symbolic search
- Formal proof systems
- Decision procedures and lower bounds
- Anything else that sounds like a great idea
Participation:
The workshop will be open for the public. If you'd like to give a
presentation please send a title and abstract to the organizers as
soon as possible. Also, we intend this to be a participatory and
interactive meeting so we hope you will be able to contribute to the
meeting even without giving an announced talk.
For more information, see:
http://dimacs.rutgers.edu/Workshops/Protocols
Policy 2004 5th
IEEE International Workshop on Policies for Distributed Systems and
Networks, IBM Thomas J Watson Research Center, Yorktown Heights, NY,
USA, June 7-9, 2004. [posted here 10/26/03]
The policy workshop aims to bring together researchers and
practitioners working on policy-based systems across a wide range of
application areas including policy-based networking, security
management, storage area networking, and enterprise systems. POLICY
2004 invites contributions on all aspects of policy-based computing.
A detailed list of topics of interest can be found on the workshop
web page at
www.policy-workshop.org/2004.
SACMAT'04
The 9th ACM Symposium on Access Control Models and Technologies, IBM
Thomas J Watson Research Center, Yorktown Heights, NY, USA, June
2-4, 2004. [posted here 10/4/03]
The missions of the symposium are to share novel access control
solutions that fulfill the needs of heterogeneous applications and
environments and to identify new directions for future research and
development. Industry reports are a unique opportunity for the
practitioners to provide feedback on the state of the practice in
access control models, architectures, technologies, and systems to
the research community. SACMAT steering committee invites practicing
researchers, security consultants, security officers and architects,
security managers, and end user representative to share their
experience on implementing and using access control solutions in
real world with the researchers in the field. Topics of interest
include:
- Access control requirements
- Access control within the context of emerging standards
- Access control models and extensions
- Access control for innovative applications
- Methodologies and tools for access control policy design
- Administration of access policies
- Authorization management
- Access control mechanisms, systems and tools
- Access control in distributed and mobile systems
- Safety analysis and enforcement
- Theoretical foundations for access control models
More information can be found at
www.sacmat.org.
PET'2004 4th Workshop on Privacy Enhancing Technologies,
Toronto, Canada, May 26-28, 2004. [posted here 11/26/03]
Privacy and anonymity are increasingly important in the online
world. Corporations and governments are starting to realize their
power to track users and their behavior, and restrict the ability to
publish or retrieve documents. Approaches to protecting individuals,
groups, and even companies and governments from such profiling and
censorship have included decentralization, encryption, and
distributed trust. Building on the success of the previous
workshops, this workshop addresses the design and realization of
such privacy and anti-censorship services for the Internet and other
communication networks. A list of topics of interest along with
instructions for submitting a paper can be found at the workshop web
site at petworkshop.org/2004/.
IH2004 6th Information Hiding Workshop, Toronto, Ontario,
Canada, May 23-25, 2004. [posted here 11/1/03]
Many researchers are interested in hiding information or,
conversely, in preventing others from doing so or detecting and
extracting the hidden data. Although the protection of digital
intellectual property has recently motivated most of the research in
this area, there are many other applications of increasing interest
to both the academic and business communities. Current research
themes include:
- anonymous communications,
- covert channels in computer systems,
- detection of hidden information (steganalysis),
- digital elections,
- digital forensic,
- information hiding aspects of privacy,
- low-probability-of-intercept communications,
- steganography,
- subliminal channels in cryptographic protocols,
- watermarking for protection of intellectual property,
- other applications of watermarking.
More information can be found at
http://msrcmt.research.microsoft.com/IH2004/CallForPapers.aspx
ICCSA'04 Workshop on Internet communications Security (part of
the 2004 International Conference on Computational Science and its
Applications), S. Maria degli Angeli, Assisi(PG), Italy, May 14-17,
2004. [posted here 11/23/03]
This workshop is open to original contributions on security methods
for protecting the Internet communications. Proposals and
assessments of Security protocols, cryptographic algorithms, remote
authentication methods, VPN’s, are included in the commented scope
but others will be also considered. More information can be found at
http://163.117.149.66/iccsa04/.
S&P
2004 IEEE Symposium on Security and Privacy, Oakland,
California, USA, May 9-12, 2004. [posted here 8/24/03]
Since 1980, the IEEE Symposium on Security and Privacy has been the
premier forum for presenting developments in computer security and
electronic privacy, and for bringing together researchers and
practitioners in the field. Previously unpublished papers offering
novel research contributions in any aspect of computer security or
electronic privacy are solicited for submission to the 2004
symposium. Papers may represent advances in the theory, design,
implementation, analysis, or empirical evaluation of secure systems,
either for general use or for specific application domains. Topics
of interest include, but are not limited to, the following:
- Commercial and Industrial Security - Mobile
Code and Agent Security
- Network Security
- Data Integrity
- Information Flow
- Viruses and Other Malicious Code
-
Authentication -
Secure Hardware and Smartcards
- Intrusion Detection
- Language-Based Security
- Security of Mobile Ad-Hoc Networks - Electronic
Privacy
- Distributed Systems Security -
Anonymity and Pseudonymity
- Access Control and Audit -
Security Verification
- Security
Protocols - Biometrics
- Peer-to-Peer Security
- Database Security
- Denial of Service
Details on submitting a paper, a panel proposal, or a 5-minute
research talk, can be found at
www.cs.berkeley.edu/~daw/oakland04-cfp.html.
WSEG 2004 Fourth Brazilian Workshop on Security of Computing
Systems, Gramado, Brazil, May 10th, 2004. [posted here 1/10/04]
The 4th Brazilian Workshop on Security of Computing Systems (WSeg
2004) will be held in conjunction with the 22nd Brazilian Symposium
on Computer Networks (SBRC 2004) on May 10, 2004 in Gramado. Its
main purpose is to promote discussions of research and relevant
activities in security-related subjects. Authors are invited to
submit papers describing research projects, experimental results and
recent developments related, but not limited, to the following
topics:
- Adaptive
security - Analysis
of malicious code
- Analysis of network and security protocols - Attacks
against networks and machines
- Authentication and authorization of users, systems, and
applications
-
Auditing
- Biometry and biometric systems
- Computer
forensics -
Cryptography and digital certification
- Firewall
technologies - Internet
security
- Intrusion
detection - Public
key infrastructure
- Security against intrusions
- Security legal issues
- Security of agents and mobile code -
Security of distributed systems
- Security of e-commerce -
Security of networks
- Security of operating systems -
Security of voting systems
- Security
policies -
Techniques for developing secure systems
More information can be found at the workshop web site at
www.sbrc2004.ufrgs.br/.
Twelfth International Workshop on Security
Protocols, Cambridge, England, April 26-28, 2004. [posted here
1/25/04]
As with previous years, attendance at the Cambridge International
Workshop on Security Protocols is by invitation only. In order to
be invited, you must submit a position paper. You are therefore
invited to consider submitting such a paper.
This year, the theme of the workshop is "authentic privacy".
Privacy is often seen as an unmixed good but, beyond a certain
point, increasing the supply of naive privacy for system
users seems to benefit the attacker by more than it does the
'legitimate' user. Where exactly is that point, and is there a
substitute for conventional privacy which could be used beyond it in
a way which advantages the good guys?
Our intention is to stimulate discussion likely to lead to
conceptual advances, or to promising new lines of investigation,
rather than merely to consider finished work. Our experience is that
the emergence of the theme as a unifying thread takes
place during the discussions at the workshop itself. The theme
itself is not intended to restrict the topic of your paper, but
to help provide a particular perspective and to focus the
discussions.
Please send a first draft of a position paper to James Malcolm
(j.a.malcolm@herts.ac.uk) by 6th February. Short indicative
submissions are preferred, preferably no more than 2000 words. You
will have the opportunity to extend and revise your
paper both before the pre-proceedings are issued, and after the
workshop. At the workshop, you will be expected to spend
ten minutes introducing the idea of your paper. This will be
followed by a longer discussion.
If you have any enquiries about the workshop then please contact
either Johanna Hunt or James Malcolm (see below).
To be considered for invitation, you must submit a position paper by
30th January, but please make an initial response as
soon as possible, even if it is only to say that you are potentially
interested.
Organiser: James A. Malcolm (Email: J.A.Malcolm@herts.ac.uk)
Administrator: Johanna Hunt (Email: J.M.Hunt@herts.ac.uk)
IAWS 2004
Workshop on Information Assurance (in conjunction with
IPCCC), Phoenix,
Arizona, USA, April 14-17, 2004. [posted here 10/15/03]
We seek papers that address theoretical, experimental,
systems-related and work in-progress in the area of Information
Assurance at the network and system levels. We expect to have three
types of sessions - the first related to survivability and fault
tolerance, the second related to security, and the third related to
the interactions between security and survivability. Papers in the
form of extended abstracts should describe original, previously
unpublished work, not currently under review by another conference,
workshop, or journal. Topics of interest include:
- Security and availability of web services -
Authorization and access-control
- Database and system security - Risk
analysis and security management
- Verification and validation of security - Wireless
LAN Security
- Restoration techniques for networks - Multi-layer
protection design
- Reliability of IP networks -
Digital Rights Management
- DoS protection for the Internet -
Cryptographic protocols and Key management
- Network security and Intrusion detection - Ad hoc and
sensor network security
- Models and architectures for systems security and survivability
- Security and survivability in optical networks
- Restoration of security services under failure
- Security and survivability architectures for e-commerce and
m-commerce
- Public policy issues for security and survivability
More information can be found at
www.tele.pitt.edu/~sais/iaws04.
IWIA 2004
Second IEEE International Information Assurance Workshop, April 8-9,
2004, Charlotte, NC, USA. [posted here 8/19/03]
The IEEE Task Force on Information Assurance is sponsoring a
workshop on information assurance in cooperation with the ACM SIGSAC
on research and experience in information assurance. The workshop
seeks submissions from academia, government, and industry presenting
novel research, applications and experience, and policy on all
theoretical and practical aspects of IA. Possible topics include,
but are not limited to the following:
- Operating System IA & S
- Storage IA & S
- Network IA & S
- IA Standardization Approaches
- Information Sharing in Coalition Settings
- Security Models
- Survivability and Resilient Systems
- Formal Methods and Software Engineering for IA
- Proactive Approaches to IA
- CCITSE Experience and Methodology
- Intrusion Detection, Prediction, and Countermeasures
- Insider Attack Countermeasures
- Specification, Design, Development, and Deployment of IA
Mechanisms
- Policy Issues in Information Assurance
Work-in-progress (WIP) reports are intended to provide timely
dissemination of ideas and preliminary research results. WIP will
not be included in the proceedings volume, but will be made
available to workshop attendees and optionally through the IWIA WWW
site. Papers on development, assurance, or evaluation methodologies
should submit a similar argument explaining the relationship of the
proposed work to the Common Criteria. More information can be found
on the workshop web page at
http://iwia.org/2004.
IAS 2004
Information Assurance and Security (track in ITCC 2004), April 5-7,
2004, Las Vegas, Nevada, USA. [posted here 9/22/03]
This track aims to bring together individuals involved in multiple
disciplines of information security and assurance to foster exchange
of ideas. This special track invites authors to submit original
contributions of not more than 8 pages which include, but are not
limited to the following topics of interest:
-
Authentication
- Data protection
- Computer
forensics -
Internet and www security
- Information and data
integrity - Intrusion detection
- Data and system
integrity - Authorization
and access control
- Information warfare and cyber-terrorism -
Security models and architectures
- Risk analysis and risk management -
Security verification
- Cryptography and
coding - Cryptographic
protocols
- E-commerce
protocols - Agent and
mobile code security
- Security in sensor networks
- Biometrics
- Key
management -
Steganography
- Homeland
security -
Wireless and ad hoc network security
- Information security management -
Database and system security
- Denial of service
More information can be found at
www.cs.okstate.edu/~aa/itcc04/itcc04.html.
WITS'04
Workshop on Issues in the Theory of Security, Barcelona, Spain,
April 3-4, 2004. [posted here 11/1/03]
WITS is the official workshop organised by the IFIP WG 1.7 on
"Theoretical Foundations of Security Analysis and Design",
established to promote the investigation on the theoretical
foundations of security, discovering and promoting new areas of
application of theoretical techniques in computer security and
supporting the systematic use of formal techniques in the
development of security related applications. Extended abstracts of
work (accepted after selection and) presented at the Workshop are
collected and distributed to the participants. There will be no
formally published proceedings; however, selected papers will be
invited for submission to a special issue of the Journal of Computer
Security. Suggested submission topics include:
- formal definition and verification of the various aspects of
security:
confidentiality, privacy, integrity, authentication and
availability
- new theoretically-based techniques for the formal analysis and
design of cryptographic
protocols and their manifold applications (e.g., electronic
commerce)
- information flow modelling and its application to the theory of
confidentiality
policies, composition of systems, and covert channel analysis
- formal techniques for the analysis and verification of code
security, including
mobile code security
- formal analysis and design for prevention of denial of service
- security in real-time/probabilistic systems
- language-based security
More information about the workshop can be found at
http://www.dsi.unive.it/IFIPWG1_7/wits2004.html
AINA
2004 The 18th International Conference on Advanced Information
Networking and Applications (special session on electronic commerce
and security), March 29-31, 2004, Fukuoka Institute of Technology
(FIT), Fukuoka, Japan. [posted here 7/30/03]
This special session will focus on, but not limited to, the
following topics:
- Agent technology for e-commerce
- Authentication and authorization models and mechanisms
- B2B, B2C, B2G, G2G e-commerce models and applications
- Collaborative commerce
- Cryptographic algorithms for e-commerce
- Digital signatures in e-commerce applications
- Mobile commerce
- Payment technologies, systems, or solutions
- e-Commerce scenario/case studies
- Secure architecture/model/component of e-commerce (or mobile
commerce) systems
- Secure mobile electronic transactions
- Wireless/mobile security
More information can be found at
www.takilab.k.dendai.ac.jp/conf/aina/2004/, or contact the
session chair Dr. Weidong Kou, at Tel: (86) 29-8201009 or Email:
weidong_kou@mail.com or wdkou@mail.xidian.edu.cn.
FC'04
Financial Cryptography, Key West, Florida, USA, February 9-12,
2004. [posted here 4/28/03]
Original papers and presentations on all aspects of financial-data
security and secure digital commerce are solicited for submission to
the Eighth Annual Conference on Financial Cryptography (FC '04). FC
'04 will bring together researchers and practitioners in the
financial, legal, cryptologic, and data-security fields to foster
cooperation and exchange of ideas. In addition to novel scientific
research as in previous years, the program for FC ‘04 will include
sessions on digital finance and economics and on secure financial
systems and digital-cash architectures. For the systems and finance
sessions, submissions must have a visible bearing on
financial-security issues, but need not be exclusively concerned
with cryptography or security. A complete list of topics along with
instructions for submitting a paper can be found on the conference
web page at www.ifca.ai/fc04.
NDSS'04 The 11th Annual Network and Distributed System
Security Symposium, San Diego, California, USA, February 4-6, 2004.
[posted here 7/19/03]
The symposium fosters information exchange among research scientists
and practitioners of network and distributed system security
services. The target audience includes those interested in practical
aspects of network and distributed system security, with a focus on
actual system design and implementation (rather than theory). A
major goal is to encourage and enable the Internet community to
apply, deploy, and advance the state of available security
technology. Topics of interest along with submission instructions
can be found at
www.isoc.org/isoc/conferences/ndss/04/cfp.shtml.
WHOLES - A Multiple View of Individual
Privacy in a Networked World, January 30-31 2004, Stockholm,
Sweden. [posted here 9/2/03]
The main goal of the workshop is to create a forum for the exchange
of experience and knowledge among researchers and developers
concerned with multi-disciplinary aspects of privacy in the context
of emerging information technologies. We hope that the workshop will
serve to foster the development of an international community
interested in the themes of this workshop. The workshop will explore
privacy in the intersection of information technologies, law,
political choices, public opinions, etc., and thus, a wide range of
topics is conceivable. Suggested topics include, but are not limited
to:
- Privacy in ubiquitous, pervasive, and ambient computing
- Legal models for regulating privacy
- Anonymity and pseudonymity as means for protecting privacy
- Privacy implications in user modeling, personalization, and
adaptive interaction
- Informed consent as a legal and technical means for protecting
privacy
- Privacy, conflicting values, and political choices
- Relationships between privacy and security
- Privacy implications in context awareness and context
representation
- Relationships between privacy and trust
- Personal privacy with regard to public records
- Privacy in public spaces
More information can be found on the conference web page at
www.sics.se/privacy/wholes2004.
Security and Survivability of Networked
Systems (in conjunction with HICSS-37), Big Island, Hawaii, USA,
January 5-8, 2004. [posted here 5/12/03]
This minitrack focuses on security and survivability in large,
non-trivial, networked computer systems. Of special interest are
contributions that address survival, tolerance, recovery or masking
of malicious attacks. Submissions will be sought from researchers in
the area of system survivability, software dependability, computer
and network security, fault-tolerance and intrusion tolerance, and
economic or statistical modeling of secure/survivable systems.
Topics include, but are not limited to:
- System or software survivability
- Safety critical failure modes
- Network or system intrusion tolerance
- Modeling malicious behavior or attacks
- Mathematical models for verification of vulnerability to
malicious acts
- Models for measurement, evaluation, or validation of
survivability
- Software and hardware fault tolerance
- Design for dependability and/or survivability
- PRA and hybrid fault models accounting for malicious acts and
events
More information can be found at
www.cs.uidaho.edu/~krings/HICSS37.htm.
|