Contents
ACM Transactions on Reconfigurable Technology and Systems,
Special Issue on Security in Reconfigurable Systems Design,
2009.
(Submission Due 23 May 2008) [posted here 5/5/08]
Guest editors: Patrick Schaumont (Virginia Tech, USA),
Alex K. Jones (University of Pittsburgh, USA), and
Steve Trimberger (Xilinx, USA)
The secure operation of computer systems and networks continues to be an
important research topic for a variety of applications and infrastructures.
Increasingly, these security concerns are extending from the
software information-processing domain into the hardware domain and in particular into the reconfigurable
computing research community. From a design perspective, security forms a separate dimension in design
alongside of constraints on area, performance, and power. By carefully considering security issues in the
design of reconfigurable hardware, security can become a basic property of the system implementation rather
than being addressed as an afterthought.
This special issue of ACM Transactions on Reconfigurable Technology and Systems solicits papers in the
areas of secure design technologies and architectures for reconfigurable devices and novel applications for
reconfigurable platforms. Topics of interest include but are not limited to the following areas:
Design Technologies and Architectures:
- Protection of hardware design intellectual property (e.g. FPGA bitstream).
- Side-channel resistant and fault-resistant design mechanisms.
- The use of Physically Unclonable Functions for authentication and anti-counterfeiting.
- Architectural techniques to mitigate the tradeoffs between power, performance, and area with system security.
- Methods for creating device-unique identifiers from device fabrication properties.
- Architectures that improve component isolation and resistance to physical attacks.
- Secure and formally verifiable/equivalent design automation techniques for reconfigurable hardware.
Novel Applications:
- Improving the performance or power consumption of software implementations of security
algorithms using reconfigurable hardware.
- Acceleration to increase feasibility of brute force attacks on cryptographic algorithms.
- Use of physical partitioning of subsystems to improve secure system design.
- Use of reconfigurable architecture features for resistance to physical attacks.
- Prototyping of novel trusted computing primitives.
For more information, please see
http://trets.cse.sc.edu/TRETS-Security-SI.pdf.
Wiley InterScience Security and Communication Networks Journal,
Special Issue on Clinical Information Systems (CIS) Security,
July/August 2008.
(Submission Due 10 February 2008) [posted here 11/5/07]
Guest editors: Theodore Stergiou (KPMG Kyriacou Advisors AE, Greece),
Dimitrios Delivasilis (Incrypto Ltd., Greece),
Mark S Leeson (University of Warwick, UK), and
Ray Yueh-Min Huang (National Cheng-Kung University, Taiwan, R.O.C.)
Managing records of patient care has become an increasingly complex issue with
the widespread use of advanced technologies. The vast amount of information for
every routine care must be securely processed over different data bases. Clinical
Information Systems (CIS) address the need for a computerized approach in managing
personal health information. Hospitals and public or private health insurance
organizations are continuously upgrading their database and data management systems
to more sophisticated architectures. The possible support of the large patient archives
and the flexibility of a CIS in providing up-to-date patient information and worldwide
doctors’ collaboration, have leveraged the research on CIS both in academic and
government domains. At the same time, it has become apparent that patients require
more control over their clinical data, either being results of clinical examinations
or medical history. Due to the large amount of information that can be found on the
Internet and the free access to medical practitioners and hospitals worldwide,
patients may choose to communicate their information so as to obtain several
expert opinions regarding their conditions. Given the sensitive nature of the
information stored and inevitably in transit, security has become an issue of outmost
necessity. Numerous EU and US research projects have been launched to address security
in CIS (e.g. EUROMED, ISHTAR, RESHEN), whereas regulatory compliance to acts such as
the HIPAA has become an obligation for centers moving to CIS.
This Special Issue will serve as a venue for both academia and industry individuals and
groups working in this fast-growing research area to share their experiences and
state-of-the-art work with the readers.
The topics of interest in this Special Issue include, but are not limited to:
- Authentication techniques for CIS
- Authorization mechanisms and approaches for patient-centric data
- Public Key Infrastructures to support diverse clinical information environments
and networks
- Cryptographic protocols for use to secure patient-centric data
- Secure communication protocols for the communication of clinical data
- Wireless sensor networks security
- Body sensor networks security
- CIS Database security
- Interoperability across diverse CIS environments (national and multilateral)
- Government and international regulatory and compliance requirements
For more information, please see
http://www3.interscience.wiley.com/cgi-bin/jtoc/114299116/.
Elsevier Computer Standards and Interfaces,
Special issue on Information and Communications Security, Privacy and Trust: Standards and Regulations,
Summer 2008.
(Submission Due 30 January 2008) [posted here 9/3/07]
Guest editors: Bhavani Thuraisingham (University of Texas at Dallas, USA) and
Stefanos Gritzalis (niversity of the Aegean, Greece)
Most of the research and development work carried out by universities, research centers
and private companies today, is based, in some way or another, on international standards
or pre-standards that have been produced under the auspices of recognized standardization
bodies. On top of that, many market sectors have recognized standardization as a prerequisite
for the provision of high quality services and products, thus triggering a large number of
multi-sectoral voluntary standards.
For many years the Security field was somehow isolated in the Information and Communications
Technology arena. Inevitably this isolation has been inherited to the standards governing
the security, privacy, and trust techniques and mechanisms that are currently employed.
It is therefore important to inform the scientific community about these problems and
facilitate better collaboration on the security, privacy, and trust aspects of
international standards and regulations.
We welcome the submission of papers that: provide information about activities and
progress of security, privacy, and trust standardization work; focus on critical comments
on standards and standardization activities; discuss actual projects results; disseminate
experiences and case studies in the application and exploitation of established and
emerging standards, methods and interfaces.
The areas of interest may include, but not limited, to:
- Access Control and Authorization
- Assurance Services
- Auditing and Forensic Information Management
- Authentication, Authorization, and Accounting
- Business Services
- Confidentiality and Privacy Services
- Digital Rights Management
- eBusiness, eCommerce, eGovernment Security: Establishing Trust and Confidence of
Citizens in eTransactions and eServices
- eHealth Security
- Lawful Interception Architectures and Functions
- Legal and Regulation Issues
- Network Defense Services
- Privacy and Identity Management
- Securing Critical Information and Communication Infrastructures
- Security Challenges to the use and deployment of Disruptive Technologies
(Trusted Computing, VoIP, WiMAX, RFID, IPv6)
- Security issues in Network Event Logging
- Standardization Aspects of Electronic Signatures
- Trust Services
- Wireless, Mobile, Ad hoc and Sensors Networks Security, Privacy, and Trust
For more information, please see
http://www.elsevier.com/wps/find/journaldescription.cws_home/505607/description#description.
An edited volume of IOS Press Cryptology and Information
Security Series on Identity-Based Cryptography,
August 2008.
(Submission Due 15 November 2007) [posted here 10/8/07]
Guest editors: Marc Joye (Thomson R&D France) and Gregory Neven (Katholieke Universiteit Leuven, Belgium)
First introduced by Shamir as early as in 1984, identity-based cryptography has seen a
revival in public interest in recent years due to the introduction of bilinear maps to
cryptography. This edited volume intends to give an overview of the state-of-the-art of
the theory and practice related to identity-based cryptography. The targeted audience
includes beginning students in the field, interested researchers from other fields
as well as industry practitioners. High-quality contributions will be invited on all aspects of
identity-based cryptography, including (but not necessarily limited to)
the following topics:
- mathematics underlying ID-based cryptography, and in particular bilinear maps
- ID-based encryption, signatures, authentication, signcryption, key
exchange and other primitives
- certificateless encryption
- pairing-based schemes with new properties
- theory and security notions related to ID-based cryptography
- real-world applications and implementations
- efficient software or hardware implementations of pairing-based cryptography
- security policies and enforcement
- impact of ID-based cryptography on organizational structures
- legal and regulatory issues
For more information, please see
http://www.neven.org/IBCbook.html.
IEEE Transactions on Information Forensics and Security,
Special issue on Statistical Methods for Network Security and Forensics,
September 2008.
(Submission Due 15 October 2007) [posted here 9/27/07]
Guest editors: Muriel Medard (MIT, USA), Christina Fragouli (EPFL, Switzerland),
Wenke Lee (Georgia Tech, USA), Roy Maxion (Carnegie-Mellon University, USA),
Sal Stolfo (Columbia University, USA), and
Lang Tong (Cornell University, USA)
Recently, probabilistic methods have gained importance in various aspects of
network security and forensics. Such methods are at the forefront of recent
advances in intrusion detection, but also underlie distributed detection and estimation
for sensor networks and information-theoretic approaches to network security. In the context
of intrusion detection, statistical pattern recognition is a core problem which can be
addressed using methods from Bayesian theory, learning theory, graphical models,
and data mining. Data acquisition, processing, and inference in sensor networks also l
everages a substantial body of literature on statistical estimation, detection, and
classification theory. At the same time, new developments in network information theory
have led to renewed interest in classical aspects of information-theoretic security,
such as wiretapping, as well as new areas of work, such as network coding applications
to security. Many advances in network information theory revolve around wireless networks
and sensor networks, areas in which a shared medium and rich, variable topologies,
create particularly challenging problems. Information theory has proven useful both
for determining the fundamental performance limits of such systems, including jamming
and novel countermeasures, e.g., coding techniques in networks.
The goals of the special issue are to provide the reader with an overview of the
state of the art in this field, and to collect significant research results. Possible
topics for papers submitted to the special issue include, but are not limited to:
- Intrusion, masquerade, and anomality detection
- Network scaling issues
- Network surveillance
- Dynamic models for mobile ad-hoc networks
- Distributed sensing, estimation, detection, and classification
- Information theory for secrecy in wireless networks
- Advances in the wiretap channel
- Eavesdropping and jamming in wireless networks
- Network information theory for Byzantine attacks
- Security aspects of network coding
For more information, please see
http://www.itsoc.org/cfp/TIFS-CFP-SI08-extended.pdf.
EURASIP Journal on Advances in Signal Processing,
Special issue on Signal Processing Applications in Network Intrusion Detection Systems,
March, 2008.
(Submission Due 1 September 2007) [posted here 6/11/07]
Guest editors: Chin-Tser Huang (University of South Carolina, USA),
Rocky K. C. Chang (The Hong Kong Polytechnic University, Hong Kong),
and Polly Huang (National Taiwan University, Taiwan)
Signal processing techniques have found applications in NIDSs because of their
ability to detect novel intrusions and attacks, which cannot be achieved by
signature-based NIDS. It has been shown that network traffic possesses the property
of self-similarity. Therefore, the objective of NIDS based on signal processing
techniques is to profile the pattern of normal network traffic or application-level behavior and
model intrusions or unwanted traffic as anomalies. Wavelets, entropy analysis, and data mining
techniques are examples in this regard. However, the major challenges of the signal
processing-based approaches lie in the adaptive modeling of normal network traffic and
the high false alarm rate due to the inaccuracy of the modeled normal traffic pattern.
The emergence of a variety of wireless networks and the mobility of nodes in such
networks only add to the complexity of the problems. The goal of this special issue is to
introduce state-of-the-art techniques and encourage research regarding various aspects in
the application of signal processing techniques to network intrusion detection systems.
In particular, the special issue encourages novel solutions that improve the accuracy
and adaptivity of intrusion detection and addresses the automation of intrusion
classification and correlation. Topics of interest include (but are not limited to):
- Data-mining-based IDS
- Multirate filtering and wavelets
- Monte Carlo methods integration
- Anomalous network traffic modeling
- Anomalous application-level behavior modeling
- Performance analysis and evaluation
- Real-time analysis techniques
- Intrusion correlation
- Automated detection and classification of intrusions and anomalies
- Clustering-based IDS
- Sampling techniques in intrusion detection
- Data streaming algorithms for traffic analysis
- Adaptive detection techniques
- Data fusion in distributed intrusion detection
For more information, please see
http://www.hindawi.com/journals/asp/si/anids.pdf.
IEEE Communications Magazine,
Special Issue on Security in Mobile Ad Hoc and Sensor Networks,
February 2008.
(Submission Due 1 July 2007) [posted here 4/9/07]
Guest editors: Stamatios V. Kartalopoulos (The University of Oklahoma, USA),
Hsiao-Hwa Chen (National Sun Yat-Sen University, Taiwan),
Mário Freire (University of Beira Interior, Portugal),
Liwen He (BT Group Chief Technology Office, UK),
and Pramode Verma (The University of Oklahoma, USA)
The increase of wireless and mobile devices and the recent advancement in wireless and mobile
ad hoc and sensor networks technologies/applications in a large variety of environments, such as
homes, business places, emergency situations, disaster recoveries and people on the move is
unprecedented. These activities over different network systems have brought security concerns
on an unprecedented scale. Security is an important issue for wireless and mobile ad hoc and
sensor networks (MASNETs) especially for the security-sensitive applications such as in military,
homeland security, financial institutions and many other areas. Such security threats take
advantage of protocol weaknesses in mobile ad hoc and sensor networks as well as operating
systems’ vulnerabilities to attack network applications. Theses attacks involve, for example,
distributed denials of services, buffer overflows, viruses, and worms, where they will cause
an increasingly greater damage to the operation of mobile ad hoc and sensor networks.
With regard to such security aspects, there is an increasing demand for measures to guarantee
and fully attain the authentication, confidentiality, data integrity, privacy, access control,
non repudiation, and availability of mobile ad hoc and sensor networks. This Special Issue
will serve as a venue for both academia and industry individuals and groups working in this
fast-growing research area to share their experiences and state-of-the-art work with the readers.
The topics of interest in this Feature Topic include:
- Novel and emerging secure architecture
- Study of attack strategies, attack modeling
- Power constraint security schemes
- Key management in MASNETs
- Broadcast authentication
- Secure routing protocols
- Secure location discovery
- Secure clock synchronization
- Study of attack strategies, attack modeling in MASNETs
- Security management, emergency contingency planning, identify theft
- Protection, risk, vulnerabilities, attacks, authorization/authentication
- Security and trust in web-services-based applications in MASNETs
- Denial of service attacks and prevention
- Secure group communication/multicast
- Distributed security schemes
For more information, please see
http://www.comsoc.org/pubs/commag/cfpcommag0208.pdf.
IEEE Software,
Special Issue on Security for the Rest of Us: An Industry Perspective on the Secure Software Challenge,
January/February 2008.
(Submission Due 1 July 2007) [posted here 3/16/07]
Guest editors: Konstantin Beznosov (University of British Columbia, Canada)
and Brian Chess (Fortify Software)
The public need for good software security becomes more acute every day.
Typical activities—including selecting, purchasing, and consuming services and
products, conducting business, and holding national elections—increasingly depend on
secure software. While security was once a specialty of interest to only a
small number of developers, it's now a critical topic for almost all software
developers, project managers, and decision makers. The world's software industry
includes thousands of software vendors from humongous enterprises to one-person
shops, and the industry as a whole must face the software security challenge.
This special issue will report on the state of practice and recent advances related
to software security in a wide range of industrial application domains. It will
explore practical and pragmatic ways of engineering secure software that can be
applied by a wide range of development teams. The issue will report on:
- Practical tools and methods for detecting or preventing security-relevant defects
- Practical approaches to incorporating security as part of different stages of the
software development process (requirements, architecture, design, implementation,
testing, etc.)
- The economic motivation for creating secure software
- Attacks and vulnerabilities: common ways that security fails in modern industrial software
For more information, please see
http://www.computer.org/portal/site/software/menuitem.538c87f5131e26244955a4108bcd45f3/index.jsp?&pName=software_level1&path=software/content&file=edcal.xml&xsl=article.xsl&.
International Journal of Electronic Commerce (IJEC),
Special Issue on Click Fraud,
January 2008.
(Submission Due 15 May 2007) [posted here 5/3/07]
Guest editors: LMohammad Mahdian (Yahoo Research Labs),
Jan Pedersen (Yahoo! Inc), and
Kerem Tomak (Yahoo! Inc)
The primary goal of this special issue of International Journal of Electronic Commerce is
to foster research on the interplay between economics, computer science, marketing,
data mining and electronic commerce technology development in click quality and
click fraud. We seek papers and proposals that address various aspects of click fraud,
including search relevance, economics of click fraud, e-business, formal and legal
issues with the aim of providing a balanced mix of presentations from these different
perspectives. The subject of click quality is highly relevant to the investigation
of quick fraud. Papers may encompass any or all of the following: theoretical analyses,
modelling, simulation, and empirical studies. Authors may examine different aspects of
sponsored search and online advertisement in any of a variety of possible contexts.
Special topics of interest include, but are not limited to, the following:
- Click Fraud
- Impression Fraud
- Click Quality
- Design of mechanisms to increase click quality
- Data mining and machine learning algorithms for detecting click fraud
- Standards for click quality
- Use of algorithmic mechanism design in sponsored search
- Contextual online advertising
- Localized/geographic search
- Search engine marketing and optimization
- Alternative models for sponsored search
- Game theoretic modelling and analysis of fraud
- Evaluating fraud-resistance of ranking mechanisms
- Fraud in pay-per-conversion systems
- Click and impression quality in brand advertising
- Fraud detection for web ranking algorithms
- Other types of online fraud
- Legal aspects of click fraud
For more information, please see
http://www.gvsu.edu/business/ijec/special.html.
Security Journal of Universal Computer Science (JUCS),
Special Issue on Cryptography in Computer System,
February 2008.
(Submission Due 1 May 2007) [posted here 7/18/06]
Guest editors: Liqun Chen (Hewlett-Packard Labs, UK),
Ed Dawson (Queensland University of Technology, Australia),
Xuejie Lai (Shanghai Jiao Tong University, China),
Masahiro Mambo (Tsukuba University, Japan),
Atsuko Miyaji (JAIST, Japan),
Yi Mu (University of Wollongong, Australia),
David Pointcheval (Ecole Normale Supérieure, France),
Bart Preneel (Katholieke Universiteit Leuven, Belgium),
Nigel Smart (Bristol University, UK),
Willy Susilo (University of Wollongong, Australia),
Huaxiong Wang (Macquarie University, Australia),
and Duncan Wong (City University of Hong Kong, China)
Cryptography has been playing an important role to ensure the
security and reliability of modern computer systems. Since high speed
and broad bandwidth have been becoming the keywords for modern computer
systems, new cryptographic methods and tools must follow up in order to
adapt to these new and emerging technologies. This Special Issue aims to
provide a platform for security researchers to present their newly
developed cryptographic technologies in computer systems. Areas of interest
for this special journal issue include, but are not limited to, the
following topics:
- Authentication
- Cryptographic algorithms and their applications
- Cryptanalysis
- Email security
- Electronic commerce
- Data integrity
- Fast cryptographic algorithms and their applications
- Identity-based cryptography
- IP security
- Key management
- Multicast security
- Computer network security
- Privacy protection
- Security in Peer-to-Peer networks
- Security in sensor networks
- Smartcards
For more information, please see
http://www.sitacs.uow.edu.au/jucs/.
EURASIP Journal on Information Security,
Special Issue on Signal Processing in the Encrypted Domain,
4th Quarter, 2007.
(Submission Due 1 March 2007) [posted here 10/9/06]
Guest editors: Alessandro Piva (University of Florence, Italy) and
Stefan Katzenbeisser (Philips Research Europe, The Netherlands)
Recent advances in digital signal processing enabled a number of new services
in various application domains, ranging from enhanced multimedia content production
and distribution to advanced healthcare systems for continuous health monitoring.
At the heart of these services lies the ability to securely manipulate “valuable”
digital signals in order to satisfy security requirements such as intellectual
property management, authenticity, privacy, and access control.
This special issue solicits papers exploring the application of signal processing
to encrypted content, both from a theoretical and practical point of view.
Topics of interest include, among others:
- Cryptographic primitives and protocols for signal processing operations
- Secure matching and analysis of signals
- Searching on encrypted signals
- Cryptographic techniques for real-valued or fuzzy data
- Secure watermark embedding and detection
- Next-generation secure content management
- Privacy through secure signal processing
- Transcoding of encrypted content
- Design and evaluation of encryption schemes specifically tailored towards signals
For more information, please see
http://www.hindawi.com/GetPage.aspx?journal=is&page=SPED.
International Journal of Smart Home (IJSH),
Special Issue on Advances in Smart Home Security,
May/June, 2007.
(Submission Due 31 January 2007) [posted here 11/20/06]
Guest editors: Kuan-Ching Li (Providence University, Taiwan),
Jiyoung Lim (Korean Bible University, South Korea),
Lam For Kwok (City University of Hong Kong, HK),
Qi Shi (Liverpool John Moores University, UK)
With the proliferation of the Internet technology and electronic devices,
Smart Home Environments (SHE) have received significant attention in the
last few decades. With a great potential to revolutionize our lives, SHE also
poses new research challenges. This special issue focuses on addressing various
aspects of security in SHE. We expect that it will be a trigger for further
related research and technology improvements in this important subject.
The topics of interest include, but are not limited to:
- Security issues and privacy for SHE
- Trust management and user-friendly security interfaces for SHE
- Key/identity management in SHE
- Access control and security policies in SHE
- Authentication and authorization in SHE
- Network architectures and protocols for security in SHE
- Ubiquitous/pervasive platform and middleware for security in SHE
- Design of businesses models with security requirements for SHE
- Services and applications for security in SHE
- Content protection and digital rights management for SHE
- Intelligent sensor network/RFID for security in SHE
- Intrusion detection and computer forensics for SHE
- Emerging standards and technologies for security in SHE
- Commercial and industrial security in SHE
- Case studies, prototypes and experiences
For more information, please see
http://www.sersc.org/index.files/Journal8.htm.
International Journal of Computer Research (IJCR),
Special Issue on Advances in Ad Hoc Network Security,
4th Quarter, 2007.
(Submission Due 1 January 2007) [posted here 12/11/06]
Guest editors: Nikos Komninos (Athens Information Technology)
Ad hoc networks are becoming an integral part of the computing landscape.
However, these networks introduce new security challenges due to their
dynamic topology, severe resource constraints, and absence of a trusted
infrastructure. This International Journal of Computer Research (IJCR)
special issue seeks submissions from academia and industry presenting novel
research on all aspects of security for ad hoc networks, as well as
experimental studies of fielded systems.
Topics of interest include, but are not limited to, the following as they
relate to mobile ad hoc networks:
- Key management
- Intrusion detection and tolerance
- Secure location services
- Secure clock distribution
- Privacy and anonymity
- Performance and security tradeoffs
- Secure roaming across administrative domains
- Denial of service
- Prevention of traffic analysis
- Trust establishment, negotiation, and management
- Secure routing
- Secure MAC protocols
- Cryptographic Protocols
- Authentication and access control
For more information, please see
http://www.ait.gr/special_issue/.
Elsevier Computer Communications Journal,
Special Issue on Security on Wireless Ad Hoc and Sensor Networks,
3rd Quarter of 2007.
(Submission Due 15 December 2006) [posted here 9/3/06]
Guest editors: Sghaier Guizani (University of Moncton, Canada),
Hsiao-Hwa Chen (National Sun Yat-Sen University, Taiwan),
Peter Mueller (IBM Zurich Research Laboratory, Switzerland)
The increase of wireless and mobile devices and the recent advancement in
wireless and mobile ad hoc and sensor networks technologies/applications in a
large variety of environments, such as homes, business places, emergency situations,
disaster recoveries and people on the move is unprecedented. These activities over
different network systems have brought security concerns on an unprecedented scale.
Security is an important issue for wireless and mobile ad hoc and sensor networks
(MANETs) especially for the security-sensitive applications such as in military,
homeland security, financial institutions and many other areas.
Such security threats take advantage of protocol weaknesses as well as operating
systems' vulnerabilities to attack Internet applications. Theses attacks involve, for example,
distributed denials of services, buffer overflows, viruses, and worms, where they cause
an increasingly greater technical and economic damage.
With regard to such cyber security aspects, there is an increasing demand for
measures to guarantee and fully attain the authentication, confidentiality, data
integrity, privacy, access control, non repudiation, and availability of system services.
This Special Issue will serve as a venue for both academia and industry individuals
and groups working in this fast-growing research area to share their experiences and
state-of-the-art work with the readers. The topics of interest include,
but are not limited to:
- Novel and emerging secure architecture
- Study of attack strategies, attack modeling
- Security analysis methodologies
- Wireless and mobile security
- Key management
- Commercial and industrial security
- Broadcast authentication
- Secure routing protocols
- Secure location discovery
- Secure clock synchronization
- Novel and emerging secure architectures
- Cryptographic algorithms and applications
- Study of attack strategies, attack modeling
- Study of tradeoffs between security and system performance
- Security management, emergency contingency planning, identify theft
- Access control, wireless access control, broadband access control
- Protection, risk, vulnerabilities, attacks, authorization/authentication
- Security and trust in web-services-based applications
- Denial of service attacks and prevention
- Secure group communication/multicast
- Implementations and performance analysis
- Distributed security schemes
For more information, please see
http://authors.elsevier.com/journal/comcom.
International Journal of Information and Computer Security,
Special Issue on Security and Privacy Aspects of Data Mining,
2006. (Submission Due 5 April 2006)
[posted here 2/7/05]
Guest editors: Stan Matwin (University of Ottawa, Canada),
LiWu Chang (Naval Research Laboratory, USA),
Rebecca N. Wright (Stevens Institute of Technology, USA),
and Justin Zhan (University of Ottawa, Canada)
Rapid growth of information technologies nowadays has brought
tremendous opportunities for data sharing and integration, and
also demands for privacy protection. Privacy-preserving data
mining, a new multi-disciplinary field in information security,
broadly refers to the study of how to assure data privacy without
compromising the confidentiality and quality of data. Although
techniques, such as random perturbation techniques, secure multi-party
computation based approaches, cryptographic-based methods, and database
inference control have been developed, many of the key problems still
remain open in this area. Especially, new privacy and security issues
have been identified, and the scope of this problem has been expanded.
How does the privacy and security issue affect the design of
information mining algorithm? What are the metrics for measuring
privacy? What impacts will this research impose on diverse areas of
counter-terrorism, distributed computation, and privacy law
legislation?
This special issue aims to provide an opportunity for presenting
recent advances as well as new research directions in all issues
related to privacy-preserving data mining.
This special issue is inviting original contributions that are
not previously published or currently under review by other
journals. We welcome both theoretical and empirical research using
quantitative or qualitative methods. Areas of interest include but
not limited to:
- Access control techniques and secure data models
- Privacy-preserving data mining
- Privacy-preserving Information Retrieval
- Trust management for information mining
- Inference/disclosure related information mining
- Privacy enhancement technologies in web environments
- Privacy guarantees and usability of perturbation and randomization techniques
- Analysis of confidentiality control methods
- Privacy policy analysis
- Privacy-preserving data integration
- Privacy policy infrastructure
- Privacy-preserving query systems
- Identify theft protection
- Privacy-aware access control
- Privacy policy languages and enforcement mechanisms
For more information, please see
http://www.site.uottawa.ca/~zhizhan/psdmspecialissue2006/index.htm.
International Journal of Networks and Security (IJSN),
Special Issue on Cryptography in Networks,
December 2006. (Submission due 1 April 2006)
[posted here 10/31/05]
Guest editors: Liqun Chen (Hewlett-Packard Labs, UK),
Guang Gong (University of Waterloo, Canada),
Atsuko Miyaji (JAIST, Japan),
Phi Joong Lee (Pohang Univ. of Science & Technology, Korea),
Yi Mu (Univ. of Wollongong, Australia),
David Pointcheval (Ecole Normale Supérieure, France),
Josef Pieprzyk (Macquarie Univ., Australia),
Tsuyoshi Takagi (Future Univ. - Hakodate, Japan),
Jennifer Seberry (Univ. of Wollongong, Australia),
Willy Susilo (Univ. of Wollongong, Australia),
and Huaxiong Wang (Macquarie Uni., Australia)
Cryptography plays a key role in network security. Advances of
cryptography can make computer networks more secure. Computer
technologies have been pushing forward computer networks for high
speed and broad bandwidth. Therefore, new cryptographic methods and tools
must follow up in order to adapt to these new technologies. Recent attacks
on computer networks, especially on IEEE 802.11 and IEEE 802.15, are
increasing, since underlying radio communication medium for wireless
network provides serious exposure to attacks against wireless networks.
Security must be enforced to suit the emerging technologies. This Special
Issue aims to provide a platform for security researchers to present their
newly developed cryptographic technologies in network security. Areas of
interest for this special journal issue include, but are not limited to,
the following topics:
- Ad hoc network security
- Anonymity in networks
- Authentication in network and wireless systems
- Cryptographic algorithms and their applications to network security
- Cryptanalysis of network security schemes
- Encryption in network and wireless systems
- Email security
- Data integrity
- Fast cryptographic algorithms and their applications
- Identity-based cryptography in network and mobile applications
- IP security
- Key management
- Multicast security
- Mobile and wireless system security
- Privacy protection
- Security group communications
- Security in internet and WWW
- Security in Peer-to-Peer networks
- Secure routing protocols
- Security in sensor networks
For more information, please see
http://www.uow.edu.au/~ymu/ijsn/.
Journal of Computer Security (JCS),
Special Issue on Security of Ad Hoc and Sensor Networks,
2006. (Submission Due 1 April 2006)
[posted here 11/30/05]
Guest editors: Peng Ning (NC State University)
and Wenliang Du (Syracuse University)
Ad hoc and sensor networks are expected to become an integral
part of the future computing landscape. However, these networks
introduce new security challenges due to their dynamic topology,
severe resource constraints, and absence of a trusted infrastructure.
This Journal of Computer Security (JCS) special issue seeks
submissions from academia and industry presenting novel research
on all aspects of security for ad hoc and sensor networks, as well
as experimental studies of fielded systems.
Topics of interest include, but are not limited to, the following
as they relate to mobile ad hoc networks or sensor networks:
- Security under resource constraints (e.g., energy, bandwidth,
memory, and computation constraints)
- Performance and security tradeoffs
- Secure roaming across administrative domains
- Key management
- Cryptographic Protocols
- Authentication and access control
- Intrusion detection and tolerance
- Trust establishment, negotiation, and management
- Secure location services
- Secure clock distribution
- Privacy and anonymity
- Secure routing
- Secure MAC protocols
- Denial of service
- Prevention of traffic analysis
For more information, please see
http://discovery.csc.ncsu.edu/JCS-SASN06/.
Journal of Machine Learning Research,
Special Issue on Machine Learning for Computer Security,
2006. (Submission due 15 March 2006)
[posted here 11/11/05]
Guest editors: Philip Chan (Florida Tech)
and Richard Lippmann (MIT Lincoln Lab)
As computers have become more ubiquitous and connected, their
security has become a major concern. Of interest to this special
issue is research that demonstrates how machine learning (or data mining)
techniques can be used to improve computer security. This includes efforts
directed at improving security of networks, hosts, and individual
applications or computer programs. Research can have many goals
including, but not limited to, authenticating users, characterizing
the system being protected, detecting known or unknown vulnerabilities
that could be exploited, using software repositories as training data
to find software bugs, preventing attacks, detecting known and
novel attacks when they occur, analyzing recently detected attacks,
responding to attacks, predicting attacker actions and goals,
performing forensic analysis of compromised systems, and
analyzing activities seen in honey pots and network "telescopes"
or "black holes."
Of special interest are studies that use machine learning
techniques, carefully describe their approach, evaluate performance
in a realistic environment, and compare performance to existing
accepted approaches. Studies that use machine learning techniques or
extend current techniques to address difficult security-related
problems are of most interest.
It is expected that studies will have to address many classic
machine learning issues including feature selection, feature
construction, incremental/online learning, noise in the data, skewed
data distributions, distributed learning, correlating multiple models,
and efficient processing of large amounts of data.
For more information, please see
http://www.cs.fit.edu/~pkc/mlsec/.
Theoretical Computer Science (TCS),
Special Issue of on Automated Reasoning for Security Protocol Analysis,
4th quarter, 2006. (Submission due 13 November 2005)
[posted here 8/15/05]
Guest editors: Pierpaolo Degano (Universita` di Pisa, Italy)
and Luca Vigano` (ETH Zurich, Switzerland)
In connection with The Second Workshop on Automated Reasoning for
Security Protocol Analysis (ARSPA'05), which took place as a satellite
event of ICALP'05, we are guest-editing a Special Issue of Theoretical
Computer Science devoted to original papers on formal security protocol
specification, analysis and verification.
Contributions are welcomed on the following topics and related ones:
- Automated analysis and verification of security protocols
- Languages, logics, and calculi for the design and specification of security protocols
- Verification methods: accuracy, efficiency
- Decidability and complexity of cryptographic verification problems
- Synthesis and composition of security protocols
- Integration of formal security specification, refinement and
validation techniques in development methods and tools
For more information, please see
http://www.avispa-project.org/arspa/tcs-index.html.
International Journal of Security and Networks (IJSN),
Special Issue on Security Issues in Sensor Networks,
Middle 2006. (Submission due 15 October 2005)
[posted here 7/9/05]
Guest editors: Yang Xiao (University of Memphis),
Xiaohua Jia (City University of Hong Kong, Hong Kong),
Bo Sun (Lamar University),
and Xiaojiang Du (North Dakota State University)
Security in Sensor networks differ from those in other traditional networks
with many aspects such as limited memory space, limited computation
capability, etc. Therefore, sensor network security has some unique
features which do not exist in other networks. The need to address
security issues, and provide timely, solid technical contributions of
security solutions in sensor networks establishes the motivation behind
this special issue. This special issue is dedicated to sensor
network security. A paper should have security in sensor networks as
the focus. Specific areas of interest include, but not limit to:
- Key Managements in sensor networks
- Secure Routing in secure networks
- Light weight Encryption and authentication in Sensor networks
- Attacks and solutions in Sensor networks
- Other areas which are related to both security and sensor networks
For more information, please see
http://www.cs.memphis.edu/~yxiao/IJSN_Snesor_Security.html.
EURASIP Journal on Wireless Communications and Networking,
Special Issue on Wireless Network Security,
3rd Quarter, 2006. (Submission due 1 October 2005)
[posted here 6/28/05]
Guest editors: Yang Xiao (University of Memphis),
Yi-Bing Lin (National Chiao Tung University, Taiwan),
and Ding-Zhu Du (University of Minnesota)
Recent advances in wireless network technologies have rapidly developed in
recent years, as evidenced by wireless location area networks (WLANs), wireless
personal area networks (WPANs), wireless metropolitan area networks (WMANs),
and wireless wide area networks (WWANs), that is, cellular networks. A major
impediment to their deployment, however, is wireless network security. For example,
the lack of data confidentiality in wired equivalent privacy (WEP) protocol has
been proven, and newly adopted standards such as IEEE 802.11i robust secruity
network (RSN) and IEEE 802.15.3a ultra-wideband (UWB) are not fully tested and,
as such, may expose unforeseen security vulnerabilities. The effort to improve
wireless network security is linked with many technical challenges including
compatibility with legacy wireless networks, complexity in implementation, and
cost/performance trade-offs. The need to address wireless network security and
to provide timely, solid technical contributions establishes the motivation
behind this special issue. This special issue will focus on novel and functional
ways to improve wireless network security. Papers that do not focus on wireless
network security will not be reviewed. Specific areas of interest in WLANs, WPANs,
WMANs, and WWANs include, but are not limited to:
- Attacks, security mechanisms, and security services
- Authentication
- Access control
- Data confidentiality
- Data integrity
- Nonrepudiation
- Encryption and decryption
- Key management
- Fraudulent usage
- Wireless network security performance evaluation
- Wireless link layer security
- Tradeoff analysis between performance and security
- Authentication and authorization for mobile service network
- Wireless security standards (IEEE 802.11, IEEE 802.15, IEEE 802.16, 3GPP, and 3GPP2)
For more information, please see
http://www.hindawi.com/journals/wcn/si/wns.html.
International Journal on Information and Computer Security (IJICS),
Special Issue on Nature-Inspired Computation in Cryptology and Computer Security,
October 2006. (Submission due 30 September 2005)
[posted here 5/30/05]
Guest editors: John A. Clark (York University, UK)
and Julio Cesar Hernandez (Universidad Carlos III de Madrid, Spain)
Techniques taken from the field of nature-inspired computation (e.g. Genetic Algorithms,
Genetic Programming, Simulated Annealing, and Artificial Immune Systems) are steadily
gaining ground in the area of cryptology and computer security. In recent years,
nature inspired algorithms have been proposed, for example, for the design and analysis
of a number of new cryptographic primitives, ranging from pseudorandom number generators
to block ciphers, in the cryptanalysis of state-of-the-art cryptosystems, in the
design of security protocols and in the detection of network attack patterns, to
name but a few.
There is a growing interest from the cryptographic and computer security
communities towards nature-inspired techniques. This has occurred partly as a
result of these recent successes, but also because the nature of systems is changing
in a way which means traditional computer security techniques will not meet the full
range of tasks at hand. The increasing distribution, scale, autonomy and mobility of
emerging systems is forcing us to seek inspiration from nature to help deal with the
challenges ahead. There is a general feeling that the area is ripe for further research,
with dedicated conference sessions only beginning to emerge (e.g. the Conference on
Evolutionary Computation special sessions in 2003, 2004 and 2005). This special
issue of the IJICS solicits the submission of research papers in this general area.
Suitable topics include (but are not limited to) the use of nature-inspired techniques for:
- Intrusion detection
- System security management
- Security authentication technologies
- The design of cryptographic primitives
- The cryptanalysis of stream, block and public key encryption algorithms
(and other security-related algorithms, e.g. watermarking algorithms)
- The design or analysis of security protocols
For more information, please see
http://www.cs.york.ac.uk/security/NatureInspiredSecuritySpecialIssue.html.
International Journal of Information and Computer Security,
Special Issue on Systems Assurance, 2006. (Submission due 15 September 2005)
[posted here 8/27/05]
Guest editor: Steve J. Chapin (Syracuse University)
Systems Assurance comprises related areas of computer security, information assurance, public policy, management, communications, and complex systems. In this context, “system” means more than computer systems; it denotes a large-scale, complex system that is critically affected by human action. While classic technical approaches to computer security play a role in systems assurance, they are only a part of a holistic approach to real solutions. Topics of interest include, but are not limited to:
- Trust in large-scale systems
- Formal models of complex systems
- Policy management
- Distributed system security
- Autonomic systems and computing
- Economics models of complex systems
- Assurance in decentralized (e.g., peer-to-peer) systems
- Information assurance and public policy
- Management of assured systems
- Building trustworthy systems from untrusted components
- Reputation management
- Artificial life concepts in system assurance
For more information, please see
http://www.inderscience.com/ijics.
Journal of High Speed Networking, Special issue on Managing Security Polices:
Modeling, Verification and Configuration, February/March 2006. (Submission due 1 September 2005)
[posted here 6/9/05]
Guest editors: Ehab Al-Shaer (DePaul University), Clifford Neuman (University of Southern California),
Dinesh C Verma (IBM Watson Research Center), Hong Li
(Intel IT Research), and Anthony Chung (DePaul University)
The importance of effective network security policy management has been
significantly increasing in the past few years. Network security perimeter
devices such as Firewalls, IPSec gateways, Intrusion Detection and Prevention
Systems operate based on locally configured policies. However, the complexity
of managing security polices, particularly in enterprise networks that usually
have heterogeneous devices and polices, has become a main challenge for deploying
effective security. Yet these policies are not necessarily independent
as they interact with each other to form the global security policy. It is a common
practice to configure security policies on each of the perimeter devices manually and
in isolation from each other due to different administrative domains, roles and
personnel, among other reasons. As a result, rule conflicts and policy inconsistencies
may be introduced in the system, leading to serious security breach and network
vulnerability. Moreover, enterprise networks continuously grow in size and complexity,
and they are in a constant state of change (in topologies, devices, protocols, and
vulnerabilities), resulting in frequent changes in security policies. All these
make policy enforcement, modification, verification, and evaluation intractable
tasks.
This special issue is seeking solutions that offer seamless policy management
with provable security in heterogeneous multi-vender network security
environments. This special issue solicits original and unpublished contributions
addressing security policy management issues. Topics of particular interest are
automated policy management, dynamic policy-based security, security policy
verification and distribution, and policy unification that improve the
state-of-the-art in this area. Examples of selected topics include but are
not limited to:
- Policy modeling and verification using formal methods
- Conflict discovery and resolution
- High-speed security policy analysis
- Frameworks for policy testing, assessment, comparison and evaluation.
- Dynamic policy-based security management
- Adaptive security polices
- Policy visualization
- Distributed policy editing, delegation and distribution
- Policy translation: from high-to-low level and vice versa
- Data mining for policy inspection, evaluation and enhancement
- Policy-management for wireless and mobile networks
- Novel policy management architectures
- Automatic security policy management in heterogonous network environment
- Implementation and Case Studies of Security Policy Management System
- Management of Interactions between Security Policies and other policies.
- Security policy languages and management for multi-device, multi-protocol and multi-vendor
- System intelligence to enable automated policy management: monitoring, event/data
correlation and root-cause analysis
For more information, please see
http://www.mnlab.cs.depaul.edu/events/JHSN-policy/.
IEEE Journal on Selected Areas in Communications, High-speed Network Security --
Architecture, Algorithms, and Implementation, 4th
Quarter 2006. (Submission due 1 September 2005)
[posted here 1/12/05]
Guest editors: H. Jonathan Chao (Polytechnic University), Wing
Cheong Lau (Qualcomm), Bin Liu (Tsinghua University), Peter Reiher
(University of California at Los Angeles), and Rajesh Talpade (Telcordia
Technologies)
While the recent proliferation of broadband wireline and wireless
networking technologies have substantially increased the available
network capacity and enabled a wide-range of feature-rich high-speed
communication services, security remains a major concern.
Large-scale, high-profile system exploits and network attacks have
become common recurring events that increasingly threaten the proper
functioning and continual success of the communication
infrastructure and services. One key aspect of mitigating such
increasing threats is to develop new security/defense architectures,
systems, methodologies and algorithms which can scale together with
the communications infrastructure in terms of operating speed,
operational simplicity and manageability, etc. The aim of this issue
is to bring together the work done by researchers and practitioners
in understanding the theoretical, architectural, system, and
implementation issues related to all aspects of security in
high-speed networks. We seek original, previously unpublished and
completed contributions not currently under review by another
journal. Areas of interest include but are not limited to the
following topics related to high-speed network security:
- High-speed Intrusion Detection, Prevention (IDS/IPS) Systems, and malicious behavior detection
- High-speed Distributed Denial of Service (DDoS) attacks, prevention and defense systems
- High-speed network monitoring, metering, traceback and pushback mechanisms
- High-speed firewall, packet filtering and cross-layer defense coordination
- Support of authentication, confidentiality, authorization, non-repudiation in high-speed networks
- Security group communications/multicast
- Secure and scalable content-delivery networks
- Support for automated security policy configuration and realization
- Forensic methodologies for high-speed networks
- Automated attack characterization and containment in high-speed networks
- Testbeds for high-speed network security
For more information, please see
http://www.argreenhouse.com/society/J-SAC/Calls/network_security.html.
International Journal of Wireless and Mobile Computing (IJWMC),
Special Issue on Security of Computer Network and Mobile Systems,
Issue 1, 2006. (Submission due 30 June 2005)
[posted here 2/14/05]
Guest editors: Feng Bao (Institute for Infocomm Research, Singapore),
Colin Boyd (QUT, Australia), Dieter Gollmann (TU Hamburg, Germany),
Kwangjo Kim (ICU, Korea), Kaoru Kurosawa (Ibaraki Univ., Japan),
Masahiro Mambo (Tsukuba Univ., Japan), Chris Mitchell (RHUL, UK),
Yi Mu (Univ. of Wollongong, Australia), Phillip Rogaway (UC Davis, USA),
Willy Susilo(Univ. of Wollongong, Australia),
Vijay Varadharajan (Macquarie Univ., Australia),
Moti Yung (Columbia Univ., USA), and Fangguo Zhang (Sun Yat-Sen Univ., China)
Computer networks play an important role on connecting resources and people.
Advances of computer technology have been pushing forward computer networks
for high speed and broad bandwidth. Security must be enforced to suit the
emerging technologies. With the emergence of wireless technologies, such
as IEEE 802.11 and Bluetooth, mobile users are enabled to connect to
each other wirelessly. It can be realized with or without any networking
infrastructure (ad-hoc mode). Wireless access networks are rapidly becoming
a part of our everyday life. However, the security concerns remain a
serious impediment to widespread adoption. The underlying radio
communication medium for wireless network provides serious exposure to
attacks against wireless networks. Research on security in computer
networks and mobile systems covers many issues. There are many open
issues to be solved. Areas of interest for this special journal
issue include, but are not limited to, the following topics:
- Ad hoc network security
- Authentication in network and wireless systems
- Cryptographic algorithms and applications
- Denial of service
- Distributed system security
- Encryption in network and wireless systems
- Fast cryptographic algorithms and their applications
- Firewall and distributed access control
- Identity-based cryptography in network and mobile applications
- Intrusion Detection and Response
- Key management
- Multicast security
- Mobile Communications Security
- Privacy Protection
- Wireless security and algorithms
- Secure routing protocols
- Security in Peer-to-Peer networks
For more information, please see
http://www.sitacs.uow.edu.au/ijwmc/.
IEEE
Internet Computing Special Security for P2P and Ad Hoc
Networks Issue, November/December 2005. (Submission due 1 April
2005) [posted here 11/14/04]
Guest editors: Shiuhpyng Shieh (National Chiao Tung University) and
Dan Wallach (Rice University)
As the number of individual computing devices and the demand for
mobility continue to grow, peer-to-peer (P2P) systems and ad hoc
networks will become increasingly popular. Indeed, they are likely
to become integral to the future computing and networking
infrastructure.
P2P systems create application-level virtual networks with their own
routing mechanisms; they enable large numbers of computers to share
information and resources directly, without dedicated central
servers. Ad hoc networks allow mobile hosts, mobile devices, and
sensor nodes to communicate when no fixed infrastructure is
available.
Although P2P systems and ad hoc networks make communication and
resource sharing more convenient, however, they also introduce new
security challenges due to inherent aspects such as dynamic
topologies and membership, unreliability, severe resource
constrains, and the absence of a trusted infrastructure.
To explore these issues, IC invites contributions for a special
issue on security for P2P and ad hoc networks. Appropriate topics
include, but are not limited to:
- key management,
- authentication,
- access control,
- privacy and anonymity,
- secure routing,
- secure MAC protocols,
- performance and security trade-offs,
- intrusion detection and tolerance, and
- denial of service.
For more information, please see
http://www.computer.org/internet/call4ppr.htm.
Digital Crime and
Forensic Science in Cyberspace Call for Chapter Proposals.
(Submission due 5 January 2005) [posted here 12/13/04]
For more information, please see
http://www.di.uoa.gr/~nkolok/Idea.html.
IEEE
Internet Computing Special Homeland Security Issue
November/December 2004. [posted here 02/18/04]
Guest Editors
Michael Reiter - Carnegie Mellon University
Pankaj Rohatgi - IBM T.J. Watson Research Center
"Homeland security" is a major concern for governments worldwide,
which must protect their populations and the critical
infrastructures that support them, including power systems,
communications, government and military functions, and food and
water supplies. In this special issue, we seek contributions
describing the role of Internet and information technologies in
homeland security, both as an infrastructure to be protected and as
a tool for enabling the defense of other critical infrastructures.
On one hand, information technology can be used for mitigating risk
and enabling effective responses to disasters of natural or human
origin. However, its suitability for this role is plagued by
questions ranging from dependability concerns to the risks that some
technologies -- surveillance, profiling, information aggregation,
and so on -- pose to privacy and civil liberties.
On the other hand, information technology is itself an
infrastructure to be protected. This includes not only the Internet
infrastructure but also the complex systems that control critical
infrastructure such as energy, transportation, and manufacturing.
While control systems have traditionally been proprietary and
closed, the trend toward the use of standard computer and networking
technologies coupled with the use of more open networks for
communication makes these systems increasingly vulnerable to
catastrophic attacks and failures.
We invite researchers and information technologists to submit
original articles on the use of Internet and information
technologies for homeland security and on the protection of critical
technology assets. Of particular interest are articles that describe
technology within the context of an actual deployment or initiative
in homeland security. Indeed, articles focusing on these larger
initiatives or the policy debates surrounding them are also welcome,
provided that they offer a strong technology component. Articles
detailing technology without a compelling application to homeland
security are discouraged. Commercial advertisements will be
rejected.
Relevant topics include, but are not limited to:
* Identification, authentication, biometrics, and access
Control;
* Survivable/rapidly deployable emergency command and control
infrastructure;
* Risk assessment and recovery planning;
* Sensor network based early-warning systems;
* Surveillance, data aggregation, and mining technologies and
associated privacy issues;
* Controlled sharing of sensitive information among
organizations;
* Information and cybersecurity;
* High-availability, resilient, and survivable infrastructure
design; and
* Detection and response to vulnerabilities and attacks on the
Internet and on IT components in critical infrastructure.
For more information, please see
http://www.computer.org/internet/call4ppr.htm
IEEE Computer
special issue on high-speed Internet security, Editors: Simon Shim
(San Jose State University), Li Gong (Sun Microsystems), Avi Rubin
(The Johns Hopkins University), and Linley Gwennap (the Linley
Group). (submissions due January 5, 2004) [posted here 8/27/03]
The growth of high-speed Internet service has
strained the limits of existing network security measures. The CERT
Coordination Center of the Software Engineering Institute at
Carnegie Mellon University indicates that the number of reported
security-breach incidents in the first half of 2003 climbed to
76,404-compared to the 82,094 incidents reported for the entire year
in 2002. The IEEE Computer special issue will focus on
strategies for maintaining robust security standards in ever-faster
network environments. Proposed topics include but are not limited to
Internet security architecture, security servers, virtual private
networks, grid computing security, and XML security. In addition to
papers on these topics, Computer solicits case studies and
first-hand experiences with high-speed Internet security solutions.
Submission guidelines are available at
www.computer.org/computer/author.htm. Send inquiries to the
guest editors at sishim@email.sjsu.edu, li.gong@sun.com, rubin@jhu.edu,
and linleyg@linley group.com. Send .pdf files by 5 January 2004 to
computer-ma@computer.org.
Journal of the Association for Logic Programming,
TPLP
Special Issue on Specification, Analysis and Verification of
Reactive Systems, Editors: Giorgio Delzanno (University of Genova,
Italy), Sandro Etalle (University of Twente and CWI Amsterdam, the
Netherlands), and Maurizio Gabbrielli (University of Bologna,
Italy). (submissions due November 15, 2003) [posted here 8/16/03]
The huge increase in interconnectivity we have witnessed in the last
decade has boosted the development of systems which are often
large-scale, distributed, time-critical, and possibly acting in an
unreliable or malicious environment. These systems require solid
formal techniques for their specification, analysis and
verification. The topics of interest include but are not limited to:
Specification languages and rapid prototyping, Analysis, and
Validation, as applied to Security, Mobility, Interaction, and Open
and Parameterized Systems. More details on the topics of interest
can be found at a
www.cs.utwente.nl/~etalle/specialissue.html.
Journal of Digital Libraries (JDL), Special Issue on Security,
Editors: Vijay Atluri (Rutgers University, atluri@andromeda.rutgers.edu)
and Indrakshi Ray (Colorado State University, iray@cs.colostate.edu).
(submissions due November 1, 2003) [posted here 7/2/03]
Recent technological advancements have resulted in a phenomenal
growth in digital libraries. Often, professionals in the government,
military, and commercial sectors make critical decisions based on
data obtained from digital libraries. These users rely on the
correctness, availability, and secrecy of the data stored in digital
libraries. Consequently, security issues are of great concern to
both researchers and practitioners involved with digital libraries.
Recognizing the importance of the research in this area, "The
International Journal on Digital Libraries" is organizing a special
issue on security. The primary focus of this special issue will be
on high-quality original unpublished research, case studies, as well
as implementation experiences in the area pertaining to security
issues in digital libraries. Suggested topics include but are not
limited to:
- Authorization and Access Control -
Digital Watermarking
-
Authentication
- Electronic Payment
- Encryption technologies for digital libraries -
Intellectual Property Protection
- Key management in digital libraries -
Multimedia Security
- Computer Security and Public Policy - Privacy
and Anonymity
- Copy Protection and Prevention -
Security Management
- Data/System
Availability - Steganography
- Data/System
Integrity - Usage
Accounting
More information about the journal can be found at
http://cimic.rutgers.edu/~jdl/.
IEEE Security & Privacy, George Cybenko, Editor. Theme:
Understanding Privacy, Nov/Dec 2003 Issue. (submissions due July 31,
2003) [posted here 3/20/03]
Privacy is a growing concern in today's networked world. The
Nov./Dec. issue of IEEE Security & Privacy will be devoted to
privacy—its technological, commercial, and social aspects. Papers
dealing with the following privacy-related topics are welcome:
- identity theft and related abuses;
- consumer and business practices and trends affecting privacy;
- information ownership, competing claims, unresolved ambiguity;
- legal and criminal issues;
- privacy leakage case studies;
- relationships and trade-offs between security and privacy;
- privacy-enhancing technologies;
- relationships between privacy management and digital rights
management;
- formal models and definitions of privacy; and
- database issues in privacy protection.
Feature articles should be no longer than 6,000 words (tables and
figures count as 250 words each). Be sure to include all author
names, professional affiliations, mailing addresses, daytime
telephone numbers, and email addresses. Send one word-processed file
and one PostScript or PDF file to security@computer.org.
FORMATEX, a Spanish technological
organization, in collaboration with the Computer Science and Physics
Department of the University of Extremadura (Spain) is now editing a
volume within our Information Society book series, on Techno-Legal
aspects of Information Society. Some of the topics covered by this
edition are: Security of Information Systems, Networking,
E-commerce, Networks and Liberties, Informatic crimes, Public
security vs. secret communications, Legal protection of software and
digital contents, Digital Libraries, Rights Management in the
Digital Era, Electronic signature, Electronic means of payment,
Ethical issues, Law and Computer Science, Cryptography, Legal Expert
Systems, Teleworking, e-Government, Cybersquatting, Typosquatting
etc, Domain names and Trademarks, Thesaurus and documental
techniques, Law Databases, Law in Internet. The Call for Papers'
website is available at
www.formatex.org/isbook/callforpaper.htm with details on
deadlines, manuscripts format, etc. Submissions are due November 25,
2002.
IEEE Journal on Selected Areas in
Communications, Special issue on Design and Analysis Techniques
for Security Assurance. Publication: 1st quarter 2003. Editors: Li
Gong (SUN Microsystems), Joshua Guttman (The MITRE Corp), Peter Ryan
(Carnegie Mellon University), and Steve Schneider (University of
London). Submission deadline is March 1, 2002. [posted here
7/26/01]
Information security plays a dominant and increasingly critical role
in society. It is therefore essential that we have effective tools
and techniques to design and evaluate secure systems and demonstrate
that they meet their security requirements. The application of
rigorous methods to the specification, modeling, analysis, and
design of security-critical systems has made considerable strides in
recent years, and the field is rapidly gaining in maturity. The
scope of this issue will range over all rigorous, mathematically
well founded, approaches to all aspects of security system
development. This issue is intended to gather together the leading
edge approaches in this area. Papers are solicited in the following
areas:
* Security protocol analysis
* Computer security models and policies
* Information flow
* Secure architectures
* Mobility
* Tools for security analysis
* Languages
* Logics
* Static/typechecking techniques
* Smartcards
Original, unpublished contributions and invited articles will be
considered for the issue. The paper should be no longer than 20
double-spaced pages, excluding illustrations and graphs and follow
the IEEE J-SAC manuscript format described in the Information for
Authors. Authors wishing to submit papers should send an electronic
version (postscript or PDF files ONLY) to Steve Schneider at
S.Schneider@rhul.ac.uk by March 1, 2002.
Information and Security: An
International Journal. Special issue on agent-based
technologies. Publication: May 31, 2002. Editor: Petya Ivanova
(Center for National Security and Defense Research, Bulgarian
Academy of Sciences). Submission date: abstract and intent to
submit a paper - February 28, 2002; final papers - March 31, 2002.
[posted here 2/12/02]
The field of autonomous agents and multi-agent systems is an
exciting and rapidly expanding area of research and development. In
the last few years, there has been a growing interest in the
application of agent-based systems to various security-related and
military domains. In this special issue of Information & Security we
shall present the results achieved in this area, discuss the
benefits (and drawbacks) that agent-based systems may bring to the
military and the broader security community, and provide a list of
research and practical challenges that should be tackled in the near
future so that the full potential of agent-based systems is
realized. Topics include, but are not limited to:
- General and specific architectures of agents in different
settings and environments
- Cooperation and competition; coordination and collaboration
- Negotiation, consensus development, conflict detection and
resolution
- Communication protocols and languages (communication
standards)
- Intelligent cognitive activities jointly realized by multiple
agents, e.g., distributed problem solving, planning, learning, and
decision making
- Emergent behavior and organizational intelligence
- Organizational structuring and dynamics
- Mobile agents as general-purpose framework for distributed
applications
- Performance issues; security, reliability, and robustness
- Agents and the interoperability of heterogeneous systems
- Human-agent interaction and interfaces
- Architectures, environments and languages for mobile and secure
information services
- Agent capability requirements in military applications
We intend to present successful applications of agents and
multi-agent systems in the following domains:
- Military decision support systems and complex problem-solving
- Military training and education
- Collection and organization of knowledge available on the
Internet
- Information retrieval, dissemination, and monitoring across
multiple applications
For instructions and additional information on manuscript
preparation, see:
www.isn.ethz.ch/publihouse/InfoSecurity. Questions can be
addressed to infosec@mbox.digsys.bg.
Computer Communications, Special
issue on Network Security. Publication: spring 2002. Editors: Brian
Neil Levine, University of Massachusetts, and Clay Shields, Purdue
University. Submission deadline is October 5, 2001. [posted here
2/20/01]
The Internet has become the cornerstone for the proliferation of
networking technology. The quality of the security and privacy of
the services, protocols, and infrastructure that make up the
Internet is a key factor in its continued growth and survivability.
This special issue will collect and archive the state of the art in
Network Security for existing and future network technologies,
publishing research that explores: The security of infrastructure
and systems that form the network (such as routers,
application-level proxies, and servers); The security of protocols
and services that work end-to-end (such as DNS, HTTP, multimedia
conferencing and virtual environments, and e-commerce); Protocols
that protect the privacy of users on the network. An emphasis on
deployable systems and the inclusion of an analysis of their network
performance in the presence of security mechanisms is ideal. Areas
of interest include, but are not limited to:
- Network privacy and anonymity
- Multicast and group-communication security
- Intrusion detection and response
- Network traceback
- Integrating security in Internet protocols
- Security analysis of Internet protocols
- Network performance evaluation of network security protocols;
- Denial-of-service attacks and counter measures
- Virtual private networks
- Security for wireless networks and technologies
Through the publication of this special issue, we wish to bring
together researchers from the security and networking communities
that have not previously had a common forum in which to share
methodologies and techniques. Instructions for submitting a paper
are given at
signl.cs.umass.edu/comcom. Information on Computer
Communications can be found at
www.troubador.co.uk/comcom/fp.htm and
www.troubador.co.uk/comcom/fp.htm.
IEEE Internet
Computing, Special Issue on Peer-to-Peer Networking. Guest
editor: Li Gong, Sun Microsystems. Publication date:
January/February 2002. Submissions due June 1, 2001. [posted here
2/20/01]
The term peer-to-peer networking is applied to a wide range of
technologies that greatly increase the utilization of information,
bandwidth, and computing resources in the Internet. Frequently,
these P2P technologies adopt a network-based computing style that
neither excludes nor inherently depends on centralized control
points. Apart from improving performance in terms of information
discovery, content delivery, and information processing, such a
style also can enhance the overall reliability and fault-tolerance
of the computing system. This special issue of Internet Computing
will showcase significant developments in the general area of
peer-to-peer networking. Topics of interest include (but are not
limited to):
1. Peer naming, discovery, and organization
2. Peer-based communication and information sharing
3. Systems support for peer-to-peer networking
4. Security support for peer-to-peer networking
5. Peer-based network infrastructure including operating
systems
6. Peer-based services and applications
Ideally, submissions will report advances that (a) use a simple and
elegant solution to solve a seemingly complicated problem, (b) have
a solid theoretical foundation but a realistic implementation path,
and (c) are readily deployable over currently existing Internet
infrastructure. We discourage strictly theoretical or mathematical
papers on modeling of peer-to-peer computing. If you are uncertain
about your submission in terms of scope, please provide an abstract
to the guest editor for clarification before submission. (note: the
complete call for papers has not been posted on the IEEE web site
yet. We will update this Cipher entry when the URL is known. In
the interim, you may choose to contact the guest editor, Dr. Li Gong
at li.gong@sun.com)
IEEE Computer, Special issue on
embedded system security. Guest editors: William A. Arbaugh,
University of Maryland, and Leendert Van Doorn, IBM Research.
Submission deadline is March 15, 2001. [posted here 12/18/00]
Embedded systems range from personal digital assistants to disk
controllers and from home thermostats to microwave regulators.
These near-ubiquitous devices are often networked and thus present
security challenges similar to those already of concern on the
Internet. This special issue will consider the security and privacy
that networked embedded systems present. Submissions are sought on
all topics relating to embedded system security including risk
analysis, privacy issues, software security architectures, security
requirements for embedded operating systems, embedded cryptographic
devices, using embedded devices to build secure systems, and secure
firmware upgrades. For further information see
www.cs.umd.edu/~waa/ieee-cfp.html.
Internet Computing , Call for papers
on "Widely Deployed Internet Security Solutions", November/December
2000, Guest Editors: Li Gong and Ravi Sandhu. (Submissions due:
April 28, 2000) [posted here January 28, 2000].
The goal of this special issue is two-fold. One is to reflect on
security technology that have made into mainstream products and have
been widely deployed within the past decade. An interesting
perspective is why these solutions were picked over other competing
solutions and what made them more attractive and acceptable. The
other part of the goal is to access the state of the art in security
research and technology with the hope that these investigations
point to what may be deployed in the next decade. Topics of Interest
include (but are not limited to) descriptions of and perspectives
(historic, legal, etc.) on:
* Security solutions that are widely deployed
* Security solutions that were once fashionable but
no longer in use
* Prevailing security solutions that are becoming
obsolete
* Emerging security solutions that are likely to be
widely deployed
We welcome submissions regarding security solutions covering all
aspect of computing, including operating systems, networking,
databases, distributed systems, human-computer interaction, the web,
the Internet, information appliances, and wireless communication.
However, we discourage abstract theory/idea papers, especially pure
cryptography theory or crypto protocol papers. Our focus is on
security solutions that were, are, or will be widely deployed.
Submission instructions can be found on the journal web page at
church.computer.org/internet/call4ppr.htm.
IEEE Software, Call for Articles &
Reviewers, Malicious Information Technology: The Software vs. The
People Publication: Sept./Oct. 2000. Guest Editors: Nancy Mead (nrm@sei.cmu.edu)
and Jeffrey Voas (jmvoas@rstcorp.com). (Submissions due: April 1,
2000) [posted here November 3, 1999].
Software was intended to improve the quality of human life by doing
tasks more quickly, reliably, and efficiently. But today, a
"software vs. people" showdown appears eminent. Software is
increasingly becoming a threat to people, organizations, and
nations. For example, the spread of the Melissa virus illustrates
the ease with which systems can be penetrated and the ubiquity of
the consequences; the Melissa virus caused many companies to shut
down their EMail systems for days or even weeks. The origin of these
threats stems from a variety of problems. One problem is negligent
development practices that lead to defective software. Security
vulnerabilities that occur as a result of negligent development
practices (e.g., commercial Web browsers allowing unauthorized
individuals to access confidential data) are likely to be discovered
by rogue individuals with malicious intentions. Other security
vulnerabilities are deliberately programmed into software (e.g.,
logic bombs, Trojan Horses, and Easter eggs). Regardless of the
reason why information systems are vulnerable, the end result can be
disastrous and widespread. Because of the increased danger that
malicious software now poses, we seek original articles on the
following specific issues:
|
|
* Intrusion detection |
|
|
* Information survivability |
|
|
* Federal critical
infrastructure protection plans |
|
|
* Federal laws prohibiting
encryption exports vs. US corporations |
|
|
* State-of-the-practice in
security testing |
|
|
* The Internet's "hacker
underground" |
|
|
* Corporate information
insurance |
|
|
* Penalties for those
convicted of creating viruses |
|
|
* Case studies in
information security and survivability |
Authors: Submit one electronic copy in RTF
interchange or MS-Word format and one PostScript or PDF version to
the magazine assistant at software@computer.org. Articles must not
exceed 5,400 words including tables and figures, which count for 200
words each. For detailed author guidelines, see
www.computer.org/software/edguide.htm. Reviewers: Please e-mail
your contact information and areas of interest to a guest editor.
Journal of
Theoretical Computer Science, special issue on Dependable
Computing. Guest Editor: Gilles Motet. (Submissions due: December
20, 1999) [posted here October 15, 1999].
Papers should be sent as attached rtf, postscript or pdf files to
Guest Editor: Gilles Motet / LESIA DGEI, INSA, 135, avenue de
Rangueil / 31077 Toulouse cedex 4 / France. Email: Gilles.Motet@insa-tlse.fr.
More information can be found at:
wwwdge.insa-tlse.fr/~lesia/tcs-call-for-paper.html.
Computer Communications Journal,
special issue on Advances in Research and Application of Network
Security, first quarter 2000. Guest Editors: Dr. M. Merabti (John
Moores University, UK), Dr. Q. Shi (John Moores University, UK), and
Dr. Rolf Oppliger (Swiss Federal Office of information Technology &
Systems) (full papers due September 1, 1999) [posted here June 15,
1999].
The special issue aims to publish original research results of both
theoretical and practical significance. Topics of interest include,
but are not limited to
-
Security architectures and protocols
-
Intrusion detection
-
Authentication and key management
-
Authorisation and access control
-
Secure electronic commerce
-
Privacy and anonymity
-
Mobile code and web security
-
Mobile communication security
-
Security analysis
The deadline for receipt of four copies of
full manuscripts is September 1, 1999. Please, refer to URL
www.crlpublishing.co.uk/crl/COMCOM/fp.htm#anchor448658 to get
further information.
International Journal of Computer
Systems: Science & Engineering Special Issue on Developing
Fault-Tolerant Systems with Ada. (Abstracts due June 1, 1999; full
papers due: June 15, 1999) [posted here: 2/5/99].
An electronic version of the abstract is to be sent to A. Romanovsky
at: alexander.romanovsky@ncl.ac.uk (phone:+44 191 222 8135; fax: +44
191 222 8232) by June 1, 1999. Full submissions are to be forwarded
by June 15, 1999 to one of the guest editors (electronic submissions
are encouraged): A. Romanovsky or A.J. Wellings at andy@minster.cs.york.ac.uk
More information:
www.cs.ncl.ac.uk/people/alexander.romanovsky/home.formal/ftada.html.
ACM
Transactions on Software Engineering and Methodology Special
issue on Software Engineering and Security. Guest Editors: Premkumar
Devanbu (devanbu@cs.ucdavis.edu, UC Davis) and Stuart Stubblebine, (stubblebine@cs.columbia.edu).
(DEADLINE EXTENDED TO JUNE 1, 1999) [posted here: 12/14/98].
Software system security issues are no longer only of primary
concern to military, government or infrastructure systems. Every
palmtop, desktop and TV set-top box contains or will soon contain
networked software. This software must preserve desired security
properties (authenticity, privacy, integrity) of activities ranging
from electronic commerce, electronic messaging, and browsing. From
being a peripheral concern of a limited and specialized group of
engineers, security has become a central concern for a wide range of
software professionals. In addition, software is no longer a
monolithic shrink-wrapped product created by a single development
organization with a well-defined software process. Instead, it is
composed of components constructed by many different vendors
following different practices. Indeed, software may even contain
elements that arrive and are linked in just prior to execution.
Customers need assurance that constituent components and mobile code
have certain desirable properties; this need conflicts with the need
for vendors to protect their proprietary information. The issue of
providing assurance without full disclosure has been studied in
security research, and needs to be applied to this problem. To
provide a focus for these and other interactions between security
and software engineering, ACM TOSEM will bring out a special issue
dedicated to the intersection of concerns between the two fields. We
solicit submissions that address the following issues and sub-areas:
-
How can security be used to address
problems in distributed software development? How does one build
trust and control in the distributed enactment of software
processes while protecting intellectual property?
-
Trust in software process; Trust in
software tools; Trusted (distributed) configuration management.
-
Can conventional, standard software
engineering techniques be used to achieve verifiably higher levels
of security in heterogeneous, distributed systems? What new
software engineering techniques are needed?
-
Formal Verified implementations of security
protocols; Traceability of correctness into implementation;
Testing of security protocols; Specification of Secure Systems;
Domain specific languages for Secure systems; Static/Dynamic
Analysis for System Security; Security Testing (property-based,
coverage-based, etc.); Configuring trusted systems; Evolving
Legacy Systems for greater security.
-
Intellectual Property Protection: can
security techniques be used to protect the valuable investments in
software?
