International Conference on Risks and Security
                            of Internet and Systems
                              Colocated with IEEE GIIS
                             2-5 July 2007
                                   Marrakech - Morocco


                  ****  Submission Deadline: March25, 2007 ***

The Internet has become essential for the exchange of information. 
Many user
groups from different backgrounds and with different objectives depend on
it to perform their daily tasks. Various activities are carried out via the
Internet: B2B, B2C, or between individuals who create their own virtual
communities. Moreover, many companies are interconnecting their IT systems,
including SCADA systems, directly or indirectly to the Internet.

At the same time, the use of the Internet is facing increasing risks
regarding privacy and security, in particular due to vulnerabilities induced
by the complexity of Internet-related applications. Therefore, new security
mechanisms and techniques should be deployed to achieve an assurance level
acceptable for critical domains such as transportation, health, defence,
banking, critical infrastructures, etc.

Attackers nowadays do not lack motivation and they are more and more
experienced. The existence of vulnerabilities encourages different kinds
of attackers to exploit them and gain access to personal computers or
penetrate into IT systems belonging to companies or administrations.

In this context, dependability, security and privacy become a priority that
should be addressed by all actors in research, industry, services and


* T O P I C S *

The topics addressed by CRiSIS range from the analysis of risks, attacks and
vulnerabilities to system survivability, passing through security policies
and models, security mechanisms and privacy enhancing technologies. Authors
are invited to submit research results as well as practical experiment or
deployment reports. Industrial papers about applications or case studies are
also welcomed in different domains (e.g., telemedicine, e-government,
e-learning, e-commerce, critical infrastructures, etc.). 

The list of topics includes, but is not limited to:
* Analysis and management of risk, attacks and vulnerabilities
* Security and dependability of operating systems and network components
* Web services and middleware security
* Dependability and fault tolerance of Internet applications
* Security and safety of critical infrastructures
* Security and privacy of peer-to-peer system, wireless networks, VPN and
  embedded systems
* Security of new generation networks, security of Voice-over-IP and
* Security of database systems, security of e-commerce and electronic voting
* Authentication, authorization and audit
* Privacy protection and anonymization
* Traceability and forensics
* Security models and security policies
* Formal methods, verification and certification
* Key management Infrastructure (PKI) and trust management
* Biometrics, watermarking, cryptography and security protocols
* Access controls and security mechanisms
* Use of smartcards and personal devices for Internet applications
* Firewalls and intrusion detection systems
* Viruses, worms and malicious codes
* Attack data acquisition (honeypots) and network monitoring
* Metrology, security evaluation, and security management
* Organizational, ethical and legal issues.

I M P O R T A N T   D A T E S


* Paper submission deadline:   March   25, 2006

* Acceptance notification:     April   25, 2006

* Final version due:           May     15, 2006


Papers must be written in English or French, and must be submitted
electronically in PDF format. 

Maximum paper length is 8 printed pages for full papers or 4 pages for short
papers, including figures in IEEE 2-column style
(See http://www.computer.org/portal/site/cscps)

The cover page should include paper title, author's full names, affiliations
and complete addresses (telephone, fax, email), abstract, and a list of

Paper submissions must be received by 25 March 2007, via CRiSIS 2007 website.


Authors of the best CRiSIS 2007 papers will be invited to submit extended
versions for possible publication in a special issue of an International


G E N E R A L   C H A I R


Yves Deswarte

P R O G R A M  C O M M I T T E E

Anas         Abou El Kalam LIFO - ENSI de Bourges (PC Chair)
Rachida      Ajhoun        ENSIAS,Morocco
Mahmoud      Boufaida      University of Constantine, Algeria
Michel       Cukier        University of Maryland, USA 
Frédéric     Cuppens       ENST de Bretagne,France
Marc         Dacier        Eurecom, France
Sabrina      De Capitani   Università di Milano, Italy
Hervé        Debar         France Télécom R&D, France
Mourad       Debbabi       Concordia Institute of Information Systems, Canada
Yuri         Demchenko     Universiteit van Amsterdam, Netherlands
Geert        Deconinck     Katholieke Universiteit Leuven,Belgium
Rachida      Dssouli       Concordia, University, Canada 
Aziz         El Fazziki    Université de Marrakech (FSSM), Morocco
Jean-Guy     Fontaine      Istituto Italiano di Tecnologia, Italy
Dieter       Gollmann      Technische Universität Hamburg-Harburg, Germany
Frédéric     Kratz         LVR - ENSI de Bourges, France
Catherine    Meadows       Naval Research Laboratory, USA
Jean-Jacques Quisquater    Université de Louvain, Belgium
Michael      Rusinowitch   LORIA - INRIA, France
Ahmed        Serhrouchni   ENST de Paris, France
Hesham       Soultan       IBM, Egypt
Gilles       Trouessin     Oppida, France
Paulo        Verissimo     Universidade de Lisboa, Portugal