y CFP: Journal of High Speed Networking, Special issue on Managing Security Polices: Modeling, Verification and Configuration
C A L L   F O R   P A P E R S

Journal of High Speed Networking, 

Special issue on Managing Security Polices: Modeling, Verification and


Submission Deadline: September 1, 2005
Notification of acceptance: December, 2005
Final papers due: February 2006

The importance of effective network security policy management has
been significantly increasing in the past few years. Network security
perimeter devices such as Firewalls, IPSec gateways, Intrusion
Detection and Prevention Systems operate based on locally configured
policies. However, the complexity of managing security polices,
particularly in enterprise networks that usually have heterogeneous
devices and polices, has become a main challenge for deploying
effective security. Yet these policies are not necessarily independent
as they interact with each other to form the global security
policy. It is a common practice to configure security policies on each
of the perimeter devices manually and in isolation from each other due
to different administrative domains, roles and personnel, among other
reasons. As a result, rule conflicts and policy inconsistencies may be
introduced in the system, leading to serious security breach and
network vulnerability. Moreover, enterprise networks continuously grow
in size and complexity, and they are in a constant state of change (in
topologies, devices, protocols, and vulnerabilities), resulting in
frequent changes in security policies. All these make policy
enforcement, modification, verification, and evaluation intractable

This special issue is seeking solutions that offer seamless policy
management with provable security in heterogeneous multi-vender
network security environments. This special issue solicits original
and unpublished contributions addressing security policy management
issues. Topics of particular interest are automated policy management,
dynamic policy-based security, security policy verification and
distribution, and policy unification that improve the state-of-
the-art in this area. Examples of selected topics include but are not
limited to:
*          Policy modeling and verification using formal methods 
*          Conflict discovery and resolution 
*          High-speed security policy analysis
*          Frameworks for policy testing, assessment, comparison and
*          Dynamic policy-based security management
*          Adaptive security polices
*          Policy visualization 
*          Distributed policy editing, delegation and distribution 
*          Policy translation: from high-to-low level and vice versa
*          Data mining for policy inspection, evaluation and enhancement
*          Policy-management for wireless and mobile networks
*          Novel policy management architectures
*          Automatic security policy management in heterogonous network
*          Implementation and Case Studies of Security Policy Management
*          Management of Interactions between Security Policies and other
*          Security policy languages and management for multi-device,
           multi-protocol and multi-vendor 
*          System intelligence to enable automated policy management:
           monitoring, event/data 
           correlation and root-cause analysis


Paper submissions must present original, unpublished research or
experiences.  Submissions exceeding the above mentioned paper size
will not be reviewed and returned to the authors. Submitted papers
must not exceed 20 pages double space and 12-point font size. Paper
must be submitted online as PDF format via the EDAS web cite
(https://edas.info). For questions, you can send an email to one of
the guest editors:

Guest Editors:

Ehab Al-Shaer               Clifford Neuman                   Dinesh C Verma 
School of Computer Science  Information Sciences Institute,   IBM Watson 
DePaul University,          University of Southern California   Research Center
Chicago, USA                CA, USA                           NY, USA       
ehab@cs.depaul.edu          bcn@isi.edu                       dverma@us.ibm.com

Hong Li,                   Anthony Chung
Senior Researcher          School of Computer Science
Intel IT Research          DePaul University           
CA, USA                    Chicago, USA
hong.c.li@intel.com        chung@cs.depaul.edu

Ehab Al-Shaer, PhD
Associate Professor, 
School of Computer Science, Telecommunications and Information Systems
243 South Wabash,
DePaul University, Chicago, IL 60604

phone: (312) 362 5137
fax: (312) 362 6116