CALL FOR PAPERS 2008 IEEE Symposium on Security and Privacy May 18-21, 2008 The Claremont Resort, Berkeley/Oakland, California, USA http://www.ieee-security.org/TC/SP2008/oakland08-cfp.html Sponsored by IEEE Computer Society Technical Committee on Security and Privacy In cooperation with The International Association for Cryptologic Research (IACR) Symposium Committee: General Chair: Yong Guan (Iowa State University, USA), oakland08-generalchair @ ieee-security.org Registration and Publicity Chair: David Du (University of Minnesota/National Science Foundation, USA) Treasurer: David Shambroom (Intersystems, USA) Program Co-Chairs: Patrick McDaniel (Pennsylvania State University, USA) Avi Rubin (Johns Hopkins University, USA) Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for the presentation of developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field. Previously unpublished papers offering novel research contributions in any aspect of computer security or electronic privacy are solicited for submission to the 2008 symposium. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains. The Symposium is also open to the submission of co-located half-day or one-day workshops. See below for these and other program elements. Topics of interest include, but are not limited to, the following: Access control and audit Anonymity and pseudonymity Application-level security Biometrics Cryptographic protocols Database security Denial of service Distributed systems security Formal methods for security Information flow Intrusion detection and prevention Language-based security Malicious code prevention Network security Operating system security Peer-to-peer security Privacy Risk analysis Secure hardware and smartcards Security engineering Security policy User authentication Note: S&P is a general security and privacy conference. Papers without concrete and demonstrated relation to security and/or privacy will be rejected without review. For example, papers on topics in cryptography without clear, executed application to security or privacy will not be reviewed. Program Committee: William Aiello, University of British Columbia, Canada Elisa Bertino, CERIAS and CS Department, Purdue University, USA Matt Blaze, University of Pennsylvania, USA Christian Cachin, IBM Zurich Research Lab, Switzerland Crispin Cowan, Novell, USA Robert Cunningham, MIT Lincoln, USA Dave Evans, University of Virginia, USA Kevin Fu, UMass, USA Michael Franz, UCI, USA Carl Landwehr, DTO, USA Yingjiu Li, Singapore Management University, Singapore Jonathon Giffin, Georgia Institute of Technology, USA Virgil Gligor, University of Maryland, USA Steve Gribble, University of Washington, USA Susan Hohenberger, Johns Hopkins University, USA Trent Jaeger, Penn State University, USA Somesh Jha, University of Wisconsin, USA Ari Juels, RSA, USA Angelos Keromytis, Columbia University, USA Yongdae Kim, University of Minnesota Twin Cities, USA Tadayoshi Kohno, University of Washington, USA Christopher Kruegel, Technical University Vienna, Austria Andrew Myers, Cornell University, USA Wenke Lee, Georgia Institute of Technology, USA Ninghui Li, Purdue University, USA Gary McGraw, Cigital, USA Fabian Monrose, Johns Hopkins University, USA Hilarie Orman, Purple Streak, USA Vern Paxson, ICSI/Berkeley Atul Prakash, University of Michigan, USA Niels Provos, Google, USA Steve Zdancewic, University of Pennsylvania, USA R. Sekar, State University of New York at Stony Brook, USA Dawn Song, CMU, USA Sean Smith, Dartmouth College, USA Adam Stubblefield, Independent Security Evaluators, USA Gene Tsudik, UCI, USA Dan Wallach, Rice University, USA David Wagner, UCB, USA AWARDS This year we are reintroducing awards for the "best paper" and "best student paper" from the accepted program. Judged by the chairs and several representatives from the program committee, this award will be given to the paper deemed to have the highest overall quality, as measured by scientific contribution, depth, and impact. A student must be the first author to be eligible for the best student paper. In conjunction with the IEEE Security and Privacy magazine, the conference organizers wish to introduce an award for the "most practical" paper appearing in the conference. This award will be judged on the paper most likely to immediately improve the security of current environments and systems. In additional to the award presented at the conference, this paper will be invited to appear in the IEEE Security and Privacy Magazine. INSTRUCTIONS FOR PAPER SUBMISSIONS All submissions MUST reflect original work and MUST adequately document any overlap with previously published or simultaneously submitted papers from any of the authors. Especially, simultaneous submission of the same paper to another conference with proceedings or a journal is not allowed. Failure to clearly document such overlaps will lead to automatic rejection. If authors have any doubts regarding such overlaps, they should contact the program chairs prior to submission. Papers should be submitted in Portable Document Format (.pdf) using an 11-point font, single column layout, standard interline spacing, and reasonable margins. Papers must not exceed 15 pages, excluding the bibliography and well-marked appendices. Committee members are not required to read the appendices, so papers must be intelligible without them. You can also consider using IEEE standard Latex template (Note: please use onecolumn option), which can be found at http://www.ieee.org/web/publications/authors/transjnl/index.html . We request that submissions be in US letter paper size (not A4) if possible. We urge authors to follow the NSF "Fastlane" guidelines for document preparation (https://www.fastlane.nsf.gov/documents/pdf_create/pdfcreate_05.jsp), and to pay special attention to unusual fonts. Papers should be submitted in a form suitable for anonymous review: remove author names and affiliations from the title page, and avoid explicit self-referencing in the text. When referring to your previous work, do so in the third person, as though it were written by someone else. Only blind the reference itself if a third-person reference will clearly not work. Please submit your paper through the submissions website at http://oakland08.cse.psu.edu in .pdf form only. If you have any difficulty submitting a paper or have any questions about the submission process, please contact the submission chair, Kevin Butler (Pennsylvania State University) at butler@cse.psu.edu. For any questions, contact the program chairs at oakchairs08@ieee-security.org Paper submissions due: November 9, 2007, 23:59:00 EST (GMT-5). (No extensions!) Acceptance notification: January 25, 2008. Final papers due: March 1, 2008. Submissions received after the submission deadline or failing to conform to the guidelines above risk rejection without consideration of their merits. Authors are responsible for obtaining appropriate clearances; authors of accepted papers will be asked to sign IEEE copyright release forms. Where possible all further communications to authors will be via email. CO-LOCATED WORKSHOPS We are also encouraging the submissions of workshops to be associated with IEEE SP 2008. A workshop call will be made available on the symposium website in the near future. 5-MINUTE TALKS A continuing feature of the symposium is a session of 5-minute talks where attendees can present preliminary research results or summaries of works published elsewhere. Abstracts for 5-minute talks must fit on one US letter or A4 page, including the title and all author names and affiliations. Submit abstracts prior to the conference by email to Dr. Jonathon Giffin (giffin@cc.gatech.edu); or by Monday morning at the conference by hardcopy given to the 5-minute talks chairs. While the majority of these presentations will be accepted and notified per the above dates, we will also review and accept a small number of presentations prior to the meeting, with an early decision, for those who require a decision in order to plan their travel. Due dates for these presentation will be announced in the final symposium call.