News Bits


Gary McGraw's new book "Building Secure Software" was just published by Addison-Wesley as part of the Professional Computing Series.  AW's web site is undergoing renovation and is temporarily down.  You should be able to obtain more information soon at


Note From Heather Hinton, General Chair of the 2002 S&P symposium:

Please welcome Terry Hall of Boeing to the Security and Privacy Leadership group.  Terry has graciously volunteered to take over as treasurer from Brian Loe.  Terry has been with Boeing (and previous Boeing-bought companies) for 6 years.  Brian has recently changed jobs and is no longer able to act as Treasurer.  He has certainly worked hard enough to deserve the break. Many thanks for your time and dedication over the last several years, Brian.  Welcome Terry and many thanks Brian!


Early registration for the Applied Computer Security Applications Conference (ACSAC) has been extended to November 30, 2001.  Some hotel rooms may be available at the Sheraton at the ACSAC block rate (equal to the US Govt. per diem rate), so be sure to mention this conference when you reserve. The 17th ACSAC Advance Program for the 17th Annual Computer Security Applications Conference (ACSAC) on our web site at The Conference will be held 12 - 14 December 2001 in New Orleans, Louisiana, USA. Our tutorials will be held on 10 - 11 December 2001.
This year's program features 13 tutorials, 42 papers, 4 panels, and a number of case studies.  New this year are three "classic papers", a "Birds of a Feather" session on Wednesday evening, and a "Works in Progress" session on Thursday evening.

Call For Papers
15th IEEE Computer Security Foundations Workshop
June 24-26, 2002
Keltic Lodge, Cape Breton, Nova Scotia, Canada

Sponsored by the Technical Committee on Security and Privacy of the IEEE Computer Society

This workshop series brings together researchers in computer science to examine foundational issues in computer security. For background information about the workshop, and an html version of this Call for Papers, see the CSFW home page We are interested both in new results in theories of computer security and also in more exploratory presentations that examine open questions and raise fundamental concerns about existing theories. Both papers and panel proposals are welcome.

Possible topics include, but are not limited to:

  • Access control Authentication Data and system integrity
  • Database security Network security Distributed systems security
  • Anonymity Intrusion detection Security for mobile computing
  • Security protocols Security models Decidability issues
  • Privacy Executable content Formal methods for security
  • Information flow Language-based security

For background information about the workshop, see This year the workshop will be held in Cape Breton, Nova Scotia, Canada. For background information about the location and the organization, see last year's edition web page (

The proceedings are published by the IEEE Computer Society Press and will be available at the workshop. Selected papers will be invited for submission to the Journal of Computer Security. In addition, attendees will receive "CSFW 1-15", a compendium CD-ROM containing papers from CSFW-15 and all previous editions of the workshop.

Instructions for Participants

Submission is open to anyone. Workshop attendance is limited to about 50 participants. Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal or a conference with a proceedings. Papers should be at most 20 pages long excluding the bibliography and well-marked appendices (using 11-point font, single column format, and reasonable margins on 8.5"x11" paper), and at most 25 pages total. Alternatively, papers can be submitted using the two-column IEEE Proceedings style available for various document preparation systems at Papers in this style should be at most 12 pages long (at most 15 pages including bibliography and appendices). The page limit will be strictly adhered to. Committee members are not required to read the appendices, and so the paper should be intelligible without them. Proposals for panels should be no longer than five pages in length and should include possible panelists and an indication of which of those panelists have confirmed participation.

To submit a paper, send to a plain ASCII text email containing the title and abstract of your paper, the authors' names, email and postal addresses, phone and fax numbers, and identification of the contact author. To the same message, attach your submission (as a MIME attachment) in PDF or portable postscript format. Do NOT send files formatted for word processing packages (e.g., Microsoft Word or WordPerfect files). Submissions received after the submission deadline or failing to conform to the guidelines above risk rejection without consideration of their merits. Where possible all further communications to authors will be via email. If for some reason you cannot conform to these submission guidelines, please contact the program chair at At least one coauthor of each accepted paper is expected to attend CSFW-15. Papers that do not adhere to this policy will be removed from the proceedings.

Important Dates

Submission deadline: February 5, 2002
Notification of acceptance: March 15, 2002
Camera-ready papers: April 9, 2002

Program Committee

Drew Dean, SRI International, USA
Yves Deswarte, LAAS-CNRS, France
Riccardo Focardi, University of Venice, Italy
Dieter Gollmann, Microsoft Research, UK
Joshua Guttman, MITRE, USA
Masami Hagiya, University of Tokyo, Japan
Alan Jeffrey, DePaul University, USA
Fabio Massacci, University of Trento, Italy
Cathy Meadows, Naval Research Labs, USA
John Mitchell, Stanford, USA
Peter Ryan, Carnegie Mellon University, USA
Andrei Sabelfeld, Chalmers University, Sweden
Steve Schneider (chair), Royal Holloway, University of London, UK
Vijay Varadharajan, Macquarie University, Australia
Rebecca Wright, AT&T Labs, USA

Workshop Location

Like last year's edition, the workshop will be held at the Keltic Lodge in beautiful Cape Breton, Nova Scotia. Located on a narrow peninsula on the Atlantic Ocean, the Lodge's comfortable rooms offer breathtaking views of the rugged shore, vibrant in sunny days and majestic when shrouded in mist. Activities on the premises include tennis, swimming in the heated pool, golf, and mountain biking. The picturesque fishing villages along the scenic Cabot Trail offer opportunities to get acquainted with the local lifestyle and also to embark in such activities as ocean swimming, whale watching, and sea kayaking. Moose, bears and other wildlife are often seen while hiking and camping in the surrounding Cape Breton Highlands National Park. Cape Breton also hosts the final home of Alexander Graham Bell and the station from which Guglielmo Marconi transmitted the first recorded East-bound radio signal across the Atlantic. The Keltic Lodge is 4 hours by car from Halifax International Airport along a magnificent drive. There are direct flights between Halifax and numerous European and American cities. Sydney Regional Airport is 1 1/2 hours by car from the Keltic Lodge and has flights every 2 hours to Halifax. More travel information can be found from the CSFW website.

Additional Information

The web page of CSFW-14, at, (same location, same organization) contains relevant information and is likely to provide answers to many questions. For further information contact:
General Chair
Iliano Cervesato
ITT Industries, Inc. - AES Division
2560 Huntington Avenue
Alexandria, VA 22303-1410
Program Chair
Steve Schneider
Department of Computer Science
Royal Holloway, University of London
Egham, Surrey, TW20 0EX
+44 1784 443431
Publications Chair
Jonathan Herzog
The MITRE Corporation
202 Burlington Road
Bedford, MA 01730-1420


News Bits contains correspondence, interesting links, non-commercial announcements and other snippets of information the editor thought that Cipher readers might find interesting.  And, like a UCITA protected product, by reading the above page you have already agreed to not hold the editor accountable for the correctness of its contents.