Commentary and Opinion
Robert Bruen's review of Steal This File Sharing Book. What They Won't Tell You About File Sharing by Wallace Wang
Robert Bruen's review of Security Sage's Guide to Hardening the Network Infrastructure by Steven Andres and Brian Kenyon
Robert Bruen's review of Open Source Security Tools. A Practical Guide to Security Applications by Tony Howlett
Terry Benzel's announcement of The DETER Network Security Testbed
Carrie Gate's announcement of The SiLK Suite of Netflow Tools
Sean Turner and Russ Housley's report on IETF Revises Cryptographic Message Syntax and Secure Multipurpose Internet Mail Extensions
Jason Holt's report on The Rise of Pairing-based Cryptography and Identity-Based Encryption
Conference and Workshop Announcements
As the number of individual computing devices and the demand for
mobility continue to grow, peer-to-peer (P2P) systems and ad hoc
networks will become increasingly popular. Indeed, they are likely to
become integral to the future computing and networking infrastructure.
P2P systems create application-level virtual networks with their own
routing mechanisms; they enable large numbers of computers to share
information and resources directly, without dedicated central
servers. Ad hoc networks allow mobile hosts, mobile devices, and
sensor nodes to communicate when no fixed infrastructure is available.
Although P2P systems and ad hoc networks make communication and
resource sharing more convenient, however, they also introduce new
security challenges due to inherent aspects such as dynamic topologies
and membership, unreliability, severe resource constrains, and the
absence of a trusted infrastructure.
To explore these issues, IC invites contributions for a special issue
on security for P2P and ad hoc networks. Appropriate topics include,
but are not limited to:
Calls for Papers, new since Cipher 62
Guest editors: Shiuhpyng Shieh (National Chiao Tung University) and Dan Wallach (Rice University)
As the number of individual computing devices and the demand for mobility continue to grow, peer-to-peer (P2P) systems and ad hoc networks will become increasingly popular. Indeed, they are likely to become integral to the future computing and networking infrastructure.
P2P systems create application-level virtual networks with their own routing mechanisms; they enable large numbers of computers to share information and resources directly, without dedicated central servers. Ad hoc networks allow mobile hosts, mobile devices, and sensor nodes to communicate when no fixed infrastructure is available.
Although P2P systems and ad hoc networks make communication and resource sharing more convenient, however, they also introduce new security challenges due to inherent aspects such as dynamic topologies and membership, unreliability, severe resource constrains, and the absence of a trusted infrastructure.
To explore these issues, IC invites contributions for a special issue on security for P2P and ad hoc networks. Appropriate topics include, but are not limited to:
For more information, please see http://www.computer.org/internet/call4ppr.htm
This workshop focuses on stimulating new ideas in order to reshape cluster protection strategies. Clearly cluster security is a complex, multi-dimensional problem with dynamics over time so a large variety of approaches may be appropriate including prevention, monitoring, measurements, mitigation, and recovery. Papers with demonstrated results will be given priority. Two categories of papers will be considered: Long Paper (12 pages) and Work-In-Progress/Short Paper (6 pages). A list of potential topics includes but is not limited to the following:
More information can be found on the workshop web page at http://www.ncassr.org/projects/cluster-sec/ccgrid05/
The ISH-05 Workshop, held in conjunction with the International Conference on Computational Science & Its Applications (ICCSA '05), is intended as an international forum for researchers in all areas of information security and information hiding. Submissions of papers presenting a high-quality original research are invited for the Workshop tracks:
Topics of interest:
More information can be found on the workshop web page at http://www.swinburne.edu.my/rphan/ISH05.htm
This workshop aims at focussing the attention of the research community on the increasing complexity and relevance of trust, privacy and security issues in ubiquitous computing.
Suggested submission topics include, but are not limited to the following ones in mobile (ad Hoc) networks, sensor networks, P2P systems, portable/embedded/weareable devices ...
The special interest group Security - Intrusion Detection and Response (SIDAR) of the German Informatics Society (GI) organizes DIMVA as an annual conference that brings together experts from throughout Europe to discuss the state of the art in the areas of intrusion detection, detection of malware, and assessment of vulnerabilities. DIMVA emphasizes the collaboration and exchange of ideas between industry, academia, law enforcement and government, and invites four types of submissions: full papers, industry papers, panel proposals, and tutorial proposals.
For more info, please see http://www.dimva.org/dimva2005
This workshop series brings together researchers in computer science to examine foundational issues in computer security. For background information about the workshop, and an html version of this Call for Papers, see the CSFW home page www.csl.sri.com/csfw/index.html We are interested both in new results in theories of computer security and also in more exploratory presentations that examine open questions and raise fundamental concerns about existing theories. Both papers and panel proposals are welcome. Possible topics include, but are not limited to:
Original research papers on all technical aspects of cryptology are solicited for submission to ACNS '05, the Third annual conference on Applied Cryptography and Network Security. There are two tracks for ACNS: a research track and an industrial track. The latter has an emphasis on practical applications. In addition, submissions to the industrial track may be talk proposals (rather than full papers). The PC will consider moving submissions between tracks if the PC feels that a submission is more appropriate for that track (with author permission). Topics of relevance include but are not limited to:
The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in security of computer systems. The 14th USENIX Security Symposium will be held August 1-5, 2005, in Baltimore, MD.
All researchers are encouraged to submit papers covering novel and scientifically significant practical works in security or applied cryptography. Submissions are due on February 4, 2005, 11:59 p.m. PST. The Symposium will span five days: a two-day training program will be followed by a two and one-half day technical program, which will include refereed papers, invited talks, Work-in-Progress reports, panel discussions, and Birds-of-a-Feather sessions.
For further info, see http://www.usenix.org/events/sec05/cfp/
The 25th International Cryptology Conference will be held at the University of California, Santa Barbara. The academic program covers all aspects of cryptology. Formal proceedings, published by Springer-Verlag, will be provided to registered attendees at the conference. Technical sessions will run from Monday morning to Thursday noon, with a non-technical activities half-day on Tuesday afternoon.
For further info, see http://www.iacr.org/conferences/c2005/index.html
Original Research Papers on all aspects of the Economics of Information Security are solicited for submission to the Fourth Workshop on the Economics of Information Security. Topics of interest include liability and other legal incentives, game theoretic models, economics of digital rights management, security in open source and free software, cyber-insurance, disaster recovery, trusted computing, reputation economics network effects in security and privacy, security in grid computing, return on security investment, security and privacy in pervasive computing, risk management, risk perception, economics of trust, virus models, vulnerabilities and incentives, economics of malicious code, identity including PKI, access control, economics of electronic voting security, and economic perspectives on spam.
We invite talks emphasizing economic theory, mathematical modeling, or legal theory. Past notable work used the tools of economics to offer insights into computer security; offered mathematical models of computer security or economics; detailed potential regulatory solutions to computer security; or clarified the challenges of improving security as implemented in practice.
For more information, please see http://www.infosecon.net/workshop/cfp.html
The Symposium on Usable Privacy and Security (SOUPS) will be held July 6-8, 2004 at Carnegie Mellon University in Pittsburgh, PA. This symposium will bring together an interdisciplinary group of researchers and practitioners in human computer interaction, security, and privacy. The program will feature refereed papers, tutorials, a poster session, panels and invited talks, and discussion sessions.
We seek original papers describing research or experience in all areas of usable privacy and security. Topics include, but are not limited to, breakthrough models, innovative functionality and design, new applications of existing models or technology, usability testing of security features or security testing of usability features, and lessons learned from deploying and using usable privacy and security features. Papers should properly place the work within the field, cite related work, and clearly indicate the innovative aspects of the work or lessons learned as well as the contribution of the work to the field.
Suggestions or proposals for panels, tutorials, or invited speakers should be sent to the general chair, lorrie AT acm.org, by February 25.
For more information, please see http://cups.cs.cmu.edu/soups/
The growth of Web Services, and in particular electronic commerce activities based on them, is quickly being followed by work on Web Services security protocols. While core XML security standards like XMLDSIG, XMLENC and WS-Security have been completed, they only provide the basic building blocks of authentication, integrity protection and confidentiality for Web Services. Additional Web Services standards and protocols are required to provide higher-order operations such as trust management, delegation, and federation. At the same time, the sharp rise in "phishing" attacks and other forms of on-line fraud simply confirms that all our work on security protocols is for naught if we cannot make it both possible and easy for the average user to discover when a security property has failed during a transaction. This workshop aims to explore these areas as well as other current and future security and privacy challenges for Web Services applications and e-commerce.
The workshop will be open to the public (no submission is necessary to attend). If you'd like to give a presentation please send a title and abstract to firstname.lastname@example.org as soon as possible. Submissions may describe ongoing or planned work related to the security of Web Services and electronic commerce, or they may discuss important research problems or propose a research agenda in this area. Also, we intend this to be a participatory and interactive meeting so we hope you will be able to contribute to the meeting even without giving an announced talk.
Presented under the auspices of the Special Focus on Communication Security and Information Privacy.
The CMS conference attempts to be a forum for researchers working on all aspects of communications and multimedia security. This year the organizers especially encourage submissions on topics such as security of information hiding, combined encryption and watermarking schemes, XML security and network security. Papers should have practical relevance to the construction or evaluation of secure systems; theoretical papers should demonstrate their practical significance. The proceedings will be published by Springer in their Lecture Notes in Computer Science (LNCS) series.
For details and submission instructions please refer to: http://cms2005.sbg.ac.at
Papers offering novel research contributions to any aspect of computer security are solicited for submission to the 12th ACM conference. The primary focus is on high-quality original unpublished research, case studies, and implementation experiences. Papers should have practical relevance to the construction, evaluation, application, or operation of secure systems. Theoretical papers must make convincing arguments for the practical significance of the results. Theory must be justified by compelling examples illustrating its application.
Topics of interest include:
Reader's guide to recent security and privacy literature
(last updated March 15, 2002)
Listing of academic positions available by
Staying in touch....
Changing your email address? Please send updates to email@example.com
IEEE Computer Society's Technical Committee on Security and Privacy
|TC home page||TC Officers|
|How to join the TC||TC publications available online|
|TC Publications for sale||Cipher past issues archive|