Commentary and Opinion
Richard Austin's review of Securing the Virtual Environment: How to defend the enterprise against attack by Davi Ottenheimer and Matthew Wallace
NewsBits: Announcements and correspondence from readers (please contribute!)
Listing of academic positions available by
Conference and Workshop Announcements
Cipher calendar announcements are on Twitter; follow "ciphernews"
new calls or announcements added since Cipher E109 (the calls-for-papers and the calendar announcements may differ slightly in content or time of update):
ESSoS 2013 5th International Symposium on Engineering Secure Software
and Systems, Paris, France, February 27 - March 1, 2013.
(Submissions due 30 September 2012)
Trustworthy, secure software is a core ingredient of the modern world. Hostile, networked environments, like the Internet, can allow vulnerabilities in software to be exploited from anywhere. To address this, high-quality security building blocks (e.g., cryptographic components) are necessary, but insufficient. Indeed, the construction of secure software is challenging because of the complexity of modern applications, the growing sophistication of security requirements, the multitude of available software technologies and the progress of attack vectors. Clearly, a strong need exists for engineering techniques that scale well and that demonstrably improve the software's security properties. The goal of this symposium is to bring together researchers and practitioners to advance the states of the art and practice in secure software engineering. Being one of the few conference-level events dedicated to this topic, it explicitly aims to bridge the software engineering and security engineering communities, and promote cross-fertilization. The Symposium seeks submissions on subjects related to its goals. This includes a diversity of topics including (but not limited to):
IEEE Network Magazine, Special Issue on Security in Cognitive Radio Networks,
(Submission Due 1 October 2012)
Editors: Kui Ren (Illinois Institute of Technology, USA), Haojin Zhu (Shanghai Jiao Tong University, USA), Zhu Han (University of Houston, USA), and Radha Poovendran (University of Washington, USA)
Cognitive radio (CR) is an emerging advanced radio technology in wireless access, with many promising benefits including dynamic spectrum sharing, robust cross-layer adaptation, and collaborative networking. Based on a software-defined radio (SDR), cognitive radios are fully programmable and can sense their environment and dynamically adapt their transmission frequencies, power levels, modulation schemes, and networking protocols for improving network and application performance. It is anticipated that cognitive radio technology will be the next wave of innovation in information and communications technologies. Although the recent years have seen major and remarkable developments in the field of cognitive networking technologies, the security aspects of cognitive radio networks have attracted less attention so far. Due to the particular characteristics of the CR system, entirely new classes of security threats and challenges are introduced such as licensed user emulation, selfish misbehaviors and unauthorized use of spectrum bands. These new types of attacks take the advantage the inherent characteristics of CR, and could severely disrupt the basic functionalities of CR systems. Therefore, for achieving successful deployment of CR technologies in practice, there is a critical need for new security designs and implementations to make CR networks secure and robust against these new attacks. Topics of interest include, but are not limited to:
FC 2013 17th International Conference on Financial Cryptography and
Bankoku Shinryokan, Busena Terrace Beach Resort, Okinawa, Japan,
April 1-5, 2013.
(Submissions due 13 October 2012)
Financial Cryptography and Data Security is a major international forum for research, advanced development, education, exploration, and debate regarding information assurance, with a specific focus on commercial contexts. The conference covers all aspects of securing transactions and systems. Original works focusing on both fundamental and applied real-world deployments on all aspects surrounding commerce security are solicited. Submissions need not be exclusively concerned with cryptography. Systems security and inter-disciplinary efforts are particularly encouraged. Topics include:
IFIP119-DF 2013 9th Annual IFIP WG 11.9 International Conference on Digital
Forensics, Orlando, Florida, USA, January 28-30, 2013.
(Submissions due 15 October 2012)
The IFIP Working Group 11.9 on Digital Forensics (www.ifip119.org) is an active international community of scientists, engineers and practitioners dedicated to advancing the state of the art of research and practice in digital forensics. The Ninth Annual IFIP WG 11.9 International Conference on Digital Forensics will provide a forum for presenting original, unpublished research results and innovative ideas related to the extraction, analysis and preservation of all forms of electronic evidence. Papers and panel proposals are solicited. All submissions will be refereed by a program committee comprising members of the Working Group. Papers and panel submissions will be selected based on their technical merit and relevance to IFIP WG 11.9. The conference will be limited to approximately sixty participants to facilitate interactions between researchers and intense discussions of critical research issues. Keynote presentations, revised papers and details of panel discussions will be published as an edited volume - the ninth in the series entitled Research Advances in Digital Forensics (Springer) in the summer of 2013. Revised and/or extended versions of selected papers from the conference will be published in special issues of one or more international journals. Technical papers are solicited in all areas related to the theory and practice of digital forensics. Areas of special interest include, but are not limited to:
IDMAN 2013 3rd IFIP WG 11.6 Working Conference on Policies & Research
in Identity Management, London, UK, April 8-9, 2013.
(Submissions due 26 October 2012)
IDMAN conference focuses on the theory, technologies and applications of identity management. The world of the 21st century is, more than ever, global and impersonal. As a result of increasing cyber fraud and cyber terrorism, the demand for better technical methods of identification is growing, not only in companies and organisations but also in the world at large. Moreover, in our society digital identities increasingly play a role in the provision of eGovernment and eCommerce services. For practical reasons, Identity Management Systems are needed that are usable and interoperable. At the same time, individuals increasingly leave trails of personal data when using the Internet, which allows them to be profiled and which may be stored for many years to come. Technical trends such as Cloud Computing and pervasive computing make personal data processing non-transparent, and make it increasingly difficult for users to control their personal spheres. As part of this tendency, surveillance and monitoring are increasingly present in society, both in the public and private domains. Whilst the original intention is to contribute to security and safety, surveillance and monitoring might, in some cases, have unintended or even contradictory effects. Moreover, the omnipresence of surveillance and monitoring systems might directly conflict with public and democratic liberties. These developments raise substantial new challenges for privacy and identity management at the technical, social, ethical, regulatory, and legal levels. Identity management challenges the information security research community to focus on interdisciplinary and holistic approaches, while retaining the benefits of previous research efforts. Papers offering research contributions to the area of identity management are solicited for submission to the 3rd IFIP WG-11.6 IDMAN conference. Papers may present theory, applications or practical experience in the field of identity management, from a technical, legal or socio-economic perspective, including, but not necessarily limited to:
Springer International Journal of Information Security journal,
Special Issue on Security in Cloud Computing, Fall 2013,
(Submission Due 10 November 2012)
Editors: Stefanos Gritzalis (University of the Aegean, Greece),
Chris Mitchell (Royal Holloway, University of London, UK),
Bhavani Thuraisingham (University of Texas at Dallas, USA),
and Jianying Zhou (Institute for Infocomm Research, Singapore)
This special issue of the International Journal of Information Security aims at providing researchers and professionals with insights on the state-of-the-art in Security in Cloud Computing. It will publish original, novel and high quality research contributions from industry, government, business, and academia. Topics of interest may include (but are not limited to) one or more of the following themes:
SP 2013 34th IEEE Symposium on Security and Privacy,
San Francisco, California, USA, May 19-22 2013.
(Submissions due 14 November 2012)
Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of computer security or privacy. Papers may present advances in the theory, design, implementation, analysis, verification, or empirical evaluation of secure systems. Topics of interest include (This topic list is not meant to be exhaustive; S&P is interested in all aspects of computer security and privacy. Papers without a clear application to security or privacy, however, will be considered out of scope and may be rejected without full review.):
IFIP1110-CIP 2013 7th Annual IFIP WG 11.10 International Conference on
Critical Infrastructure Protection, Washington, DC, USA, March 18-20, 2013.
(Submissions due 31 December 2012)
The IFIP Working Group 11.10 on Critical Infrastructure Protection is an active international community of researchers, infrastructure operators and policy-makers dedicated to applying scientific principles, engineering techniques and public policy to address current and future problems in information infrastructure protection. Following the success of the first six conferences, the Seventh Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection will again provide a forum for presenting original, unpublished research results and innovative ideas related to all aspects of critical infrastructure protection. Papers and panel proposals are solicited. Submissions will be refereed by members of Working Group 11.10 and other internationally-recognized experts in critical infrastructure protection. Papers and panel submissions will be selected based on their technical merit and relevance to IFIP WG 11.10. The conference will be limited to seventy participants to facilitate interactions among researchers and intense discussions of research and implementation issues. A selection of papers from the conference will be published in an edited volume - the seventh in the series entitled Critical Infrastructure Protection (Springer) - in the fall of 2013. Revised and/or extended versions of outstanding papers from the conference will be published in the International Journal of Critical Infrastructure Protection (Elsevier). Papers are solicited in all areas of critical infrastructure protection. Areas of interest include, but are not limited to:
Staying in touch....
IEEE Computer Society's Technical Committee on Security and Privacy
|TC home page||TC Officers|
|How to join the TCSP||TC publications available online|
|TC Publications for sale||Cipher past issues archive|