Commentary and Opinion and News
Richard Austin's review of Cyber War versus Cyber Realities: Cyber Conflict in the International System by Brandon Valeriano and Ryan C. Harris
Listing of academic positions available by
(nothing new since Nov 2015)
Received directly by Cipher:
PhD candidates sought for research in the field of formal modeling and analysis of security. The position is within the project entitled "Attack-Defense Trees for Computer Security: Formal Modeling of Preventive and Reactive Countermeasures".
For further inquiries please contact Dr. Barbara Kordy (firstname.lastname@example.org)
For more information about this vacancy please check http://people.irisa.fr/Barbara.Kordy/vacancies/PhD_16.pdf
Cipher calendar announcements are on Twitter; follow "ciphernews"
new calls or announcements added since Cipher E131 (the calls-for-papers and the calendar announcements may differ slightly in content or time of update):
IEEE Transactions on Computers, Special Section on Secure Computer Architectures. (Submission Due 30 May 2016)
Editors: Ruby Lee (Princeton University, USA),
Patrick Schaumont (Virginia Tech, USA),
Ron Perez (Cryptography Research Inc., USA),
and Guido Bertoni (ST Microelectronics, USA).
Nowadays, computer architectures are profoundly affected by a new security landscape, caused by the dramatic evolution of information technology over the past decade. First, secure computer architectures have to support a wide range of security applications that extend well beyond the desktop environment, and that also include handheld, mobile and embedded architectures, as well as high-end computing servers. Second, secure computer architectures have to support new applications of information security and privacy, as well as new information security standards. Third, secure computer architectures have to be protected and be tamper-resistant at multiple abstraction levels, covering network, software, and hardware. This Special Section from Transactions on Computers aims to capture this evolving landscape of secure computing architectures, to build a vision of opportunities and unresolved challenges. It is expected that contributed submissions will place emphasis on secure computing in general and on engineering and architecture design aspects of security in particular. IEEE Transactions on Computers seeks original manuscripts for a Special Section on Secure Computer Architectures tentatively scheduled to appear in the July 2017 issue. The topics of interest for this special section include:
SSR 2016 3rd International conference on Security Standardization Research, Gaithersburg, MD, USA, December 5-6, 2016. (Submission Due 30 May 2016)
Over the last two decades a huge range of standards have been developed covering many different aspects of cyber security. These documents have been published by national and international formal standardization bodies, as well as by industry consortia. Many of these standards have become very widely used - to take just one example, the ISO/IEC 27000 series have become a commonly used basis for managing corporate information security. Despite their wide use, there will always be a need to revise existing security standards and to add new standards to cover new domains. The purpose of this conference is to discuss the many research problems deriving from studies of existing standards, the development of revisions to existing standards, and the exploration of completely new areas of standardization. Indeed, many security standards bodies are only beginning to address the issue of transparency, so that the process of selecting security techniques for standardization can be seen to be as scientific and unbiased as possible. This conference is intended to cover the full spectrum of research on security standardization, including, but not restricted to, work on cryptographic techniques (including ANSI, IEEE, IETF, ISO/IEC JTC 1/SC 27, ITU-T and NIST), security management, security evaluation criteria, network security, privacy and identity management, smart cards and RFID tags, biometrics, security modules, and industry-specific security standards (e.g. those produced by the payments, telecommunications and computing industries for such things as payment protocols, mobile telephony and trusted computing). Papers offering research contributions to the area of security standardization are solicited for submission to the SSR 2016 conference. Papers may present theory, applications or practical experience in the field of security standardization, including, but not necessarily limited to:
Mycrypt 2016 2nd International Conference on Cryptology & Malicious Security, Kuala Lumpur, Malaysia, December 1-2, 2016. (Submission Due 31 May 2016)
Original papers of substantial technical contribution in the areas of cryptology and malicious security are solicited for submission to the International Conference on Cryptology & Malicious Security. Submissions to Mycrypt 2016 should be aimed towards the following topic categories:
PROOFS 2016 5th International Workshop on Security Proofs for Embedded Systems, Santa Barbara, California, USA, August 20, 2016. (Submission Due 4 June 2016)
This workshop, the fifth in an annual series, brings together leading researchers and practitioners from academia, government, and industry to discuss the application of formal methods to the field of embedded systems security. PROOFS seeks contributions about methodologies that increase the confidence level in the security of embedded systems, especially those which contain cryptographic algorithms. Exploratory works and use-cases are especially welcomed.
FNSS 2016 2nd International Conference on Future Networks Systems and Security, Paris, France, November 23 - 25, 2016. (Submission Due 4 June 2016)
The network of the future is envisioned as an effective, intelligent, adaptive, active and high performance Internet that can enable applications ranging from smart cities to tsunami monitoring. The network of the future will be a network of billions or trillions of entities (devices, machines, things, vehicles) communicating seamlessly with one another and is rapidly gaining global attention from academia, industry, and government. The International Conference on Future Networks Systems and Security aims to provide a forum that brings together researchers from academia, practitioners from industry, standardization bodies, and government to meet and exchange ideas on recent research and future directions for the evolution of the future Internet. The technical discussion will be focused on the technology, communications, systems and security aspects of relevance to the network of the future.
SADFE 2016 11th International Conference on Systematic Approaches to Digital Forensics Engineering, Kyoto, Japan, September 20-22, 2016. (Submission Due 10 June 2016)
SADFE-2016 is concerned with the generation, analysis and sustainability of
digital evidence and evolving t tools and techniques that are used in this effort.
Advancement in this field requires innovative methods, systems, and practices,
which are grounded in solid research coupled with an understanding of user
needs. Digital forensics at SADFE focuses on the issues introduced by the
coupling of rapidly advancing technologies and increased globalization. We
believe digital forensic engineering is vital to security, the administration
of justice and the evolution of culture. Potential topics include, but are
not limited to:
Digital Data and Evidence Collection:
SecureComm 2016 12th EAI International Conference on Security and Privacy in Communication Networks, Guangzhou, China, October 10-12, 2016. (Submission Due 15 June 2016)
SecureComm seeks high-quality research contributions in the form of well-developed papers. Topics of interest encompass research advances in ALL areas of secure communications and networking. Topics in other areas (e.g., formal methods, database security, secure software, theoretical cryptography) will be considered only if a clear connection to private or secure communication/networking is demonstrated. Topics of interest include, but are not limited to the following:
IWDW 2016 15th International Workshop on Digital-forensics and Watermarking, Beijing, China, September 17-19, 2016. (Submission Due 15 June 2016)
The 15th International Workshop on Digital-forensics and Watermarking (IWDW 2016) is a premier forum for researchers and practitioners working on novel research, development and applications of digital watermarking and forensics techniques for multimedia security. We invite submissions of high-quality original research papers. Areas of interest include, but are not limited to:
BigTrust 2016 1st International Workshop on Trust, Security and Privacy for Big Data, Granada, Spain, December 14-16, 2016. (Submission Due 15 June 2016)
Big Data has the potential for enabling new insights to change science, engineering, medicine, healthcare, finance, business, and ultimately society itself. Current work on Big Data focuses on information processing such as data mining and analysis. However, trust, security and privacy of Big Data are vital concerns that have received less research focus. Regarding the above context, this workshop proposal is aimed at bringing together people from both academia and industry to present their most recent work related to trust, security and privacy issues in Big Data, and exchange ideas and thoughts in order to identify emerging research topics and define the future of Big Data. BigTrust 2016 is a part of ICA3PP 2016 16th International Conference on Algorithms and Architectures for Parallel Processing. The scope and interests for the special issue include but are not limited to the following list:
SPACE 2016 6th International Conference on Security, Privacy and Applied Cryptography Engineering, Hyderabad, India, December 16-18, 2016. (Submission Due 30 June 2016)
SPACE 2016 is the sixth in this series of conferences which started in 2011. This annual event is devoted to various aspects of security, privacy, applied cryptography, and cryptographic engineering. SPACE 2016 is being organized by C.R.Rao Advanced Institute of Mathematics, Statistics and Computer Science, Hyderabad-India (AIMSCS). The conference will include invited tutorials and keynote talks from world-renowned experts. The conference will be accompanied by two days of tutorials aiming at Master's and Ph.D. students featuring lectures in the mornings and practical sessions in the afternoon. Original papers are invited on all aspects of security, privacy, and cryptography engineering.
NordSec 2016 21st Nordic Conference on Secure IT Systems, Oulu, Finland, November 2-4, 2016. (Submission Due 1 July 2016)
NordSec addresses a broad range of topics within IT security with the aim of bringing together computer security researchers and encouraging interaction between academia and industry. NordSec 2016 is co-located with the 10th International Crisis Management Workshop and Oulu Winter School. NordSec welcomes contributions within, but not limited to, the following areas:
WISCS 2016 3rd ACM Workshop on Information Sharing and Collaborative Security, Held in conjunction with 23rd ACM Conference on Computer and Communications Security (CCS 2016), Hofburg Palace, Vienna, Austria, October 24, 2016. (Submission Due 22 July 2016)
Sharing of cyber-security related information is believed to greatly enhance the ability of organizations to defend themselves against sophisticated attacks. If one organization detects a breach sharing associated security indicators (such as attacker IP addresses, domain names, file hashes etc.) provides valuable, actionable information to other organizations. The analysis of shared security data promises novel insights into emerging attacks. Sharing higher level intelligence about threat actors, the tools they use and mitigations provides defenders with much needed context for better preparing and responding to attacks. In the US and the EU major efforts are underway to strengthen information sharing. Yet, there are a number of technical and policy challenges to realizing this vision. Which information exactly should be shared? How can privacy and confidentiality be protected? How can we create high-fidelity intelligence from shared data without getting overwhelmed by false positives? The 3rd Workshop on Information Sharing and Collaborative Security (WISCS 2016) aims to bring together experts and practitioners from academia, industry and government to present innovative research, case studies, and legal and policy issues. The workshop solicits original research papers in these areas, both full and short papers.
TrustED 2016 6th International Workshop on Trustworthy Embedded Devices, Held in conjunction with 23rd ACM Conference on Computer and Communications Security (CCS 2016), Hofburg Palace, Vienna, Austria, October 28, 2016. (Submission Due 27 July 2016)
TrustED considers selected security and privacy (S&P) aspects of cyber physical systems and their environments, which influence trust and trust establishment in such environments. A major theme of TrustED 2016 will be security and privacy aspects of the Internet of Things Paradigm. The IoTs promises to make reality Mark Weisser's vision of ubiquitous computation set out in his 1991 influential paper. Yet to make such vision successful, it is widely acknowledged that security of super large distributed systems has to be guaranteed and the privacy of the collected data protected. Submissions exploring new paradigms to assure security and privacy in the IoTs are thus strongly encouraged. The workshop topics include but are not limited to:
ICISS 2016 12th International Conference on Information Systems Security, Jaipur, India, December 16-20, 2016. (Submission Due 29 July 2016)
The ICISS Conference held annually, provides a forum for disseminating latest research results in information and systems security. Like previous years, proceedings of the conference will be published as part of the Springer Verlag series of Lecture Notes in Computer Science. Submissions are encouraged from academia, industry and government, addressing theoretical and practical problems in information and systems security and related areas. Topics of interest include but are not limited to:
GenoPri 2016 3rd International Workshop on Genome Privacy and Security, Held in conjunction with the AMIA 2016 Annual Symposium, Chicago, IL, USA, November 12, 2016. (Submission Due 22 August 2016)
Over the past several decades, genome sequencing technologies have evolved from slow and expensive systems that were limited in access to a select few scientists and forensics investigators to high-throughput, relatively low-cost tools that are available to consumers. A consequence of such technical progress is that genomics has become one of the next major challenges for privacy and security because (1) genetic diseases can be unveiled, (2) the propensity to develop specific diseases (such as Alzheimer's) can be revealed, (3) a volunteer, accepting to have his genomic code made public, can leak substantial information about his ethnic heritage and the genomic data of his relatives (possibly against their will), and (4) complex privacy issues can arise if DNA analysis is used for criminal investigations and medical purposes. As genomics is increasingly integrated into healthcare and "recreational" services (e.g., ancestry testing), the risk of DNA data leakage is serious for both individuals and their relatives. Failure to adequately protect such information could lead to a serious backlash, impeding genomic research, that could affect the well-being of our society as a whole. This prompts the need for research and innovation in all aspects of genome privacy and security, as suggested by the non-exhaustive list of topics on the workshop website.
INTRICATE-SEC 2017 5th International Workshop on Security Intricacies in Cyber-Physical Systems and Services, Taipei, Taiwan, March 27-29, 2017. (Submission Due 1 October 2016)
Cyber-physical systems (CPS) are ubiquitous in critical infrastructures such as electrical power generation, transmission, and distribution networks, water management, and transportation, but also in both industrial and home automation. For flexibility, convenience, and efficiency, CPS are increasingly supported by commodity hardware and software components that are deliberately interconnected using open standard general purpose information and communication technology (ICT). The long life-cycles of CPS and increasingly incremental changes to these systems require novel approaches to the composition and inter-operability of services provided. The paradigm of service-oriented architectures (SoA) has successfully been used in similar long-lived and heterogeneous software systems. However, adapting the SoA paradigm to the CPS domain requires maintaining the security, reliability and privacy properties not only of the individual components but also, for complex interactions and service orchestrations that may not even exist during the initial design and deployment of an architecture. An important consideration therefore is the design and analysis of security mechanisms and architectures able to handle cross domain inter-operability over multiple domains involving components with highly heterogeneous capabilities. The INTRICATE-SEC workshop aims to provide a platform for academics, industry, and government professionals to communicate and exchange ideas on provisioning secure CPS and Services.
Staying in touch....
IEEE Computer Society's Technical Committee on Security and Privacy
|TC home page||TC Officers|
|Join the TCSP (or other TCs)||TC publications available online|
|Cipher past issues archive|