Contents:

 


Past Journal Announcements


FORMATEX, a Spanish technological organization, in collaboration with the Computer Science and Physics Department of the University of Extremadura (Spain) is now editing a volume within our Information Society book series, on Techno-Legal aspects of Information Society. Some of the topics covered by this edition are: Security of Information Systems, Networking, E-commerce, Networks and Liberties, Informatic crimes, Public security vs. secret communications, Legal protection of software and digital contents, Digital Libraries, Rights Management in the Digital Era, Electronic signature, Electronic means of payment, Ethical issues, Law and Computer Science, Cryptography, Legal Expert Systems, Teleworking, e-Government, Cybersquatting, Typosquatting etc, Domain names and Trademarks, Thesaurus and documental techniques, Law Databases, Law in Internet. The Call for Papers' website is available at www.formatex.org/isbook/callforpaper.htm with details on deadlines, manuscripts format, etc. Submissions are due November 25, 2002.

IEEE Journal on Selected Areas in Communications, Special issue on Design and Analysis Techniques for Security Assurance.  Publication: 1st quarter 2003.  Editors: Li Gong (SUN Microsystems), Joshua Guttman (The MITRE Corp), Peter Ryan (Carnegie Mellon University), and Steve Schneider (University of London).  Submission deadline is March 1, 2002.   [posted here 7/26/01]
Information security plays a dominant and increasingly critical role in society. It is therefore essential that we have effective tools and techniques to design and evaluate secure systems and demonstrate that they meet their security requirements. The application of rigorous methods to the specification, modeling, analysis, and design of security-critical systems has made considerable strides in recent years, and the field is rapidly gaining in maturity. The scope of this issue will range over all rigorous, mathematically well founded, approaches to all aspects of security system development. This issue is intended to gather together the leading edge approaches in this area. Papers are solicited in the following areas:
     * Security protocol analysis
     * Computer security models and policies
     * Information flow
     * Secure architectures
     * Mobility
     * Tools for security analysis
     * Languages
     * Logics
     * Static/typechecking techniques
     * Smartcards
Original, unpublished contributions and invited articles will be considered for the issue. The paper should be no longer than 20 double-spaced pages, excluding illustrations and graphs and follow the IEEE J-SAC manuscript format described in the Information for Authors. Authors wishing to submit papers should send an electronic version (postscript or PDF files ONLY) to Steve Schneider at S.Schneider@rhul.ac.uk by March 1, 2002. 

Information and Security: An International Journal.  Special issue on agent-based technologies.  Publication:  May 31, 2002.  Editor:  Petya Ivanova (Center for National Security and Defense Research, Bulgarian Academy of Sciences).  Submission date:  abstract and intent to submit a paper - February 28, 2002; final papers - March 31, 2002.   [posted here 2/12/02]
The field of autonomous agents and multi-agent systems is an exciting and rapidly expanding area of research and development. In the last few years, there has been a growing interest in the application of agent-based systems to various security-related and military domains. In this special issue of Information & Security we shall present the results achieved in this area, discuss the benefits (and drawbacks) that agent-based systems may bring to the military and the broader security community, and provide a list of research and practical challenges that should be tackled in the near future so that the full potential of agent-based systems is realized. Topics include, but are not limited to:
   - General and specific architectures of agents in different settings and environments
   - Cooperation and competition; coordination and collaboration 
   - Negotiation, consensus development, conflict detection and resolution 
   - Communication protocols and languages (communication standards) 
   - Intelligent cognitive activities jointly realized by multiple agents, e.g., distributed problem solving, planning, learning, and decision making 
   - Emergent behavior and organizational intelligence 
   - Organizational structuring and dynamics 
   - Mobile agents as general-purpose framework for distributed applications 
   - Performance issues; security, reliability, and robustness 
   - Agents and the interoperability of heterogeneous systems 
   - Human-agent interaction and interfaces 
   - Architectures, environments and languages for mobile and secure information services 
   - Agent capability requirements in military applications
We intend to present successful applications of agents and multi-agent systems in the following domains:
   - Military decision support systems and complex problem-solving 
   - Military training and education 
   - Collection and organization of knowledge available on the Internet 
   - Information retrieval, dissemination, and monitoring across multiple applications
For instructions and additional information on manuscript preparation, see: www.isn.ethz.ch/publihouse/InfoSecurity. Questions can be addressed to infosec@mbox.digsys.bg.

Computer Communications, Special issue on Network Security. Publication: spring 2002.  Editors: Brian Neil Levine, University of Massachusetts, and Clay Shields, Purdue University.  Submission deadline is October 5, 2001.   [posted here 2/20/01]
The Internet has become the cornerstone for the proliferation of networking technology. The quality of the security and privacy of the services, protocols, and infrastructure that make up the Internet is a key factor in its continued growth and survivability. This special issue will collect and archive the state of the art in Network Security for existing and future network technologies, publishing research that explores: The security of infrastructure and systems that form the network (such as routers, application-level proxies, and servers); The security of protocols and services that work end-to-end (such as DNS, HTTP, multimedia conferencing and virtual environments, and e-commerce); Protocols that protect the privacy of users on the network. An emphasis on deployable systems and the inclusion of an analysis of their network performance in the presence of security mechanisms is ideal. Areas of interest include, but are not limited to:
   -  Network privacy and anonymity 
   -  Multicast and group-communication security
   -  Intrusion detection and response
   -  Network traceback 
   -  Integrating security in Internet protocols 
   -  Security analysis of Internet protocols 
   -  Network performance evaluation of network security protocols;
   -  Denial-of-service attacks and counter measures 
   -  Virtual private networks 
   -  Security for wireless networks and technologies 
Through the publication of this special issue, we wish to bring together researchers from the security and networking communities that have not previously had a common forum in which to share methodologies and techniques.  Instructions for submitting a paper are given at signl.cs.umass.edu/comcom.  Information on Computer Communications can be found at www.troubador.co.uk/comcom/fp.htm and www.troubador.co.uk/comcom/fp.htm.

 

IEEE Internet Computing, Special Issue on Peer-to-Peer Networking.  Guest editor: Li Gong, Sun Microsystems.  Publication date: January/February 2002.  Submissions due June 1, 2001.   [posted here 2/20/01]
The term peer-to-peer networking is applied to a wide range of technologies that greatly increase the utilization of information, bandwidth, and computing resources in the Internet. Frequently, these P2P technologies adopt a network-based computing style that neither excludes nor inherently depends on centralized control points. Apart from improving performance in terms of information discovery, content delivery, and information processing, such a style also can enhance the overall reliability and fault-tolerance of the computing system. This special issue of Internet Computing will showcase significant developments in the general area of peer-to-peer networking. Topics of interest include (but are not limited to):
     1. Peer naming, discovery, and organization 
     2. Peer-based communication and information sharing 
     3. Systems support for peer-to-peer networking 
     4. Security support for peer-to-peer networking 
     5. Peer-based network infrastructure including operating systems 
     6. Peer-based services and applications
Ideally, submissions will report advances that (a) use a simple and elegant solution to solve a seemingly complicated problem, (b) have a solid theoretical foundation but a realistic implementation path, and (c) are readily deployable over currently existing Internet infrastructure. We discourage strictly theoretical or mathematical papers on modeling of peer-to-peer computing. If you are uncertain about your submission in terms of scope, please provide an abstract to the guest editor for clarification before submission.  (note: the complete call for papers has not been posted on the IEEE web site yet.  We will update this Cipher entry when the URL is known.  In the interim, you may choose to contact the guest editor, Dr. Li Gong at li.gong@sun.com)

IEEE Computer, Special issue on embedded system security.  Guest editors: William A. Arbaugh, University of Maryland, and Leendert Van Doorn, IBM Research.  Submission deadline is March 15, 2001.   [posted here 12/18/00]
Embedded systems range from personal digital assistants to disk controllers and from home thermostats to microwave regulators.  These near-ubiquitous devices are often networked and thus present security challenges similar to those already of concern on the Internet.  This special issue will consider the security and privacy that networked embedded systems present.  Submissions are sought on all topics relating to embedded system security including risk analysis, privacy issues, software security architectures, security requirements for embedded operating systems, embedded cryptographic devices, using embedded devices to build secure systems, and secure firmware upgrades.  For further information see www.cs.umd.edu/~waa/ieee-cfp.html.

Internet Computing , Call for papers on "Widely Deployed Internet Security Solutions", November/December 2000, Guest Editors: Li Gong and Ravi Sandhu. (Submissions due: April 28, 2000)  [posted here January 28, 2000].
The goal of this special issue is two-fold. One is to reflect on security technology that have made into mainstream products and have been widely deployed within the past decade. An interesting perspective is why these solutions were picked over other competing solutions and what made them more attractive and acceptable. The other part of the goal is to access the state of the art in security research and technology with the hope that these investigations point to what may be deployed in the next decade. Topics of Interest include (but are not limited to) descriptions of and perspectives (historic, legal, etc.) on:
              *  Security solutions that are widely deployed 
              *  Security solutions that were once fashionable but no longer in use 
              *  Prevailing security solutions that are becoming obsolete 
              *  Emerging security solutions that are likely to be widely deployed 
We welcome submissions regarding security solutions covering all aspect of computing, including operating systems, networking, databases, distributed systems, human-computer interaction, the web, the Internet, information appliances, and wireless communication. However, we discourage abstract theory/idea papers, especially pure cryptography theory or crypto protocol papers. Our focus is on security solutions that were, are, or will be widely deployed.  Submission instructions can be found on the journal web page at church.computer.org/internet/call4ppr.htm.

 

IEEE Software, Call for Articles & Reviewers, Malicious Information Technology: The Software vs. The People Publication: Sept./Oct. 2000. Guest Editors: Nancy Mead (nrm@sei.cmu.edu) and Jeffrey Voas (jmvoas@rstcorp.com). (Submissions due: April 1, 2000) [posted here November 3, 1999].
Software was intended to improve the quality of human life by doing tasks more quickly, reliably, and efficiently. But today, a "software vs. people" showdown appears eminent. Software is increasingly becoming a threat to people, organizations, and nations. For example, the spread of the Melissa virus illustrates the ease with which systems can be penetrated and the ubiquity of the consequences; the Melissa virus caused many companies to shut down their EMail systems for days or even weeks. The origin of these threats stems from a variety of problems. One problem is negligent development practices that lead to defective software. Security vulnerabilities that occur as a result of negligent development practices (e.g., commercial Web browsers allowing unauthorized individuals to access confidential data) are likely to be discovered by rogue individuals with malicious intentions. Other security vulnerabilities are deliberately programmed into software (e.g., logic bombs, Trojan Horses, and Easter eggs). Regardless of the reason why information systems are vulnerable, the end result can be disastrous and widespread. Because of the increased danger that malicious software now poses, we seek original articles on the following specific issues:
*  Intrusion detection
*  Information survivability
*  Federal critical infrastructure protection plans
*  Federal laws prohibiting encryption exports vs. US corporations
*  State-of-the-practice in security testing
*  The Internet's "hacker underground"
*  Corporate information insurance
*  Penalties for those convicted of creating viruses
*  Case studies in information security and survivability
Authors: Submit one electronic copy in RTF interchange or MS-Word format and one PostScript or PDF version to the magazine assistant at software@computer.org. Articles must not exceed 5,400 words including tables and figures, which count for 200 words each. For detailed author guidelines, see www.computer.org/software/edguide.htm. Reviewers: Please e-mail your contact information and areas of interest to a guest editor.

 

Journal of Theoretical Computer Science, special issue on Dependable Computing. Guest Editor: Gilles Motet. (Submissions due: December 20, 1999) [posted here October 15, 1999].
Papers should be sent as attached rtf, postscript or pdf files to Guest Editor: Gilles Motet / LESIA DGEI, INSA, 135, avenue de Rangueil / 31077 Toulouse cedex 4 / France. Email: Gilles.Motet@insa-tlse.fr. More information can be found at: wwwdge.insa-tlse.fr/~lesia/tcs-call-for-paper.html.

Computer Communications Journal, special issue on Advances in Research and Application of Network Security, first quarter 2000. Guest Editors: Dr. M. Merabti (John Moores University, UK), Dr. Q. Shi (John Moores University, UK), and Dr. Rolf Oppliger (Swiss Federal Office of information Technology & Systems) (full papers due September 1, 1999) [posted here June 15, 1999].
The special issue aims to publish original research results of both theoretical and practical significance. Topics of interest include, but are not limited to

The deadline for receipt of four copies of full manuscripts is September 1, 1999. Please, refer to URL www.crlpublishing.co.uk/crl/COMCOM/fp.htm#anchor448658 to get further information.

International Journal of Computer Systems: Science & Engineering Special Issue on Developing Fault-Tolerant Systems with Ada. (Abstracts due June 1, 1999; full papers due: June 15, 1999) [posted here: 2/5/99].
An electronic version of the abstract is to be sent to A. Romanovsky at: alexander.romanovsky@ncl.ac.uk (phone:+44 191 222 8135; fax: +44 191 222 8232) by June 1, 1999. Full submissions are to be forwarded by June 15, 1999 to one of the guest editors (electronic submissions are encouraged): A. Romanovsky or A.J. Wellings at andy@minster.cs.york.ac.uk More information: www.cs.ncl.ac.uk/people/alexander.romanovsky/home.formal/ftada.html.

ACM Transactions on Software Engineering and Methodology Special issue on Software Engineering and Security. Guest Editors: Premkumar Devanbu (devanbu@cs.ucdavis.edu, UC Davis) and Stuart Stubblebine, (stubblebine@cs.columbia.edu). (DEADLINE EXTENDED TO JUNE 1, 1999) [posted here: 12/14/98].
Software system security issues are no longer only of primary concern to military, government or infrastructure systems. Every palmtop, desktop and TV set-top box contains or will soon contain networked software. This software must preserve desired security properties (authenticity, privacy, integrity) of activities ranging from electronic commerce, electronic messaging, and browsing. From being a peripheral concern of a limited and specialized group of engineers, security has become a central concern for a wide range of software professionals. In addition, software is no longer a monolithic shrink-wrapped product created by a single development organization with a well-defined software process. Instead, it is composed of components constructed by many different vendors following different practices. Indeed, software may even contain elements that arrive and are linked in just prior to execution. Customers need assurance that constituent components and mobile code have certain desirable properties; this need conflicts with the need for vendors to protect their proprietary information. The issue of providing assurance without full disclosure has been studied in security research, and needs to be applied to this problem. To provide a focus for these and other interactions between security and software engineering, ACM TOSEM will bring out a special issue dedicated to the intersection of concerns between the two fields. We solicit submissions that address the following issues and sub-areas:

Additional information about submitting papers can be found at www.cs.columbia.edu/~stu/tosem.html.

IEEE Network Magazine, Special Issue on Network Security (Nov/Dec 1999). Guest Editors: Bulent Yener, Bell Labs, Lucent Technologies (yener@research.bell-labs.com), and Patrick Dowd, Laboratory for Telecommunications Sciences, United States Department of Defense (p.dowd@ieee.org). (Submission deadline: June 1, 1999) [posted here: 3/15/99].
Network and Internet security has become a crucial requirement for both users and service providers. The Internet is a commercial infrastructure where sensitive and confidential personal and business data are carried over public networks. Although security is often treated as an after-thought, this attitude is changing. Security within an application needs to be considered as a fundamental element of the application, treated analogously to Quality of Service (QoS) considerations. Security is often viewed as a one-size-fits-all paradigm, but this is difficult to sustain due to the eclectic collection of communications mediums that compose the Internet infrastructure. The danger of a cookie-cutter strategy is that security will contend with performance since it is not suited to the environment. As the QoS requirements of applications and the physical layer properties internetworking become more diverse, agile but robust and consistent security solutions are needed. This is difficult, since custom solutions typically have difficulty surviving in a mass market, yet flexibility is needed for security use to become ubiquitous. We are interested in tutorial-oriented research papers that describe real services, software systems and experiments. Work-in-progress papers describing the state of on-going research projects in Internet security are encouraged. Research papers should demonstrate the feasibility of the approach and describe the state of realization. Case studies and applied papers should discuss the key factors that made the system work and should also mention the pitfalls and problems encountered and how they may be overcome. Topics of interest include:
* Intrusion detection * Authentication
* Mobile code and agent security * Privacy and anonymity
* Key management * Access control and Firewalls
* Wireless, mobile network security * Secure multicasting
* Data integrity * Security verification
* Security protocols * Policy modeling
* Commercial security * Electronic commerce
* Security management
If you are unsure if your work falls within the scope of this special issue, please send an abstract to one of the guest editors. We would be happy to review it and provide feedback. Complete details on how to submit a paper are provided at www.comsoc.org/socstr/techcom/ntwrk/special/yener_dowd.html.

IEEE Internet Computing, Special Issue on Survivable, High-Confidence Distributed Systems (November/December 1999). Guest Editor: Mike Reiter, Bell Labs (reiter@research.bell-labs.com) (Submission deadline: 12 May 1999) [posted here: 3/1/99].
As the world moves toward increasing reliance on computing networks, it is essential to find ways of building distributed systems that perform reliably under a wide range of circumstances that may include both accidents and malicious attacks. A "survivable" system is one that can make meaningful progress even when some (human or computer) components fail to behave as expected, and particularly when they behave in a way as to undermine the correct operation of the system as a whole. Survivable systems may combine techniques for detecting, masking, and adapting to such failures and attacks, at the network level, a middleware layer, or in the higher-level distributed application of interest. This issue examines the state of the art in the design, implementation, and analysis of survivable distributed systems and networks. Topics of interest include, but are not limited to:

Acceptable papers can describe novel scientific advances in survivability, document experiences in developing or deploying survivable systems, or provide a survey of the state of the art in this area. The call-for-papers is located at www.computer.org/internet/call4ppr.htm.

A special issue of IEEE Transactions on Software Engineering , Special Issue on Current Trends in Exception Handling, (abstracts due: February 15, 1999; papers: March 1, 1999) [posted here December 8, 1998].
This special issue invites papers with focus on research results, experience reports, and brief survey/tutorials on emerging research challenges related to exception handling in (but not limited to) the following areas:

An electronic version of the abstract should be sent to A. Romanovsky at: alexander.romanovsky@ncl.ac.uk Full submissions should be forwarded to one of the guest editors (electronic submissions are encouraged). More information can be found at www.cs.ncl.ac.uk/people/alexander.romanovsky/home.formal/se.html.

A special issue of IEEE Journal on Selected Areas in Communications (JSAC) Special Issue on Network Security. Publication date: January, 2000. Guest Editors: Hilarie Orman, Ueli Maurer, Stephen Kent, and Stephen Bellovin. (submissions due: February 5, 1999) [posted here September 16, 1998].
This special issue of JSAC will be devoted to recent research results that describe or forecast significant changes in the feasibility of delivering security solutions (such as major improvements in cryptographic efficiency), or describe progress in areas that have been especially difficult, or are relevant to newer technologies, such as optical or mobile wireless communication. Of special interest are papers that relate their results to use on the Internet today or to use on next generation networks. Papers are solicited in the following areas: Cryptography-based network systems, such as secure private networks and transactional security; Public-key infrastructures; Applying new cryptographic methods to network communication; New cryptographic protocols supporting secure network systems; Anonymous communication; Recent cryptographic theory advances; Optical network security; Mobile wireless network security; Formal analysis of network security systems; Trends in network-based attacks; Secure group communication; Policy expression and enforcement. Papers in strongly related areas, especially those involving novel technologies, are also encouraged. Manuscripts to be considered for submission should be sent by email to Hilarie Orman (ho@cs.arizona.edu) by February 5, 1999. The manuscripts must be in Postscript, viewable in ghostscript, or six copies can be sent by mail; contact Hilarie Orman well prior to the deadline for the mailing address. Please note the IEEE formatting requirements; information for authors can be found at: gump.bellcore.com:5000/Guidelines/info.html The JSAC home page is at gump.bellcore.com:5000.

A special issue of IEEE Computer , A baseline on security strategies for the emerging broadband environment. Guest Editors: Dr. Patrick Dowd, and Dr. John McHenry. (submissions due: January 15, 1999) [posted here December 8, 1999].
This special issue will focus attention on the integration of networking and endpoint security. It will pull together both IP and ATM networking security strategies and examine methods that will allow homes and offices to safely explore the opportunities provided by a "connected" environment. Topics including the emerging broadband networking environment, IP and ATM security, integrated security strategies, and security analysis are of particular interest. Only electronic submissions (postscript, Adobe Acrobat, MS Word, or Framemaker) will be considered - paper copies will not be accepted. Please contact one of the guest editors if you have any questions. GUEST EDITORS: Dr. Patrick W. Dowd, University of Maryland, Department of Electrical Engineering, A.V. Williams Building, College Park, MD 20742, and Dr. John McHenry, U.S. Department of Defense, National Security Agency, Suite 6512, Ft Meade, MD 20755-6512.

IEEE Communications Magazine Feature Topic Issue on The Provision of Communication Services over Hybrid Networks (publication: July 1999). Guest Editors: Jean-Pierre Hubaux and David Nagel. (submissions due: January 5, 1999) [posted here December 11, 1999].
This Feature Topic Issue is devoted to the architecture and provision of services over hybrid networks. Topics of interest include:

Tutorial and survey papers will be considered for acceptance. Research papers will be considered as well, provided that they are understandable and informative for non specialists of the area covered by this issue. Although the Feature Topic Issue is essentially devoted to technical aspects, prospective authors are also encouraged to address economic and/or regulatory questions. Authors are requested to send e-mail by January 5 to both guest editors (see below), giving a URL where the guest-editors can review the article, preferably in HTML format with GIF artwork (postscript or pdf format is also accepted). Potential authors may wish to consult the author information and guidelines, which are given at pubs.comsoc.org/ci1/. Note: there is currently a call for papers for a joint Feature Topic Issue of Internet IEEE Network and IEEE Internet magazines on Internet telephony, to be edited by Henning Schulzrinne. There are some commonalities between the two Feature Topic Issues. However, the focus of each of them is different, and appropriate coordination efforts will be made to avoid overlaps. Guest Editors: Jean-Pierre Hubaux, Swiss Fed. Inst. of Technology, Lausanne, On leave at the Univ. of California, Berkeley, until January 9, 1999, EECS Dept, 267 Cory Hall, Berkeley,CA 94720, USA, tel: + 1-510-642-9719, fax: + 1-510-642-2845, hubaux@diva.EECS.Berkeley.EDU. And: David Nagel, President, AT&T Labs, AT&T Labs, 295 North Maple Avenue, Basking Ridge, NJ 07920, USA, tel: + 1-908-221-2903, dnagel@att.com.

A special issue of Distributed and Parallel Databases: An International Journal Kluwer Academic Publishers, Special issue Editors: Vijay Atluri and Pierangela Samarati. (submissions due: September 30, 1998) [posted here: July 6, 1998]
Recognizing the importance of the research in computer security, Distributed and Parallel Databases: An International Journal is organizing a special issue on security. The primary focus of this special issue will be on high-quality original unpublished research, case studies, as well as implementation experiences in any area of computer and communication security. Suggested topics include but are not limited to: Accounting and Audit, Authorization and Access Control, Authentication, Applied Cryptography, Computer Security and Public Policy, Data/System Integrity, Electronic Commerce and Virtual Banking, Information Warfare, Intrusion Detection, Intellectual Property Protection, Privacy and Anonymity, Security for Digital Libraries, Security in Data and Knowledge Bases, Security in Data Warehouses, Security in Workflow Systems, Security in Mobile and Wireless Systems, Security Management, Secure Networking and Protocols. Manuscripts must be written in English and should include a cover page with title, name and address (including e-mail address) of author(s), an abstract, and a list of identifying keywords. Manuscripts must be submitted as Postscript files via electronic mail to Prof. Vijay Atluri at atluri@andromeda.rutgers.edu. In addition, send five hard copies of your submission to: Melissa Parsons, Journals Editorial Office, Kluwer Academic Publishers, 101 Philip Drive, Norwell, MA 02061, USA; tel: (+1)781-871-6600; fax: (+1)781-878-0449; e-mail: mparsons@wkap.com.

A special issue of Software Practice & Experience on Experiences with Computer and Network Security. Guest editor: Gene Spafford (spaf@cs.purdue.edu). (submissions due: July 1, 1998) [Posted here: May 13, 1998]
Contact the editor for submission details. Papers describing both `systems' and `applications' software in any computing environment are acceptable. Typical topics include software design and implementation, case studies, studies describing the evolution of software systems, critical appraisals of systems, and the practical aspects of software engineering. Theoretical discussions can be included, but should illuminate the practical aspects of the work, or indicate directions that might lead to better practical systems. This special issue is specifically devoted to issues of computer and network security software. We are seeking high-quality articles relating to the above-mentioned themes. This includes papers on at least the following topics: access control systems, auditing systems and analysis, misuse and intrusion detection systems, applications of cryptography, secure messaging systems, information protection systems, security of mobile code, security of browsers and related technology, security testing and assurance, firewall construction and testing, experiences with new security programming paradigms, development and experience with "hacking tools", experiences with patching security flaws

The Journal of Computer Security, JCS Special Issue on Research in Intrusion Detection. Editor: Phillip A. Porras (porras@csl.sri.com) (Submissions due: July 15, 1998) [posted here: June 29, 1998]
This special issue seeks papers that describe research beyond the scope or orthogonal to what the commercial intrusion-detection community is producing. The intent is to capture results from key efforts in the field, and to understand the directions and motivations that are driving current and future research in this area. Papers are solicited on all aspects of intrusion detection, including the extension of intrusion-detection techniques to new problem domains, as well as the application of other techniques to intrusion detection. A complete list of topics is given in the call-for-papers at www.csl.sri.com/jcs-ids-call.html. Submissions should be received by July 15, but earlier submissions are encouraged. Manuscripts must be in English (dbl-spaced; 12 pt.). Each copy should have a cover page with title, name and address (including e-mail address) of author(s), an abstract of no more than 200 words, and a list of identifying keywords. Editor: Phillip A. Porras / Computer Science Laboratory / SRI International/ 333 Ravenswood Avenue / Menlo Park CA 94025 / phone: 650-859-3232 / fax: 650-859-2844 / porras@csl.sri.com. The Journal of Computer Security is an archival journal published quarterly. Its purpose is to present research and development results of lasting significance in the theory, design, implementation, analysis and application of secure computer systems. The Journal of Computer Security represents today a main forum for ideas about the meaning and implications of security and privacy, particularly those with important consequences for the technical community.

IEEE Internet Computing A special issue of IEEE Internet Computing, November/December 1998, (submissions due: May 12, 1998) [Posted here: March 3, 1998]
Executable content systems like Java, DNA (ActiveX), JavaScript, Postscript, Word Macros, and so on have had a fundamental impact on computer security. The very concept of executable content involves fetching and running data from a most-likely untrusted site. Often, this happens behind the scenes without the client being aware of the details. For example, when a Web user requests a page with a Java applet embedded in it, the Java byte code is automatically downloaded and begins to execute on a virtual machine in the user's browser. This special issue will be devoted to security implications of mobile code. In particular, we are interested in articles discussing: Code signing technologies, including models for permissions, capabilities, and principals; Proof-carrying code and security policy resolution; Implications of existing protocols such as SSL on proxy scanning, intrusion detection, and firewalling; Handling denial of service; Design of secure interfaces for devices such as smart cards; Security policy creation and management issues; Injecting security into the software development process. URL for submission process information: computer.org/internet/

SIGMBOILE Mobile Computing and Communications Review, Volume 2, Issue 2. (Submissions due: November 15, 1997) [posted here: 10/1/97].
The wireless communication revolution is bringing fundamental changes to telecommunication and computing. Wide-area cellular systems and wireless LANs promise to make integrated networks a reality and provide fully distributed and ubiquitous mobile computing and communications, thus bringing an end to the tyranny of geography. Furthermore, services for the mobile user are maturing and are poised to change the nature and scope of communication. This publication serves to enhance the ability of ACM SIGMOBILE members to keep up-to-date in this rapidly moving field, as well as serve as a major focal point for the discussion of new directions of portable computation and mobile networks for both the research and market-driven communities. Papers on original research are solictited. Please see the complete call for papers for a list of topics of interest. Paper submission will be handled electronically. Authors should Email a PostScript version of their full paper to: editors_sigmobile@acm.org Detailed submission instructions can be found on the MC2R web page http://www.acm.org/sigmobile/MC2R

Special Issue of IEEE Personal Communications Magazine on Mobile Systems and the Web (submissions are due November 1, 1997).
The information revolution that the pundits have been predicting seems finally to be upon us. Instantaneous access to information, which has always been dreamed of, is being realized today with the advent of the World Wide Web. Browsing (surfing) the web is becoming an increasingly common activity for computer users from all domains of life. A web browser probably represents the most ubiquitous interface mechanism to computers today, in terms of the number of people who are comfortable in using it. Web access from mobile platforms would truly represent an example of ubiquitous computing, realising the vision of computing anytime, anywhere and by everyone. However, the reality is that HTTP is not a mobile friendly protocol, and extremely wasteful of bandwidth. The current model of browsing the web is also open to criticism along the same lines. In general, the problems are one of resource constrained browsing platforms connecting to the network via thin pipes that are prone to disconnection. To facilitate web browsing from mobile platforms, it is important to understand these limitations and devise techniques and methodologies which will help alleviate these problems. The special issue will be devoted to articles which describe such techniques. A representative list (not all inclusive) of topics would include the following as they impact web browsing from wireless platforms:
* granularity reduction of multimedia data for wireless links
* information location and filtering
* prefetching and caching
* delayed fetching
* location dependent data
* improvements in HTTP protocol
* anticipatory caching
More information about submitting a paper can be found in the call-for-papers.

 

IEEE Network Magazine Special Issue on PCS Network Management has a call for papers for topics on Internet computing. (Submissions due October 25, 1997.) [posted here 7/7/97]
Personal communications services (PCS) provide communication services anywhere, anytime, with anybody, and in any form. To implement these communications concepts, extremely sophisticated network management which integrates many diverse technologies are required. This special issue focuses on the research and development of advanced PCS network management techniques. A complete list of topics can be found in the call for papers. Authors are invited to submit postscript files of their papers to liny@csie.nctu.edu.tw or sohraby@lucent.com. Papers should not exceed twenty double spaced pages in length, excluding figures and diagrams.

IEEE Network Magazine Special Issue on Active and Programmable Networks has a call for papers for topics on Internet computing. (Submissions due November 10, 1997.) [posted here 7/8/97]
New networking concepts, building on recent advances in mobile software, have been proposed with the purposes of accelerating services and enhancing network management. An active network can give a high degree of control to users to customize their network services dynamically. Users can in effect "program" their services by injecting mobile programs in special packets that are executed at network elements. These mobile programs can carry out management and control functions as well, without the need for pre-programming network elements. Such software-intensive networks rely on agreement on a basic instruction set or primitives rather than consensus on specific protocols and services. This special issue of IEEE Network will present an overview of research in this area which is still in the early stages. A complete list of topics can be found in the call for papers. Authors are invited to submit hardcopies or electronic files of their papers to tchen@gte.com. Papers should not exceed twenty double spaced pages in length, excluding figures and diagrams. More information for potential authors is available at the IEEE Network Home Page http://www.comsoc.org/socstr/techcom/ntwrk/.

IEEE Internet Computing Magazine has a call for papers for topics on Internet computing. (submissions due July 9, 1997)
IEEE Internet Computing is a new bimonthly magazine from the IEEE Computer Society designed to help the engineer productively use the ever expanding technologies and resources of the Internet. Internet Computing and IC on-line will provide developers and users with the latest advances in Internet-based computer applications and supporting technologies such as the World Wide Web, Java programming, and Internet-based agents. Through the use of peer-reviewed articles as well as essays, interviews, and roundtable discussions, IC will address the Internet's widening impact on engineering practice and society. Topics include system engineering issues such as agents, agent message protocols, engineering ontologies, web scaling, intelligent search, on-line catalogs, distributed document authoring, electronic design notebooks, electronic libraries, security, remote instruction, distributed project management, reusable service access and validation, electronic commerce, and Intranets. Author guidelines are available at http://www.computer.org/pubs/internet/auguide.htm Upcoming themes include: Agents (submissions due March 15, 1997), Intranets (submissions due May 7, 1997), and Internet Economics (submissions due July 9, 1997).

Theory and Applications of Object Systems (TAPOS): special issue on Objects, Databases, and the WWW (submissions due May 31, 1997).
As the Internet and the WWW become preferred media for broadcasting, content dissemination, data access, personal communications, distance education, electronic commerce, and other as yet unforeseen applications, it becomes urgent to explore the interactions between these new media and other well established technologies for information access. This special issue will focus on the interaction among object technology, database systems, and the WWW. The following is a non-exhaustive list of topics of interest: Object technology on the web; Accessing databases through the web; The web as a database; Developing web-centered applications; and Applications. A complete list of topics of interest alog with submission instructions can be found in the call for papers.

Journal of Telecommunication Systems, call for papers for a special issue on multimedia systems. (submissions due April 15, 1997).
Multimedia systems and applications have attracted significant attention during the last few years. The ability to deliver audio and video to end-users, in addition to data, has created possibilities which will revolutionize industries ranging from education and advertising, with applications such as digital libraries, distant learning, expert advice and real-time video clip playback, to tele-collaboration, electronic commerce and entertainment, with such applications as video-conferencing, telecommuting, video-on-demand, etc. The Journal of Telecommunication Systems is planning a special issue on multimedia to address this emerging technology. The issue will address all issues of multimedia systems with special focus on issues related to networking and telecommunication systems. Papers are solicited for this issue in the following areas (but not limited to): Multimedia information processing compression/decompression); Multimedia storage and retrieval; Network issues (QoS, protocols, performance/modeling, etc); Telecommunication systems requirements for multimedia; Telecommunication systems architecture and implementation; Security issues; End-to-end multimedia system architecture; and Multimedia applications and application design. More information is available in the call for papers and on the journal web page.

ACM Mobile Computing and Communications Review.
The wireless communication revolution is bringing fundamental changes to telecommunication and computing. Wide-area cellular systems and wireless LANs promise to make integrated networks a reality and provide fully distributed and ubiquitous mobile computing and communications, thus bringing an end to the tyranny of geography. Furthermore, services for the mobile user are maturing and are poised to change the nature and scope of communication. This publication serves to enhance the ability of ACM SIGMOBILE members to keep up-to-date in this rapidly moving field, as well as serve as a major focal point for the discussion of new directions of portable computation and mobile networks for both the research and market-driven communities. Specific topics of interest include security, scalability and reliability issues for mobile/wireless systems. More information can be found at the web page.

Journal of Intelligent Information Systems (JIIS).
Special Issue on Data Mining. As a young, promising research area with broad applications, data mining and knowledge discovery in databases has attracted great interest in the research communities of database systems, machine learning, statistics, high performance computing, information retrieval, data visualization, and many others. Security and social impact of data mining is a topic of interest. Five hard copies of the paper, with the length limited to 20 pages, should be submitted by November 1, 1996 to the conference chair . Also see web page
.

Special Issue of the Journal on Special Topics in Mobile Networking and Applications .
Journal Web page. This special issue will concentrate on the problems associated with mobile and wireless networking in the Internet, primarily at the network layer and above. Internet security issues are a relevant topic. Authors should email an electronic Postscript copy of their paper to one of the guest editors by November 15, 1996. Submissions should be limited to 20 double spaced pages, excluding figures, graphs, and illustrations. Submissions can be sent to perk@watson.ibm.com.

IEEE Software
Papers are solicited for a special issue of IEEE Software to focus on security and privacy concerns and their impact on software development. The full announcement has all details. The goal of this special issue is to:

Papers must be of high quality, original, unpublished, and not submitted elsewhere. Authors should submit an abstract of approximately 200-500 words to Charles P. Pfleeger by October 20, 1996, and the complete article by November 15, 1996. Comments will be returned to the authors before the end of February 1997. If at all possible, prospective authors should submit the abstract by e-mail, as this abstract will be used to schedule reviewers (also by e-mail). The complete article can be submitted either electronically (in ASCII, MSWord format, or postscript) or by hardcopy. In the case of hardcopy submissions, 8 copies must be provided.

JCS Special issue on WWW security .
The special issue of the Journal of Computer Security will be focused on research and development efforts leading to identify requirements and viable solutions for WWW security. Two kinds of papers will be considered: regular papers presenting new research results, and short papers describing ongoing projects. Editors of the special issue: Elisa Bertino, Gianpaolo Rossi, and Pierangela Samarati, Dipartimento di Scienze dell'Informazione, Universita' di Milano, Via Comelico, 39/41, 20135-Milano, Italy; phone: +39-2-55006227/257/272; fax: +39-2-55006253; e-mail: bertino,rossi,samarati@dsi.unimi.it. More information at http://www.dsi.unimi.it/Users/jcs-www.

Distributed Systems Engineering Journal
Special Issue on Future Directions for Internet Technology. Contributions are invited on all aspects of where the Internet is going technically including security. Guest editors: Dr Brian E. Carpenter (brian@dxcoms.cern.ch, WWW) and Prof J Crowcroft (J.Crowcroft@cs.ucl.ac.uk, WWW).

ACM Journal, Wireless Networks
special issue on Personal Communications. Personal communications provide communication services anywhere, anytime, with anybody, and in any form. To implement the personal communications concepts, extremely sophisticated systems which integrate many diverse technologies are required. This special focuses on the research and development of advanced PCS technologies.

Journal of Computer-Mediated Communication (JCMC)
a quarterly electronic journal, has issued a call for papers for a special issue on electronic commerce, including issues related to security and privacy. The call for papers can be found at http://cwis.usc.edu/dept/annenberg/steincfp.html.

 


Past Conference Announcements


Workshop on Data Mining for Counter Terrorism and Security, (held in conjunction with the Third SIAM International Conference on Data Mining), San Francisco, CA, USA, May 3, 2003.  [posted here 10/15/02]
The purpose of this workshop is to discuss ways in which data mining and machine learning can be used to analyze data from numerous sources of high-complexity for the purpose of preventing future terrorist activity. This is inherently a multidisciplinary activity, drawing from areas such as intelligence, international relations, and security methodology. From the data mining and machine-learning world this activity draws from text mining, data fusion, data visualization, data warehousing, and high scalability are necessary for a successful endeavor. Papers in these areas with clear application to the issues of counter terrorism are particularly solicited. Topics of interest include:
   -  Methods to integrate heterogeneous data sources, such as text, internet, video, audio, biometrics, and speech
   -  Scalable methods to warehouse disparate data sources
   -  Identifying trends in singular or group activities
   -  Pattern recognition for scene and person identification
   -  Data mining in the field of aviation security, port security, bio-security
   -  Data mining on the web for terrorist trend detection.
More information can be found on the workshop web page at http://ic.arc.nasa.gov/~ashok.

Second Annual PKI Research Workshop, NIST, Gaithersburg MD, USA, April 28-29, 2003.  [posted here 10/30/02]
This workshop among leading security researchers will explore the issues relevant to this area of security management, and will seek to foster a long-term research agenda for authentication and authorization in populations large and small via public key cryptography. We solicit papers, panel proposals, and participation. The goals of this workshop are to cross-pollinate existing research efforts, to identify the key remaining challenges in deploying public key authentication and authorization, and to develop a research agenda addressing those outstanding issues.
   -  What are the key areas in current PKI approaches that need further work?
   -  For each area, what approaches appear most promising?
   -  How do the approaches in one area affect the methodologies in other areas?
A complete list of topics of interest and the full call for papers can be found at the workshop web site at middleware.internet2.edu/pki03/.

ITCC 2003  International Conference on Information Technology: Coding and Computing, Las Vegas, Nevada, April 28-30, 2003.  [posted here 6/27/02]
The rapid growth in information science and technology in general and the complexity and volume of multimedia data in particular have introduced new challenges for the research community. Of particular interest is the need for a concise representation, efficient manipulation, and fast transmission of multimedia data. Applications such as space science, tele-medicine, military, and robotics deal with large volumes of data which need to be stored and processed in real time. Topics of interest include:
    - Digital Image, Video &   Audio Processing              - Information Hiding & Video Streaming
    - Document Image Analysis                                           - Data Compression
    - Authentication of Video and Audio Data                    - Multimedia Computing
    - Hybrid Source/Channel Coding                                  -  Systems Interfacing and Integration
    - Information Databases                                                 -  E-commerce Compressed Data Processing
    - Data Storage Platforms                                                -  Optical Data Transmission
    - New Architectures for Multimedia Processing         - Graphics and Video Hardware
    - Error Control Codes                                                     -  Video and Audio Codec Design
    - Enterprise Architectures                                              -  Enterprise-wide Information Management
    - Pervasive Computing
More information can be found on the conference web page at www.cs.clemson.edu/~srimani/itcc2003/cfp.html.

ICEIS'2003  5th International Conference on Enterprise Information System, Angers, France, April 23-26, 2003.  [posted here 9/17/02]
The purpose of the 5th International Conference on Enterprise Information Systems (ICEIS) is to bring together researchers, engineers and practitioners interested in the advances and business applications of information systems. Four simultaneous tracks will be held, covering different aspects of Enterprise Information Systems Applications, including Enterprise Database Technology, Systems Integration, Artificial Intelligence, Decision Support Systems, Information Systems Analysis and Specification, Internet Computing and Electronic Commerce. Human factors issues in the development of these applications are also considered. ICEIS focuses on real world applications; therefore authors should highlight the benefits of Information Technology for industry and services. Ideas on how to solve business problems, using IT, will arise from the conference. Papers describing advanced prototypes, systems, tools and techniques and general survey papers indicating future directions are also encouraged. Both full research reports and work-in-progress reports are welcome. More information can be found on the conference web site at www.iceis.org.

BITE2003   The First International Workshop on Business Information Technology Ethics (in conjunction with ICEIS 2003, www.iceis.org), Angers, France, April 22, 2003.   [posted here 10/24/02]
"Praxis versus Theory" would best describe the overall theme of this workshop in IT ethics. Computer ethics is a fledgling discipline that is top-heavy with practical knowledge but desperately in need of a sound theoretical base that it can claim as its own. Can original philosophical theories or novel adaptations of other ethical paradigms better assist us in improving the lot of professional practice in IT? Or must we always fall back on the anachronistic greats of Western Philosophy to guide our moral way through 21st century technologies? This workshop will serve as a forum to gather researchers, practitioners, students and anyone with an interest in the development of IT ethics as a means of improving professional practice. Topics of interest include, but are not limited to:
   - The social and cultural effects of IT on business practice
   - Security and computer misuse
   - Privacy and workplace monitoring
   - Cross-cultural issues in IT ethics
   - Ethics in project management
   - Professional etiquette, standards and codes in IT
   - Ethics in electronic commerce
   - Empirical studies in IT ethics
   - Ethics of software patents
   - Professional responsibility in IT
   - Corporate governance and IT
   - Theoretical issues in IT professional practice
   - Innovative training methods in IT ethics for professionals
   - Submissions on other allied issues are also welcome
More information can be found on the workshop web page at www.iceis.org/workshops/bite/bite2003-cfp.html.

IWWST'03 First International Workshop in Wireless Security Technologies, London, UK, April 15-16, 2003.  [posted here 2/22/03]
Wireless Information Technology Research Centre in collaboration with the British Computer Society, is organising the First International Workshop in Wireless Security Technologies, IWWST '03. The complete call for papers along with other conference information can be found at http://iwwst.org.uk

CT-RSA 2003  Cryptographers' Track RSA Conference 2003, San Francisco, CA, USA, April 13-17, 2003.   [posted here 8/1/02]
Following the success of the two previous editions, the Cryptographers' Track of RSA Conference 2003 (CT-RSA 2003) will be run as an anonymously refereed conference with proceedings. Original research papers pertaining to all aspects of cryptography as well as tutorials or results presented in other conferences are solicited. Submissions may present theory, techniques, applications and practical experience on topics including, but not limited to: fast implementations, secure electronic commerce, network security and intrusion detection, formal security models, comparison and assessment, tamper-resistance, certification and time-stamping, cryptographic data formats and standards, encryption and signature schemes, public key infrastructure, protocols, elliptic curve cryptography, block cipher design, discrete logarithms and factorization techniques, stream ciphers and Boolean functions, lattice reduction and provable security. The program committee invites tutorials and research contributions in the broad area of applications and theory of cryptography. More information can be found at the workshop web page at reg2.lke.com/rs3/rsa2003/crypto.html.

IPCCC'2003  The International Performance, Computing, and Communications Conference, Phoenix, Arizona, USA, April 9-11, 2003  [posted here 9/17/02]
We encourage submission of high-quality papers reporting original work in both theoretical and experimental research that address the recent advances in algorithms, architectures, protocols, wired and wireless network infrastructure, embedded systems, and distributed and mobile systems and applications.  Topics of interest include, but are not limited to, the following:
  - Network Security                                                      - WDM Networks
  - Power-aware Design and Computing                      - Wireless Networks
  - Grid Computing                                                         - Web Server Performance
  - Survivable Networks                                                 - Internet Computing
  - Performance Evaluation Methodologies                - Mobile and Networked Applications
  - Embedded System Design and Integration              - High-Performance Computing
  - Storage Systems (file systems, databases)              - Mobile and ad-hoc Networking
  - Information Assurance                                               - Mobile and Ubiquitous Systems
  - Network Protocols and Performance
More information can be found on the conference web page at www.ipccc.org.

CHI2003 ACM Workshop on Human-Computer Interaction and Security Systems, Fort Lauderdale, Florida, USA April 5 or 6, 2003 (position papers due January 17, 2003) [posted here 11/21/02]
The human factor is often described as the weakest part of a security system and users are often described as the weakest link in the security chain. This workshop will seek to understand the roles and demands placed on users of security systems, and explore design solutions that can assist in making security systems usable and effective. In addition to examining end-users, this workshop will also examine the issues faced by security system developers and operators. Security is a large topic so there are many areas where HCI is important. Three obvious areas of interest are authentication (passwords, biometrics, etc.), security operations (intrusion detection, vigilance, policies and practices, etc.), and developing secure systems (developing for security, understanding users, installation and operation support, etc.). We are interested in receiving submissions on these topics, and suggestions of other possible topic areas are also welcome. Position papers are due January 17, 2003. The workshop will be held April 5 or 6, 2003 (to be finalized), in Fort Lauderdale, Florida. The full CFP and other information is available here: www.iit.nrc.ca/~patricka/CHI2003/HCISEC/.

WITS'03  Workshop on Issues in the Theory of Security (co-located with ETAPS'03), Warsaw, Poland, April 5-6, 2003.   [posted here 11/21/02]
WITS is the official workshop organised by the IFIP WG 1.7 on "Theoretical Foundations of Security Analysis and Design", established to promote the investigation on the theoretical foundations of security, discovering and promoting new areas of application of theoretical techniques in computer security and supporting the systematic use of formal techniques in the development of security related applications. Extended abstracts of work (accepted after selection and) presented at the Workshop are collected and distributed to the participants. There will be no formally published proceedings; however, selected papers will be invited for submission to a special issue of the Journal of Computer Security. Suggested submission topics include:
   - formal definition and verification of the various aspects of security:
      confidentiality, privacy, integrity, authentication and availability;
   - new theoretically-based techniques for the formal analysis and design of cryptographic
      protocols and their manifold applications (e.g., electronic commerce);
   - information flow modeling and its application to the theory of confidentiality policies,
      composition of systems, and covert channel analysis;
   - formal techniques for the analysis and verification of code security, including mobile
      code security;
   - formal analysis and design for prevention of denial of service;
   - security in real-time/probabilistic systems
   - security in coordination languages
The official web page of the conference is at the url www.dsi.unive.it/IFIPWG1_7/wits2003.html.

SPI 2003 Security and Protection of Information, Brno, Czech Republic, March 28-30, 2003.  [posted here 1/3/03]
The call for papers and a list of example topics may be found on the conference web page at www.vabo.cz/spi/defaulten.htm. Speakers desiring to submit papers should e-mail an abstract of at least 250 words along with a short CV/résumé of the speaker(s) to Jaroslav Dockal (jaroslav.dockal@vabo.cz) by January 13th, 2003. More details can be found in the call for papers.

Workshop on Privacy Enhancing Technologies 2003, Dresden, Germany, March 26-28, 2003.  [posted here 7/17/02]
Privacy and anonymity are increasingly important in the online world. Corporations and governments are starting to realize their power to track users and their behavior, and restrict the ability to publish or retrieve documents. Approaches to protecting individuals, groups, and even companies and governments from such profiling and censorship have included decentralization, encryption, and distributed trust. The workshop seeks submissions from academia and industry presenting novel research on all theoretical and practical aspects of privacy technologies, as well as experimental studies of fielded systems. We encourage submissions from other communities such as law and business that present their perspectives on technological issues. As in past years, we will publish proceedings after the workshop. Suggested topics include but are not restricted to:
  - Efficient (technically or economically) realization of privacy services
  - Techniques for censorship resistance
  - Anonymous communication systems (theory or practice)
  - Anonymous publishing systems (theory or practice)
  - Attacks on anonymity systems (eg traffic analysis)
  - New concepts in anonymity systems
  - Protocols that preserve anonymity/privacy
  - Models for anonymity and unobservability
  - Models for threats to privacy
  - Novel relations of payment mechanisms and anonymity
  - Privacy-preserving/protecting access control
  - Privacy-enhanced data authentication/certification
  - Profiling, data mining, and data protection technologies
  - Reliability, robustness, and attack resistance in privacy systems
  - Providing/funding privacy infrastructures (eg volunteer vs business)
  - Pseudonyms, identity, linkability, and trust
  - Privacy, anonymity, and peer-to-peer
  - Usability issues and user interfaces for PETs
  - Policy, law, and human rights -- anonymous systems in practice
  - Incentive-compatible solutions to privacy protection
  - Economics of privacy systems
  - Fielded systems and techniques for enhancing privacy in existing systems
More information can be found on the workshop web page at www.petworkshop.org/.

The First International Workshop on Information Assurance, Darmstadt, Germany, March 24, 2003.  [posted here 8/13/02]
The IEEE Task Force on Information Assurance is sponsoring a workshop on information assurance in cooperation with the ACM SIGSAC on research and experience in information assurance. The workshop seeks submissions from academia and industry presenting novel research on all theoretical and practical aspects of IA; possible topics include, but are not limited to the following:
  -   Information Warfare and Operations
  -   Network Security
  -   Operating System Security
  -   Storage Security
  -   Intrusion Detection, Prediction, and Countermeasures
  -   Insider Attack Countermeasures
  -   Information Sharing in Coalition Settings
  -   Security Models
  -   Survivability and Resilient Systems
  -   Formal Methods for Security
  -   CCITSE Experience and Methodology
  -   IA Standardization Approaches
  -   Specification, Design, Development, and Deployment of IA Mechanisms
Papers with a systems perspective are especially welcome. In addition to the dissemination of new research, another goal of the workshop is to bring together researchers and practitioners from both governmental and civilian areas. More information on the workshop can be found at www.ieee-tfia.org/iwia2003/ .

SPC-2003  First International Conference on Security in Pervasive Computing, Boppard, Germany, March 12-14, 2003.  [posted here 6/27/02]
The ongoing compression of computing facilities into small and mobile devices like handhelds, portables or even wearable computers will enhance an ubiquitous information processing. The basic paradigm of such a pervasive computing is the combination of strongly decentralized and distributed computing with the help of diversified devices allowing for spontaneous connectivity via the internet. The objective of this conference is to develop new security concepts for complex application scenarios based on systems like handhelds, phones, smartcards, and smart labels hand in hand with the emerging technology of ubiquitous and pervasive computing. Particular subjects are methods and technology concerning the identification of risks, the definition of security policies, and the development of security measures that are related to the specific aspects of ubiquitous and pervasive computing like mobility, communication, and secure hardware/software platforms. More information can be found on the conference web page at www.dfki.de/SPC2003.

NDSS'03  The 10th Annual Network and Distributed System Security Symposium, San Diego, CA, USA, February 5-7, 2002.  [posted here 7/17/02]
The symposium fosters information exchange among research scientists and practitioners of network and distributed system security services. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation (rather than theory). A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technology. Topics of interest include:
    - Integrating security in Internet protocols: routing, naming, TCP/IP, multicast,
       network management, and the Web.
    - Intrusion avoidance, detection, and response: systems, experiences and architectures.
    - Attack-resistant protocols and services:
        * Network perimeter controls: firewalls, packet filters, application gateways
        * Virtual private networks
        * Public key infrastructure, key management, certification, and revocation
        * Secure electronic commerce: e.g., payment, barter, EDI, notarization, time stamping,
           endorsement, and licensing
        * Supporting security mechanisms and APIs; audit trails; accountability
        * Implementation, deployment and management of network security policies
        * Intellectual property protection: protocols, schemas, implementations, metering,
           watermarking, digital rights management.
        * Fundamental services on network and distributed systems: authentication, data integrity,
           confidentiality, authorization, non-repudiation, and availability.
        * Integrating security services with system and application security facilities and protocols: e.g.,
            message handling, file transport/access, directories, time synchronization, data base
            management, boot services, mobile computing
        * Security for emerging technologies: sensor networks, specialized test beds, wireless/mobile
           (and ad hoc) networks, personal communication systems, and large heterogeneous distributed systems.
        * Special problems and case studies: e.g., interplay and tradeoffs between security and efficiency,
           usability, reliability and cost.
        * Security for collaborative applications and services: teleconferencing and video-conferencing,
           group work, etc.
More information can be found on the workshop web page at www.isoc.org/isoc/conferences/ndss/03/index.shtml.

Workshop on Security and Assurance in Ad hoc Networks (in conjunction with SAINT2003), Orlando, Florida, USA, January 28, 2003.  [posted here 9/17/02]
This half day workshop aims at providing a forum for the discussion of security and assurance issues related to ad hoc networks as components of the Internet. Technical papers describing original research are solicited. Areas of particular interest include, but are not limited to:
   - Security and fault tolerant issues in ad hoc networks
   - Secure routing in ad hoc networks
   - Applications of mobile agents and autonomous intelligent systems
   - Tradeoffs between efficiency and security in ad hoc networks
   - Bounds on efficiency in ad hoc networks
   - Security protocols for group applications in ad hoc networks
   - Self configuration in ad hoc networks
   - Location discovery and management
   - Timing and synchronization in ad hoc networks
   - Secure, distributed algorithms for ad hoc networks
Please consult the Program Co-Chairs Alec Yasinsac (yasinsac@cs.fsu.edu) or Mike Burmester (burmester@cs.fsu.edu) if you are uncertain whether your paper falls within the scope of the workshop. Workshop information will be posted at www.sait.fsu.edu/wsaan2003/.

SAINT2003   2003 Symposium on the Internet and Applications, Orlando, Florida, USA, January 27-31, 2003.    [posted here 3/15/02]
THEME: The Evolving Internet. The Symposium on Applications and the Internet focuses on emerging and future Internet applications and their enabling technologies. The symposium provides a forum for researchers and practitioners from the academic, industrial, and public sectors, to share their latest innovations on Internet technologies and applications. Areas of particular interest include, but are not limited to:
  - Internet Agents
  - Collaboration Technology: Groupware & telepresence and Internet communities
  - Internet Content Management Systems: XML and semi-structured data, information fusion, web-based databases, and data mining.
  - Internet Content Delivery: web caching, multimedia, adaptations, QoS
  - E-Business: infrastructure for e-services, brokering, negotiation, B2B, Internet workflow, and virtual enterprise.
  - Wireless and Mobile Internet: content adaptation, e-services, mobile commerce
  - Standards for Internet Applications: XML, SOAP, UDDI, WSDL, WSFL, ebXML, Java, .NET, Sun One, others.
  - GRID Computing
  - Internet Appliances: smart phones, PDAs, sensor networks, smart home, etc.
  - Novel Internet Applications
  - Internet Security
  - Network and Protocol Architecture
  - Internet Operation and Performance
Information for prospective authors, including paper format and submission instructions can be found in the symposium web page at www.saint2003.org.

HICSS-36 Secure and Survivable Software Systems (Part of the Software Technology Track), Big Island, Hawaii, USA, January 6-9, 2003.  [posted here 3/28/02]
The focus of this minitrack is security and survivability in large, non-trivial, software systems, with an emphasis on the last phases of the four stage survivability model consisting of Resistance, Recognition, Recovery, and Adaptation. Papers on Resistance and Recognition that address the need or capacity for safety critical software systems to “fail-safe” and “fail-secure” are also desired. Submissions will be sought from researchers in the area of system survivability, software dependability, computer and network security, fault-tolerance and intrusion tolerance, and economic or statistical modeling of secure/survivable systems. Main minitrack topics include but are not limited to:
    - System or software survivability
    - Safety critical failure modes
    - Network or system intrusion tolerance
    - Modeling malicious behavior or attacks
    - Mathematical models for verification of vulnerability to malicious acts
    - Models for measurement, evaluation, or validation of survivability
    - Software fault tolerance
    - Design for dependability and/or survivability
    - PRA and hybrid fault models accounting for malicious acts and events
More information can be found on the HICSS-36 conference web site is at www.hicss.hawaii.edu/ and the miitrack web site at www.cs.uidaho.edu/~krings/HICSS36/HICSS36-cfp.htm

PKC2003   The Sixth International Workshop on Practice and Theory in Public Key Cryptography, Miami, Florida, USA, January 6-8, 2003.    [posted here 6/24/02]
PKC is the main annual workshop focusing on research on all aspects of public key cryptography. PKC 2003 will for the first time be an IACR workshop. Topics of interest include:
  -  Certification and Time-stamping                  - Computational Complexity Aspects
  -  Cryptanalysis                                                  -  Discrete Logarithm
  -  Electronic Cash/Payment                              -  Elliptic Curve Cryptography
  -  Encryption Schemes                                      -  Fast Implementations
  -  Integer Factorization                                      -  International Standards
  -  Lattice Reduction                                           -  Provable Security
  -  Public Key Infrastructure                              -  Secure Electronic Commerce Signature Schemes
Further details are available at: www.sait.fsu.edu/pkc2003.

BCS-FACS  British Computer Society Formal Aspects of Security, Royal Holloway, University of London, UK, December 19-20, 2002.  [posted here 7/17/02]
To celebrate its 25th Anniversary, the BCS-FACS (British Computer Society - Formal Aspects of Computing) Specialist Group is planning to organize several events over the next two years. The main aim is to highlight the use of formal methods, emphasize their relevance to modern computing, and promote their wider applications. Papers offering research contributions in formal aspects of computer security are solicited for FASec. Topics of interest include:
  -  Frameworks for formulating security requirements
  -  Access control: requirements, models, mechanisms, and extensions
  -  Theoretical foundations for access control models
  -  Formal models for security management: keys, data integrity, accounting and audit.
  -  Theoretical foundations of network and distributed systems security.
  -  Specification, analysis, and verifications of cryptographic protocols.
  -  Theory of information flow.
  -  Secure networking: authentication and intrusion detection.
  -  Security for mobile code
  -  Access control in distributed and mobile systems
  -  Proof carrying code and byte-code verification
  -  Smart-cards and secure PDAs
  -  Safety and security: analogies and differences
  -  Case studies and critical evaluations of formal methods for security
  -  Tools based on formal methods for  security requirements, analysis, and verification.
More information can be found on the workshop web page at www.bcs-facs.org/.

ACSAC2002  18th Annual Computer Security Applications Conference, Las Vegas, Nevada, USA, December 9-13, 2002.  [posted here 3/16/02]
This internationally recognized conference provides a forum for experts in information system security to exchange practical ideas about solving these critical problems. We are looking for papers, panels and tutorials that address:
   - Access control                               -Cryptographic protocols and applied cryptography
   - Database Security                          - Denial of service protection
   - Electronic commerce security     - Firewalls and other boundary control devices
   - Forensics                                        - Identification and Authentication
   - Information Survivability              - Middleware and distributed systems security
   - Mobile Security                             - Network security
   - Operating systems security           - PKI and certificate management
   - Risk/vulnerability assessment       - Intrusion detection
   - Security engineering                      - Security against malicious mobile code
See the conference web page at www.acsac.org for details on submitting papers and tutorial proposals.

ICISC 2002  Fourth International Conference on Information and Communications Security, Kent Ridge Digital Labs, Singapore, December 9-12, 2002.   [posted here 1/7/02]
Original papers on all aspects of information and communications security are solicited for submission to ICICS’02. Areas of interests include but not restricted to the following:
  - Access Control Authentication and Authorization
  - Biometric Security Cryptology
  - Database Security Distributed System Security
  - Electronic Commerce Security Fraud Control
  - Information Hiding and Watermarking Intellectual Property Protection
  - Internet and Intranet Security Intrusion Detection
  - Key Management and Key Recovery Mobile System Security
  - Network Security Operating System Security
  - Protocols and Their Analysis Risk Evaluation and Security Certification
  - Security Modeling and Architecture Virus and Worms
More information can be found on the conference web page at www.krdl.org.sg/General/conferences/icics/Homepage.html.

ASIACRYPT 2002  Queenstown, New Zealand, December 1-5, 2002.    [posted here 9/30/01]
Original papers on all technical aspects of cryptology are solicited for submission to Asiacrypt 2002. The conference is organized by the International Association for Cryptologic Research (IACR).  Submissions must not substantially duplicate work that any of the authors has published elsewhere or has submitted in parallel to any other conference or workshop that has proceedings. More information can be found on the conference web page at www.sis.uncc.edu/ac02.

WPES  ACM Workshop on Privacy in the Electronic Society (in association with 9th ACM Conference on Computer and Communication Security), Washington, DC, USA, November 21, 2002  [posted here 5/28/02]
The increased power and interconnectivity of computer systems available today provide the ability of storing and processing large amounts of data, resulting in networked information accessible from anywhere at any time. It is becoming easier to collect, exchange, access, process, and link information. The goal of this workshop is to discuss the problems of privacy in the global interconnected societies and possible solutions to it. Topics of interest include, but are not limited to:
   -  anonymity, pseudonymity, and unlinkability
   -  business model with privacy requirements
   -  data protection from correlation and leakage attacks
   -  electronic communication privacy
   -  information dissemination control
   -  privacy-aware access control
   -  privacy in the digital business
   -  privacy enhancing technologies
   -  privacy policies and human rights
   -  privacy and anonymity in Web transactions
   -  privacy threats
   -  privacy and confidentiality management
   -  privacy in the electronic records
   -  privacy in health care and public administration
   -  public records and personal privacy
   -  privacy and virtual identity
   -  personally identifiable information
   -  privacy policy enforcement
   -  privacy and data mining
   -  relationships between privacy and security
   -  user profiling
   -  wireless privacy
More information about the conference can be found at seclab.dti.unimi.it/~wpes.

SACT  First ACM Workshop on Scientific Aspects of Cyber Terrorism (in conjunction with the ACM Conference on Computer and Communication Security), Washington, DC, USA, November 21, 2002.  [posted here 5/16/02]
The goal of this workshop is to address scientific contributions to understand cyber terrorism and to fight cyber terrorism. Examples of possible topics of interest include: methods to identify the most critical infrastructures, methods to detect cyber terrorist attacks, methods to protect against cyber terrorism (including survivability, quorum systems, PKI). Submissions should clearly identify the relationship with cyber terrorism. Submissions on cryptography/information security without proper motivation how these can be used to address scientific issues on cyber terrorism will be rejected. Non-scientific talks (such as surveys on efforts by different countries on addressing cyber terrorism) will only be accepted if space permits. Talks about political and non-scientific talks are not the main goal of the workshop. Further details are available at www.sait.fsu.edu/sactworkshop/sact.html

DRM 2002  ACM Workshop on Digital-Rights Management (in conjunction with the 9th Annual ACM CCS Conference), Washington DC, USA, November 18, 2002.     [posted here 7/18/02]
The 2002 ACM Workshop on Digital-Rights Management (DRM 2002) will be held on November 18, 2002 in Washington DC, in conjunction with the 9th Annual ACM CCS Conference. The DRM 2002 submission deadline is August 1, 2002; submissions on all technical, legal, and business aspects of DRM are solicited. Additional information and submission instructions can be found at crypto.stanford.edu/DRM2002/

CCS 2002  9th ACM Conference on Computer and Communication Security, Washington DC, USA, November 17-21, 2002.   [posted here 3/15/02]
Papers offering novel research contributions in any aspect of computer security are solicited for submission to the Ninth ACM Conference on Computer and Communications Security. The primary focus is on high-quality original unpublished research, case studies, and implementation experiences. Papers should have practical relevance to the construction, evaluation, application, or operation of secure systems. Theoretical papers must make convincing argument for the practical significance of the results. Theory must be justified by compelling examples illustrating its application. Topics of interest include:
  - access control                  - security for mobile code                - cryptographic protocols
  - key management              - information warfare                         - authentication
  - applied cryptography       - e-business/e-commerce                  - privacy and anonymity
  - secure networking           - accounting and audit                         - data/system integrity
  - intrusion detection          - security management                       - security verification
  - database and system security            - smart-cards and secure PDAs
  - inference/controlled disclosure       - intellectual property protection
  - commercial and industry security
See the conference web site at www.acm.org/sigs/sigsac/ccs for details on submitting a paper

IICIS 2002 Fifth IFIP TC-11 WG 11.5 Working Conference on Integrity and Internal Control in Information Systems - New Perspectives from Academia and Industry, Bonn, Germany, November 11-12, 2002.   [posted here 3/28/01]
Confidentiality, integrity and availability are high-level objectives of IT security. The IFIP TC-11 Working Group 11.5 has been charged with exploring the area of the integrity objective within IT security and the relationship between integrity in information systems and the overall internal control systems that are established in organizations to support corporate governance codes. This working conference series follows its tradition to establish the basis for an ongoing dialog between IT security specialists and internal control specialists so that both may work more effectively together to assist in creating effective business systems in the future. The goals for this conference are to find an answer to the following questions:
   -  what is the status quo of research and development in the area of integrity and internal control
   -  where are the gaps between business needs on the one hand and research and development
       on the other and what needs to be done to bridge these gaps
   -  what precisely do business managers need to have confidence in the integrity of their
      information systems and their data
More information can be found on the conference web page http://www.db.cs.ucdavis.edu/IICIS2002/

NORDSEC2002  7th Nordic Workshop on Secure IT Systems, Karlstad University, Sweden, November 7-8, 2002.  [posted here 3/17/02]
The NordSec workshops were started in 1996 with the aim of bringing together researchers and practitioners within computer security in the Nordic countries. The theme of the workshops has been applied security, i.e., all kinds of security issues that could encourage interchange and cooperation between the research community and the industrial/consumer community. A main theme of NordSec 2002, to which a special track within the workshop will be devoted, is Privacy Enhancing Technologies. NordSec 2002 will also specifically address the areas of Software Engineering and Quality of Service in relation to IT security. Possible topics include, but are not limited to the following:
   -  Privacy and Privacy Enhancing Technologies
   -  Wireless Communication Security
   -  Inter/Intra/Extranet Security
   -  Security Protocol Modeling and Analysis
   -  E-and M-Business Security
   -  New Firewall Technologies
   -  Secure Infrastructures; TTP, PKI, Key Escrow/Recovery
   -  Computer Crime and Information Warfare
   -  Detecting Attacks, Intrusions and Computer Misuse
   -  Smart Card Applications
   -  Security Management and Audit
   -  Security Evaluations and Measurements
   -  Security in Commercial off-the-shelf Products, COTS
   -  Operating System Security
   -  Security Models
   -  New Ideas and Paradigms for Security
   -  Security Education and Training
   -  Quality of Service or Software Engineering in Relation to Security
More information can be found on the conference web page at www.cs.kau.se/nordsec2002.

ACSA Workshop on the Application of Engineering Principles to System Security Design, Boston, MA, USA, November 6-8, 2002  [posted here 7/29/02]
The Applied Computer Security Associates (ACSA) is sponsoring a workshop to examine engineering fundamentals, the principles and practice of designing and building secure systems. The workshop will look at where we have been in security engineering (formal methods, Orange book, Common Criteria, penetrate and patch, Certification and Accreditation, Defense in Depth) and where we should go. The workshop will consider such questions and issues as:
   - How can we do better at engineering secure systems?
   - Do we need new paradigms?
   - Have we not done a good job in applying the old techniques?
   - Is the real problem just bad software engineering, not bad security engineering?
   - Is the problem poor maintenance, rather than poor engineering?
   - Is "Defense in Depth" a meaningful engineering concept or is it bumper sticker engineering?
   - Have we forgotten the past?
   - Are we failing to teach new security engineers what we know?
The goal of the workshop is to begin a process of serious thinking about these important issues. The output of the workshop will be a collection of essays and technical papers on the issues discussed in the workshop. The papers will be available on-line to the community. ACSA's intent is that the output of the workshop becomes the kernel for a growing on-line collection of theory, principles, and practice of security engineering. Over time this site will maintain our history, our lessons learned, and principles for getting it right the first time. More information can be found on the workshop web page at www.acsac.org/waepssd/cfp.html.

LawTech2002  ISLAT International Conference on Law and Technology, Cambridge, Massachusetts, USA, November 6-8, 2002.    [posted here 4/15/02]
This conference is an international forum for lawyers and engineers interested in understanding the latest developments and implications of technology in the field of law. It is an opportunity to exchange ideas and information related to the intersection of these two areas. The conference will address both the legal ramifications of new technology and how technology advances the field of law. All papers submitted to this conference will be peer reviewed by at least two members of the International Program Committee. Acceptance will be based primarily on originality and contribution. The full call for papers and an extensive list of topics, including issues related to security and privacy, can be found on the workshop web page at www.islat.org.

CCN 2002   IASTED International Conference on Communications and Computer Networks, Massachusetts Institute of Technology, Cambridge, Massachusetts, USA, November 4-6, 2002.    [posted here 6/24/02]
This conference is an international forum for researchers and practitioners interested in the advances and applications of computers and communications networks including wireless and mobile communications. It is an opportunity to present and observe the latest research, results, and ideas in these areas. CCN 2002 will be held in conjunction with the IASTED International Conference on "Parallel and Distributed Computing and Systems (PDCS 2002)" and "Software Engineering and Applications (SEA 2002)". A complete list of topics along with instructions for submitting a paper or a tutorial proposal can be found on the conference web site at www.iasted.org/conferences/2002/cambridge/ccn.htm.

Compsec2002  19th World Conference on Computer Security, Audit and Control, London, UK, October 30-November 1, 2002.    [posted here 7/29/02]
The conference comprises over 50 presentations and interactive workshops arranged within four parallel streams covering management concerns, infrastructure, law and ethics, technical issues and case studies. Full programme and registration information is available via the conference website at www.compsec2002.com.

RAID'2002  Fifth International Symposium on Recent Advances in Intrusion Detection, Zurich, Switzerland, October 16-18, 2002 (Held in conjunction with Esorics 2002).   [posted here 2/25/02]
This symposium, the fifth in an annual series, brings together leading figures from academia, government, and industry to discuss state-of-the-art intrusion detection technologies and issues from the research and commercial perspectives. The RAID International Symposium series is intended to further advances in intrusion detection by promoting the exchange of ideas in a broad range of topics. The RAID 2002 program committee invites three types of submissions:
-  Full papers presenting mature research results. Full papers accepted for presentation at the Symposium will be published in the RAID 2002 proceedings published by Springer Verlag in its Lecture Notes in Computer Science (LNCS) series.
-  Extended abstracts presenting work-in progress, case studies and implementation experiences. We welcome basically any type of submission that is of general interest to the audience. Extended abstracts accepted for presentation at the Symposium will be published on the RAID web site.
-  Panel proposals for presenting and discussing interesting topics in the field of intrusion detection.
More information can be found on the conference web page at: www.raid-symposium.org/raid2002/.

SREIS2002  Second Symposium on Requirements Engineering for Information Security, Raleigh, North Carolina, USA, October 15-16, 2002.   [posted here 1/11/02]
The second symposium on requirements engineering for information security invites papers on a diversity of topics, particularly ones that point out new directions. Theoretical, experimental, and experience papers are all welcome. SREIS provides researchers and practitioners from various disciplines with a highly interactive forum to discuss security and privacy-related requirements. Specifically, we encourage attendance from those in the fields of requirements engineering, software engineering, information systems, information and network security and trusted systems as well as those interested in approaches to analyzing, specifying, and testing requirements to increase the level of security provided to users interacting with pervasive commerce, research and government systems. Topics of interest include, but are not limited to the following:
    - solutions to known RE problems as applied to security and privacy
    - RE for confidentiality, integrity, and availability
    - industrial problem statements
    - generalizations from individual industrial experiences
    - RE for trusted Commercial Off-The-Shelf (COTS) systems
    - empirical studies of industrial RE practice
    - capture and expression of informal and ad hoc requirements
    - managing conflicting requirements of operational effectiveness and security
    - methods for the specification and analysis of security requirements
    - methods for ensuring compliance between requirements and policies
Information for authors about how to submit a paper will be available via the symposium URL: www.sreis.org.  For additional information contact: sreis-inf@cerias.purdue.edu .  The SREIS will be followed by the Second Annual Government-Industry Forum on Strategies for the Development of Security Requirements and Security Specifications for Critical Information Technologies. The forum, hosted by the National Institute of Standards and Technology (NIST) will take place on October 17, 2002 from 9:00 A.M. to 5:00 P.M. For further information, please contact Dr. Ron Ross at (301) 975-5390 or rross@nist.gov.

ESORICS 2000  7th European Symposium on Research in Computer Security, Zurich, Switzerland, October 14-16, 2002.    [posted here 1/3/02]
ESORICS is the European research event in computer security with audience from both the academic and industrial communities. For background information about the symposium, and an html version of this Call for Papers, see the ESORICS 2002 home page www.esorics2002.org. We are interested in papers that may present theory, technique, applications, or practical experience on topics related to information security, privacy and dependability. The primary focus is on high-quality original unpublished research, case studies and implementation experiences. We encourage submissions of papers discussing industrial research and development.

Critical Systems Development with UML, Dresden, Germany, September 30, 2002.    [posted here 6/27/02]
The high quality development of critical systems (be it real-time, security-critical, dependable/safety-critical, performance-critical, or hybrid systems) is difficult. Many critical systems are developed, fielded, and used that do not satisfy their criticality requirements, sometimes with spectacular failures. The workshop aims to gather practitioners and researchers to contribute to overcoming these challenges. Topics of interest include:
  -  Applications of UML  to: real-time systems, security-critical systems,
         dependable / safety-critical systems, performance-critical systems, embedded systems,
         hybrid systems, and reactive systems
  -  Extensions of UML (UML-RT, UMLsec, Automotive UML, Embedded UML, ...)
  -  Using UML as a formal design technique for the development of critical systems
  -  Critical systems development methods
  -  Modeling, synthesis, code generation, testing, validation, and verification of critical systems
          using UML
  -  Case studies and experience reports
More information can be found on the workshop web page at  www4.in.tum.de/~csduml02/.

Workshop on Socially-Informed Design of Privacy-enhancing Solutions in Ubiquitous Computing (in conjunction with UBICOMP'2002), GÖTEBORG, Sweden, September 29, 2002.   [posted here 7/17/02]
Privacy-enhancing solutions, both technical and social, are needed to drive development of ubiquitous computing in a socially acceptable direction. The goal of this workshop is to develop an understanding of how social studies can inform the design and evaluation of privacy-enhancing solutions (technical approaches and complementary social mechanisms) in ubicomp. This workshop aims to provide a forum for ubicomp system developers, security researchers, social scientists, legal experts and consumer privacy advocates to collaboratively explore the future of socially-informed privacy-enhancing solutions in ubiquitous computing. Questions from other disciplines other than computer science (e.g., economics, sociology, law, public policy) will also contribute significantly to the workshop. Topics of interest of this workshop include, but are not limited to: Incentives; Contextual Factors; Trust; Metrics and Inspection; and Design Principles and Solutions. Papers should be submitted to in PDF or MS Word format on or before August 18, 2002 to xdjiang@cs.berkeley.edu. It is recommended that authors limit their submissions to no more than 6 pages, A4 or letter size. More information can be found at guir.berkeley.edu/privacyworkshop2002.

CNS'02  2002 International Workshop on Cryptology and Network Security, San Francisco, CA, USA, September 26-28, 2002.   [posted here 2/18/02]
(CNS02) is to be held in conjunction with The 8th International Conference on Distributed Multimedia Systems (DMS'2002) in San Francisco, California, in September 2002. Original papers on all aspects of cryptology and network security are solicited for submission to the workshop. Both theoretical research papers in cryptology and research results from practical applications in network security related areas are welcome. Topics covered by the workshop will include, but are not limited to, the following:
  -  Cryptography and cryptanalysis algorithms
  -  Authentication and digital signatures
  -  Client/Server system security
  -  Network security issues and protocols
  -  Web security
  -  Mobile agent security
  -  PKI
  -  Security architectures
  -  E-commerce security
  -  Information hiding and multimedia watermarking
  -  System intrusion protection and detection.
  -  Information security applications
More information can be found from: cs.anu.edu.au/~Chuan.Wu/conference/cns02_cfp.html or contact Dr Chuan-Kun Wu, email: Chuan.Wu@cs.anu.edu.au

CMS2002  The Seventh IFIP Communications and Multimedia Security Conference, Portoroz, Slovenia,  September 26-27, 2002.   [posted here 12/7/01]
CMS 2002 is the seventh working conference on Communications and Multimedia Security since 1995. State-of-the-art issues as well as practical experiences and new trends in the areas will be the topics of interest again, as proven by preceding conferences. Topics of interest include, but are not limited to 
     - Applied cryptography 
     - Biometry 
     - Combined multimedia security 
     - Communications systems security 
     - Cryptography - steganography
     - Digital signatures
     - Digital watermarking
     - Internet, intranet and extranet security 
     - Legal, social and ethical aspects of communication systems security 
     - Mobile communications security 
     - Multimedia systems security 
     - New generation networks (NGN) security
     - Possible attacks on multimedia systems 
     - Secure electronic commerce
More information can be found on the conference web page at: www.setcce.org/cms2002/, or contact: Prof. Borka Jerman-Blazic / Institut Jozef Stefan / Jamova 39 / SI-1000 Ljubljana / Slovenia / e-mail: cms02@setcce.org.

NSPW2002  New Security Paradigms Workshop, Virginia Beach, Virginia, USA, September 23-26, 2002.    [posted here 1/16/02]
For ten years the New Security Paradigms Workshop has provided a productive and highly interactive forum for innovative new approaches to computer security. The workshop offers a constructive environment for experienced researchers and practitioners as well as newer participants in the field. The result is a unique opportunity to exchange ideas. NSPW 2002 will take place September 23 - 26, 2002 at the Founders Inn, Virginia Beach, Virginia, about 2.5 hours from Washington, DC. The complete CFP is at www.nspw.org.

ECC2002 The 6th Workshop on Elliptic Curve Cryptography, University of Essen, Essen, Waterloo September 23-25, 2002. [posted here 4/8/02]
ECC 2002 is the sixth in a series of annual workshops dedicated to the study of elliptic curve cryptography and related areas. The main themes of ECC 2002 will be:
   - The discrete logarithm and elliptic curve discrete logarithm problems.
   - Efficient parameter generation and point counting.
   - Provably secure cryptographic protocols for encryption, signatures and key agreement.
   - Efficient software and hardware implementation of elliptic curve cryptosystems.
   - Deployment of elliptic curve cryptography.
There will be approximately 15 invited lectures (and no contributed talks), with the remaining time used for informal discussions. There will be both survey lectures as well as lectures on latest research developments. If you did not receive this announcement by email and would like to be added to the mailing list for the second announcement, please send email to ecc2002@math.uwaterloo.ca.  The announcements are also available from the web sites: www.exp-math.uni-essen.de/~weng/ecc2002.html and www.cacr.math.uwaterloo.ca

Workshop on Computer Forensics, Center for Secure and Dependable Systems, University of Idaho, Moscow, Idaho, USA, September 23-25, 2002.  [posted here 7/18/02]
This workshop is intended to provide a broad-spectrum approach to Computer Forensics and to increase interactions between Information Security faculty, students and practitioners. Speaker and presentation topics include performing detailed analysis of systems, use of forensic evidence in the legal system, tools available for forensic analysis, international complications, and a corporate perspective. The first day will include a tutorial on forensics by Dr. Sujeet Shenoi and the forensics team from the University of Tulsa. The second day will feature subject experts presenting on aspects of forensics, and the third day will have presentations from researchers and practitioners. See the workshop web site for details at www.csds.uidaho.edu/workshop/forensics.

ILPF 2002  The Annual Internet Law & Policy Forum Conference, Seattle, WA, USA, September 17-19, 2002.  [posted here 6/23/02]
The Internet Law & Policy Forum is holding its annual conference on the topic of Security v. Privacy on September 18-19, 2002 in Seattle, Washington. This conference will explore the synergies and conflicts, both real and imagined, between these two important policy objectives and the laws written to promote them. On one hand, privacy is a critical element of maintaining data integrity, which is one key security issue. On the other hand, the governmental need to find and stop lawbreakers is facilitated by the ready access to a broad scope of information. The conference will have a privacy track and a security track, where speakers will explore key issues and concerns in the respective areas. Some of the topics covered in these panels include: Privacy Global Survey: Legislative Regimes and Cross-Cultural Dimensions; Practicalities of Compliance with Law Enforcement Requests; Identifying and Selecting Appropriate Authentication Options. Plenary sessions will cover topics from both perspectives. More information can be found at the conference web page at  www.ilpf.org/conference2002.

SCN'02  The Third Workshop on Security in Communication Networks, Amalfi, Italy, September 12-13, 2002.  [posted here 4/23/02]
SCN '02 aims at bringing together researchers in the field of security in communication networks to foster cooperation and exchange of ideas. Papers are solicited on all technical aspects of data security including:
    - Anonymity                                                                       - Implementations
    - Authentication                                                                 - Key Distribution
    - Block Ciphers                                                                 - Operating Systems Security
    - Complexity-based Cryptography                                   - Privacy
    - Cryptanalysis                                                                   - Protocols
    - Digital Signatures                                                            - Public Key Encryption
    - Electronic Money                                                           - Public Key Infrastructure
    - Hash Functions                                                                - Secret Sharing
    - Identification                                                                   - Survey and state of the art
More information can be found on the workshop web page at www.dia.unisa.it/SCN02/

IASTED'2002  IASTED Conference on Conference on Communication Systems and Networks,  Malaga, Spain, September 9-12, 2002.    [posted here 12/27/01]
This conference is an international forum for researchers and practitioners interested in the advances in, and applications of, networks and communication systems.  This conference will be comprised of the following four Symposia: Telecommunications Technology,  Optical Communication Systems, Wireless Networks, and Satellite Communications and Antennas.  More information on areas of interest and complete instructions for submitting a paper or tutorial proposal can be found at the conference web site at: www.iasted.org and www.iasted.org/conferences/2002/spain/submit-371.htm

Trust and Privacy in Digital Business (on conjunction with DEXA 2002), Aix-en-Provence, France, September 2-6, 2002.    [posted here 11/20/01]
The Internet and the powerful WWW have created a tremendous opportunity to conduct business electronically. However, the lack of trust in electronic procedures as well as the diversity of threatens to users' privacy are the major inhibitors for a full deployment of digital business. The purpose of this workshop is twofold: First, all issues of digital business, focusing on trust and privacy problems will be discussed. Second, the workshop will be a forum for the exchange of results and ongoing work performed in R&D projects. Authors are invited to submit papers describing both theoretical and practical work to: trustbus02@wi-inf.uni-essen.de or trustbus02@lcc.uma.es.  Papers accepted for presentation will be published by IEEE Computer Society Press as proceedings of the DEXA'02 workshops.  More information can be found on the workshop web site at www.wi-inf.uni-essen.de/~dexa02ws/

WISA2002  The 3rd International Workshop on Information Security Applications, Jeju Island, Korea, August 28-30, 2002.   [posted here 3/16/02]
The areas of interest include, but are not limited to:
  - Electronic Commerce Security                                     - Electronic Cash
  - Smart Card Security                                                        - Public Key Infrastructure
  - Advanced Intrusion Detection System and Firewall    - Virtual Private Network
  - Mobile Security                                                              - Security Management
  - Active Security                                                               - Information Warfare
  - Biometrics                                                                      - Digital Rights Management
  - Optical Security                                                              - Anti-Virus
Please see the conference web page at icns.ewha.ac.kr/wisa2002 for details on submitting papers.

CYRPTO'2002   The Twenty-Second Annual ICAR Crypto Conference, Santa Barbara, Ca, USA, August 18-22, 2002.   [posted here 2/13/02]
Original research papers on all technical aspects of cryptology are solicited for submission to Crypto 2002, the Twenty-Second Annual IACR Crypto Conference. Crypto 2002 is sponsored by the International Association for Cryptologic Research (IACR), in cooperation with the IEEE Computer Society Technical Committee on Security and Privacy, and the Computer Science Department of the University of California, Santa Barbara. Program Chair: Moti Yung (moti@cs.columbia.edu). General Chair: Rebecca N. Wright (crypto2002@iacr.org) www.iacr.org/conferences/crypto2002/

WTCP'2002  Workshop on Trusted Computing Paradigms (in conjunction with ICPP-2002), Vancouver, British Columbia, Canada, August 18-21, 2002.    [posted here 12/10/01]
The information technology revolution has changed the way business is transacted, government operates, and national defense is conducted. Those three functions now depend on an interdependent network of critical information infrastructures. To build the secure and reliable systems required for our increasingly mobile, interconnected information-technology enabled society, research is needed to develop the large-scale information systems of the future such that they not only behave as expected, but, more importantly, continue to produce expected behavior against security breaches and hostile attacks. Moreover, we must ensure that any service disruptions that occur are infrequent, of minimal duration, manageable, and cause the least damage possible. The aim of this workshop is to consolidate state-of-the-art research in this area. Fundamental research articles and practical experience reports are solicited. Topics of interest include, but are not limited to:
    -  Specification, Design, Development, and Composition of Trustworthy Components
    -  Modeling, Analyzing, and Predicting Trust Properties of Systems and Components
    -  Policies and Standards for Building and Operating Trusted Systems and Components
    -  Assessment of Tradeoffs in Trustworthy System Design
    -  Personal Information Management in a Trustworthy Environment
    -  Management of Heterogeneous Trusted Computing Technologies
    -  Cyber Attack Prediction and Detection
    -  Information Operations to include Mining, Recovery, Security, and Assurance
    -  Secure and Safe Access to Autonomous Services and Applications
    -  Trusted Computing in Agent-based Environments
    -  Trusted Computing in Mobile and Wireless Environments
More information can be found on the conference web site at www.cs.odu.edu/~wadaa/ICPP02/WTCP/

The 11th USENIX Security Symposium, San Francisco, CA, USA, August 5-9, 2002.   [posted here 12/7/01]
The USENIX Security Symposium program committee seeks refereed paper submissions in all areas relating to system and network security. If you are working in any practical aspects of security or applications of cryptography, we would like to urge you to submit a paper.   For more details on the submission process, authors are encouraged to consult the detailed author guidelines at:   www.usenix.org/events/sec02/cfp/

The Sixteenth Annual IFIP WG 11.3 Working Conference on Data and Application Security, King's College, University of Cambridge, UK,  July 29-31, 2002.    [posted here 9/22/01]
The conference provides a forum for presenting original unpublished research results, practical experiences, and innovative ideas in data and applications security. Papers and panel proposals are solicited. The conference is limited to about forty participants so that ample time for discussion and interaction may occur. Additional information and a list of topics can be found at www.cis.utulsa.edu/ifip02. The conference location can be explored at http://www.kings.cam.ac.uk/ and the WG 11.3 home page is at sansone.crema.unimi.it/~ifip113.

FCS'02  LICS Satellite Workshop on Foundations of Computer Security, Copenhagen, Denmark, July 26, 2002.   [posted here 2/12/03]
Computer security is an established field of Computer Science of both theoretical and practical significance. In recent years, there has been increasing interest in logic-based foundations for various methods in computer security, including the formal specification, analysis and design of cryptographic protocols and their applications, the formal definition of various aspects of security such as access control mechanisms, mobile code security and denial-of-service attacks, and the modeling of information flow and its application to confidentiality policies, system composition, and covert channel analysis. The aim of this workshop is to provide a forum for continued activity in this area, to bring computer security researchers in contact with the FLoC community, and to give FLoC attendees an opportunity to talk to experts in computer security. We are interested both in new results in theories of computer security and also in more exploratory presentations that examine open questions and raise fundamental concerns about existing theories. Possible topics include, but are not limited to:
    - Formal specification                                            cryptographic protocols and applications
    - Foundations of verification                                  confidentiality and authentication
    - Logic-based design                                               integrity and privacy
    - Information flow analysis                                     availability and denial of service
    - Security models                              -for-              security policies
    - Language-based security                                       covert channels
    - Static analysis mobile code
    - Composition issues                                               intrusion detection
    - Statistical methods                                                 malicious code confinement
More information can be found at the workshop web page: floc02.diku.dk/FCS/

VERIFY'02  Verification Workshop, in connection with CADE at FLoC 2002, Copenhagen, Denmark, July 25-26, 2002.     [posted here 1/16/02]
The aim of this verification workshop is to bring together people who are interested in the development of safety and security critical systems, in formal methods in general, in automated theorem proving, and in tool support for formal developments. The overall objective of VERIFY is on the identification of open problems and the discussion of possible solutions under the theme "What are the verification problems? What are the deduction techniques?". Topics include (but are not limited to):
    + Access control                                                                   + Protocol verification
    + ATP techniques in verification                                         + Refinement & decomposition
    + Case studies (specification & verification)                    + Reuse of specifications & proofs
    + Combination of verification systems                              + Safety critical systems
    + Compositional & modular reasoning                               + Security for mobile computing
    + Fault tolerance                                                                   + Security models
    + Gaps between problems & techniques                             + Verification systems
    + Information flow control
Information on submitting papers and panel proposals can be found on the workshop web page at www.ags.uni-sb.de/verification-ws/verify02.html.

CSFW15  15th IEEE Computer Security Foundations Workshop, Keltic Lodge, Cape Breton, Nova Scotia, Canada,  June 24-26, 2002.   [posted here 10/19/01]
This workshop series brings together researchers in computer science to examine foundational issues in computer security. For background information about the workshop, and an html version of this Call for Papers, see the CSFW home page www.csl.sri.com/csfw/index.html We are interested both in new results in theories of computer security and also in more exploratory presentations that examine open questions and raise fundamental concerns about existing theories. Both papers and panel proposals are welcome. Possible topics include, but are not limited to:
Access control                        Authentication                                    Data and system integrity
Database security                    Network security                                Distributed systems security
Anonymity                                Intrusion detection                             Security for mobile computing
Security protocols                   Security models                                  Decidability issues
Privacy                                      Executable content                             Formal methods for security
Information flow                      Language-based security

VInfoSecu02  The International Conference on Information Security 2002, Si Nan Story, Shanghai Science Hall, Shanghai, China, July 10-13, 2002.     [posted here 5/20/02]
Ever since the inception of the Internet, the importance of computer and information security has been growing rapidly and there is no sign of diminishing. In recognizing this trend, ACM, together with Shanghai Computer Society (SCS) and China Computer Federation (CCF), is sponsoring the 2002 International Conference on Information Security (InfoSecu'2002) to be held in Shanghai, China. InfoSecu'2002 brings together researchers and practitioners, not only from the local region, but also from around the world, to exchange ideas and experiences in the field. Topics of interest include:
    - Access control and authorization
    - Authentication, biometrics, and smartcards
    - Commercial and industrial security
    - Data integrity Access control and audit
    - Database security
    - Denial of service and its treatment
    - Distributed systems security
    - Electronic commerce
    - Electronic privacy, anonymity
    - Information flow
    - Intrusion detection and survivability
    - Language-based security
    - Mobile code and agent security
    - Network security
    - Security protocols
    - Security verification
    - Viruses and other malicious code
More information can be found at the workshop web page at www.cintec.cuhk.edu.hk/~infosecu02/.

FIRST The 14th Annual Computer Security Incident Handling Conference, Hilton Waikoloa Village, Hawaii, USA, June 24-28, 2002.     [posted here 8/27/01]
The Forum of Incident Response and Security Teams is a global organization whose aim is to facilitate the sharing of security-related information and to foster cooperation in the effective prevention, detection, and recovery from computer security incidents. Its members are CSIRTs (Computer Security Incident Response Teams) from government, commercial, academic, and other environments. The FIRST conference (www.first.org/conference/2002/) brings together IT managers, system and network administrators, security specialists, academics, security solutions vendors, CSIRT personnel and anyone interested in
   - the most advanced techniques in detecting and responding to computer security incidents
   - the latest improvements in computer security tools, methodologies, and practice
   - sharing their views and experiences with those in the computer security incident response field
The Call For Papers is at:  www.first.org/conference/2002/cfp.html

DSN2002  The International Conference on Dependable Systems and Networks, Bethesda, Maryland, USA, June 23-26, 2002.    [posted here 9/15/01]
The International Conference on Dependable Systems and Networks 2002(DSN-2002) announces its Call for Contributions for full papers, practical experience reports, workshop proposals, tutorials, student forum, and fast abstracts. Full papers are due November 19th, 2001. Please see www.dsn.org for submission information. Contributions are invited in, but are not limited to:
- Analytical and Simulation Techniques for Performance and Dependability Assessment
- Architectures for Dependable Computer Systems
- Dependability Benchmarking
- Dependability of High-Speed Networks and Protocols
- Dependability Modeling and Prediction
- Dependability in VLSI
- E-commerce Dependability
- Fault Tolerance in Transaction Processing
- Fault Tolerance in Distributed & Real-Time Systems
- Fault Tolerance in Multimedia Systems
- Fault Tolerance in Mobile Systems
- Information Assurance and Survivability
- Internet Dependability and Quality of Service
- Intrusion Tolerant Systems
- Measurement Techniques for Performance and Dependability Assessment
- Safety-Critical Systems
- Software Testing, Validation, and Verification
- Software Reliability
- Tools for Performance and Dependability Assessment

3rd Annual IEEE Information Assurance Workshop, United Stated Military Academy, West Point, NY, USA, June 17-19, 2002.    [posted here 12/17/01]
The workshop is designed to provide a forum for Information Assurance researchers and practitioners to share their research and experiences. Attendees hail from industry, government, and academia. The focus of this workshop is on innovative, new technologies designed to address important Information Assurance issues.  Papers will be divided into two broad categories. Approximately 2/3 of the papers will focus on innovative new research in Information Assurance. The remaining 1/3 of the papers will be recent experience and lessons learned from Information Assurance practitioners. Areas of particular interest at this workshop are: 
    * Innovative intrusion detection and response methodologies 
    * Information warfare 
    * Information Assurance education and professional development 
    * Secure software technologies 
    * Wireless security 
    * Computer forensics 
More information can be found on the conference web age at www.itoc.usma.edu/Workshop/2002.

Workshop on Statistical and Machine Learning Techniques in Computer Intrusion Detection, The Johns Hopkins University, Baltimore, MD, USA, June 11-13, 2002.     [posted here 12/7/01]
Researchers in Computer Security are invited to participate.  The following topic areas are of potential interest.
    - Data Mining in Intrusion Detection/Network Data                     - Program Profiling
    - Pattern Recognition Techniques in Computer Security             - User Profiling
    - Statistical Measures of Network Traffic                                     - Machine Profiling
    - Intrusion Detection Datasets and Databases                               - Computer Virus Epidemiology
    - Evaluating IDS systems/Performance Measures                        - Virus detection
    - Visualization of Network Data                                                     - Anomaly Detection
    - Visualization of Intrusion Data                                                     - Fingerprinting    
    - Random Graph Techniques                                                           - Host Monitoring    
    - Network Monitoring
For more information, or to volunteer to chair a session, or to submit an abstract, please contact:
   David Marchette
   Naval Surface Warfare Center, Code B10
   17320 Dahlgren Rd.
   Dahlgren, VA 22448-5000 USA
   marchettedj@nswc.navy.mil

POLICY2002 IEEE Third International Workshop on Policies for Distributed Systems and Networks, June 5-7, 2002.    [posted here 10/18/01]
POLICY 2002 invites contributions on all aspects of policy-based computing. Papers must describe original work and must not have been accepted or submitted for publication elsewhere. Submitted papers will be evaluated for technical contribution, originality, and significance. Topics of interest include, but are not limited to the following:
   - processes, methodologies, and tools for discovering, specifying, reasoning about, and refining policy
   - abstractions and languages for policy specification
   - policy models for access-control, systems management, QoS adaptation, intrusion detection, privacy
   - policy based networking
   - policy frameworks for active networks, mobile systems, e-commerce
   - implementation models and techniques
   - integrating policies into existing systems and environments
   - provisioning of policies
   - business rules and organizational modeling
   - trust models and trust management
   - extensions and refinements to policy standards
   - case studies of applying policy-based technologies
See the conference web page at www.policy-workshop.org/2002/ for details.

NCISSE'2002  The 6th National Colloquium for Information Systems Security Education, Redmond, Washington, USA, June 3-7, 2002.     [posted here 9/15/01]
The colloquium solicits papers from practitioners, students, educators, and researchers. The papers should discuss course or lab development, INFOSEC curricula, standards, best practices, existing or emerging programs, trends, and future vision, as well as related issues. We are especially interested in novel approaches to teaching information security as well as what should be taught. This includes the following general topics:
   - Assessment of need (e.g. how many information security workers/researchers/faculty are needed?)
   - Integrating information assurance topics in existing graduate or undergraduate curricula
   - Experiences with course or laboratory development
   - Alignment of curriculum with existing information assurance education standards
   - Emerging programs or centers in information assurance
   - Late breaking topics
   - Best practices
   - Vision for the future
Papers reporting work in progress are also welcomed, especially if enough information to evaluate the work will be available at the time of the colloquium. Please see the NCISSE web site at www.ncisse.org for details on submitting a paper.

Workshop on Economics and Information Security, University of California, Berkeley, CA, USA, May 16-17, 2002.   [posted here 1/17/02]
Do we spend enough on keeping `hackers' out of our computer systems? Do we not spend enough? Or do we spend too much? Many system security failures occur not so much for technical reasons but because of failures of organisation and motivation. For example, the person or company best placed to protect a system may be insufficiently motivated to do so, because the costs of system failure fall on others. Such perverse incentives raise many issues best discussed using economic concepts such as externalities, asymmetric information, adverse selection and moral hazard. They are becoming increasingly important now that information security mechanisms are not merely used to protect against malicious attacks, but also to protect monopolies, differentiate products and segment markets. There are also interesting security issues raised by industry monopolization and the accompanying reduction in product heterogeneity. For these and other reasons, the confluence between information security and economics is of growing importance. We are organising the first workshop on the topic, to be held in the School of Information Management and Systems at the University of California, Berkeley, on the 16th and 17th May 2002. In order to keep the event informal and interactive, attendance will be limited to about 30-35 participants. If you would like to participate, please send us a position paper (of 1-2 pages) by the 31st March 2002. We welcome interest not just from economists and information security professionals, but from people with relevant experience, such as in the insurance industry, corporate risk management, or law enforcement agencies. More information can be found on the workshop web page at www.cl.cam.ac.uk/users/rja14/econws.html

WWW2001 The Eleventh International World Wide Web Conference, Sheraton Waikiki Hotel, Honolulu, Hawaii, USA, May 7-11, 2002.     [posted here 8/2/01]
Beginning with the first International WWW Conference in 1994, this prestigious series of the International World Wide Web Conference Committee (IW3C2) also provides a public forum for the WWW Consortium (W3C) through the annual W3C track. The conference will consist of a three-day technical program, preceded by a day of tutorials and workshops and followed by a "Developers Day." Developers Day will be devoted to in-depth technical sessions designed specifically for web developers. The technical program will include refereed paper presentations, peer-reviewed presentations, plenary sessions, panels and poster sessions describing current work. Areas of interest for the refereed paper track include:
     -  Applications
     -  Browsers and User Interfaces
     -  Electronic Commerce and Security
     -  Hypermedia
    -   Languages
    -   Mobility and Wireless Access
    -   Multimedia
    -   Performance
    -   Searching, Querying, Indexing, and Crawling
    -   Semantic Web
Authors of special merit papers will be invited to submit extended versions for publication in a special issue of the IEEE Transactions on Knowledge and Data Engineering. Please see the conference web site and full call-for-papers at www2002.org  (or email info@www2002.org) for information.

The 1st Annual PKI Research Workshop, NIST, Gaithersburg, MD, USA, April 24-25, 2002.   [posted here 12/10/01]
To a large extent, the hoped-for public key infrastructure has not "happened yet." PKI for large, eclectic populations has not materialized; PKI for smaller, less diverse "enterprise" populations is beginning to emerge, but at a slower rate than many would like or had expected. Why is this? This workshop among leading security researchers will explore the issues relevant to this question, and will seek to foster a long-term research agenda for authentication and authorization in large populations via public key cryptography. The workshop is intended to promote a vigorous and structured discussion---a discussion well-informed by the problems and issues in deployment today. Submitted works for panels, papers and reports should address one or more critical areas of inquiry. Topics include (but not are not limited to):
  * Cryptographic methods in support of security decisions
  * The characterization and encoding of security decision data (e.g., name spaces, x509,
     SDSI/SPKI, XKMS, PGP, SAML, Keynote, PolicyMaker, etc), policy mappings and languages, etc.
  * The relative security of alternative methods for supporting security decisions
  * Privacy protection and implications of different approaches
  * Scalability of security systems; (are there limits to growth?)
  * Security of the rest of the components of a system
  * User interface issues with naming, multiple private keys, selective disclosure
  * Mobility solutions
  * Approaches to attributes and delegation
  * Discussion of how the "public key infrastructure" required may differ from the "PKI" traditionally defined
See the workshop web site at www.cs.dartmouth.edu/~pki02/index.shtml for details.

PET2002 Workshop on Privacy Enhancing Technologies, San Francisco, CA, USA,  April 14-15, 2002.     [posted here 8/24/01]
Privacy and anonymity are increasingly important in the online world. Corporations and governments are starting to realize their power to track users and their behavior, and restrict the ability to publish or retrieve documents. Approaches to protecting individuals, groups, and even companies and governments from such profiling and censorship have included decentralization, encryption, and distributed trust. The workshop seeks submissions from academia and industry presenting novel research on all theoretical and practical aspects of privacy technologies, as well as experimental studies of fielded systems. We encourage submissions from other communities such as law and business that present these communities' perspectives on technological issues. We will publish accepted papers in proceedings in the Springer Lecture Notes in Computer Science (LNCS) series. Suggested topics include but are not restricted to:
       * Efficient realization of privacy services
       * Techniques for and against traffic analysis
       * Attacks on anonymity systems
       * New concepts for anonymity systems
       * Novel relations of payment mechanisms and anonymity
       * Models for anonymity and unobservability
       * Models for threats to privacy
       * Techniques for censorship resistance
       * Resource management in anonymous systems
       * Pseudonyms, linkability, and trust
       * Policy and human rights -- anonymous systems in practice
       * Fielded systems and privacy enhancement techniques for existing systems
       * Frameworks for new systems developers
More information can be found on the workshop web page at  www.pet2002.org.

Sixth Annual Distributed Objects and Components Security Workshop, Baltimore, Maryland, USA, March 18-21, 2002.  [posted here 1/24/02]
For the complete Call for Presentations and instructions on how to submit a proposal, see www.omg.org/news/meetings/docsec2002/call.htm. The workshop, hosted by the Object Management Group and co-sponsored by Promia, Inc. and the National Security Agency (NSA), will provide a forum for discussing the issues associated with securing integrated application systems. Interested individuals or organizations are invited to submit via email, a brief abstract by of the presentation/position they are proposing for the Workshop. The Workshop Program Committee is seeking proposals on the following topics:
    - Existing and emerging DOC application middleware
    - DOC applications and secure online identity
    - Emerging security technologies and specifications
    - User Case Studies
    - Vendor Case Studies
    - Academic or industrial research
    - Research into techniques and technologies for specifying and verifying security
    - Realization of security architectures
    - Integration
    - Security validation
    - Security Systems Management
For additional details on the topics and instructions on how to submit abstracts, refer to http://www.omg.org/news/meetings/docsec2002/call.htm.

FC'2002   Financial Cryptography, Southhampton, Bermuda, March 11-14, 2002.   [posted here 9/17/01]
Original papers are solicited on all aspects of financial data security and digital commerce for submission to the Sixth Annual Conference on Financial Cryptography. FC '02 brings together researchers in the financial, legal, cryptologic, and data security fields to foster cooperation and exchange of ideas. A list of topics of interest is given on the conference web page at www.crypto.com/papers/fc02cfp.html

IPTPS'02  The First International Workshop on Peer-to-Peer Systems, Cambridge, MA, USA, March 7-8, 2002.    [posted here 10/16/01]
Peer-to-peer has emerged as a promising new paradigm for distributed computing. The 1st International Workshop on Peer-to-Peer Systems (IPTPS'02) aims to provide a forum for researchers active in peer-to-peer computing to discuss the state-of-the-art and to identify key research challenges in peer-to-peer computing. The goal of the workshop is to examine peer-to-peer technologies, applications and systems, and also to identify key research issues and challenges that lie ahead. In the context of this workshop, peer-to-peer systems are characterized as being decentralized, self-organizing distributed systems, in which all or most communication is symmetric. Topics of interest include, but are not limited to:
    * novel peer-to-peer applications and systems
    * peer-to-peer infrastructure
    * security in peer-to-peer systems
    * anonymity and anti-censorship
    * performance of peer-to-peer systems
    * workload characterization for peer-to-peer systems
See the conference web page at www.cs.rice.edu/Conferences/IPTPS02/ for details.

Cryptographer's Track at the RSA 2002 Conference, San Jose, California, USA, February 18-22, 2002.  [posted here 5/1/01]
Following the success of the new approach to the Cryptographers' Track 2001, the Cryptographers' Track of RSA Conference 2002 will be run as an anonymously refereed conference with proceedings edited in Springer-Verlag's Lecture Notes in the Computer Science series. Original research papers pertaining to all aspects of cryptography as well as tutorials and overviews are solicited. Submissions may present theory, techniques, applications and practical experience on topics including, but not limited to: fast implementations, secure electronic commerce, network security and intrusion detection, formal security models, comparison and assessment, tamper-resistance, certification and
time-stamping, cryptographic data formats and standards, encryption and signature schemes, public key infrastructure, cryptographic protocols, elliptic curve cryptography, block ciphers, stream ciphers, hash functions, discrete logarithms and factorization techniques, lattice reduction and provable security.  More information can be found at www.rsaconference.com/rsa2002/cryptotrack.html.

PKC'2002   International Workshop on the Practice and Theory of Public Key Cryptography, Paris, France, February 12-14, 2002.   [posted here 9/17/01]
PKC2002, the fourth conference in the International workshop series on the practice and theory in public key cryptography, is soliciting original research papers pertaining to all aspects of public key encryption and signatures.  Submissions may present theory, techniques, applications and practical experience on topics including but not limited to:
Certification and time-stamping       encryption data formats                  provable security
cryptanalysis                                       encryption schemes                        public key infrastructure
comparison and assessment               fast implementations                      secure electronic commerce
discrete logarithm                               integer factorization                      signature data formats
electronic cash/payments                   international standards                   signature schemes
elliptical curve cryptography              lattice reduction                             signcryption schemes
More information can be found on the conference web page at www.novamedia.fr/conferences/conferences/confpkc.html

FAST 2002  File and Storage Technologies Conference, Monterey, CA, USA, January 28-29, 2002.   [posted here 5/6/01]
Sponsored by USENIX, The Advanced Computing Systems Association, in cooperation with ACM SIGOPS and IEEE TCOS.  The FAST conference will bring together the top storage systems researchers and practitioners, to explore the design, implementation and uses of storage systems. It will also feature the best work in file and storage systems to date. FAST is the successor to IOPADS, which for several years was the top conference dedicated to parallel and distributed I/O systems. FAST 2002 will consist of two days of technical presentations, including refereed papers, invited talks, and an introductory keynote address. A session of work-in-progress presentations is planned, and informal Birds-of-a-Feather sessions may be organized by attendees. The FAST 2002 Program Committee invites you to contribute your ideas, proposals and papers for, the invited talks program, refereed papers track, and Work-in-Progress Reports. We welcome submissions that address any and all issues relating to File and Storage Systems. The Call for Papers with submission guidelines and suggested topics [which includes security issues] is now available at: www.usenix.org/events/fast/cfp/.

WITS'2001 Workshop on Issues in the Theory of Security (in conjunction with POPL'02), Portland, Oregon, USA, January 14-15, 2002.   [posted here 7/19/01]
The IFIP WG 1.7 on "Theoretical Foundations of Security Analysis and Design" was established to investigate the theoretical foundations of security. It aims to discover and promote new ways to apply theoretical techniques in computer security, and to support the systematic use of formal techniques in the development of security related applications.  Extended abstracts of work presented at the Workshop will be collected before the workshop and distributed to the participants.  As in 2000, there will be no formally published proceedings of this year's workshop; however, selected papers will be invited for submission to a special issue of the Journal of Computer Security based on the Workshop. Researchers are invited to submit extended abstracts of original work on topics in the spirit of the workshop. Possible topics for submitted papers include, but are not limited to: 

Additional information can be found on the conference web page at www.dsi.unive.it/IFIPWG1_7/wits2002.html

Indocrypt'2001 Second International Conference on Cryptology in India, Chennai, India, December 16-20, 2001.   [posted here 12/20/00]
Original papers on all technical aspects of cryptology are solicited for submission to Indocrypt 2001.  Detailed instructions for submission of a paper are given on the conference web site at www.cs.iitm.ernet.in/indocrypt.

ACSAC'2001, 17th Annual Computer Security Applications Conference, New Orleans, USA, December 10-14, 2001.    [posted here 2/20/01]
We are currently soliciting papers, panels, forums, case studies, and tutorial proposals for the 17th Annual Computer Security Applications Conference (ACSAC) to be held 10 – 14 December 2001 in New Orleans, Louisiana, USA. For general information or questions about ACSAC, please see our web page at www.acsac.org or email Publicity_Chair@acsac.org. For specific submission-related information, please see the following web page: www.acsac.org/2001/cfp.

IW2001  2nd Australian Information Warfare and Security Conference, Scarborough, Perth, Western Australia, November 29-30, 2001.   [posted here 3/2/01]
The conference will be held in conjunction with the Working for E-Business conference (see www.we-bcentre.com/conf2001) to be held at the Rendevous Observation City, Scarborough, Perth, Western Australia. Sample conference topics areas include but are not restricted to:
   - E-Intelligence/counter-intelligence                     - Perception management
   - Information warfare theory                                   - Electro-magnetic pulse weapons
   - Information security                                              - Cryptography
   - Physical security                                                    - Security policy
   - Information warfare policy                                   - Information warfare techniques
   - Hacking                                                                   - Infra-structure warfare
   - National security policy                                        - Corporate defense mechanisms
   - Security for small to medium enterprises           - Information warfare and security education
See the workshop web page at  www.we-bcentre.com/iw2001/ for more details.

Yuforic'01 Youth Forum in Computer Science and Engineering, Valencia, Spain, November 29-30, 2001.   [posted here 5/4/01]
Sponsored by Universidad Politecnica de Valencia, the IEEE Computer Society and the Spanish Section of the IEEE. YUFORIC is the IEEE Computer Society's dynamic new program to bring students and new professionals together in a forum for exchanging ideas and sharing experiences. YUFORIC features a series of workshop, held worldwide, emphasizing presentations of studies-in-progress by university students and new professionals in industry and academia. Discussion and interaction are highlighted. Young and/or new professionals will be encouraged to take the lead in guiding students' research interests. In turn, university students will gain better insight into the ongoing, real-world activities of the professional community. The topics of interest include, but are not limited to:
- Frameworks, architectures and models for e-commerce
- Commerce oriented middleware services (CORBA, DCOM, J2EE, etc.)
- Intelligent and mobile agent technology for e-commerce
- Web and Java technology for networked e-commerce
- User Interface support for e-commerce
- Auction and negotiation technology
- Security in e-commerce (digital certificate, PKI, smart-cards, transaction-based security, IPR management)
- Authentication in e-commerce environment
- Quality assurance in e-commerce
- Trading of intangible goods
- Electronic Payment methods
- Mobile commerce
- Multi device platform for e-commerce (WAP, set-top box, web, etc.)
- E-commerce application case studies
- E-commerce based business models
For more information about the workshop please visit our web site at yuforic.upv.es

ICICS'2001 Third International Conference on Information and Communications Security, Xian, China, November 13-16, 2001.    [posted here 3/14/00]
ICICS’01 covers all aspects of theory and application of information and communications security.  More information can be found on the conference web page at  homex.coolconnect.com/member2/icisa/icics2001.html

CCS-8 Eighth ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania, USA, November 6-8, 2001.   [posted here 12/19/00]
Papers offering novel research contributions in any aspect of computer security are solicited for submission to the Eighth ACM Conference on Computer and Communications Security. Papers may present theory, technique, applications, or practical experience.  A complete list of topics and instructions for submitting a paper or panel proposal can be found on the conference web site at www.bell-labs.com/user/reiter/ccs8/

Workshop on Data Mining for Security Applications (part of the 8th ACM Conference on Computer Security November 6-8, 2001), Philadelphia, PA, USA, November 8, 2001.    [posted here 2/9/01]
This year the ACM's Conference on Computer Communications and Security offers a special half-day workshop on data mining for security applications. This event provides an opportunity for attendees of the ACM CCS to meet with researchers who are interested in applying data mining techniques to security applications and discuss critical issues of mutual interest during a concentrated period.  The topics of interest include, but are not limited to:
   -  Intrusion detection and analysis via data mining 
   -  Data mining in forensics 
   -  Text data mining as a tool for collecting criminal evidence 
   -  Classification and clustering of intrusions, attacks and computer-related crimes 
   -  Real-time detection 
   -  Predictive tools for security 
   -  Mining for inferences 
Instructions for submitting an abstract and paper can be found on the workshop web page at www.bell-labs.com/user/reiter/ccs8/

SPDRM'2001 Workshop on Security and Privacy in Digital Rights Management (part of the 8th ACM Conference on Computer Security Nov 6-8, 2001), Philadelphia, PA, USA, November 5, 2001.   [posted here 2/9/01]
Increasingly the Internet is used for the distribution of digital goods, including digital versions of books, articles, music and images. The ease with which digital goods can be copied and redistributed make the Internet well suited for unauthorized copying, modification and redistribution.  This workshop will consider technical problems faced by rights holders (who seek to protect their intellectual property rights) and end consumers (who seek to protect their privacy and to preserve access they now enjoy in traditional media under existing copyright law).  The workshop seeks submissions from academia and industry presenting novel research on all theoretical and practical aspects of DRM, as well as experimental studies of fielded systems. We encourage submissions from other communities such as law and business that present these communities' perspectives on technological issues.  A complete list of topics and instructions for submitting a paper can be found o the workshop web page at www.star-lab.com/sander/spdrm/.

SRDS-20 20th IEEE Symposium on Reliable Distributed Systems, New Orleans, USA, November 4-7, 2001 (tentative).     [posted here 2/9/01]
The objective of this symposium is to provide an effective forum for researchers and practitioners who are interested in distributed systems design and development, particularly with reliability, availability, safety, security, or real-time properties. We welcome original research papers as well as papers that deal with development experiences and experimental results of operational systems. We are also soliciting papers for an experience track that presents on-going industrial projects, prototype systems, exploratory or emerging applications, etc. The major areas of interest include, but are not limited to, the following topics:
   - Distributed systems with reliability, availability, security, safety, and/or real-time requirements
   - Distributed databases and transaction processing
   - Parallel and distributed operating systems
   - Internet systems and applications
   - Mobile and ubiquitous computing
   - Distributed multimedia systems
   - Electronic commerce enabling technologies
   - Distributed workflow and enterprise management systems
   - Security and High Confidence Systems
   - QoS control and assessment
   - Analytical or experimental assessment of distributed systems
   - Formal methods and foundations for reliable distributed computing
   - Distributed objects and middleware systems
   - Distributed and Web-based application systems
   - Performance modeling and evaluations of reliable distributed systems
More information can be found on the conference web page at srds.cs.umn.edu

NordSec 2001:  Nordic Workshop on Secure IT-Systems, Copenhagen, Denmark, November 1-2, 2001.    [posted here 5/28/01]
The NordSec workshops address applied security in a broad sense and aim at bringing together researchers and practitioners within computer security in the Nordic countries - thereby establishing a forum for discussion and co-operation between universities, industry and computer societies. In 2001 the workshop is hosted by the Department of Informatics and Mathematical Modeling at the Technical University of Denmark in Copenhagen.  More details are available on www.imm.dtu.dk/~nordsec.

ECC2001  The 5th Workshop on Elliptic Curve Cryptography, University of Waterloo, Waterloo, Canada, October 29-31, 2001.  [posted here 9/28/01]
Due to the tragic events in the US, ECC 2001 was rescheduled from Sep 17-19 to Oct 29-31. If you had registered for the Sep 17-19 workshop, then please send Frances Hannigan (fhannigan@math.uwaterloo.ca) a brief email letting her know if you plan on attending the Oct 29-31 workshop; if not, your registration fee will be refunded. We do have slots for new registrants, so if you would like to attend please register as soon as possible. We will include the revised lecture schedule in the Seventh announcement to be mailed on October 8, 2001. ECC 2001 is the fifth in a series of annual workshops dedicated to the study of elliptic curve cryptography and related areas. The main themes of ECC 2001 will be:
   - The discrete logarithm and elliptic curve discrete logarithm problems.
   - Provably secure discrete log-based cryptographic protocols for encryption, signatures and key agreement.
   - Efficient software and hardware implementation of elliptic curve cryptosystems.
   -  Deployment of elliptic curve cryptography.
It is hoped that the meeting will encourage and stimulate further research on the security and implementation of elliptic curve cryptosystems and related areas, and encourage collaboration between mathematicians, computer scientists and engineers in the academic, industry and government sectors. More information can be found at the workshop web site at www.cacr.math.uwaterloo.ca/.

TPRC2001 The 29th Research Conference on Communication, Information and Internet Policy, Alexandria, Virginia, USA, October 27-29, 2001.   [posted here 2/9/01]
TPRC hosts this annual forum for dialogue among scholars and decision-makers from the public and private sectors engaged in communication and information policy. The purpose of the conference is to acquaint policymakers with the best of recent research and to familiarize researchers with the knowledge needs of policymakers and industry. The TPRC program is assembled from submitted and invited abstracts. TPRC is now soliciting proposals for papers for presentation at its 2001 conference. Proposals should be based on current theoretical and/or empirical research relevant to the making of communication and information policy, and may be from any disciplinary perspective. TPRC welcomes national, international, or comparative studies. Topics on interest and instructions for submitting a paper can be found on the conference web page at www.tprc.org/TPRC01/2001.HTM

RAID'2001 Fourth International Symposium on the Recent Advances in Intrusion Detection, Davis, California, USA. October 10-12, 2001.    [posted here 12/19/00]
This symposium, the fourth in an annual series, brings together leading figures from academia, government, and industry to discuss state-of-the-art intrusion detection technologies and issues from the research and commercial perspectives. The RAID International Symposium series is intended to further advances in intrusion detection by promoting the exchange of ideas in a broad range of topics. The RAID'2001 program committee invites submission of both technical and general interest papers and panels from those interested in formally presenting their ideas during the symposium. RAID'2001 will welcome full papers, short papers and panel proposals. Full papers are intended for presenting mature research results, and short ones for work-in-progress presentations. We also seek panel submissions in the same areas.  A complete list of topics of interest along with instructions for submitting a paper or panel proposal can be found at the conference web site at www.raid-symposium.org/Raid2001/

I3E First IFIP Conference on e-commerce, e-business, e-Government,  Zurich, Switzerland, October 4-5, 2001.   [posted here 1/30/01]
This conference is the first IFIP conference on e-commerce, e-business, and e-government sponsored by the three committees TC6, TC8, and TC11. It provides a forum for users, engineers, and scientists in academia, industry, and government to present their latest findings in e-commerce, e-business, or e-government applications and the underlying technology to support those applications. Areas of particular interest include but are not limited to:
   - Pre-sales support, ordering, settlement, delivery, and payment
   -  Post-sales services and customer care
   - Innovative business models and business process re-engineering
   - Interorganizational systems, virtual organizations, and virtual markets
   - Supply chains, work flow management, control and audit mechanisms
   - Procurement, negotiations and dynamic pricing models (bidding, auctions)
   - Trading of intangible goods
   - Information & communication platforms, mobile agents, unified messaging
   - Security, privacy, and consumer protection
   - Smart Cards and biometrics
   - Information retrieval, data mining, semantic web
   - Legal, social, cross-cultural issues
   - Trust and confidence in digital signatures and certificates
   - Mobile e-commerce and ubiquitous electronic markets
   - Innovative government services for the citizen
   - Strategic management of e-commerce, e-business, e-government systems
   - Measuring of E-Commerce impact/results
The conference will comprise a main track with papers in the topics above and several minitracks dedicated to special topics.  More information can be found on the conference web page at www.ifi.unizh.ch/I3E-conference

ISC'2001 Information Security Conference, Malaga, Spain, October 1-3, 2001.   [posted here 1/16/01]
Original papers are solicited for submission to the Information Security Conference 2001. ISC aims to bring together individuals involved in multiple disciplines of information security to foster exchange of ideas. The emphasis of the conference is multi-disciplines of information security. Topics include but not limited to:
  -  Biometrics                               -  Collaborative Applications
  -  Copyright Protection              -  Distributed Trust Management
  -  E-Commerce Protocols         -  Electronic Voting
  -  Information Hiding                  -  Intrusion Detection
  -  IP-Security                               - Implementations
  -  Legal and Regulatory Issues   - Payments/MicroPayments
  -  Notary Public                           - Security Analysis Tools
  -  Tamper-Resistant SW/HW     - Virtual Private Networks
  -  Watermark                               -  Web Security
Instruction for authors and more information on the conference are given on the conference web site at www.isconference.org.

ISSE 2001  Information Security Solutions Europe Conference,  QEII Conference Centre, London, UK, September 26-28, 2001.   [posted here 12/18/00]
EEMA - The European Forum for Electronic Business and TeleTrusT - The Association for the Promotion of Trustworthiness of IT-Systems invite you to participate in the Call for Papers for ISSE 2001. ISSE is the European institution for the presentation and discussion of technical, organisational, legal and political concepts for information security and data protection. As a user-oriented conference it provides presentations and panel discussions about existing and future information security solutions for large scale corporations, enterprises, especially for SMEs, commerce, financial institutions, public sector, health care, legal practitioners and security professionals. An extensive list of topics of interest along with instructions for submitting a paper is given in the full call-for-papers at www.eema.org/isse.

InfoSecu01  ACM International Conference on Information Security, Shanghai, China, September 24-26, 2001.    [posted here 2/20/01]
InfoSecu01 solicits previously unpublished papers offering novel research and practice contributions in any aspect of computer security for submission to the 2001 symposium. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains. Topics of interest include, but are not limited to, the following:
  -  Access control, authorization, and audit                  -  Network security
  -  Authentication, biometrics, and smartcards            -  Security protocols
  -  Commercial and industrial security                         -  Security verification 
  -  Data integrity                                                              -  Viruses and other malicious code
  -  Database security                                                       -  Mobile code and agent security 
  -  Denial of service and its treatment                           -  Language-based security
  -  Distributed systems security                                    -  Information flow 
  -  Electronic commerce                                                -  Electronic privacy, anonymity
  -  Intrusion detection and survivability  
For further information regarding InfoSecu01, please contact the conference secretariat at bu-fl@cs.sjtu.edu.cn.  The full call-for-papers is at java.sun.com/people/gong/conf/shanghai2001/cfp.txt

NSPW'2001 New Security Paradigms Workshop 2001, Cloudcroft, New Mexico, USA, September 11-13, 2001.    [posted here 1/16/01]
2001 is the tenth anniversary of the New Security Paradigms Workshop, which has provided a productive and highly interactive forum for innovative new approaches to computer security. The workshop offers a constructive environment where experienced researchers and practitioners work alongside newer participants in the field.  In order to preserve the small, focused nature of the workshop, participation is limited to authors of accepted papers and conference organizers. Because we expect new paradigms we accept wide-ranging topics in information security. Any paper that presents a significant shift in thinking about difficult security issues or builds on a previous shift is welcomed.  Authors are encouraged to present ideas that might be considered risky in some other forum. Details on topics of interest along with instructions for submitting a paper are given on the conference web site at www.nspw.org.

Workshop on Operational Text Classification Systems 2001 (in conjunction with ACM SIGIR 2001 9/9-9/13), New Orleans, USA, September 13, 2001.   [posted here 5/28/01]
Text classification research and practice has exploded in the past decade. This work has been pursued under a variety of headings (text categorization, automated indexing, text mining, topic detection and tracking, etc.). Both the automated assignment of textual data to classes, and the automated discovery of such classes (by techniques such as clustering) have been of intense interest. A variety of practical applications have been fielded, in areas such as indexing of documents for retrieval, hierarchical organization of Web sites, alerting and routing of news, creation of specialized information products, enforcement of information security, content filtering (spam, porn, etc.), help desk automation, knowledge discovery in textual and partially textual databases, and many others. Experiments on text classification data sets have been widely presented in a variety of forums. The technical details of operational text classification, however, have rarely been discussed. The goal of this workshop is to expose researchers and practitioners to the challenges encountered in building and fielding operational text classification systems.  Workshop topics will include (but are not limited to):
   * Cost effectiveness of automating text classification tasks
   * Understanding what users want from classification systems
   * Technical and personnel issues in using training data and prior knowledge
   * Trading off space, time, and other resources in the training, adaptation, and execution phases of classification
   * Integrating automated classification systems with pre-existing software, organizational procedures, relevant laws, and cultural expectations
   * Maintaining and monitoring effectiveness as text sources and classes change over time
   * Discovering, defining, updating, and explaining classes and classifiers
   * The roles of classification and related technologies (information extraction, terminology discovery, etc.)
Participation in the workshop is limited. Please see www.DavidDLewis.com/events/otc2001 for details on submissions.

Biometric Consortium 2001 Conference, Orlando, FL, USA, September 12-14, 2001.    [posted here 8/24/01]
Sponsored by: National Institute of Standards (NIST) Information Technology Laboratory (ITL) and Advanced Technology Program (ATP), the National Security Agency (NSA), the DoD Biometric Management Office (BMO), and the General Services Administration (GSA) Federal Technology Service, Center for Smart Card Solutions.  The conference is open to the Biometric Consortium members and to the general public.  More information, including a conference program, can be found on the conference web site at www.nist.gov/bc2001

IST'2001 International Symposium on Telecommunications, Tehran, Iran, September 1-3, 2001.   [posted here 1/30/01]
The first International Symposium on Telecommunications will be organized by the Iran Telecommunication Research Center (ITRC). The Symposium will be sponsored by IEEE, IEE and ICT. It aims to provide a broad international forum as well as an outstanding opportunity for scientific researchers, academicians and telecommunication engineers to discuss new and emerging technologies, progress in standards, services and their applications in telecommunication and information systems. More information on the workshop, along with a complete list of topics of interest can be found at www.itrc.ac.ir/ist2001

10th USENIX Security Symposium, Washington, D.C., August 13-17, 2001.   [posted here 5/31/01] Practical security for the real world.  Keynote address by Richard M. Smith, CTO, Privacy Foundation "Web-Enabled Gadgets: Can We Trust Them?" 24 Refereed papers on the best new research: Denial of Service, Math Attacks, Key Management, Hardware, Managing Code, Firewalls/Intrusion Detection, Operating Systems, and Authorization.  Please see the conference web site at www.usenix.org/events/sec01 for details.

The Fifteenth Annual IFIP WG 11.3 Working Conference on Database and Application Security, Niagara on the Lake, Ontario, Canada, July 15-18, 2001.   [posted here 6/9/01]
The conference provides a forum for presenting original unpublished research results, practical experiences, and innovative ideas in database security.  Registration information is available at: www.csd.uwo.ca/conf/IFIP   Please register by June 15 to ensure a room in the hotel.

ACISP'2001 The Sixth Conference on Information Security and Privacy, Sydney, Australia, July 2-4, 2001.   [posted here 9/12/00]
Original papers pertaining to all aspects of computer systems and information security are solicited for submission to the Sixth Australasian Conference on Information Security and Privacy (ACISP 2001). Papers may present theory, techniques, applications and practical experiences on a variety of topics including:
     - Authentication and authority                       - Cryptology
     - Database security                                         - Access control
     - Mobile communications security               - Network security
     - Secure operating systems                            - Smart cards
     - Security management                                   - Risk assessment
     - Secure commercial applications                 - Copyright protection
     - Key management and auditing                     - Mobile agents security
     - Secure electronic commerce                      - Software protection & viruses
     - Security architectures and models              -  Security protocols
     - Distributed system security                         - Evaluation and certification
Detailed information about the conference can be found at the conference web site: www.cit.nepean.uws.edu.au/~acisp01

EFCE  The Second Edinburgh Financial Cryptography Engineering Conference, Edinburgh, Scotland, June 22-23, 2001.   [posted here 1/2/01]
Edinburgh is again host to the international engineering conference on Financial Cryptography. Individuals and companies active in the field are invited to present and especially to demonstrate Running Code that pushes forward the "state of the art".  This is a technical, practical meet. Presentations of demonstrable technology in the field of Financial Cryptography are invited. As this is a practical conference, we are hoping to accept every demonstrator.  More information can be found on the conference web site at www.efce.net/.  [Editor's note: It was not clear from the announcement if there is a deadline for submitting your code and presentation.  Please check the web site for current information.]

MOS'2001  The 7th ECOOP Workshop on Mobile Object Systems,  (in association with the 15th European Conference on Object-Oriented Programming), Budapest Hungary, June 18, 2001.    [posted here 2/20/01]
This year's workshop has two emphases. Firstly, it seeks experience reports, as well as papers on design and development techniques for mobile object applications. Application of the recent research results in the development of real systems is crucial for the future of mobile computing.  Secondly, it brings together a group of active researchers working on security and fault tolerance to develop an understanding of the important research problems and recent results in these areas. In particular, it is felt that it should be beneficial to examine fault tolerance and security issues together as secure agents systems can be used for building fault tolerant systems and at the same time general fault tolerance mechanisms can be applied for providing security.  Topics of interest and instructions for submitting a paper can be found on the workshop web page at cui.unige.ch/~ecoopws.

Verification Workshop (in connection with IJCAR 2001), Siena, Italy, June 19-19, 2001.    [posted here 3/10/01]
The aim of this verification workshop is to bring together people who are interested in the development of safety and security critical systems, in formal methods in general, in automated theorem proving, and in tool support for formal developments. The emphasis of this years workshop is on the identification of open problems and the discussion of possible solutions under the theme "What are the verification problems? What are the deduction techniques?"  Depending on quality submissions the workshop will consist of two parts which each focus on one of these questions followed by an overall discussion. Topics include (but are not limited to):
   - ATP techniques in verification + Refinement & decomposition
   - Case studies (specification & verification) + Reuse of specifications & proofs
   - Combination of verification systems + Safety critical systems
   - Compositional & modular reasoning + Security for mobile computing
   - Fault tolerance + Security models
   - Gaps between problems & techniques + Verification systems
   - Protocol verification
Regular papers and discussion papers are encouraged. Please see the workshop web page at www.ags.uni-sb.de/verification-ws/index.html for details.

FIRST'2001  The 13th Annual FIRST Conference on Computer Security and Incident Handling, Toulouse, France, June 17-22, 2001.   [posted here 10/4/00]
The Forum of Incident Response and Security Teams (FIRST) conference  brings together IT managers, system and network administrators, security specialists, academia, security solutions vendors, computer security incident response team (CSIRT) personnel and anyone interested in   the most advanced techniques in detecting and responding to computer security incidents;  the latest advances in computer security tools, methodologies, and practice; and  sharing their views and experiences with those in the computer security incident response field. The conference is a five day event, comprising two days of tutorials and three days of technical sessions which include refereed paper presentations, invited talks, and panel discussions.  More information on the conference and submitting a paper can be found on the conference web page at www.first.org/conference/2001/.

SCITS-II IFIP WG 9.6/11.7 Working Conference on Security and Control of IT in Society II, Bratislava, Slovakia, June 15-16, 2001.   [posted here 9/30/00]
In the Global Information Society, dependencies on IT are wide-spread already and still rising. Yet IT and the emerging Global Information Infrastructure (GII) introduce new opportunities for criminal activities, and new potential threats to people and society. These threats and opportunities have to be countered and controlled in a manner that balances the benefits of IT. In order to make good use of the advantages offered by the new Global Information Infrastructure, a secure and trustworthy environment is needed, which takes also into account social and legal values. The working conference will focus on legal, social, technical, and organisational aspects of information infrastructures and of new global applications. It will further address how to prevent emerging threats to IT systems security as well as risks to people, organisations, and society as a whole. Invited topics include, but are not limited to the following:
     - Case studies of Misuse
     - Risks in the GII to system security, people, and society
     - Risks of malware and intelligent agents
     - Internet Fraud
     - Risks through interception and tracking technologies
     - Risks analysis methods: new approaches and experiences
     - Critical Information Infrastructure Protection and Social Implications
     - Approaches to high-tech crime prevention, detection, and investigation
     - International Cooperation in fighting high-tech crime
     - Multilateral Security
     - Protecting users/usees by Privacy-Enhancing Technologies
     - Users´ security responsibilities
     - Crypto / Anonymity debate
     - IT law for preventing Misuse (e.g. in the area of Electronic Commerce)
     - Regulations for Digital Signatures, concepts of Certification Authorities
     - Perception of security in society, security awareness
Complete instructions for submitting a paper can be found on the conference web page at  www.conference.sk/ifip/.

The 13th Annual Canadian Information Technology Security Symposium, Ottawa, Canada, June 11-15, 2001.  [posted here 11/22/00]
"Setting Our Sites on Security".   For information:  (613)991-8500; fax: (613)991-7251; Web site: www.cse-cst.gc.ca/cse/english/annual.html e-mail: citss@cse-cst.gc.ca In English/French.

CSFW'14 14th IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia, Canada, June 11-12, 2001.    [posted here 10/13/00]
This workshop series brings together researchers in computer science to examine foundational issues in computer security. For background information about the workshop, and an html version of this Call for Papers, see the CSFW home page www.csl.sri.com/csfw/csfw14/. We are interested both in new results in theories of computer security and also in more exploratory presentations that examine open questions and raise fundamental concerns about existing theories. Both papers and panel proposals are welcome. Possible topics include, but are not limited to:
   -  access control authentication data and system integrity
   -  database security network security distributed systems security
   -  anonymity intrusion detection security for mobile computing
   -  security protocols security models decidability issues
   -  privacy executable content formal methods for security
   -  information flow

IFIP/Sec 2001 16th International Conference on Information Security, Paris, France,  June 11-13, 2001.   [posted here 10/30/00]
The annual conference devoted to information systems security, organized by the TC-11 (Technical Committee on Security and Protection in Information Processing Systems) of IFIP (International Federation for Information Processing) will be held on June 11-13, 2001, in Paris, France. The submission deadline is 31 December 2000. Regular papers, panel proposals and tutorial proposals should be sent to: ifipsec2001@gemplus.com. More details on this call for papers can be found on: www.ifip.tu-graz.ac.at/TC11/SEC2001/.

SMC-IAW  2nd Annual IEEE Systems, Man, and Cybernetics Information Assurance Workshop, United States Military Academy, West Point, New York, USA, June 5-6, 2001.    [posted here 11/22/00]
The purpose of the Information Assurance Workshop is to provide a forum for discussion and sharing ideas in information assurance. Information assurance is a broad area, and for purposes of this workshop, it includes the following topics: Intrusion detection and response; Cryptography and its applications; Data and information fusion; Computer security; Cyber ethics and policy; Planning and decision support tools; Military and government research, development, and application efforts. While this workshop focuses on novel applications of simulations, agents, artificial intelligence, and operations research techniques to ensuring the confidentiality, integrity, and availability of information, it is not limited to these topics. If you are unsure of whether your paper would be applicable, contact the Program Chair.  More information can be found on the conference web page at www.itoc.usma.edu/Workshop/2001/Workshop2001.htm

SEEMAS'2001  First International Workshop on Security of Mobile Multiagent Systems (to be held at the Fifth International Conference on Autonomous Agents), Montreal, Canada, May 29, 2001.  [posted here 1/30/01]
We welcome the submission of papers from the full spectrum of issues associated with security in mobile multiagent systems, both in the public Internet and in private networks. We particularly encourage the discussion of the following topics:
   - security policies for agent environments
   - security mechanisms that can be implemented by using (mobile) multiple agents
   - reasoning about security in an agent architecture
   - security for agents (against other agents, malicious hosts, and software failures)
   - security for agent hosts (against agent attacks and agent deficiency)
   - security through agents (for any form of malfunctioning in the network)
   - application of security mechanism in a (mobile) multiagent context
   - integration of traditional security mechanisms to the agent realm
   - design methodologies for secure (mobile) multiagent systems
More information can be found on the conference web page at www.dfki.de/~kuf/semas/.

NCISSE'2001 Fifth National Colloquium for Information Systems Security Education, George Mason University, Fairfax, Virginia, USA, May 22-24, 2001.   [posted here 1/9/01]
This colloquium, the fifth in an ongoing annual series, will bring together leading figures from academia, government, and industry to address the national need for security and assurance of our information and communications infrastructure. This goal requires both an information-literate work force that is aware of its vulnerability as well as a cadre of information professionals that are knowledgeable of the recognized "best practices" available in information security and information assurance. This year the Colloquium will trace security education and training from its beginning, through the current state of art, and into the future.  The colloquium is interested in general submissions as well as student participation. The papers should discuss course or lab development, INFOSEC curricula, standards, best practices, existing or emerging programs, trends, and future vision, as well as related issues. This year, we are particularly interested in addressing "What does a good education in information security require, and how are we to teach this?" To answer this question, we are particularly interested in topics such as the following (although others are also of interest):
*  Assessment of need (e.g. how many information security workers/researchers/faculty are needed?)
*  Integrating information assurance topics in existing graduate or undergraduate curricula
*  Experiences with course or laboratory development
*  Alignment of curriculum with existing information assurance education standards
*  Emerging programs or centers in information assurance
*  Late breaking topics
*  Best Practices
*  Vision for the Future
Information about the conference, as well as instructions for submitting a paper are given on the conference web site at www.infosec.jmu.edu/ncisse/.

First Workshop on Information Security Systems Rating and Ranking, Williamsburg, Virginia, May 21-23, 2001.   [posted here 2/20/01]
After more than 20 years of effort in "security metrics," the evolution of product evaluation criteria identification, Information Assurance (IA) quantification, and risk assessment/analysis methodology development, has led to the widespread need for a single number or  digraph rating of the "security goodness" of a component or system. Computer science has steadily frustrated this need--it has neither provided generally accepted, reliable measures for rating IT security nor has it applied any measures for security assurance. The goals of this workshop are to recap the current thinking on "IA metrics" activities and to formulate a path for future work on IA rating/ranking systems. Topics will include identifying workable successes or capturing lessons learned from our failures, clarifying what is measurable, and the addressing the impact of related technology insertion. The expected workshop result is the determination of "good" indicators of the IA posture of a system. The workshop will serve as a forum for group discussion, with topics determined by the participants. Submission of a 4-to-5-page position paper is required for workshop attendance. For further information, please see: www.acsac.org/measurement Deadline for submission of papers: March 30, 2001.

S&P'2001  2001 IEEE Symposium on Security and Privacy, Oakland, CA, USA, May 13-16, 2001.   [posted here 9/16/00]
Previously unpublished papers offering novel research contributions in any aspect of computer security or electronic privacy are solicited for submission to the 2001 symposium. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains. We particularly welcome papers that help us continue our re-established emphasis on electronic privacy. Topics of interest include, but are not limited to, the following:
   -   Commercial and industrial security       -    Electronic privacy 
   -   Mobile code and agent security              -   Distributed systems security 
   -   Network security                                      -   Anonymity 
   -   Data integrity                                            -   Access control and audit 
   -   Information flow                                      -    Security verification 
   -   Viruses and other malicious code           -   Security protocols 
   -   Authentication                                           -   Biometrics 
   -   Smartcards                                                 -   Electronic commerce 
   -   Intrusion detection                                    -   Database security 
   -   Language-based security                           -   Denial of service 
The conference may include panel sessions addressing topics of interest to the computer security community. A continuing feature of the symposium will be a session of 5-minute talks, where attendees can present preliminary research results or summaries of works published elsewhere.   Complete instructions for submitting papers, panel proposals, and 5-minute talk abstracts can be found on the conference web page at www.ieee-security.org/TC/sp2001.html

Eurocrypt'2001  20th Annual Eurocrypt Conference, Innsbruck, Austria,  May 6-10, 2001.  [posted here 8/13/00]
Original papers on all technical aspects of cryptology are solicited for submission to Eurocrypt 2001, the 20th Annual Eurocrypt Conference. It is organized by the International Association for Cryptologic Research (IACR). See the conference web page at www.ec2001.ocg.at for more information.

SACMAT'2001  Sixth ACM Symposium on Access Control Models and Technologies, Chantilly, VA, USA, May 3-4, 2001.  [posted here 3/13/01]
SACMAT 2001 is the successor to the ACM Workshop on Role-Based Access Control in which the organizers aim to provide a meeting place for researchers in all facets of access control, including models, systems, applications, and theory. Historically, access control research has been published in their respective domains or as niche work in general security conferences, but this symposium gives researchers the opportunity to share their perspectives with others interested in access control in particular. Details on the program, registration and conference site can be obtained from the conference web page at www.acm.org/sigsac/sacmat2001.html.

WWW10  The Tenth International World Wide Web Conference, Hong Kong, China.  May 1-5, 2001.  [posted here 10/10/00]
Committed to advancing the Web to its full potential in the 21st century, WWW10 will offer a forum for Web researchers and practitioners to define, discuss, and disseminate the most up-to-date Web techniques and information. Leaders from industry, academia, and government will present the latest developments in Web technology.  The conference will consist of refereed paper sessions, panel sessions, a poster track, a W3C track, and several specialized tracks including Culture, E-commerce on the Web, Law and the Web, Vendors Track, Web and Education, Web Internationalization, and Web and Society.  A complete list of topics of interest along with instructions for submitting a paper can be found on the conference web site at www10.org.

IHW'2001 4th International Information Hiding Workshop, Holiday Inn University Center, Pittsburgh, PA, USA, April 25-27, 2001   [posted here 2/26/00]
Many researchers are interested in hiding information or, conversely, in preventing others from doing so. As the need to protect digital intellectual property grows ever more urgent, this research is of increasing interest to both the academic and business communities. Current research themes include: copyright marking of digital objects, covert channels in computer systems, detection of hidden information, subliminal channels in cryptographic protocols, low-probability-of-intercept communications, and various kinds of anonymity services ranging from steganography through location security to digital elections. Interested parties are invited to submit papers on  research and practice which are related to these areas of interest. Further information  can be obtained at chacs.nrl.navy.mil/IHW2001 or by contacting the program chair at ihw@itd.nrl.navy.mil

Ninth Cambridge International Workshop on Security Protocols, Cambridge, England, April 25-27, 2001.   [posted here 1/15/01]
You are invited to consider submitting a position paper to the Ninth Cambridge International Workshop on Security Protocols. Attendance is by invitation only, and in order to be invited you must submit a position paper.  This year's theme is "Mobile Computing vs Immobile Security". This theme includes (but is not limited to):
    - location-dependent authorization
    - portable hardware and alien infrastructure
    - enforcing foreign security policy
    - recognizing ambassadors and malware
    - migrating user requirements.
We invite you to consider these issues. As usual, we don't insist that position papers relate to the current theme in an obvious way.  The only pre-condition is that position papers should concern some aspect of security protocols, which may, but need not, involve cryptography.  More information on the workshop and the procedure for submitting a position paper can be found at homepages.feis.herts.ac.uk/~comqjam/2001SPW-announce.html.

Cryptographic Security Aspects of Smart Cards and the Internet, April 23-26, 2001, Amsterdam, The Netherlands.   [posted here 3/10/01]
The three and a half day workshop will cover subjects such as Cryptography for Smart Cards, Network Security, Identity and Authentication and Smart Card security. An exciting entertainment programme and a half day excursion have also been planned to enable networking opportunities. To see the preliminary programme visit www.sci-sec.org where you can register online or call the SCI-SEC team on +44 (0)1273 515651 or e-mail info@sci-secCryptographic Security Aspects of Smart Cards and the Internet

OPENARCH'01  The Fourth IEEE Conference on Open Architectures and Network Programming, Hilton Anchorage Hotel, Anchorage, Alaska, April 22-23, 2001.   [posted here 5/29/00]
The Fourth IEEE Conference on Open Architectures and Network Programming invites participation in this international forum on active, and programmable networks. Advances in open signaling and control, active networks, mobility management, transportable software, web-based services access, and distributed systems technologies are driving a reexamination of existing network software architectures and the evolution of control and management systems away from traditional constrained solutions. OPENARCH 2001 will foster a better understanding of these new network software architectures and techniques that are making the network interface more flexible and robust. Authors are invited to submit both full and short papers for consideration. Suggested topics include:
     - Advances in active networks
     - Open and innovative signaling systems 
     - Programming abstractions and interfaces for networks
     - Service creation platforms 
     - Programming for mobility 
     - Programming for Quality of Service 
     - Intelligent agents and trading 
     - Distributed computing models and algorithms 
     - Security in an open object world 
     - Support for multiple control planes 
     - Control and resource APIs and object representations 
     - Performance of control architectures 
     - Experimental architectures and implementation techniques 
     - Enabling technologies, platforms and languages (CORBA, WWW, Java, ...) 
     - Reliability of programmable networking technologies 
     - Modeling of network services 
     - Programmability support for virtual networks 
     - Interactive multimedia, multi-party cooperation and groupware 
     - Pricing and real-time billing 
     - Secure transactions processing and electronic commerce
     - Active networks in telephony 
OPENARCH is sponsored by the IEEE Communications Society and will be
co-located and organized in conjunction with INFOCOM 2001. Complete instructions for submissions can be found on the conference web site at www.openarch.org

ICDCS'2001, 21st International Conference on Distributed Computing Systems, Phoenix, AZ, USA,  April 16-19, 2001.   [posted here 7/30/00]
You are invited to submit a paper to the 21st International Conference on Distributed Computing Systems.  The conference covers the entire breadth of distributed computing and is one of the premier conferences in the area.  Note that the call cactus.eas.asu.edu/ICDCS2001/call_for_papers.htm) includes security topics. 

FSE'2001, Fast Software Encryption Workshop, Yokohama, Japan, April 2-4, 2001.   [posted here 1/2/01]
Fast Software Encryption is a seven-year-old workshop on symmetric cryptography, including the design and cryptanalysis of block and stream ciphers, as well as hash functions.  More information can be found at the conference web page at  www.venus.dti.ne.jp/~matsui/FSE2001/ .

CaLC 2001  Cryptography and Lattices Conference, Brown University, Providence, Rhode Island, USA, March 29-30, 2001.   [posted here 6/2/00]
The focus of this conference is on all aspects of lattices as used in cryptography and complexity theory. We hope that the conference will showcase the current state of lattice theory and will encourage new research in both the theoretical and the practical uses of lattices and lattice reduction in the cryptographic arena. We encourage submission of papers from academia, industry, and other organizations. Topics of interest include the following, but any paper broadly connected with the use of lattices in cryptography or complexity theory will be given serious consideration:
     - Lattice reduction methods, including theory and practical implementation.
     - Applications of lattice reduction methods in cryptography, cryptanalysis and related areas of algebra and number theory.
    - Cryptographic constructions such as public key cryptosystems and digital signatures based on lattice problems.
     - Complexity theory of hard lattice problems such as SVP and CVP.
     - Other lattice related cryptographic constructions, for example based on cyclotomic fields, finite group rings, or group representations.
If you want to receive emails with subsequent Calls for Papers and registration information, please send a brief mail to <jhs@math.brown.edu>.  More information can be found on the conference web site at   www.math.brown.edu/~jhs/CALC/CALC.html

DODsec'2001 Fifth Workshop on Distributed Objects and Components Security, Annapolis, MD, USA, March 26-29, 2001.   [posted here 9/12/00]
Building on the success of four previous Distributed Object Computing Security Workshops, but extending the subject to include software component servers, the OMG is organizing this Fifth DOCSec Workshop. Reflecting the emergence of Components as a critical technology, DOCSec this year means Distributed Objects and Component Security. The purpose of the workshop remains the same, though: to bring together DOCSec users, vendors and specification developers to share experiences, requirements, and plans. A complete list of topics of interest along with instructions for submitting a paper can be found on the workshop web site at www.omg.org/news/meetings/docsec2001/workshop.htm

ISADS 2001, The Fifth International Symposium on Autonomous Decentralized Systems, Dallas, Texas, USA, March 26-28, 2001.   [posted here 5/29/00]
Driven by the continuous growth in the power, intelligence and openness of computer, communication and control technologies, possibilities and opportunities for realizing highly efficient and dependable business and control systems have been steadily increasing. Dynamically changing social and economic situations demand next-generation systems based on emerging technologies and applications. Such systems are expected to have the characteristics of living systems composed of largely autonomous and decentralized components. Such systems are called Autonomous Decentralized Systems (ADS). While ISADS 2001 will primarily focus on advancements and innovation in ADS concept, technologies, and applications related to the increasingly important topic of Electronic Commerce, other themes such as telecommunications and heterogeneous system and application integration will also be included. The scope of discussions on ADS shall include, but not be limited to: 
      * Computer and communication architectures / intelligent network /Internet; 
      * Heterogeneous distributed information / control systems; 
      * Mobile agent /computer-supported cooperative works;
      * Distributed software development and maintenance;
      * Assurance, fault tolerance and on-line expansion; 
      * Object management architecture /design pattern / application frameworks; 
      * Emergent control and robotic systems; 
      * Novel applications: electronic commerce, telecommunications,  information service systems, manufacturing systems,  real-time event management, office automation, traffic and 
transportation control, logistics systems. See the conference web site at isads.utdallas.edu for complete instructions on submitting a paper or a proposal for a panel session.

FME2001  FORMAL METHODS EUROPE Formal Methods for Increasing Software Productivity, Humboldt-Universitaet zu Berlin, Germany, March 12-16, 2001.   [posted here 5/29/00]
FME 2001 is the tenth in a series of symposia organised by Formal Methods Europe, an independent association whose aim is to stimulate the use of, and research on, formal methods for software development. The theme of FME 2001 is Formal Methods for Increasing Software Productivity. This theme recognizes that formal methods have the potential to do more for industrial software development than enhance software quality--they can also increase productivity at many different points in the software life-cycle. The symposium committee is particularly interested in papers on the use of formal methods to
increase productivity, for example on:
      - Codifying domain knowledge
      - Re-using components
      - Automatically generating code and/or documentation
      - Improving the efficiency of software testing
      - Enhancing analysis techniques for validation and verification
      - Exploiting commonalities within product families
      - Improving the maintainability and modifiability of software
      - Empirical studies of effects on productivity

The symposium committee solicits full-length papers in two broad categories:
1. Use of formal methods, including reports on industrial use, substantial case studies, comparisons among methods, education, and technology transfer.
2. Development of formal methods, including motivating factors, theoretical foundations, extensions, manual procedures, and tool support.
More information about the submission of papers, tutorial and workshop proposals, can be found on the conference web site at www.informatik.hu-berlin.de/top/fme2001

NIAP Government-Industry IT Security Forum (following SREIS), "Strategies for the Development of Security Requirements and Specifications for Computing and Real-Time Control Systems", Indianapolis, Indiana, USA, March 7, 2001.   [posted here 2/9/01]
The National Institute of Standards and Technology  and the National Security Agency, partners in the National Information Assurance Partnership (NIAP), invite interested parties to attend a Government-Industry IT Security Forum to discuss potential public and private sector strategies for the development of security requirements and specifications needed for the protection of government, business and personal computing and real-time control systems. The primary purpose of the forum is to bring national attention to the concept of security requirements definition and its importance in developing a more secure information infrastructure within the United States. Leaders from government, industry, and academia will have an opportunity to share their views on the role of security requirements in the development, testing and acquisition of commercial products and systems. More information can be found at niap.nist.gov or the Purdue CERIAS web site at www.cerias.purdue.edu/sreis.html.

SREIS  Symposium on Requirements Engineering for Information Security, Purdue University CERIAS, West Lafayette, Indiana, USA,  March 5-6, 2001.    [posted here 7/7/00]
The symposium is intended to provide researchers and practitioners from various disciplines with a highly interactive forum to discuss security and privacy-related requirements. Specifically, we encourage those in the fields of requirements engineering, software engineering, information systems, information and network security as well as trusted systems to present their approaches to analyzing, specifying and testing requirements to increase the level of security provided to users interacting with pervasive commerce, research and government systems. Symposium attendance will be limited. All attendees are encouraged to submit a paper or position statement. Special emphasis will be placed on attendance by graduate students participating in PhD study. Some travel and expense scholarships for these students will be available; preference will be given to students from CERIAS Affiliate centers and programs. Submissions are encouraged addressing a range of requirements engineering, security, and privacy issues, such as:
   -   Solutions to known RE problems as applied to security and privacy
   -   Innovative research ideas initiating new research directions
   -   Industrial problem statements
   -   Generalizations from individual industrial experiences
   -   RE for trusted Commercial Off-The-Shelf (COTS) systems
   -   Empirical studies of industrial RE practice
   -   Capture and expression of informal and ad hoc requirements
   -   Managing conflicting requirements of operational effectiveness and security
   -   Methods for the specification and analysis of security requirements
   -   Methods for ensuring compliance between requirements and policies
More information can be found on the symposium web site at www.cerias.purdue.edu/SREIS.html

FC'01  Fifth International Conference on Financial Cryptography, Grand Cayman, BWI, February 19-22, 2001.   [posted here 9/11/00]
Original papers are solicited on all aspects of financial data security and digital commerce in general for submission to the Fifth Annual Conference on Financial Cryptography (FC01). FC01 aims to bring together persons involved in the financial, legal and data security fields to foster cooperation and exchange of ideas. Relevant topics include:
   Anonymity Protection                    Infrastructure Design
   Auditability                                      Legal/ Regulatory Issues
   Authentication/Identification         Loyalty Mechanisms
   Certification/Authorization            Payments/Micropayments
   Commercial Transactions               Privacy Issues
   Copyright/ I.P. Management           Risk Management
   Digital Cash/ Digital Receipts        Secure Banking Systems
   Economic Implications                   Smart Cards
   Electronic Purses                            Trust Management
   Implementations                              Watermarking
Full Call for papers available at http://www.syverson.org.  The conference web site is http://fc01.ai

PKC2001  International Workshop on Practice and Theory in Public Key Cryptography, Cheju Island, Korea, February 13-15, 2001.  [posted here 6/9/00]
PKC2001, is the fourth conference in the international workshop series on the practice and
theory in public key cryptography  Original research papers pertaining to all aspects of public key encryption and digital signature are solicited. Submissions may present theory, techniques, applications and practical experience on topics including, but not limited to:
   -  certification and time-stamping    -  cryptanalysis
   -  comparison and assessment    -  discrete logarithm
   -  electronic cash/payments    -  elliptic curve cryptography
   -  encryption data formats    -  encryption schemes
   -  fast implementation    -  integer factorization
   -  international standards    -  lattice reduction
   -  provable security    -  public key infrastructure
   -  secure electronic commerce    -  signature data formats
   -  signcryption schemes
More information can be found on the conference web page at caislab.icu.ac.kr/pkc01/

 

NDSS'01, The Internet Society 2001 Network and Distributed System Security Symposium, Catamaran Resort, San Diego, California, February 7-9, 2001. [posted here 5/10/00]
This symposium will foster information exchange among researchers and practioners of network and distributed system security services. The intended audience includes those who are interested in the practical aspects of network and distributed system security, focusing on actual system design and implementation, rather than theory. A major goal of the symposium is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technology. The proceedings of the symposium will be published by the Internet Society. The Program Committee invites both technical papers and panel proposals. Submissions are solicited for, but are not limited to, the following topics:
    * Secure Electronic Commerce.
    * Intellectual Property Protection.
    * Network security policies.
    * Integrating Security in Internet protocols.
    * Attack-resistant protocols and services.
    * Special problems and case studies.
    * Security for collaborative applications and services.
    * Fundamental security services.
    * Supporting mechanisms and APIs.
    * Integrating security services with system and application security facilities and protocols.
    * Security for emerging technologies.
    * Intrusion Avoidance, Detection, and Response.
    * Network Perimeter Controls.
    * Virtual Private Networks.
Submissions must be received by August 2, 2000. Complete submission information can be found at www.isoc.org/ndss01/cfp. Dates, final call for papers, advance program, and registration information are available at www.isoc.org/ndss01.

PRDC 2000  Pacific Rim International Symposium on Dependable Computing, University of California at Los Angeles (UCLA),  December 18-20, 2000.  [posted here 5/29/00]
The Pacific Rim International Symposium on Dependable Computing (PRDC) is a symposium for dissemination of state-of-the-art research and engineering practice in dependable computing with particular emphasis on systems and software. This will be the seventh of this series of international symposia, and it comes at a fortuitous time when many computer industries are recognizing dependability to be one of their top problems due to the demands of the Internet.
Topics of interest include (but are not limited to):
    - Design for system dependability 
    - Fault-tolerant systems and software 
    - Fault tolerance for parallel and distributed systems 
    - Software and hardware reliability, verification and testing 
    - Dependability measurement, modeling and evaluation 
    - Safety and security of computing systems 
    - Tools for design and evaluation of dependable systems 
    - Implications of emerging technologies on dependable system design (e.g., deep submicron VLSI, pervasive computing)
    - Application-specific dependable system (e.g., embedded systems, WWW servers, transaction processing) 

More information can be found on the conference web site at www.cs.ucla.edu/PRDC2000/

HiPC'2000, 7th IEEE International Conference on High Performance Computing, special session on performance modeling of mobile telecommunication networks, December 17-20, 2000, Bangalore, India.  [posted here 4/22/00]
The objective of this session is to bring together technologists and researchers of international reputation to have a forum for discussions and presentations  of their state-of-the-art work in all aspects of wireless communications and  mobile computing, with particular emphasis on performance modeling and analysis of mobile communications capability.  Authors are invited to submit original unpublished manuscripts for a special session on Mobile Computing. Topics of interest include (but not limited to):
*  Performance modeling of wireless networks (PCS, Ad hoc, Satellite Networks)
*  Mobility, data, resource management, and scheduling issues in wireless and mobile networks
*  Mobile applications and tools for distributed databases
*  Wireless Internet and WWW, simulation of wireless networks
*  Mobile Agents
*  Quality-of-service (QoS) provisioning
*  Wireless multimedia systems
*  Routing and location independent information access
*  Parallel Simulation of large scale wireless systems
*  Security, scalability and reliability for mobile/wireless systems
*  Architectures of mobile/wireless networks and systems
*  Traffic integration for mobile applications
*  Design and analysis of algorithms for mobile environments
*  Influence of lower layers on the design and performance of higher layers
*  Scalable Servers Wireless Mobile Computing
Complete submission instructions are given on the conference web page at: www.hipc.org

ADCOM 2000, 8th International Conference on Advanced Computing and Communications, Cochin, India, December 14-16, 2000. [posted here 4/22/00]
The annual conference of ACS is intended to provide a forum for interaction amongst industry, professionals, researchers and government policy planners with a view to sharing ideas, report findings, discuss products and define future directions.  The topics of interest include, but are not limited to:
         *High speed networks
         * Parallel, distributed and networked computing
         * Web based computing
         * Business computing
         * Parallel and distributed databases and data warehousing
         * EDI and e-commerce
         * Multimedia systems
         * High performance graphics, visualization and virtual reality
         * Secure computing
More information can be found on the conference web page at: www.adcom2000.homepage.com/

FSTTCS 2000  The 20th Conference on the Foundations of Software Technology and Theoretical Computer Science, New Delhi, India, December 13-15, 2000.   [posted here 5/29/2000]
This annual conference provides a platform for presentation of original research results in fundamental aspects of computer science. It also provides an excellent forum for meeting and exchanging ideas with people who are at the frontline of software technology and theoretical computer science.  The Conference Proceedings will be published by Springer-Verlag in the series Lecture Notes in Computer Science (LNCS). Previous proceedings appeared as LNCS Volumes: 880, 1026, 1180, 1346, 1530, 1738.   A list of topics of interest along with detailed instructions for submitting a paper can be found at the conference web site at www.cse.iitd.ernet.in/~fsttcs20/

ACSAC, 16th Annual Computer Security Applications Conference, Sheraton Hotel, New Orleans, Louisiana, USA, December 11-15, 2000. [posted here 3/14/00]
[update 9/30/00: The advance program has been published at www.acsac.org. This year’s distinguished speaker is Dr. Eugene H. Spafford, and the invited essayist is Dr Butler Lampson.]
The following topic areas are of potential interest to ACSAC.
Internet technologies Intrusion detection and response / audit and audit reduction
Mobile computing Network management and smart card applications
Electronic commerce Incident response planning - governmental and other perspectives
Legal and ethical concerns over protecting intellectual property New paradigms for protecting electronic intellectual capital
Software safety and program correctness Crypto, key management, and digital signature applications
Security in health care and law enforcement Defensive information warfare
Securing very high-speed telecommunications (e.g., ATM)  

We encourage technical papers that relate to any of the above topics or other applications of computer security. Papers will be refereed prior to selection and one author will be expected to present at the conference. Format of submission is explained on our web site: www.acsac.org/sub/PaperSubmission.html. Student papers can compete for best paper prizes and student conference scholarships are also provided. Panel discussions are always an important part of the conference since they promote a lively dialogue with all attendees and the panel members. Be sure to see our discussion page at  members.boardhost.com/ACSACPanels/ If you have an idea for a panel or forum, see our web site for details: www.acsac.org/sub/panels/PanelsFora.html  Again this year we will have a track devoted to actual applications where real world problems have been solved. Vendors, systems integrators, and users can share knowledge and we will also have a display area to complement this portion of the conference. For details, see our web site: www.acsac.org/sub/casestudies.html. Tutorials are either full day (6instruction hours) or half day (3 instruction hours). For details, see our web page at www.acsac.org/sub/tutorials/tutsub.html  Got a question? See the FAQ on our web page at www.acsac.org, or email Publicity_Chair@acsac.org.

INDOCRYPT'2000, First International Conference on Cryptology in India, Indian Statistical Institute, Calcutta, India, December 10-13, 2000. (Submissions due: August 10, 2000) [posted here 3/4/00]
Original papers on all technical aspects of cryptology are solicited.  Please see the conference web page at www.isical.ac.in/~indocryptr for paper submission details.

Privacy'2000 Information & Security in the Digital Age, Ohio Supercomputer Center, Columbus, Ohio, USA, November 29, 2000. [posted here: 3/4/00].
The Technology Policy Group at the Ohio Supercomputer Center will be hosting a conference entitled Information & Security in the Digital Age. Privacy2000 is a follow-up to last year's groundbreaking Ohio Business Privacy Forum, the inaugural event in the TPG's Technology in Business Series (see  www.osc.edu/techseries/ for information on the 1999 conference). Expected speakers include Professor Peter P. Swire, Chief Counselor of Privacy for the Office of Management and Budget for the United States; Jason Catlett, President Junkbusters; in addition, we are putting together a moderated roundtable to be televised on public television. Through interactive workshops and panels, we seek to inform business, industry, medical and legal personal, government, and the public on vital privacy issues and possible solutions. We expect this year's attendance to be between 250-300.  For more information, contact Mike Zandpour at Zandpour@osc.edu (614-92-6477).

ICNP'2000  The Eighth International Conference on Network Protocols, Osaka, Japan, November 14-17, 2000.   [posted here 7/30/00]
ICNP deals with all aspects of communication protocols, from design and specification, to verification, testing, performance analysis, and implementation. Protocol functions of interest include network access, switching, routing, flow and congestion control, multimedia transport, wireless and mobile networks, network security, web protocols and applications, electronic commerce, network management, interoperability, internetworking, home computing and networks and digital broadcasting.   See the conference web page at www-ana.ics.es.osaka-u.ac.jp/icnp2000/ for more information.

LCN'2000  The 25th Annual IEEE Conference on Local Computer Networks, Tampa, FL, USA, November 8-10, 2000.   [posted here 7/30/00]
The IEEE LCN conference is the premier conference on leading edge and practical computer networking. The emphasis of this conference is on practical solutions to important problems in computer networking.  Topics of interest include:  Local Area Networks,  Home Networks, Wireless Networks, Storage Area Networks, Optical Networks, Real-time Networks, Active Networks, ATM, Gigabit Ethernet, LAN/WAN Internetworking, DSL Technologies, Network Management, Network Security, Network Reliability, Multicasting, Enabling QoS in High-Speed Networks, Always On / Always Connected, Internet / Intranet, Anything-over-IP, IP-over-Anything, Performance Evaluation, and  Protocol Design and Validation.  More information can be found on the conference web page at www.ieeelcn.org.

NGC2000  The 2nd International Workshop on Networked Group Communication, Stanford University, Palo Alto, California, USA, November 8-10, 2000.   [posted here 5/29/2000]
The aim of the Workshop is to allow researchers and practioners to present the design and implementation techniques for networked group communication. The focus of the Workshop is strictly on multicast and networked group communication. This Workshop is the second and only international event in this area (first workshop was in Pisa, Italy, in November 1999). Authors are invited to submit papers on any issue related to networked group communication, including but not limited to:
      -  multicast congestion control
      -  multicast routing, naming, address allocation
      -  scalability in multicast services
      -  reliable and semi-reliable multicast protocols
      -  novel multicast architectures
      -  multicast security
      -  multicast deployment related issues
      -  multicast over heterogeneous media
      -  multipeer applications (distributed interactive apps, games, DIS)
      -  QoS issues with multicast
      -  Pricing and economic model for multicast traffic
      -  group management techniques
      -  network engineering for multicast services
Information on submission of papers, along with additional information on the conference can be found at the conference web site at www.cs.ucsb.edu/ngc2000

WSPEC'00, 1st Workshop on Security and Privacy in E-Commerce, November 4, 2000, Athens, Greece. Held in conjunction with the ACM Conference on Computers and Communications Security (ACM-CCS'00) [posted here 3/20/00]
The First Workshop on Security and Privacy in E-Commerce seeks to bring together practitioners and researchers to address the real-world security and privacy concerns in e-commerce. We are seeking contributions on topics in security and privacy that will enable the e-commerce systems of tomorrow to be developed more securely and robustly without compromising individual privacy rights. The workshop will focus on group discussion and collaboration in identifying the important problems and potential solutions in this important topic area.  We are seeking research papers, business case studies, or system designs that address security and privacy concerns.  Topics of interest include:
       *  anonymizing e-commerce/Web transactions 
       *  component-based software in e-commerce 
       *  databases access control 
       *  denial of service attacks and countermeasures 
       *  detecting anomalous database transactions 
       *  detection and recovery from Internet-based attacks 
       *  e-commerce protocols 
       *  e-commerce systems 
       *  Internet client risks 
       *  malicious software or Trojan functionality 
       *  mobile agents in e-commerce 
       *  novel attacks and countermeasures 
       *  privacy negotiation/bartering 
       *  privacy risks with cookies/tokens/identifiers 
       *  software analysis and certification. 
See www.rstcorp.com/conferences/WSPEC00/ for the official Call For Papers.

AMOC 2000, Asian International Mobile Computing Conference, Penang, Malaysia, November 1-3, 2000. [posted here 11/17/99]
This conference will provide a platform for researchers and experts primarily from the Asian region to meet and discuss current issues in this field. The focus on Asia is important because there are unique regional issues not given attention in typical international conferences, where technological issues in developed nations receive centre stage. These unique issues include different infrastructural and economic requirements; the effect of a more diverse socio-economic environment on technological specifications; the wider-ranging impact of wireless communication in rural areas and the great interest in the rapid deployment of cutting edge technology due to the high progress rate of technological implementation in many Asian countries. A complete list of topics and guidelines for submissions is given on the conference web site at www.fsktm.um.edu.my/amoc/, or send email to amoc-submission@fsktm.um.edu.my.

CCS-2000, 7th ACM Conference on Computer and Communication Security, November 1-4, 2000, Athens, Greece.  [posted here 11/11/99]
for submission to the 7th ACM Conference on Computer and Communication Security. Papers may present theory, technique, applications, or practical experiences on topics including:

*Database Security *Authentication and key management
*New threats and attacks *Authorization, access control, audit
*Privacy and anonymity *Cryptographic algorithms, protocols
*Steganography, watermarking *New security architectures
*Secure electronic commerce *Intrusion detection and response
*Security evaluation *Licensing and intellectual property
*Security education *Malicious code and countermeasures

Details on instructions for papers and panel proposals can be obtained from www.ccs2000.org (USA Mirror site: cimic.rutgers.edu/~atluri/ccs.html) or from Sushil Jajodia (jajodia@gmu.edu

ACM-MM'2000  Eighth ACM International Multimedia Conference, Los Angeles, CA, USA, October 30-November 3, 2000.    [posted here 7/30/00]
Technical issues, theory and practice, artistic and consumer innovations will bring together researchers, artists, developers, educators, performers, and practitioners of multimedia.  The technical program will consist of plenary sessions and talks with topics of general interest in three main tracks: (1) multimedia processing and coding, including multimedia content analysis, content-based multimedia retrieval, multimedia security, audio/image/video processing, compression, etc., (2) multimedia system support and networking, including network protocols, Internet, operating systems, middleware, servers, QoS, databases, thin clients, etc., (3) multimedia tools, end-systems and applications, including hypermedia systems, user interfaces, authoring, multi-modal interaction and integration, multimedia education, design and applications of virtual environments, etc.  In addition to technical papers, there will be panel sessions, demonstrations, tutorials, and poster sessions.  For complete information on the workshop,  see the conference web site at www.acm.org/sigmm/MM2000 or contact one of the general chairs: Shahram Ghandeharizadeh (shahram@usc.edu), Shih-Fu Chang (sfchang@ctr.columbia.edu).

Safecomp'2000  Rotterdam, the Netherlands, October 24-27, 2000.    [posted here 7/30/00]
Safecomp is an annual 2.5 days-event reviewing the state of the art, experiences and new trends in the areas of computer safety, reliability and security regarding dependable applications of computer systems. Safecomp focuses on critical computer applications. It is intended to be a platform for technology transfer between academia, industry and research institutions. Papers are invited on all aspects of computer systems in which safety, reliability and security are important. Industrial sectors include, but are not restricted to medical devices, avionics, space industry, railway and road transportation, process industry, automotive industry, power plants and nuclear power plants.  More information can be found on the conference web page at www.wtm.tudelft.nl/vk/safecomp2000/

 

ISW'2000, Third IEEE Information Survivability Workshop, Boston, MA, USA, October 24-26, 2000.  [posted here 8/2/00]
The Information Survivability Workshops provide a forum for researchers, practitioners, and sponsors to discuss problems associated with the survivability of mission-critical systems, and to identify solutions to these problems. A primary goal of the workshops is to identify and highlight new survivability research ideas that can contribute to the protection of critical infrastructures and critical applications. Another important goal is to foster research collaboration to improve the survivability of systems that support our global information society. Participation in the workshop is BY INVITATION ONLY, based on the submission of a short position paper (of up to 4 pages in length). The position paper should clearly indicate how the background or interests of the author(s) would contribute to the goals of the workshop. We are especially interested in submissions that either: (a) summarize new research results, (b) describe dependability and fault-tolerance approaches for enhancing survivability, (c) summarize case studies or experience with critical applications, or (d) document relevant policy or other approaches (such as insurance) that contribute to the survivability of critical applications. A complete list of topics of interest and instructions for submitting a position paper are given on the conference web site at www.cert.org/research/isw2000/cfp.html, or you may contact the workshop organizers at isw-2000@cert.org.
 

 

OSDI'2000  Fourth Symposium on Operating System Design and Implementation, San Diego, CA, USA, October 23-25, 2000.    [posted here 7/30/00]
Co-sponsored by IEEE TCOS and ACM SIGOPS. The goal of the fourth OSDI is to present innovative, exciting work in the systems area. OSDI brings together professionals from academic and industrial backgrounds and has become a premiere forum for discussing the design, implementation, and implications of systems software. OSDI takes a broad view of what the systems area encompasses and seeks contributions from all fields of systems practice, including: operating systems, networking, distributed systems, parallel systems, mobile systems, embedded systems, and the influence of hardware developments on systems and vice-versa.   For more information, see the symposium Web site,
www.usenix.org/events/osdi2000/, or e-mail osdi2000chairs@usenix.org.

PROMS2000  Protocols for Multimedia Systems,  Cracow, Poland, October 22-25, 2000.    [posted here 5/29/00]
The PROMS2000 conference is intended to contribute to a scientific, strategical and practical cooperation between research institutes and industrial companies in the area of distributed multimedia applications, protocols, and intelligent management tools, with emphasis on their provision over broadband networks.  An extensive list of topics of interest, along with instructions for submitting a paper, can be found on the conference web page at PROMS2000.kt.agh.edu.pl/

Mathematical Sciences Research Institute Number-Theoretic Cryptography Workshop, Berkeley, CA, USA, October 16-20, 2000. [posted here: 7/30/00].
Organizers: Eric Bach, Dan Boneh, Cynthia Dwork, Shafi Goldwasser, Kevin McCurley, and Carl Pomerance. 
This workshop will focus on number-theoretic aspects of cryptography, and will be cross-cultural, where the the cultures in question are ``mathematics'' and ``computer science. ''
We will be sufficiently flexible to accommodate anything exciting that arises between now and the fall of 2000, so any plans are tentative. We will have several survey talks on the state of the
art of such central topics to number theory in cryptography as: integer factorization, discrete logarithm algorithms, and elliptic curves. From the computer science side, we will survey: positive applications of lattices to cryptography,  lattice basis reduction techniques for cryptanalysis, and "new'' number-theoretic assumptions in vogue in 2000.  A final survey talk will discuss two historical tracks that met in 1998: practical cryptosystems (RSA, El-Gamal, OAEP, and Cramer-Shoup), and the theory that lead to increasingly stronger notions of security and cryptosystems satisfying these notions (Goldwasser and Micali's construction for semantic security, Naor and Yung's construction for chosen-ciphertext security in the pre-processing mode, Dolev, Dwork and Naor's construction for non-malleability against chosen-ciphertext in the post-processing mode, and Cramer-Shoup's efficient non-malleable cca-post construction). The program committee for the cryptography conference is: Eric Bach, Dan Boneh, Cynthia Dwork, Shafi Goldwasser, Kevin McCurley, and Carl Pomerance.  Additional information about the conference and registration can be found at  /www.msri.org/calendar/workshops/0001/Algorithmic_Number_Theory/number/

IC3N'2000, Ninth International Conference on Computer Communications and Networks, Las Vegas, Nevada, USA,  October 16-18, 2000. [posted here: 7/30/00].
ICCCN is a major international forum to present original and fundamental advances in the field of Computer Communications and Networks. It also serves to foster communication among researchers and practitioners working in a wide variety of scientific areas with a common interest in improving Computer Communications and Networks.  Topics of interest include:
   * Optical Communication Networks Wireless/Mobile/Satellite Comm Networks
   * ATM Networking Internet Services/Applications
   * Wireless Multimedia Applications Real-time Communications
   * Quality of Services (QoS) Issues LAN/WAN Internetworking
   * Network Interoperability Personal Communication Services
   * Network Control Management Broadband Networks
   * Intelligent Networks Multicast and Routing Protocols
   * Network Security Media Access Control/Mobility Algorithms
   * Network Reliability High Speed Network OAM/Protocols
   * Video-on-Demand Data Traffic Engineering
   * Network Management/Billing Global Infrastructure Network Evolution
   * Network Processor Technology Performance Modeling/Analysis
   * Communication Software Protocol Design/Validation/Testing
   * Networked Databases Network Architectures
   * Terabit optical switching/routing architectures and signaling
More information can be found on the conference web site at icccn.cstp.umkc.edu.
 

NORDSEC'2000, Fifth Nordic Workshop on Secure IT Systems - Encouraging Cooperation, Reykjavik, Iceland, October 12-13, 2000.  [posted here 3/14/00]
The NORDSEC workshops were started in 1996 with the aim to bring together researchers and practitioners within IT security in the Nordic countries. These workshops have remained a forum for co-operation between the Nordic research organizations, industry and the computer societies. The emphasis of the workshop is to encourage interchange and cooperation between the research community and the industrial and software development community. The theme of the workshop is applied security, i.e., all kinds of security issues for all kinds of information technology systems. We are in particular looking for contributions that deal with technology transfer and application of research in development. Furthermore, this year's NORDSEC will look more specifically at several Special Topics that are closely related to Computer Security, but are not often discussed in the same forum: Software Engineering, Virus Protection, and Privacy Protection. Details are to be found on the conference website at www.ru.is/nordsec2000/

 

SOFTCOM'2000, Eighth International Conference on Software, Telecommunications and Computer Networks (co-sponsored by the IEEE Communications Society), held aboard the luxury ship "Marko Polo", October 10-14, 2000.   [posted here 7/30/00].
SoftCOM 2000 provides an open forum for communication technology researchers and engineers to discuss new and emerging systems, standards and services, and their applications in telecommunication and information systems. Topics to be addressed include, but are not limited to the following:
     * Telecommunication Software Production, Tools, Evaluation and Languages
     * Object and Component Technologies in Telecommunication Software
     * Telecommunication Services Design and QoS
     * Internet Environments and Service
     * IP Based Networks and Services
     * High-Speed Protocols and Networks
     * Wireless Communications
     * Multimedia Systems and Services
     * Computer Telephone Integration
     * Information Security
     * AI and Recognition Methods
     * Virtual Environments
     * Computer Methods in Biomedicine
     * Electromagnetic Compatibility
More information can be found on the conference web site at www.fesb.hr/SoftCOM/2000/NS/Call_For_Papers.htm

DISC'2000, 14th International Symposium on DIStributed Computing, Toledo, Spain, October 4-6, 2000.   [posted here January 27, 2000].
Original contributions to theory, design, analysis, implementation, or application of distributed systems and networks are solicited. Topics of interest include, but are not limited to: distributed algorithms and their complexity, fault-tolerance of distributed systems, consistency conditions, concurrency control, and synchronization, multiprocessor/cluster architectures and algorithms, cryptographic and security protocols for distributed systems, distributed operating systems, distributed computing issues on the internet and the web , distributed systems management, distributed applications, such as databases, mobile agents, and electronic commerce, communication network architectures and protocols, specification, semantics, and verification of distributed systems.  A "brief announcement track" has been set up for ongoing work for which full papers are not ready yet or recent results published elsewhere are suitable for submission as brief announcements. More information on submissions can be found at the conference web page at is available at   www.disc2000.org/   

ECC'2000 The 4th Workshop on Elliptic Curve Cryptography, University of Essen, Essen, Germany, October 4-6, 2000. [posted here: 3/4/00].
ECC' 2000 is the fourth in a series of annual workshops dedicated to the study of elliptic curve cryptography and related areas. The main themes of ECC'2000 will be:
    *  The discrete logarithm and elliptic curve discrete logarithm problems.
    *  Provably secure discrete log-based cryptographic protocols for
        encryption, signatures and key agreement.
    *  Efficient software and hardware implementation of elliptic curve cryptosystems.
    *  Deployment of elliptic curve cryptography.
There will be approximately 15 invited lectures (and no contributed talks), with the remaining time used for informal discussions. There will be both survey lectures as well as lectures on latest research developments.  A list of confirmed speakers can be found on the conference web page (see below).  If you did not receive this announcement by email and would like to be added to the mailing list for the second announcement, please send email to ecc2000@math.uwaterloo.ca. The announcements are also available from the web sites:
www.cacr.math.uwaterloo.ca and www.exp-math.uni-essen.de/~galbra/ecc2000.html

ESORICS 2000, 6th European Symposium on Research in Computer Security Toulouse, France, October 4-6, 2000.  [posted here 11/4//99]
We solicit papers describing original ideas and new results on the foundations and applications of computer security. The primary focus is on high-quality original unpublished research, case studies and implementation experiences. We encourage submissions of papers discussing industrial research and development. Suggested topics include but are not limited to:

* Distributed Systems

* Theoretical Foundations of Security

* Operating Systems Security

* Telecom. and High Speed Network Security

* Network Security  

* Security and mobile systems

* Internet Security  

* Security in Data and Knowledge Bases

* Electronic Commerce 

* Development of Secure Systems

* Security of small systems

* Management of Secure Systems

* Intellectual Property Protection

* Multimedia and Digital Libraries

* Security Evaluation

* Security versus other Requirements

* New applications of Cryptography

Details on submissions of papers and panel proposals and other information available at www.cert.fr/esorics2000/ and from Frederic.Cuppens@cert.fr

 

 

RAID' 2000  Third International Workshop on the Recent Advances in Intrusion Detection (in conjunction with ESORICS 2000), Toulouse, France, October 2-4, 2000.    [posted here February 7, 2000]
This workshop, the third in an ongoing annual series, will bring together leading figures from academia, government, and industry to discuss state-of-the-art intrusion detection technologies and issues from the research and commercial perspectives. RAID 2000 will welcome full papers in addition to extended abstracts and panel proposals, and has organized peer review to publish hardcopy proceedings.  Regarding paper submissions, submissions to RAID 2000 can be either a full-length paper or an extended abstract. Full papers are intended for the presentation of mature research results, while extended abstracts are intended for work-in-progress presentations. It is expected that more time will be allocated to full paper presentations. Panel submissions are also sought in the same areas. This year, we are emphasizing the following topic areas  (see the workshop web page for a more detailed list):
* Assessing, measuring and classifying intrusion-detection systems
* IDS in High Performance and Real-Time Environments
* Vulnerabilities and Attacks
* IDS Integration
* Innovative Approaches
* Practical Considerations
Full papers must be limited to 6000 words, full page figures being counted as 300 words.  Authors should follow the instructions given by Springer Verlag (www.springer.de/comp/lncs/authors.html) for the preparation of the manuscript. Extended abstracts must be original contributions and are limited to 1200 words in length.  Panel proposals must be limited to 400 words in length.  Please see the workshop web page at  www.raid-symposium.org/Raid2000/cfp2000.html for a detailed list of topics of interest along with instructions for authors. 

 

ISSE' 2000, Barcelona, September 27-29, 2000.    [posted here 1/27/00].
ISSE is the European institution for the presentation and discussion of technical, organizational, legal and political concepts for information security and data protection.  The conference provides presentations and panel discussions about existing and future information security solutions for large scale corporations, enterprises, especially SMEs, commerce, financial & public sector, healthcare, legal practitioners and security professionals.  An extensive list of topics and submission instructions are given in the full call-for-papers. 

Workshop on Telecommunications Security, The University of Tulsa, Tulsa, Oklahoma, USA, September 27-28, 2000.  [posted here 6/9/00]
The purpose of the workshop is to identify the security issues and solutions emerging as telecommunications and information networks converge and support telephony and data services. Of particular interest are issues related to convergence, the Next Generation Network, active networks, voice over Internet Protocol (IP), unified messaging systems, multi-service networks, and universal broadband access. The workshop will integrate the needs of the industry, the current state of research in academia, and the relevant government research programs. Presentations are solicited in three areas:
1.How will the telecommunications world change and what security issues will arise? 
2.What is the state of current telephony security research? 
3.What is the appropriate role of government in addressing these problems? 
Industry representatives are encouraged to submit position papers on their view of the emerging public and private infrastructures and any proposed architectures, especially security architectures, to provide services over those infrastructures. Descriptions of current and future security threats, vulnerabilities, and requirements are encouraged. Academic representatives are encouraged to submit papers of their current security research in public and private telecommunications networks. Of particular interest are the areas of fraud prevention, intrusion detection, availability solutions, privacy, and secure management schemes. Differences between security issues and solutions for emerging telecommunications networks, computer data-oriented and infrastructure operations networks should be emphasized. This is a self-supporting workshop, and each attendee's (including speakers) organization is expected to provide the necessary support for attendance. All attendees are expected to participate in the discussions and presentations. There will be relatively few slots available for those who are not presenting. For additional information on submissions , please call Dr. Paul Brusil at 978-922-6586  or visit niap.nist.gov/telecomm/

EDOC'2000 Fourth International Enterprise Distributed Object Computing Conference, Makuhari, Japan, September 25-28, 2000   [posted here 7/30/00]
The goal of EDOC 2000 is to provide a forum for leading researchers and industry experts to discuss problems, solutions, and experiences in meeting practical enterprise computing needs. EDOC 2000 will include industrial experience sessions for which practitioners are encouraged to submit experience reports stating the problems addressed, methods used, results and
lessons learned.  EDOC 2000 addresses generic issues relating to the context in which enterprise systems are built and deployed as well as the distributed object and component technologies needed to deploy systems for specific application domains. EDOC 2000 encourages submissions on applications and industry experience in such domains as electronic commerce, enterprise application integration, supply-chain management, and web-based distributed applications.  More information can be found on the conference web site at www.iijima.ae.keio.ac.jp/edoc/cfp.html or send email to  edoc-info@soft.flab.fujitsu.co.jp

WISAC Workshop on Innovations in Strong Access Control, Monterey, California, September 25-27, 2000   [posted here 6/16/00]
WISAC is an invitational workshop whose goal is to increase the understanding of the different communities with an interest in Strong Access Control (SAC) technology; to develop statements of requirements for communities by bringing together customers with a need for SAC solutions with vendors, developers and researchers; and to determine the next steps for growth of SAC technology.  WISAC is an invitational workshop. This format has been selected to keep the workshop size down and to keep the discussions focused. To request an invitation, please submit (by 11:59 PM PDT, Monday, June 26, 2000) a description of your organization and its involvement with or needs for information technology for security policy enforcement to faigin@aero.org. Please mark this submission clearly as WISAC RFI.  More information can be found at the workshop web page at cisr.nps.navy.mil/events/WISAC/WISAC_index.html 

CARDIS 2000, IFIP CARDIS 2000 Fourth Smart Card Research and Advanced Application Conference HP Labs, Bristol, UK, September 20-22, 2000.  [posted here: 11/8/99].
Smart cards or IC cards offer a huge potential for information processing purposes. The portability and processing power of IC cards allow for highly secure conditional access and reliable distributed information systems. The research challenges range from electrical engineering on the hardware side to tailor-made cryptographic applications on the software side, and their synergies. The CARDIS conferences aim to bring together researchers who are active in all aspects of design of IC cards and related devices and environment, such as to stimulate synergy between different research communities and to offer a platform for presenting the latest research advances. Additional information at www.cardis.org.
 

PKS' 2000  Catch the Perfect Wave of the New Mobile World, San Jose, CA, USA, September 19-21, 2000.   [posted here 7/30/00]
PKS 2000 is a forum where developers, security architects, product managers and business leaders will learn about and discuss such topics as: What new business opportunities will arise from the convergence of wireless voice communication, remote data access and the Internet?  Which of the emerging standards and protocols will drive the next generation wireless data systems and services?  How are powerful new public-key systems, such as the Elliptic Curve Cryptosystem, facilitating the new world of wireless/mobile e-business?  See the conference web site at www.certicom.org/sitemap_frames/news_pks_fs.html for more information the presentation topics.

NSPW' 2000  New Security Paradigms Workshop 2000, Ballycotton, County Cork, Ireland, September 19-21, 2000.   [posted here 1/27/00]
For eight years, the New Security Paradigms Workshop has provided a productive and highly interactive forum in which innovative new approaches (and some radical older approaches) to computer security have been offered, explored, refined, and published. The workshop offers a constructive environment where experienced researchers and practitioners work alongside newer participants in the field.  The result is a unique opportunity to exchange ideas.  Because these are new paradigms, we cannot predict what subjects will be covered. Any paper that presents a significant shift in thinking about difficult security issues or builds on a previous shift will be welcomed.  To participate, please submit your paper, justification, and attendance statement, preferably via e-mail, to both Program Chairs -- Cristina Serban (cserban@att.com) and Brenda Timmerman (btimmer@ecs.csun.edu) -- by Friday, March 31, 2000 (hardcopy submissions must be received by Friday, March 24, 2000). Further details on the required format of submissions are available on the NSPW web site at www.nspw.org/
 

International School on Foundations of Security Analysis and Design, September 18-30, 2000, Bertinoro, Italy.    
The school covers two weeks (from Monday 18 to Saturday 30, September 2000)and alternates four lecturers per week on monographic courses of about 6/8 hours each. Saturdays are reserved for presentations given by those participants that intend to take advantage of the audience for discussing their current research in the area. The school is organised at the Centro Residenziale Universitario of the University of Bologna, situated in Bertinoro, a small village on a scenic hill with a wonderful panorama, in between Forli' and Cesena (about 50 miles south-east of Bologna, 15 miles from the Adriatic sea). The school offers eight main courses, each composed of 3/4 seminars (on different days), each seminar of 2 hours. In alphabetic order, the lecturers of the eight main courses are the following:  Li Gong (Javasoft - Sun Microsystems, Palo Alto),  Java Security;  Andrew D. Gordon (Microsoft Research, Cambridge) Process Calculi for Security and Mobility;  Roberto Gorrieri (University of Bologna)Classification of Security Properties;  Joshua Guttman (Mitre, Bedford) Security Goals: Packet trajectories and strand spaces;  Peter Ryan (SRI, Cambridge) Mathematical Models of Computer Security;  Pierangela Samarati (University of Milano)Access Control: Policies, Models, Architectures and Mechanisms;  Paul Syverson (Naval Research Lab, Washington) The Logic of Security Protocols;  Moti Yung (CertCo Inc., New York)Cryptographic Technology and Protocols in E-Commerce. Further short courses will be given by: Carlo Blundo (Univ. of Salerno)Introduction to Cryptography;  Luigia Carlucci Aiello and Fabio Massacci (Univ. of Roma "La Sapienza")Planning, Logic Programs and Security Protocols;   Pierpaolo Degano (Univ. of Pisa)Control Flow Analysis for security;  Rocco De Nicola (Univ. of Firenze) Testing for spi Processes;  Fausto Giunchiglia (Univ. of Trento)Model Checking Using a Logic of Belief;- Roberto Segala (Univ. of Bologna) Applied Cryptography.  More information can be foune on the course web page at www.cs.unibo.it/~gorrieri/fosad.
 

 

Biometric Consortium 2000 Conference "Biometric Technologies...Emerging into the Mainstream",  NIST, Gaithersburg, MD, USA,  September 13-14, 2000.   [posted here 8/ 2/00]
Some of the topics that will be examined include:

    - What are the technological issues and challenges looming ahead?

    - What are the user requirements?

    - What standards are available or are being developed?

    - How is interoperability achieved?

    - How assurance is achieved?

    -What novel applications of biometrics does the industry envision for secure personal authentication and identification?

More information on the conference can be found at  www.nist.gov/bc2000, or contact Fernando L. Podio of the Information Technology Laboratory of NIST at bc2000@biometrics.org or at (301) 975-2947.

 

ASA/MA 2000  Second International Symposium on Agent Systems and Applications, Fourth International Symposium on Mobile Agents, ETH Zurich, Switzerland, September 13-15, 2000.   [posted here 1/ 27/00]
Areas of interest are: agent applications, agent systems, multi-agent systems, mobile agents, and  mobile code.  Possible topics include: development tools, security, scalability, fault tolerance, communication, collaboration and coordination, languages, standards, design patterns, applications in mobile computing and wireless networks, applications in electronic markets and commerce, applications in active networks, market-based control, resource management, agent societies and ensembles, World-wide-web integration.  Submission guidelines are at www.inf.ethz.ch/ASA-MA/submit.html; additional workshop information can be found at: www.inf.ethz.ch/ASA-MA/ or www.cs.dartmouth.edu/ASA-MA/
  

ICECCS'2000 Sixth IEEE International Conference on Engineering of Complex Computer Systems, Boissonade Tower, Ichigaya Campus, Hosei University, Tokyo, Japan, September 11-15, 2000.   [posted here 1/27/00]
The goal of this conference is to bring together industrial, academic, and government experts, from a variety of user domains and software disciplines, to determine how the disciplines' problems and solution techniques interact within the whole system.   The scope of interest includes long-term research issues, near-term complex system requirements and promising tools, existing complex systems, and commercially available tools.  Papers are solicited in all areas related to complex computer-based systems, including the causes of complexity and means of avoiding, controlling, or coping with complexity. Topic areas include, but are not limited to:
       - System and Software Architecture and Systems Engineering
       - Tools, Environments, and Languages for Complex Systems
       - Complex Data Management, including Distributed, Real-Time, and Mobile Databases
       - Formal Methods and Approaches to Achieving Dependability in Complex Systems
       - Integration of Heterogeneous Technologies
       - Software and System Development Processes for Complex Systems
       - Human Factors and Collaborative ("Groupware") Aspects
       - Interoperability and Standardization
       - System and Software Safety and Security 
Detailed instructions for submitting a paper, a panel proposal, or a tutorial proposal are given on the conference web page at www.polimi.it/iceccs2000.

WECS'2000 Practicum Workshop on Education in Computer Security, Center for Information Systems Security Studies and Research, Naval Postgraduate School, Monterey, California, USA, September 11-13, 2000.
This workshop helps those new to computer security teach a well-organized comprehensive Computer and Network Security course or update CS and IT courses with relevant security information. The workshop will clarify confusing topics and will address important information often not found in introductory texts. The workshop is organized and conducted by experienced security educators. Topics covered will include:
   - A scientific or engineering approach to security (as opposed to patches and ad hoc solutions).
   - Debunking many popular computer security and cryptography myths.
   - Many real life simple and beautiful examples that illustrate important concepts.
   - Subtle important issues that are often overlooked or misunderstood.
   - Analogies and projects that are useful in teaching difficult topics.
   - Ideas for demonstrations and laboratory exercises. 
More information can be found on the workshop web page at cisr.nps.navy.mil/events/wecs/wecs2000_announce.html

ISSSTA 2000, IEEE Sixth International Symposium on Spread Spectrum Techniques and Applications, Sheraton Tara, Parsippany, NJ, USA, September 6-8, 2000.  [posted here: 9/3/99].
Prospective authors are cordially invited to submit papers in particular but not exclusively on the following topics:
  THEORY (Spreading codes and sequences, waveform design, spectral shaping; synchronization, acquisition, tracking; coding and modulation for SS; direct sequencing, frequency hopping, hybrid concepts; digital and analog SS signal processing, estimation theory; CDMA, SSMA, interference cancellation, joint (multiuser) detection, capacity; information security, ECM, EVCCM, LPI; antennas for SS, propagation effects, channel modelling, anti-fading techniques, RAKE; coexistence SS/other systems, overlay systems, EMC; networking; power control, AGC, amplifier nonlinearities.  SYSTEM DESIGN: Tools for SS system design, modeling and simulation, application of AI; frequency allocation; networking aspects, handover, dynamic channel allocation; SS techniques in education.  COMMUNICATIONS: Mobile & cellular, CDMA, SSMA, satellite; digital broadcasting; power line communications; radio relay; optical SS communications; wireless LANs; SS bus systems, consumer applications, remote control; packetized data & voice networks.  NAVIGATION, RANGING, CHANNEL SOUNDING: GPS, GLONAS, radar, lidar, pulse compression; wideband channel sounding; deep-space applications; correlation techniques to measure flow and speed; SS time domain reflectometry.  DEVICES AND CIRCUITS: ASICs for SS, chip sets, digital correlators, frequency synthesizers, all digital transmitter and receiver implementations, SAW, CCD, neural networks.  Please submit five double-spaced copies of original papers to the ISSSTA 2000 Technical Program Committee Chairman as per schedule. Detailed submission instruction and other information can be found on the conference web page at: www.ISSSTA2000.org.

 

CoopIS'2000  In Cooperation with VLDB'2000, Neptune Hotel, Eilat, Israel, September 6-8, 2000.  [posted here 5/29/2000]
CoopIS'2000 is the seventh conference in the series and the fifth conference organized by the International Foundation on Cooperative Information Systems (IFCIS). It is sponsored by the International Foundation in Cooperative Information Systems (IFCIS), and the IBM Research Laboratory in Haifa (other sponsors pending). It replaces the erstwhile international workshops on Interoperability in Multidatabase Systems (IMS) and the conference series on Cooperative Information Systems (CoopIS & ICICIS).  The conference web page is at www.haifa.il.ibm.com/coopis2000.html

MDDS'2000  Third International Workshop on Mobility in Databases and Distributed Systems (in conjunction with DEXA'2000), Greenwich, UK,  September 6-8, 2000.  [posted here 7/30/2000]
The focus of this workshop is on mobility issues in distributed systems and databases. The objective of this workshop is to bring together researchers and practitioners with mobile networking background, database research interests, advanced applications and distributed computing systems research and development skills to discuss all aspects of emerging mobile computing paradigm. Both the theoretical papers and papers reporting implementation and practical results will be presented.  Details about DEXA'2000 can be found at www.dexa.org; the MDDS'2000 workshop web page is at www.ct.monash.edu.au/DPMC/mdds/mdds2000/

DEXA2000  11th International Conference and Workshop on Database and Expert Systems Applications, London - Greenwich, United Kingdom, September 4- 8, 2000.  [posted here 5/29/00]
The aim of DEXA 2000 is to present both research contributions in the area of data and expert systems and a large spectrum of already implemented or just being developed applications. DEXA will offer the opportunity to extensively discuss requirements, problems, and solutions in the field. The workshop and conference should inspire a fruitful dialogue between developers in practice, users of database and expert systems, and scientists working in the field.  The conference web page is at www.dexa.org/dexa00/

NBIS2000 The Third International Workshop on Network-Based Information Systems in conjunction with the 11th International Conference on Database and Expert Systems Applications (DEXA'2000), Greenwich, United Kingdom, September 4-8, 2000.  [posted here 5/29/00]
The main objective of this workshop is to bring together researchers from both network systems and information systems with the aim of encouraging the exchange of ideas and experience between these two communities. Topics of interest include but are not limited to:
     * Communication Networks and Protocols
     * Internet Applications
     * Web-based database systems
     * Distributed Cooperating Information Systems
     * Groupware
     * Distributed and Parallel Algorithms
     * Multimedia Computing and Communication Systems
     * Mobile Computing Systems
     * Distributed Object-Oriented Systems
     * Interoperable Systems
     * Electronic Commerce
     * Security and Privacy
     * Distributed Fault-Tolerant Systems
More information can be found on the conference web page at www.takilab.k.dendai.ac.jp/conf/dexa2000/nbis/

CRYPTO 2000, Santa Barbara, California, USA, August 20-24, 2000.  [posted here 5/29/00]
Crypto 2000 is organized by the International Association for Cryptologic Research (IACR), in cooperation with the IEEE Computer Society Technical Committee on Security and Privacy, and the Computer Science Department of the University of California, Santa Barbara. For other information contact
          Mathew Franklin, General Chair, Crypto 2000 
          Xerox Parc 
          3333 Coyote Hill Road
          Palo Alto, CA 94304 USA 
          Phone: 650-812-4228 ; FAX: 650-812-4471 ;
          E-mail: crypto2000@iacr.org

CHES'2000, Workshop on Cryptographic Hardware and Embedded Systems, Worcester Polytechnic Institute, Worcester, Massachusetts, USA., August 17-18, 2000.   [posted here 2/4/00]
The focus of this workshop is on all aspects of cryptographic hardware and embedded system design.  Of special interest are contributions that describe new methods for efficient hardware implementations and high-speed software for embedded systems. The topics of interest include but are not limited to:
          * Computer architectures for public-key cryptosystems
          * Computer architectures for secret-key cryptosystems
          * Reconfigurable computing and applications in cryptography
          * Cryptographic processors and co-processors
          * Modular and Galois field arithmetic architectures
          * Tamper resistance on the chip and board level
          * Architectures for smart cards
          * Tamper resistance for smart cards
          * Efficient algorithms for embedded processors
          * Special-purpose hardware for cryptanalysis
          * Fast network encryption
          * True and pseudo random number generators
If you want to receive emails with subsequent Call for Papers and registration information, please send a brief mail to ches@ece.orst.edu.  Complete instructions for authors can be found on the workshop web page at www.ece.WPI.EDU/Research/crypt/ches.  You may also contact the Program Chairs Cetin Kaya Koc (Koc@ece.orst,  +1 541 737 4853) or  Christof Paar (christof@ece.wpi.edu, +1 508 831 5061).

USENIX, 9th USENIX Security Symposium, Denver, Colorado, USA, August 14-17, 2000.  [posted here: 9/20/99].
The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in security and applications of cryptography. Please see the conference web site at www.usenix.org/events/sec2000 for more information on the symposium, a detailed list of topics of interest, and the procedure for submitting a paper.
 

SAC'2000, Seventh Annual Workshop on Selected Areas in Cryptography, August 14-15, 2000, Waterloo, Ontario, Canada.  [posted here 3/20/00]
Workshop Themes:    -  Design and analysis of symmetric key cryptosystems.
   -  Primitives for private key cryptography, including block and stream ciphers, hash functions and MACs.
   -  Efficient implementations of cryptographic systems in public and private key cryptography.
   -  Cryptographic solutions for web/internet security.

Details on submitting a paper are given on the conference web page at www.cacr.math.uwaterloo.ca/conferences/2000/SAC2000/announcement.html

4th International Workshop on Discrete Algorithms and Methods for Mobile Computing & Communications,  Boston, Massachusetts, USA, August 11, 2000. In conjunction with ACM MobiCom 2000.   [posted here 1/27/00].
The introduction of mobility raises a number of new research issues. This workshop is devoted to discrete algorithms and methods in the context of mobile and wireless computing and communications. Contributions are solicited in all areas related to mobile computing and communications where discrete algorithms and methods are utilized, including, but not limited to: 
             * distributed algorithms frequency allocation 
             * scheduling location tracking 
             * site allocation multi-hop packet radio networks 
             * wireless networks synchronization 
             * cryptography and security error correcting codes 
             * handover (handoff) telecommunications 
             * modeling optimization 
             * routing satellite communication 
Instructions for submitting a paper or a panel proposal are given on the conference web page at www.cis.udel.edu/~elloyd/dialm.d/home.htm.  Since deadlines overlap, dual submission of papers to MobiCom and DIALM is encouraged. Any paper accepted for MobiCom will automatically be removed from consideration for DIALM.
 

MSWiM'2000, Third ACM International Workshop on Modeling, Analysis and Simulation of Wireless and Mobile Systems, in conjunction with MobiCom 2000, August 6-11, 2000, Boston, MA, USA.   [posted here 4/22/00]
This workshop will focus on all aspects of wireless systems, particularly modeling analysis and simulation in wireless communication. In its third year, the 2000 International ACM Workshop on Modeling and Simulation of Wireless and Mobile Systems, will take place in Boston, MA, just after the International Conference on Mobile Computing and Networking (MobiCom 2000) to be held in Boston, August 6-11, 2000. This is an excellent opportunity to partake in two events covering a wide range of research in wireless and mobile systems. Authors are encouraged to submit both theoretical and practical results of significance. Demonstration of new tools/simulation languages are very welcome.  A complete list of topics of interest, along with directions for submitting a paper are given on the workshop web page at:  www.tlc.polito.it/mswim

RBAC'2000  Fifth ACM Workshop on Role-Based Access Control, Technical University of Berlin, Berlin, Germany, July 26-28, 2000.  [posted here 1/27/00]
The ACM workshops on RBAC bring together researchers, developers, and practitioners to discuss the application of RBAC to both traditional and emerging systems and the development of new modeling paradigms for future applications. The workshop invites participation from the database, network, distributed systems, operating systems, security and application communities.  See the workshop web page at www.acm.org/sigsac/rbac2000.html for information on submitting a paper or panel proposal.
 

FMCS'2000  Workshop on Formal Methods and Computer Security, Chicago, Illinois, USA, July 20, 2000.  [posted here March 13, 2000]
Computer security protocols are notoriously difficult to get right.  Surprisingly simple problems with some well known protocols have been found years after the original protocol was published and extensively analyzed. Our workshop goal is to bring together the formal methods and security communities.  Security is a current hot topic in the formal methods community, and we hope that this workshop can help focus these energies. Topics of interest include descriptive techniques (specification languages, models, logics) and analysis techniques (model checking, theorem proving, and their combination), as applied to protocols for authentication, fair exchange, electronic commerce, and electronic auctions. However, this list is not exclusive. We particularly want to hear about new approaches, new problems, new security properties, and new protocol bugs. Reports on work in progress are welcome. The program of the workshop will include a keynote address by Doug Tygar, a number of technical sessions (with talks of about 15-20 minutes duration), and a panel discussion.  An extended abstract (about 5-10 pages) explaining recent research results or work in progress should be mailed electronically to fmcs-2000@cs.cmu.edu, to be received by April 14, 2000. More information can be found at the conference web site at www.cs.cmu.edu/~veith/fmcs/ 

 

PODC'2000, Nineteenth Annual ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing, Portland, Oregon, USA, July 16-19, 2000. [posted here: 8/30/99].
Research contributions on the theory, design, specification, implementation or application of distributed systems are solicited. This year PODC will be held in conjunction with a workshop on middleware (information concerning the workshop will be posted on the PODC web site once it is available). In light of this, PODC especially encourages papers addressing distributed computing issues in building and using middleware. Topics of interest include, but are not limited to:
 

       * distributed algorithms and their complexity,
      * specification, semantics and verification of distributed systems,
      * issues relating to the design and use of middleware platforms,
      * fault tolerance of distributed systems,
      * cryptographic and security protocols for distributed systems,
      * mobile computing,
      * distributed computing issues in the Internet, including the Web,
      * communication network protocols and architectures,
      * multiprocessor/cluster architectures and algorithms,
      * distributed operating systems and databases,
      * consistency conditions, concurrency control and synchronization,
      * distributed object-oriented computing.
Conference presentations will have two formats: "Regular presentations" of approximately 25 minutes accompanied by papers of up to 10 pages in the proceedings, and "Brief announcements" of approximately 10 minutes accompanied by one page abstracts in the proceedings. Details on the conference and submission procedure can be found on the conference web site at www.podc.org/podc2000/, or contact the program chair, Jim Anderson, by email, anderson@cs.unc.edu, or phone, 1-919-962-1757.
 

ACISP'2000, Fifth Australasian Conference on Information Security and Privacy, Brisbane, Australia, July 10-12, 2000. [posted here 9/13/99]
Papers pertaining to all aspects of information security and privacy are solicited. Papers may present theory, techniques, applications and practical experiences on any relevant topic including: authentication and identification, database security, mobile communications security, secure operating systems, security and cryptography policy, security management, commercial applications, key management and auditing, secure electronic commerce, security architectures and models, distributed system security, evaluation and certification, cryptology, access control, network security, smart cards, risk assessment and copyright protection. Please see the conference web page at www.isrc.qut.edu.au/acisp2K for details.
 

WITS'2000, Workshop on Issues in the Theory of Security, Geneva, Switzerland, July 7-8, 2000   [posted here January 27, 2000]
The members of The IFIP WG 1.7 on "Theoretical Foundations of Security Analysis and Design" will hold their annual workshop as an open event to which all researchers working on the theory of computer security are invited. The W/S will be co-located with ICALP '00 (cuiwww.unige.ch/~icalp/). Its program will encourage discussions by all attendees, both during and after scheduled presentations on participants' ongoing work.  Topics of interest include:
* formal definition and verification of the various aspects of security:  confidentiality,   integrity, authentication and availability;
*

new theoretically-based techniques for the formal analysis and design of cryptographic protocols and their manifold applications (e.g., electronic commerce);

* information flow modeling and its application to the theory of confidentiality policies,
* composition of systems, and covert channel analysis;
* formal techniques for the analysis and verification of mobile code;
* formal analysis and design for prevention of denial of service.

Details on the conference and submission procedure can be found on the conference web site at www.dsi.unive.it/IFIPWG1_7/wits2000.html, or contact the program chair, Pierpaolo Degano, by email, degano@di.unipi.it, or phone, +39 050 887257, or fax, +39 050 887226.

IRISH2000 4th Irish Workshop on Formal Methods National University of Ireland, Maynooth, July 5-6, 2000.  [posted here 5/29/2000]
The fourth in a series of annual Irish Workshops on Formal Methods will be held in the National University of Ireland, Maynooth.  We are now seeking submissions of work in progress papers in the area of formal methods, theoretical computer science, and mathematics covering the topics listed above. There will be opportunity for these papers to be submitted and reviewed as full papers, after the workshop has completed. For the theoretical day the Programme Committee seeks submissions of papers in the general area of formal methods, theoretical computer science, and mathematics, covering, but not restricted to, the following topics: formal systems, proof systems, mathematical models of computing, semantics, tools, industrial and teaching experiences.  For the industrial day it is planned to offer industry-oriented tutorials. The idea is that these will provide an introduction to formal methods, and be tailored to meet specific needs.  The conference web site is at www.cs.may.ie/IWFM00/

CSFW-13, 13th IEEE Computer Security Foundations Workshop, Cambridge, England, July 3-5, 2000.  [posted here: 11/10/99].
This workshop series brings together researchers in computer science to examine foundational issues in computer security. We are interested both in new results in theories of computer security and also in more exploratory presentations that examine open questions and raise fundamental concerns about existing theories. Both papers and panel proposals are welcome. Possible topics include, but are not limited to:

*Access Control *Authentication *Data and System Integrity
*Database Security *Network Security *Distributed Systems Security
*Anonymity *Privacy *Security for Mobile Computing
*Security Protocols *Security Models *Formal Methods for Security
*Information Flow *Executable Content
Workshop attendance is limited to about 40 participants. Complete instructions for submitting a paper or panel proposal are provided on the workshop web page at www.csl.sri.com/csfw/ 

 

 

IC'2000, Special session at IC'2000, the First International Conference on Internet Computing, Monte Carlo Resort, Las Vegas, Nevada, USA, June 26-29, 2000.  [posted here 2/15/00]
This special session, New Paradigms in Computer Security, at IC'2000 is to present recent advances in computer system security. The main focus will be on new approaches for less vulnerable program generation and intrusion detection.  Papers are solicited on the topic areas include, but are not limited to:

* Analysis tools

* Cases in Practice

* Course or Lab development

* Distributed System Architecture

* Emerging Curricula

* Intrusion Detection System  Integration

* IDS in distributed client-server computing

* Processor and Software Architecture

 * Standards

Submit extended abstracts in PDF or postscript format, limited to 1200 words in length, to ghlee@iastate.edu. The due date for the extended abstract is March 17, 2000.  For more information on IC'2000, visit the conference web site at  www.cs.umanitoba.ca/~iwic/

 

 

FIRST'2000, The 12th Annual FIRST Conference on Computer Security and Incident Handling, Chicago, Illinois, USA, June 25-30, 2000.  [posted here: 10/27/99].
The Forum of Incident Response and Security Teams (FIRST, www.first.org ) brings security incident response teams together including government, commercial, and academic organizations. The conference is a five day event, two days of tutorials and three days of technical sessions including refereed paper presentations, invited talks, and panel discussions. The focus of the FIRST'2000 conference is on the most recent practical advances in computer security in all its aspects. The Program Committee is soliciting original papers analyzing, among other topics, methodologies for drafting security policies, recent intrusion techniques, describing experiences in building incident response capabilities, working security architectures, pros and cons of both commercial and experimental pro-active security tools. The deadline for submissions is NOVEMBER 15, 1999. The full call for papers is at www.first.org/conference/2000.
 

 

CITSS12  Canadian Information Technology Security Symposium,
Ottawa, Canada, June 19-23, 2000.  [posted here 5/29/00]

We invite you to attend Building Trust for a Secure Global Economy, the 12th Annual Information Technology Security Symposium. This annual event is sponsored by the Communications Security Establishment (CSE), a Canadian Federal Government lead agency responsible for information technology security. This year's symposium takes you inside some of the most important security issues facing businesses and governments today. CSE's weeklong symposium features one and a half days of tutorials, a one-day plenary session and more than 36 in depth presentations
by Canadian and international experts in their fields. An industry leading vendor trade show with more than 40 booths completes the program. Presentations will focus on:
     - PKI issues and solutions 
     - e-commerce/e-business
     - Critical Information Infrastructure Protection 
     - Intrusion detection
     - Security in open source software
More info on the symposium web page at www.cse-cst.gc.ca/cse/english/annual.html

 

20th Biennial Symposium on Communications, Department of Electrical and Computer Engineering, Queen's University, Kingston, Ontario, Canada, May 28-31, 2000.   [posted here: 2/8/2000]. 

This symposium is intended to provide a forum for engineers and researchers in the area of communications and signal processing.  Original papers are encouraged from new areas of research on communications, as well as those traditionally associated with this conference.  A complete list of topics of interest (which includes cryptography and security) as well as submission instructions is provided on the conference web page at www.ece.queensu.ca/dept/sympcomm.html

 

 

NCISSE'2000 Fourth Colloquium for Information Systems Security Education, Washington D.C., USA, May 23-25, 2000.  (Papers due March 29, 2000)  [posted here February 12, 2000]
It is the task of American higher education to provide an information-literate work force and to prepare information technology professionals. To meet this urgent need, higher education must be informed of the knowledge, skills and attitudes to be taught in the general curricula and in the information curricula of its colleges and universities. Industry and government must understand their role in supporting higher education, not simply expecting higher education to be responsive and informed about information security and assurance. The National Colloquium for Information Systems Security Education (the Colloquium) is established to serve as a living body to bring government, industry and academia together to meet those challenges.
  This year the colloquium introduces two paper tracks, one general submission, the other restricted to student participation. The papers in both tracks should discuss course or lab development, INFOSEC curricula, standards, existing or emerging programs, and related issues. This year, we are particularly interested in addressing the question, "what is academia’s response to the shortfall of INFOSEC workers?"  To achieve this goal, we are particularly interested in topics such as the following:
*  Assessment of need for information security workers/researchers/faculty  
*  Integrating information assurance topics in existing curricula  
*  Experiences with course or laboratory development  
*  Alignment of curriculum with existing information assurance education standards
*  Emerging programs or centers in information assurance  
* Late breaking topics (see the complete call for papers)  

Papers which fall into the topic areas outlined above are particularly welcome, although contributions outside those topics may also be of interest.  See the complete call for papers for more information on submitting a paper, and the conference web site at www.infosec.jmu.edu/ncisse/ for general information on the colloquium. 

 

ICCC  First International Common Criteria Conference, Baltimore, Maryland, USA, May 23-25, 2000.  [posted here January 27, 2000].
The ICCC will bring together the signatories to the Mutual Recognition Arrangement, their national implementation scheme administrators, accredited commercial testing laboratories, producers and consumers of information technology products, acquisition authorities and information assurance professionals from government, industry and academia throughout the world. There will be four tracks at the ICCC geared towards providing you with the most up to date, accurate and complete information on the Common Criteria process. Track A will focus on general information about the Common Criteria testing programs in countries around the world. Track B will take a more technical approach suited for evaluators, certifiers or validators looking for detailed technical information on the specifics of testing under the Common Criteria. Track C will look at the latest protection profiles and the types of tools and documents available to help you use the Common Criteria more effectively. Track D will be a tutorial for those wanting to become more familiar with the Common Criteria, the Common Evaluation Methodology and the Common Criteria Toolbox. For more detailed information on the ICCC or to register for the conference, visit the National Information Assurance Partnership (NIAP) web site: www.niap.nist.gov/iccc. For information on the vendor exhibits to be held in conjunction with the ICCC on May 23 and 24, contact Janin Hardin or Stephanie King at the Federal Business Council, (800) 878-2940 or log on to: www.fbcinc.com/specialeventspage.htm.

S&P'2000,2000 IEEE Symposium on Security and Privacy, Oakland CA, USA, May 14-17, 2000.  [posted here: 8/17/99].
See the full CFP above or on the Cipher Web page or at www.bell-labs.com/user/reiter/sp2000/index.html.
 

WWW9, 9th International World Wide Web Conference, Amsterdam, The Netherlands, May 15-19, 2000.   [posted here: 8/17/99].
Topics: E-Commerce, XML, Multimedia, Web Server Performance, Searching and Querying, Protocols, Web Document Management, Java, Web Site Design, Web Security, RDF, Database and Directory Services, Collaboration, Accessibility, Metadata, New Languages Submitted papers should present original reports of substantive new work in areas that can be theoretical (models, analyses, techniques, semantics), empirical (experiments, case studies), or implementation-oriented (new systems, tools, methodologies, user interfaces). Tutorial proposals are desired for both half-day and full-day sessions on topics of current relevance to Web design, services, operation, and use. Subjects of interest include XML, DOM, Multimedia, E-commerce, Java, Dynamic HTML, Security, Accessibility, Graphics and the Web, and other areas expected to be of special interest in spring 2000. WWW9 workshops are intended to provide a forum for highly interactive discussion on focused topics. Workshop proposals should address current web-related issues which can benefit from small-group information exchange and discussion. Attendance at workshops will be limited. Submission details are available at www9.org.
 

MFPS, The Sixteenth Workshop on the Mathematical Foundations of Programming Semantics, Stevens Institute of Technology, Hoboken, NJ, USA, April 13-16, 2000. [posted here 11/4/99].
The MFPS conferences are devoted to those areas of mathematics, logic and computer science which are related to the semantics of programming languages. The series particularly has stressed providing a forum where both mathematicians and computer scientists can meet and exchange ideas about problems of common interest. We also encourage participation by researchers in neighboring areas, since we strive to maintain breadth in the scope of the series. The invited speakers for MFPS 16 are:
                     Samson Abramsky University of Edinburgh
                     Rance Cleaveland Stony Brook
                     Andy Gordon Microsoft Cambridge
                     Robin Milner University of Cambridge
                     Peter O'Hearn Queen Mary - Westfield
                     Dana Scott CMU
In addition to the invited talks, there will be special sessions devoted to security and model checking. Those interested in contributing a talk at the meeting should send a title and short abstract to mfps@math.tulane.edu. The available slots will be allocated on a first come, first served basis. As with other MFPS workshops, the Proceedings for MFPS 16 will consist of a special issue of the journal Theoretical Computer Science. All participants at the meeting (whether they present a talk or not) will be invited to submit a paper for the Proceedings; these submissions will be refereed to the usual TCS standards. Additional information available at www.math.tulane.edu/mfps16.html or from mfps@math.tulane.edu.
 

AES3, Third Advanced Encryption Standard (AES) Candidate Conference, New York, New York, USA, April 13-14, 2000. (Submissions due: January 15, 2000) [posted here: 9/23/99]
In the summer of 1999, NIST began Round 2 of the technical analysis of five candidate algorithms that have been selected as finalists for the AES development effort. Near the end of Round 2, the 3rd AES Candidate Conference (AES3) will focus on discussion of the technical resuts of Round 2 and views on candidates for Round 3. A complete call-for-papers is given on the conference web page at csrc.nist.gov/encryption/aes/round2/conf3/aes3conf.htm.
 

CFP'2000, Computers, Freedom, and Privacy. CFP 2000 Challenging the Assumptions, Toronto, Ontario, Canada, April 4-7, 2000.  [posted here 8/17/99].
The theme of the tenth CFP conference is 'Challenging the Assumptions'. After a decade of CFP conferences, it's time to examine what we have learned. At CFP2000 we want to re-examine the assumptions we have been making and consider which ones still make sense as we move forward. Proposals are welcomed on all aspects of computers, freedom, and privacy. We strongly encourage proposals that challenge the future, tackle the hard questions, look at old issues in new ways, articulate and analyze key assumptions, and present complex issues in all their complexity. We are seeking proposals for tutorials, plenary sessions, workshops, and birds-of-a-feather sessions. We are also seeking suggestions for speakers and topics. Sessions should present a wide range of thinking on a topic by including speakers from different viewpoints. Complete submission instructions appear on the CFP2000 web site at www.cfp2000.org/submissions/.
 

IETF March 27-31, 2000, 47th IETF, Adelaide, Australia
[from the IETF Web page at www.ietf.org

The Internet Engineering Task Force (IETF) is a large open international community of network designers, operators, vendors, and researchers concerned with the evolution of the Internet architecture and the smooth operation of the Internet. It is open to any interested individual. The actual technical work of the IETF is done in its working groups, which are organized by topic into several areas (e.g., routing, transport, security, etc.). Much of the work is handled via mailing lists. The IETF holds meetings three times per year. Future IETF Meeting Sites:

 

Summer 1999 - 45th IETF, July 12-16, 1999, Oslo, Norway, Host: Uninett

 

Fall 1999 - 46th IETF, November 8-12, 1999, Washington, DC, Host: Nortel

 

March 2000 - 47th IETF, March 27-31, 2000, Adelaide, Australia, Host: Sellnet and connect.com.au

OPENARCH'2000, The Third IEEE Conference on Open Architectures and Network Programming, Tel Aviv, Israel, March 26-27, 2000. [posted here: 12/6/99]
The Third IEEE Conference on Open Architectures and Network Programming invites participation in this international forum on open programmable networks. Advances in open signaling and control, active networks, mobility management, transportable software, Web-based services access, and distributed systems technologies are driving a reexamination of existing network software architectures and the evolution of control and management systems away from traditional constrained solutions. OPENARCH 2000 will foster a better understanding of network software architecture and the techniques becoming available to make it simpler, more flexible, and more robust. In the spirit of the first and second conferences, OPENARCH 2000 will provide researchers and developers with a focused opportunity to present and discuss current work and future directions in the systems, techniques, and performance of open architectures. More information can be found on the conference web page at comet.columbia.edu/activities/openarch2000.
 

FC'2000, Fourth Annual International Conference on Financial Cryptography, Anguilla, British West Indies, February 21-24, 2000. [posted here: 12/6/99]
The annual Financial Cryptography conference is organized by the International Financial Cryptography Association (IFCA) to explore all aspects of cryptography for financial applications. The conference has international participation from business, legal and technology communities. For more information, see the conference web page at www.fc00.ai/.
 

NDSS'2000 Network and Distributed System Security Symposium San Diego, California, USA, February 2-4, 2000. [posted here: 2/20/99]
Technical papers and panel proposals are invited for the Internet Society's Year 2000 Network and Distributed System Security Symposium (NDSS 2000), tentatively scheduled for 2-4 February 2000 in San Diego, California. The symposium will foster information exchange among researchers and practitioners of network and distributed system security services. The audience includes those who are interested in the practical aspects of network and distributed system security, focusing on actual system design and implementation rather than theory. A major goal of the symposium is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technology. Proceedings will be published by the Internet Society. A best paper award will be presented at the symposium to the authors of the best paper to be selected by the program committee. The deadline for electronic submission is 16 JUNE 1999. The complete call is available at www.isoc.org/ndss00/.