Calls for Papers

IEEE Computer Society's Technical Committee on Security and Privacy


Past Conferences and Journal Special Issues

Last Modified:01/13/05

Note: Please contact by email if you have any questions..



Past Conferences and Other Announcements - 2001

Indocrypt'2001 Second International Conference on Cryptology in India, Chennai, India, December 16-20, 2001.   [posted here 12/20/00]
Original papers on all technical aspects of cryptology are solicited for submission to Indocrypt 2001.  Detailed instructions for submission of a paper are given on the conference web site at

ACSAC'2001, 17th Annual Computer Security Applications Conference, New Orleans, USA, December 10-14, 2001.    [posted here 2/20/01]
We are currently soliciting papers, panels, forums, case studies, and tutorial proposals for the 17th Annual Computer Security Applications Conference (ACSAC) to be held 10 – 14 December 2001 in New Orleans, Louisiana, USA. For general information or questions about ACSAC, please see our web page at or email For specific submission-related information, please see the following web page:

IW2001  2nd Australian Information Warfare and Security Conference, Scarborough, Perth, Western Australia, November 29-30, 2001.   [posted here 3/2/01]
The conference will be held in conjunction with the Working for E-Business conference (see to be held at the Rendevous Observation City, Scarborough, Perth, Western Australia. Sample conference topics areas include but are not restricted to:
   - E-Intelligence/counter-intelligence                     - Perception management
   - Information warfare theory                                   - Electro-magnetic pulse weapons
   - Information security                                              - Cryptography
   - Physical security                                                    - Security policy
   - Information warfare policy                                   - Information warfare techniques
   - Hacking                                                                   - Infra-structure warfare
   - National security policy                                        - Corporate defense mechanisms
   - Security for small to medium enterprises           - Information warfare and security education
See the workshop web page at for more details.

Yuforic'01 Youth Forum in Computer Science and Engineering, Valencia, Spain, November 29-30, 2001.   [posted here 5/4/01]
Sponsored by Universidad Politecnica de Valencia, the IEEE Computer Society and the Spanish Section of the IEEE. YUFORIC is the IEEE Computer Society's dynamic new program to bring students and new professionals together in a forum for exchanging ideas and sharing experiences. YUFORIC features a series of workshop, held worldwide, emphasizing presentations of studies-in-progress by university students and new professionals in industry and academia. Discussion and interaction are highlighted. Young and/or new professionals will be encouraged to take the lead in guiding students' research interests. In turn, university students will gain better insight into the ongoing, real-world activities of the professional community. The topics of interest include, but are not limited to:
- Frameworks, architectures and models for e-commerce
- Commerce oriented middleware services (CORBA, DCOM, J2EE, etc.)
- Intelligent and mobile agent technology for e-commerce
- Web and Java technology for networked e-commerce
- User Interface support for e-commerce
- Auction and negotiation technology
- Security in e-commerce (digital certificate, PKI, smart-cards, transaction-based security, IPR management)
- Authentication in e-commerce environment
- Quality assurance in e-commerce
- Trading of intangible goods
- Electronic Payment methods
- Mobile commerce
- Multi device platform for e-commerce (WAP, set-top box, web, etc.)
- E-commerce application case studies
- E-commerce based business models
For more information about the workshop please visit our web site at

ICICS'2001 Third International Conference on Information and Communications Security, Xian, China, November 13-16, 2001.    [posted here 3/14/00]
ICICS’01 covers all aspects of theory and application of information and communications security.  More information can be found on the conference web page at

CCS-8 Eighth ACM Conference on Computer and Communications Security, Philadelphia, Pennsylvania, USA, November 6-8, 2001.   [posted here 12/19/00]
Papers offering novel research contributions in any aspect of computer security are solicited for submission to the Eighth ACM Conference on Computer and Communications Security. Papers may present theory, technique, applications, or practical experience.  A complete list of topics and instructions for submitting a paper or panel proposal can be found on the conference web site at

Workshop on Data Mining for Security Applications (part of the 8th ACM Conference on Computer Security November 6-8, 2001), Philadelphia, PA, USA, November 8, 2001.    [posted here 2/9/01]
This year the ACM's Conference on Computer Communications and Security offers a special half-day workshop on data mining for security applications. This event provides an opportunity for attendees of the ACM CCS to meet with researchers who are interested in applying data mining techniques to security applications and discuss critical issues of mutual interest during a concentrated period.  The topics of interest include, but are not limited to:
   -  Intrusion detection and analysis via data mining 
   -  Data mining in forensics 
   -  Text data mining as a tool for collecting criminal evidence 
   -  Classification and clustering of intrusions, attacks and computer-related crimes 
   -  Real-time detection 
   -  Predictive tools for security 
   -  Mining for inferences 
Instructions for submitting an abstract and paper can be found on the workshop web page at

SPDRM'2001 Workshop on Security and Privacy in Digital Rights Management (part of the 8th ACM Conference on Computer Security Nov 6-8, 2001), Philadelphia, PA, USA, November 5, 2001.   [posted here 2/9/01]
Increasingly the Internet is used for the distribution of digital goods, including digital versions of books, articles, music and images. The ease with which digital goods can be copied and redistributed make the Internet well suited for unauthorized copying, modification and redistribution.  This workshop will consider technical problems faced by rights holders (who seek to protect their intellectual property rights) and end consumers (who seek to protect their privacy and to preserve access they now enjoy in traditional media under existing copyright law).  The workshop seeks submissions from academia and industry presenting novel research on all theoretical and practical aspects of DRM, as well as experimental studies of fielded systems. We encourage submissions from other communities such as law and business that present these communities' perspectives on technological issues.  A complete list of topics and instructions for submitting a paper can be found o the workshop web page at

SRDS-20 20th IEEE Symposium on Reliable Distributed Systems, New Orleans, USA, November 4-7, 2001 (tentative).     [posted here 2/9/01]
The objective of this symposium is to provide an effective forum for researchers and practitioners who are interested in distributed systems design and development, particularly with reliability, availability, safety, security, or real-time properties. We welcome original research papers as well as papers that deal with development experiences and experimental results of operational systems. We are also soliciting papers for an experience track that presents on-going industrial projects, prototype systems, exploratory or emerging applications, etc. The major areas of interest include, but are not limited to, the following topics:
   - Distributed systems with reliability, availability, security, safety, and/or real-time requirements
   - Distributed databases and transaction processing
   - Parallel and distributed operating systems
   - Internet systems and applications
   - Mobile and ubiquitous computing
   - Distributed multimedia systems
   - Electronic commerce enabling technologies
   - Distributed workflow and enterprise management systems
   - Security and High Confidence Systems
   - QoS control and assessment
   - Analytical or experimental assessment of distributed systems
   - Formal methods and foundations for reliable distributed computing
   - Distributed objects and middleware systems
   - Distributed and Web-based application systems
   - Performance modeling and evaluations of reliable distributed systems
More information can be found on the conference web page at

NordSec 2001:  Nordic Workshop on Secure IT-Systems, Copenhagen, Denmark, November 1-2, 2001.    [posted here 5/28/01]
The NordSec workshops address applied security in a broad sense and aim at bringing together researchers and practitioners within computer security in the Nordic countries - thereby establishing a forum for discussion and co-operation between universities, industry and computer societies. In 2001 the workshop is hosted by the Department of Informatics and Mathematical Modeling at the Technical University of Denmark in Copenhagen.  More details are available on

ECC2001  The 5th Workshop on Elliptic Curve Cryptography, University of Waterloo, Waterloo, Canada, October 29-31, 2001.  [posted here 9/28/01]
Due to the tragic events in the US, ECC 2001 was rescheduled from Sep 17-19 to Oct 29-31. If you had registered for the Sep 17-19 workshop, then please send Frances Hannigan ( a brief email letting her know if you plan on attending the Oct 29-31 workshop; if not, your registration fee will be refunded. We do have slots for new registrants, so if you would like to attend please register as soon as possible. We will include the revised lecture schedule in the Seventh announcement to be mailed on October 8, 2001. ECC 2001 is the fifth in a series of annual workshops dedicated to the study of elliptic curve cryptography and related areas. The main themes of ECC 2001 will be:
   - The discrete logarithm and elliptic curve discrete logarithm problems.
   - Provably secure discrete log-based cryptographic protocols for encryption, signatures and key agreement.
   - Efficient software and hardware implementation of elliptic curve cryptosystems.
   -  Deployment of elliptic curve cryptography.
It is hoped that the meeting will encourage and stimulate further research on the security and implementation of elliptic curve cryptosystems and related areas, and encourage collaboration between mathematicians, computer scientists and engineers in the academic, industry and government sectors. More information can be found at the workshop web site at

TPRC2001 The 29th Research Conference on Communication, Information and Internet Policy, Alexandria, Virginia, USA, October 27-29, 2001.   [posted here 2/9/01]
TPRC hosts this annual forum for dialogue among scholars and decision-makers from the public and private sectors engaged in communication and information policy. The purpose of the conference is to acquaint policymakers with the best of recent research and to familiarize researchers with the knowledge needs of policymakers and industry. The TPRC program is assembled from submitted and invited abstracts. TPRC is now soliciting proposals for papers for presentation at its 2001 conference. Proposals should be based on current theoretical and/or empirical research relevant to the making of communication and information policy, and may be from any disciplinary perspective. TPRC welcomes national, international, or comparative studies. Topics on interest and instructions for submitting a paper can be found on the conference web page at

RAID'2001 Fourth International Symposium on the Recent Advances in Intrusion Detection, Davis, California, USA. October 10-12, 2001.    [posted here 12/19/00]
This symposium, the fourth in an annual series, brings together leading figures from academia, government, and industry to discuss state-of-the-art intrusion detection technologies and issues from the research and commercial perspectives. The RAID International Symposium series is intended to further advances in intrusion detection by promoting the exchange of ideas in a broad range of topics. The RAID'2001 program committee invites submission of both technical and general interest papers and panels from those interested in formally presenting their ideas during the symposium. RAID'2001 will welcome full papers, short papers and panel proposals. Full papers are intended for presenting mature research results, and short ones for work-in-progress presentations. We also seek panel submissions in the same areas.  A complete list of topics of interest along with instructions for submitting a paper or panel proposal can be found at the conference web site at

I3E First IFIP Conference on e-commerce, e-business, e-Government,  Zurich, Switzerland, October 4-5, 2001.   [posted here 1/30/01]
This conference is the first IFIP conference on e-commerce, e-business, and e-government sponsored by the three committees TC6, TC8, and TC11. It provides a forum for users, engineers, and scientists in academia, industry, and government to present their latest findings in e-commerce, e-business, or e-government applications and the underlying technology to support those applications. Areas of particular interest include but are not limited to:
   - Pre-sales support, ordering, settlement, delivery, and payment
   -  Post-sales services and customer care
   - Innovative business models and business process re-engineering
   - Interorganizational systems, virtual organizations, and virtual markets
   - Supply chains, work flow management, control and audit mechanisms
   - Procurement, negotiations and dynamic pricing models (bidding, auctions)
   - Trading of intangible goods
   - Information & communication platforms, mobile agents, unified messaging
   - Security, privacy, and consumer protection
   - Smart Cards and biometrics
   - Information retrieval, data mining, semantic web
   - Legal, social, cross-cultural issues
   - Trust and confidence in digital signatures and certificates
   - Mobile e-commerce and ubiquitous electronic markets
   - Innovative government services for the citizen
   - Strategic management of e-commerce, e-business, e-government systems
   - Measuring of E-Commerce impact/results
The conference will comprise a main track with papers in the topics above and several minitracks dedicated to special topics.  More information can be found on the conference web page at

ISC'2001 Information Security Conference, Malaga, Spain, October 1-3, 2001.   [posted here 1/16/01]
Original papers are solicited for submission to the Information Security Conference 2001. ISC aims to bring together individuals involved in multiple disciplines of information security to foster exchange of ideas. The emphasis of the conference is multi-disciplines of information security. Topics include but not limited to:
  -  Biometrics                               -  Collaborative Applications
  -  Copyright Protection              -  Distributed Trust Management
  -  E-Commerce Protocols         -  Electronic Voting
  -  Information Hiding                  -  Intrusion Detection
  -  IP-Security                               - Implementations
  -  Legal and Regulatory Issues   - Payments/MicroPayments
  -  Notary Public                           - Security Analysis Tools
  -  Tamper-Resistant SW/HW     - Virtual Private Networks
  -  Watermark                               -  Web Security
Instruction for authors and more information on the conference are given on the conference web site at

ISSE 2001  Information Security Solutions Europe Conference,  QEII Conference Centre, London, UK, September 26-28, 2001.   [posted here 12/18/00]
EEMA - The European Forum for Electronic Business and TeleTrusT - The Association for the Promotion of Trustworthiness of IT-Systems invite you to participate in the Call for Papers for ISSE 2001. ISSE is the European institution for the presentation and discussion of technical, organisational, legal and political concepts for information security and data protection. As a user-oriented conference it provides presentations and panel discussions about existing and future information security solutions for large scale corporations, enterprises, especially for SMEs, commerce, financial institutions, public sector, health care, legal practitioners and security professionals. An extensive list of topics of interest along with instructions for submitting a paper is given in the full call-for-papers at

InfoSecu01  ACM International Conference on Information Security, Shanghai, China, September 24-26, 2001.    [posted here 2/20/01]
InfoSecu01 solicits previously unpublished papers offering novel research and practice contributions in any aspect of computer security for submission to the 2001 symposium. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains. Topics of interest include, but are not limited to, the following:
  -  Access control, authorization, and audit                  -  Network security
  -  Authentication, biometrics, and smartcards            -  Security protocols
  -  Commercial and industrial security                         -  Security verification 
  -  Data integrity                                                              -  Viruses and other malicious code
  -  Database security                                                       -  Mobile code and agent security 
  -  Denial of service and its treatment                           -  Language-based security
  -  Distributed systems security                                    -  Information flow 
  -  Electronic commerce                                                -  Electronic privacy, anonymity
  -  Intrusion detection and survivability  
For further information regarding InfoSecu01, please contact the conference secretariat at  The full call-for-papers is at

NSPW'2001 New Security Paradigms Workshop 2001, Cloudcroft, New Mexico, USA, September 11-13, 2001.    [posted here 1/16/01]
2001 is the tenth anniversary of the New Security Paradigms Workshop, which has provided a productive and highly interactive forum for innovative new approaches to computer security. The workshop offers a constructive environment where experienced researchers and practitioners work alongside newer participants in the field.  In order to preserve the small, focused nature of the workshop, participation is limited to authors of accepted papers and conference organizers. Because we expect new paradigms we accept wide-ranging topics in information security. Any paper that presents a significant shift in thinking about difficult security issues or builds on a previous shift is welcomed.  Authors are encouraged to present ideas that might be considered risky in some other forum. Details on topics of interest along with instructions for submitting a paper are given on the conference web site at

Workshop on Operational Text Classification Systems 2001 (in conjunction with ACM SIGIR 2001 9/9-9/13), New Orleans, USA, September 13, 2001.   [posted here 5/28/01]
Text classification research and practice has exploded in the past decade. This work has been pursued under a variety of headings (text categorization, automated indexing, text mining, topic detection and tracking, etc.). Both the automated assignment of textual data to classes, and the automated discovery of such classes (by techniques such as clustering) have been of intense interest. A variety of practical applications have been fielded, in areas such as indexing of documents for retrieval, hierarchical organization of Web sites, alerting and routing of news, creation of specialized information products, enforcement of information security, content filtering (spam, porn, etc.), help desk automation, knowledge discovery in textual and partially textual databases, and many others. Experiments on text classification data sets have been widely presented in a variety of forums. The technical details of operational text classification, however, have rarely been discussed. The goal of this workshop is to expose researchers and practitioners to the challenges encountered in building and fielding operational text classification systems.  Workshop topics will include (but are not limited to):
   * Cost effectiveness of automating text classification tasks
   * Understanding what users want from classification systems
   * Technical and personnel issues in using training data and prior knowledge
   * Trading off space, time, and other resources in the training, adaptation, and execution phases of classification
   * Integrating automated classification systems with pre-existing software, organizational procedures, relevant laws, and cultural expectations
   * Maintaining and monitoring effectiveness as text sources and classes change over time
   * Discovering, defining, updating, and explaining classes and classifiers
   * The roles of classification and related technologies (information extraction, terminology discovery, etc.)
Participation in the workshop is limited. Please see for details on submissions.

Biometric Consortium 2001 Conference, Orlando, FL, USA, September 12-14, 2001.    [posted here 8/24/01]
Sponsored by: National Institute of Standards (NIST) Information Technology Laboratory (ITL) and Advanced Technology Program (ATP), the National Security Agency (NSA), the DoD Biometric Management Office (BMO), and the General Services Administration (GSA) Federal Technology Service, Center for Smart Card Solutions.  The conference is open to the Biometric Consortium members and to the general public.  More information, including a conference program, can be found on the conference web site at

IST'2001 International Symposium on Telecommunications, Tehran, Iran, September 1-3, 2001.   [posted here 1/30/01]
The first International Symposium on Telecommunications will be organized by the Iran Telecommunication Research Center (ITRC). The Symposium will be sponsored by IEEE, IEE and ICT. It aims to provide a broad international forum as well as an outstanding opportunity for scientific researchers, academicians and telecommunication engineers to discuss new and emerging technologies, progress in standards, services and their applications in telecommunication and information systems. More information on the workshop, along with a complete list of topics of interest can be found at

10th USENIX Security Symposium, Washington, D.C., August 13-17, 2001.   [posted here 5/31/01] Practical security for the real world.  Keynote address by Richard M. Smith, CTO, Privacy Foundation "Web-Enabled Gadgets: Can We Trust Them?" 24 Refereed papers on the best new research: Denial of Service, Math Attacks, Key Management, Hardware, Managing Code, Firewalls/Intrusion Detection, Operating Systems, and Authorization.  Please see the conference web site at for details.

The Fifteenth Annual IFIP WG 11.3 Working Conference on Database and Application Security, Niagara on the Lake, Ontario, Canada, July 15-18, 2001.   [posted here 6/9/01]
The conference provides a forum for presenting original unpublished research results, practical experiences, and innovative ideas in database security.  Registration information is available at:   Please register by June 15 to ensure a room in the hotel.

ACISP'2001 The Sixth Conference on Information Security and Privacy, Sydney, Australia, July 2-4, 2001.   [posted here 9/12/00]
Original papers pertaining to all aspects of computer systems and information security are solicited for submission to the Sixth Australasian Conference on Information Security and Privacy (ACISP 2001). Papers may present theory, techniques, applications and practical experiences on a variety of topics including:
     - Authentication and authority                       - Cryptology
     - Database security                                         - Access control
     - Mobile communications security               - Network security
     - Secure operating systems                            - Smart cards
     - Security management                                   - Risk assessment
     - Secure commercial applications                 - Copyright protection
     - Key management and auditing                     - Mobile agents security
     - Secure electronic commerce                      - Software protection & viruses
     - Security architectures and models              -  Security protocols
     - Distributed system security                         - Evaluation and certification
Detailed information about the conference can be found at the conference web site:

EFCE  The Second Edinburgh Financial Cryptography Engineering Conference, Edinburgh, Scotland, June 22-23, 2001.   [posted here 1/2/01]
Edinburgh is again host to the international engineering conference on Financial Cryptography. Individuals and companies active in the field are invited to present and especially to demonstrate Running Code that pushes forward the "state of the art".  This is a technical, practical meet. Presentations of demonstrable technology in the field of Financial Cryptography are invited. As this is a practical conference, we are hoping to accept every demonstrator.  More information can be found on the conference web site at  [Editor's note: It was not clear from the announcement if there is a deadline for submitting your code and presentation.  Please check the web site for current information.]

MOS'2001  The 7th ECOOP Workshop on Mobile Object Systems,  (in association with the 15th European Conference on Object-Oriented Programming), Budapest Hungary, June 18, 2001.    [posted here 2/20/01]
This year's workshop has two emphases. Firstly, it seeks experience reports, as well as papers on design and development techniques for mobile object applications. Application of the recent research results in the development of real systems is crucial for the future of mobile computing.  Secondly, it brings together a group of active researchers working on security and fault tolerance to develop an understanding of the important research problems and recent results in these areas. In particular, it is felt that it should be beneficial to examine fault tolerance and security issues together as secure agents systems can be used for building fault tolerant systems and at the same time general fault tolerance mechanisms can be applied for providing security.  Topics of interest and instructions for submitting a paper can be found on the workshop web page at

Verification Workshop (in connection with IJCAR 2001), Siena, Italy, June 19-19, 2001.    [posted here 3/10/01]
The aim of this verification workshop is to bring together people who are interested in the development of safety and security critical systems, in formal methods in general, in automated theorem proving, and in tool support for formal developments. The emphasis of this years workshop is on the identification of open problems and the discussion of possible solutions under the theme "What are the verification problems? What are the deduction techniques?"  Depending on quality submissions the workshop will consist of two parts which each focus on one of these questions followed by an overall discussion. Topics include (but are not limited to):
   - ATP techniques in verification + Refinement & decomposition
   - Case studies (specification & verification) + Reuse of specifications & proofs
   - Combination of verification systems + Safety critical systems
   - Compositional & modular reasoning + Security for mobile computing
   - Fault tolerance + Security models
   - Gaps between problems & techniques + Verification systems
   - Protocol verification
Regular papers and discussion papers are encouraged. Please see the workshop web page at for details.

FIRST'2001  The 13th Annual FIRST Conference on Computer Security and Incident Handling, Toulouse, France, June 17-22, 2001.   [posted here 10/4/00]
The Forum of Incident Response and Security Teams (FIRST) conference  brings together IT managers, system and network administrators, security specialists, academia, security solutions vendors, computer security incident response team (CSIRT) personnel and anyone interested in   the most advanced techniques in detecting and responding to computer security incidents;  the latest advances in computer security tools, methodologies, and practice; and  sharing their views and experiences with those in the computer security incident response field. The conference is a five day event, comprising two days of tutorials and three days of technical sessions which include refereed paper presentations, invited talks, and panel discussions.  More information on the conference and submitting a paper can be found on the conference web page at

SCITS-II IFIP WG 9.6/11.7 Working Conference on Security and Control of IT in Society II, Bratislava, Slovakia, June 15-16, 2001.   [posted here 9/30/00]
In the Global Information Society, dependencies on IT are wide-spread already and still rising. Yet IT and the emerging Global Information Infrastructure (GII) introduce new opportunities for criminal activities, and new potential threats to people and society. These threats and opportunities have to be countered and controlled in a manner that balances the benefits of IT. In order to make good use of the advantages offered by the new Global Information Infrastructure, a secure and trustworthy environment is needed, which takes also into account social and legal values. The working conference will focus on legal, social, technical, and organisational aspects of information infrastructures and of new global applications. It will further address how to prevent emerging threats to IT systems security as well as risks to people, organisations, and society as a whole. Invited topics include, but are not limited to the following:
     - Case studies of Misuse
     - Risks in the GII to system security, people, and society
     - Risks of malware and intelligent agents
     - Internet Fraud
     - Risks through interception and tracking technologies
     - Risks analysis methods: new approaches and experiences
     - Critical Information Infrastructure Protection and Social Implications
     - Approaches to high-tech crime prevention, detection, and investigation
     - International Cooperation in fighting high-tech crime
     - Multilateral Security
     - Protecting users/usees by Privacy-Enhancing Technologies
     - Users´ security responsibilities
     - Crypto / Anonymity debate
     - IT law for preventing Misuse (e.g. in the area of Electronic Commerce)
     - Regulations for Digital Signatures, concepts of Certification Authorities
     - Perception of security in society, security awareness
Complete instructions for submitting a paper can be found on the conference web page at

The 13th Annual Canadian Information Technology Security Symposium, Ottawa, Canada, June 11-15, 2001.  [posted here 11/22/00]
"Setting Our Sites on Security".   For information:  (613)991-8500; fax: (613)991-7251; Web site: e-mail: In English/French.

CSFW'14 14th IEEE Computer Security Foundations Workshop, Cape Breton, Nova Scotia, Canada, June 11-12, 2001.    [posted here 10/13/00]
This workshop series brings together researchers in computer science to examine foundational issues in computer security. For background information about the workshop, and an html version of this Call for Papers, see the CSFW home page We are interested both in new results in theories of computer security and also in more exploratory presentations that examine open questions and raise fundamental concerns about existing theories. Both papers and panel proposals are welcome. Possible topics include, but are not limited to:
   -  access control authentication data and system integrity
   -  database security network security distributed systems security
   -  anonymity intrusion detection security for mobile computing
   -  security protocols security models decidability issues
   -  privacy executable content formal methods for security
   -  information flow

IFIP/Sec 2001 16th International Conference on Information Security, Paris, France,  June 11-13, 2001.   [posted here 10/30/00]
The annual conference devoted to information systems security, organized by the TC-11 (Technical Committee on Security and Protection in Information Processing Systems) of IFIP (International Federation for Information Processing) will be held on June 11-13, 2001, in Paris, France. The submission deadline is 31 December 2000. Regular papers, panel proposals and tutorial proposals should be sent to: More details on this call for papers can be found on:

SMC-IAW  2nd Annual IEEE Systems, Man, and Cybernetics Information Assurance Workshop, United States Military Academy, West Point, New York, USA, June 5-6, 2001.    [posted here 11/22/00]
The purpose of the Information Assurance Workshop is to provide a forum for discussion and sharing ideas in information assurance. Information assurance is a broad area, and for purposes of this workshop, it includes the following topics: Intrusion detection and response; Cryptography and its applications; Data and information fusion; Computer security; Cyber ethics and policy; Planning and decision support tools; Military and government research, development, and application efforts. While this workshop focuses on novel applications of simulations, agents, artificial intelligence, and operations research techniques to ensuring the confidentiality, integrity, and availability of information, it is not limited to these topics. If you are unsure of whether your paper would be applicable, contact the Program Chair.  More information can be found on the conference web page at

SEEMAS'2001  First International Workshop on Security of Mobile Multiagent Systems (to be held at the Fifth International Conference on Autonomous Agents), Montreal, Canada, May 29, 2001.  [posted here 1/30/01]
We welcome the submission of papers from the full spectrum of issues associated with security in mobile multiagent systems, both in the public Internet and in private networks. We particularly encourage the discussion of the following topics:
   - security policies for agent environments
   - security mechanisms that can be implemented by using (mobile) multiple agents
   - reasoning about security in an agent architecture
   - security for agents (against other agents, malicious hosts, and software failures)
   - security for agent hosts (against agent attacks and agent deficiency)
   - security through agents (for any form of malfunctioning in the network)
   - application of security mechanism in a (mobile) multiagent context
   - integration of traditional security mechanisms to the agent realm
   - design methodologies for secure (mobile) multiagent systems
More information can be found on the conference web page at

NCISSE'2001 Fifth National Colloquium for Information Systems Security Education, George Mason University, Fairfax, Virginia, USA, May 22-24, 2001.   [posted here 1/9/01]
This colloquium, the fifth in an ongoing annual series, will bring together leading figures from academia, government, and industry to address the national need for security and assurance of our information and communications infrastructure. This goal requires both an information-literate work force that is aware of its vulnerability as well as a cadre of information professionals that are knowledgeable of the recognized "best practices" available in information security and information assurance. This year the Colloquium will trace security education and training from its beginning, through the current state of art, and into the future.  The colloquium is interested in general submissions as well as student participation. The papers should discuss course or lab development, INFOSEC curricula, standards, best practices, existing or emerging programs, trends, and future vision, as well as related issues. This year, we are particularly interested in addressing "What does a good education in information security require, and how are we to teach this?" To answer this question, we are particularly interested in topics such as the following (although others are also of interest):
*  Assessment of need (e.g. how many information security workers/researchers/faculty are needed?)
*  Integrating information assurance topics in existing graduate or undergraduate curricula
*  Experiences with course or laboratory development
*  Alignment of curriculum with existing information assurance education standards
*  Emerging programs or centers in information assurance
*  Late breaking topics
*  Best Practices
*  Vision for the Future
Information about the conference, as well as instructions for submitting a paper are given on the conference web site at

First Workshop on Information Security Systems Rating and Ranking, Williamsburg, Virginia, May 21-23, 2001.   [posted here 2/20/01]
After more than 20 years of effort in "security metrics," the evolution of product evaluation criteria identification, Information Assurance (IA) quantification, and risk assessment/analysis methodology development, has led to the widespread need for a single number or  digraph rating of the "security goodness" of a component or system. Computer science has steadily frustrated this need--it has neither provided generally accepted, reliable measures for rating IT security nor has it applied any measures for security assurance. The goals of this workshop are to recap the current thinking on "IA metrics" activities and to formulate a path for future work on IA rating/ranking systems. Topics will include identifying workable successes or capturing lessons learned from our failures, clarifying what is measurable, and the addressing the impact of related technology insertion. The expected workshop result is the determination of "good" indicators of the IA posture of a system. The workshop will serve as a forum for group discussion, with topics determined by the participants. Submission of a 4-to-5-page position paper is required for workshop attendance. For further information, please see: Deadline for submission of papers: March 30, 2001.

S&P'2001  2001 IEEE Symposium on Security and Privacy, Oakland, CA, USA, May 13-16, 2001.   [posted here 9/16/00]
Previously unpublished papers offering novel research contributions in any aspect of computer security or electronic privacy are solicited for submission to the 2001 symposium. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains. We particularly welcome papers that help us continue our re-established emphasis on electronic privacy. Topics of interest include, but are not limited to, the following:
   -   Commercial and industrial security       -    Electronic privacy 
   -   Mobile code and agent security              -   Distributed systems security 
   -   Network security                                      -   Anonymity 
   -   Data integrity                                            -   Access control and audit 
   -   Information flow                                      -    Security verification 
   -   Viruses and other malicious code           -   Security protocols 
   -   Authentication                                           -   Biometrics 
   -   Smartcards                                                 -   Electronic commerce 
   -   Intrusion detection                                    -   Database security 
   -   Language-based security                           -   Denial of service 
The conference may include panel sessions addressing topics of interest to the computer security community. A continuing feature of the symposium will be a session of 5-minute talks, where attendees can present preliminary research results or summaries of works published elsewhere.   Complete instructions for submitting papers, panel proposals, and 5-minute talk abstracts can be found on the conference web page at

Eurocrypt'2001  20th Annual Eurocrypt Conference, Innsbruck, Austria,  May 6-10, 2001.  [posted here 8/13/00]
Original papers on all technical aspects of cryptology are solicited for submission to Eurocrypt 2001, the 20th Annual Eurocrypt Conference. It is organized by the International Association for Cryptologic Research (IACR). See the conference web page at for more information.

SACMAT'2001  Sixth ACM Symposium on Access Control Models and Technologies, Chantilly, VA, USA, May 3-4, 2001.  [posted here 3/13/01]
SACMAT 2001 is the successor to the ACM Workshop on Role-Based Access Control in which the organizers aim to provide a meeting place for researchers in all facets of access control, including models, systems, applications, and theory. Historically, access control research has been published in their respective domains or as niche work in general security conferences, but this symposium gives researchers the opportunity to share their perspectives with others interested in access control in particular. Details on the program, registration and conference site can be obtained from the conference web page at

WWW10  The Tenth International World Wide Web Conference, Hong Kong, China.  May 1-5, 2001.  [posted here 10/10/00]
Committed to advancing the Web to its full potential in the 21st century, WWW10 will offer a forum for Web researchers and practitioners to define, discuss, and disseminate the most up-to-date Web techniques and information. Leaders from industry, academia, and government will present the latest developments in Web technology.  The conference will consist of refereed paper sessions, panel sessions, a poster track, a W3C track, and several specialized tracks including Culture, E-commerce on the Web, Law and the Web, Vendors Track, Web and Education, Web Internationalization, and Web and Society.  A complete list of topics of interest along with instructions for submitting a paper can be found on the conference web site at

IHW'2001 4th International Information Hiding Workshop, Holiday Inn University Center, Pittsburgh, PA, USA, April 25-27, 2001   [posted here 2/26/00]
Many researchers are interested in hiding information or, conversely, in preventing others from doing so. As the need to protect digital intellectual property grows ever more urgent, this research is of increasing interest to both the academic and business communities. Current research themes include: copyright marking of digital objects, covert channels in computer systems, detection of hidden information, subliminal channels in cryptographic protocols, low-probability-of-intercept communications, and various kinds of anonymity services ranging from steganography through location security to digital elections. Interested parties are invited to submit papers on  research and practice which are related to these areas of interest. Further information  can be obtained at or by contacting the program chair at

Ninth Cambridge International Workshop on Security Protocols, Cambridge, England, April 25-27, 2001.   [posted here 1/15/01]
You are invited to consider submitting a position paper to the Ninth Cambridge International Workshop on Security Protocols. Attendance is by invitation only, and in order to be invited you must submit a position paper.  This year's theme is "Mobile Computing vs Immobile Security". This theme includes (but is not limited to):
    - location-dependent authorization
    - portable hardware and alien infrastructure
    - enforcing foreign security policy
    - recognizing ambassadors and malware
    - migrating user requirements.
We invite you to consider these issues. As usual, we don't insist that position papers relate to the current theme in an obvious way.  The only pre-condition is that position papers should concern some aspect of security protocols, which may, but need not, involve cryptography.  More information on the workshop and the procedure for submitting a position paper can be found at

Cryptographic Security Aspects of Smart Cards and the Internet, April 23-26, 2001, Amsterdam, The Netherlands.   [posted here 3/10/01]
The three and a half day workshop will cover subjects such as Cryptography for Smart Cards, Network Security, Identity and Authentication and Smart Card security. An exciting entertainment programme and a half day excursion have also been planned to enable networking opportunities. To see the preliminary programme visit where you can register online or call the SCI-SEC team on +44 (0)1273 515651 or e-mail info@sci-secCryptographic Security Aspects of Smart Cards and the Internet

OPENARCH'01  The Fourth IEEE Conference on Open Architectures and Network Programming, Hilton Anchorage Hotel, Anchorage, Alaska, April 22-23, 2001.   [posted here 5/29/00]
The Fourth IEEE Conference on Open Architectures and Network Programming invites participation in this international forum on active, and programmable networks. Advances in open signaling and control, active networks, mobility management, transportable software, web-based services access, and distributed systems technologies are driving a reexamination of existing network software architectures and the evolution of control and management systems away from traditional constrained solutions. OPENARCH 2001 will foster a better understanding of these new network software architectures and techniques that are making the network interface more flexible and robust. Authors are invited to submit both full and short papers for consideration. Suggested topics include:
     - Advances in active networks
     - Open and innovative signaling systems 
     - Programming abstractions and interfaces for networks
     - Service creation platforms 
     - Programming for mobility 
     - Programming for Quality of Service 
     - Intelligent agents and trading 
     - Distributed computing models and algorithms 
     - Security in an open object world 
     - Support for multiple control planes 
     - Control and resource APIs and object representations 
     - Performance of control architectures 
     - Experimental architectures and implementation techniques 
     - Enabling technologies, platforms and languages (CORBA, WWW, Java, ...) 
     - Reliability of programmable networking technologies 
     - Modeling of network services 
     - Programmability support for virtual networks 
     - Interactive multimedia, multi-party cooperation and groupware 
     - Pricing and real-time billing 
     - Secure transactions processing and electronic commerce
     - Active networks in telephony 
OPENARCH is sponsored by the IEEE Communications Society and will be
co-located and organized in conjunction with INFOCOM 2001. Complete instructions for submissions can be found on the conference web site at

ICDCS'2001, 21st International Conference on Distributed Computing Systems, Phoenix, AZ, USA,  April 16-19, 2001.   [posted here 7/30/00]
You are invited to submit a paper to the 21st International Conference on Distributed Computing Systems.  The conference covers the entire breadth of distributed computing and is one of the premier conferences in the area.  Note that the call includes security topics. 

FSE'2001, Fast Software Encryption Workshop, Yokohama, Japan, April 2-4, 2001.   [posted here 1/2/01]
Fast Software Encryption is a seven-year-old workshop on symmetric cryptography, including the design and cryptanalysis of block and stream ciphers, as well as hash functions.  More information can be found at the conference web page at .

CaLC 2001  Cryptography and Lattices Conference, Brown University, Providence, Rhode Island, USA, March 29-30, 2001.   [posted here 6/2/00]
The focus of this conference is on all aspects of lattices as used in cryptography and complexity theory. We hope that the conference will showcase the current state of lattice theory and will encourage new research in both the theoretical and the practical uses of lattices and lattice reduction in the cryptographic arena. We encourage submission of papers from academia, industry, and other organizations. Topics of interest include the following, but any paper broadly connected with the use of lattices in cryptography or complexity theory will be given serious consideration:
     - Lattice reduction methods, including theory and practical implementation.
     - Applications of lattice reduction methods in cryptography, cryptanalysis and related areas of algebra and number theory.
    - Cryptographic constructions such as public key cryptosystems and digital signatures based on lattice problems.
     - Complexity theory of hard lattice problems such as SVP and CVP.
     - Other lattice related cryptographic constructions, for example based on cyclotomic fields, finite group rings, or group representations.
If you want to receive emails with subsequent Calls for Papers and registration information, please send a brief mail to <>.  More information can be found on the conference web site at

DODsec'2001 Fifth Workshop on Distributed Objects and Components Security, Annapolis, MD, USA, March 26-29, 2001.   [posted here 9/12/00]
Building on the success of four previous Distributed Object Computing Security Workshops, but extending the subject to include software component servers, the OMG is organizing this Fifth DOCSec Workshop. Reflecting the emergence of Components as a critical technology, DOCSec this year means Distributed Objects and Component Security. The purpose of the workshop remains the same, though: to bring together DOCSec users, vendors and specification developers to share experiences, requirements, and plans. A complete list of topics of interest along with instructions for submitting a paper can be found on the workshop web site at

ISADS 2001, The Fifth International Symposium on Autonomous Decentralized Systems, Dallas, Texas, USA, March 26-28, 2001.   [posted here 5/29/00]
Driven by the continuous growth in the power, intelligence and openness of computer, communication and control technologies, possibilities and opportunities for realizing highly efficient and dependable business and control systems have been steadily increasing. Dynamically changing social and economic situations demand next-generation systems based on emerging technologies and applications. Such systems are expected to have the characteristics of living systems composed of largely autonomous and decentralized components. Such systems are called Autonomous Decentralized Systems (ADS). While ISADS 2001 will primarily focus on advancements and innovation in ADS concept, technologies, and applications related to the increasingly important topic of Electronic Commerce, other themes such as telecommunications and heterogeneous system and application integration will also be included. The scope of discussions on ADS shall include, but not be limited to: 
      * Computer and communication architectures / intelligent network /Internet; 
      * Heterogeneous distributed information / control systems; 
      * Mobile agent /computer-supported cooperative works;
      * Distributed software development and maintenance;
      * Assurance, fault tolerance and on-line expansion; 
      * Object management architecture /design pattern / application frameworks; 
      * Emergent control and robotic systems; 
      * Novel applications: electronic commerce, telecommunications,  information service systems, manufacturing systems,  real-time event management, office automation, traffic and 
transportation control, logistics systems. See the conference web site at for complete instructions on submitting a paper or a proposal for a panel session.

FME2001  FORMAL METHODS EUROPE Formal Methods for Increasing Software Productivity, Humboldt-Universitaet zu Berlin, Germany, March 12-16, 2001.   [posted here 5/29/00]
FME 2001 is the tenth in a series of symposia organised by Formal Methods Europe, an independent association whose aim is to stimulate the use of, and research on, formal methods for software development. The theme of FME 2001 is Formal Methods for Increasing Software Productivity. This theme recognizes that formal methods have the potential to do more for industrial software development than enhance software quality--they can also increase productivity at many different points in the software life-cycle. The symposium committee is particularly interested in papers on the use of formal methods to
increase productivity, for example on:
      - Codifying domain knowledge
      - Re-using components
      - Automatically generating code and/or documentation
      - Improving the efficiency of software testing
      - Enhancing analysis techniques for validation and verification
      - Exploiting commonalities within product families
      - Improving the maintainability and modifiability of software
      - Empirical studies of effects on productivity
The symposium committee solicits full-length papers in two broad categories:
1. Use of formal methods, including reports on industrial use, substantial case studies, comparisons among methods, education, and technology transfer.
2. Development of formal methods, including motivating factors, theoretical foundations, extensions, manual procedures, and tool support.
More information about the submission of papers, tutorial and workshop proposals, can be found on the conference web site at

NIAP Government-Industry IT Security Forum (following SREIS), "Strategies for the Development of Security Requirements and Specifications for Computing and Real-Time Control Systems", Indianapolis, Indiana, USA, March 7, 2001.   [posted here 2/9/01]
The National Institute of Standards and Technology  and the National Security Agency, partners in the National Information Assurance Partnership (NIAP), invite interested parties to attend a Government-Industry IT Security Forum to discuss potential public and private sector strategies for the development of security requirements and specifications needed for the protection of government, business and personal computing and real-time control systems. The primary purpose of the forum is to bring national attention to the concept of security requirements definition and its importance in developing a more secure information infrastructure within the United States. Leaders from government, industry, and academia will have an opportunity to share their views on the role of security requirements in the development, testing and acquisition of commercial products and systems. More information can be found at or the Purdue CERIAS web site at

SREIS  Symposium on Requirements Engineering for Information Security, Purdue University CERIAS, West Lafayette, Indiana, USA,  March 5-6, 2001.    [posted here 7/7/00]
The symposium is intended to provide researchers and practitioners from various disciplines with a highly interactive forum to discuss security and privacy-related requirements. Specifically, we encourage those in the fields of requirements engineering, software engineering, information systems, information and network security as well as trusted systems to present their approaches to analyzing, specifying and testing requirements to increase the level of security provided to users interacting with pervasive commerce, research and government systems. Symposium attendance will be limited. All attendees are encouraged to submit a paper or position statement. Special emphasis will be placed on attendance by graduate students participating in PhD study. Some travel and expense scholarships for these students will be available; preference will be given to students from CERIAS Affiliate centers and programs. Submissions are encouraged addressing a range of requirements engineering, security, and privacy issues, such as:
   -   Solutions to known RE problems as applied to security and privacy
   -   Innovative research ideas initiating new research directions
   -   Industrial problem statements
   -   Generalizations from individual industrial experiences
   -   RE for trusted Commercial Off-The-Shelf (COTS) systems
   -   Empirical studies of industrial RE practice
   -   Capture and expression of informal and ad hoc requirements
   -   Managing conflicting requirements of operational effectiveness and security
   -   Methods for the specification and analysis of security requirements
   -   Methods for ensuring compliance between requirements and policies
More information can be found on the symposium web site at

FC'01  Fifth International Conference on Financial Cryptography, Grand Cayman, BWI, February 19-22, 2001.   [posted here 9/11/00]
Original papers are solicited on all aspects of financial data security and digital commerce in general for submission to the Fifth Annual Conference on Financial Cryptography (FC01). FC01 aims to bring together persons involved in the financial, legal and data security fields to foster cooperation and exchange of ideas. Relevant topics include:
   Anonymity Protection                    Infrastructure Design
   Auditability                                      Legal/ Regulatory Issues
   Authentication/Identification         Loyalty Mechanisms
   Certification/Authorization            Payments/Micropayments
   Commercial Transactions               Privacy Issues
   Copyright/ I.P. Management           Risk Management
   Digital Cash/ Digital Receipts        Secure Banking Systems
   Economic Implications                   Smart Cards
   Electronic Purses                            Trust Management
   Implementations                              Watermarking
Full Call for papers available at  The conference web site is

PKC2001  International Workshop on Practice and Theory in Public Key Cryptography, Cheju Island, Korea, February 13-15, 2001.  [posted here 6/9/00]
PKC2001, is the fourth conference in the international workshop series on the practice and theory in public key cryptography  Original research papers pertaining to all aspects of public key encryption and digital signature are solicited. Submissions may present theory, techniques, applications and practical experience on topics including, but not limited to:

   -  certification and time-stamping    -  cryptanalysis
   -  comparison and assessment    -  discrete logarithm
   -  electronic cash/payments    -  elliptic curve cryptography
   -  encryption data formats    -  encryption schemes
   -  fast implementation    -  integer factorization
   -  international standards    -  lattice reduction
   -  provable security    -  public key infrastructure
   -  secure electronic commerce    -  signature data formats
   -  signcryption schemes

More information can be found on the conference web page at


NDSS'01, The Internet Society 2001 Network and Distributed System Security Symposium, Catamaran Resort, San Diego, California, February 7-9, 2001. [posted here 5/10/00]
This symposium will foster information exchange among researchers and practioners of network and distributed system security services. The intended audience includes those who are interested in the practical aspects of network and distributed system security, focusing on actual system design and implementation, rather than theory. A major goal of the symposium is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technology. The proceedings of the symposium will be published by the Internet Society. The Program Committee invites both technical papers and panel proposals. Submissions are solicited for, but are not limited to, the following topics:
    * Secure Electronic Commerce.
    * Intellectual Property Protection.
    * Network security policies.
    * Integrating Security in Internet protocols.
    * Attack-resistant protocols and services.
    * Special problems and case studies.
    * Security for collaborative applications and services.
    * Fundamental security services.
    * Supporting mechanisms and APIs.
    * Integrating security services with system and application security facilities and protocols.
    * Security for emerging technologies.
    * Intrusion Avoidance, Detection, and Response.
    * Network Perimeter Controls.
    * Virtual Private Networks.
Submissions must be received by August 2, 2000. Complete submission information can be found at Dates, final call for papers, advance program, and registration information are available at