27th Annual Computer Security Applications Conference (ACSAC 2011)
Buena Vista Palace Hotel & Spa in the Walt Disney World Resort, Florida, USA
5-9 December 2011


The Annual Computer Security Applications Conference (ACSAC) is an 
internationally recognized forum where practitioners, researchers, 
and developers in information and system security meet to learn and 
to exchange practical ideas and experiences. If you are developing, 
researching, or implementing practical security solutions, consider 
sharing your experience and expertise at ACSAC.

We are especially interested in submissions that address the 
application of security technology, the implementation of systems, 
and lessons learned. Some example topics are:

     * Access control
     * Assurance
     * Audit and audit reduction
     * Biometrics
     * Boundary control devices
     * Certification and accreditation
     * Database security
     * Denial of service protection
     * Distributed systems security
     * Electronic commerce security
     * Enterprise security management
     * Forensics
     * Identity management
     * Incident response planning
     * Insider threat protection
     * Integrity
     * Intellectual property rights protection
     * Intrusion detection and prevention
     * Malware
     * Mobile and wireless security
     * Multimedia security
     * Network resiliency
     * Operating systems security
     * Peer-to-peer security
     * Privacy and data protection
     * Privilege management
     * Product evaluation criteria and compliance
     * Risk/vulnerability assessment
     * Securing cloud infrastructures
     * Security engineering and management
     * Security in service oriented architectures
     * Security usability
     * Software security
     * Supply chain risk management
     * Trust management
     * Virtualization security
     * VoIP security
     * Web 2.0/3.0 security


      Papers*            6 June 2011
      Case Studies       6 June 2011
      Courses/Tutorials*         6 June 2011
      Panels             6 June 2011
      Workshops          6 June 2011
      Posters            2 Sept 2011
      Works-in-Progress  2 Sept 2011

* All paper and course/tutorial submissions are peer-reviewed in a 
double-blind process.


Chair: John McDermott, Naval Research Lab
Co-Chair: Michael Locasto, University of Calgary

We solicit papers offering novel contributions in any aspect of 
applied security. Papers are encouraged on results that have been 
demonstrated to be useful for improving information systems security 
and that address lessons learned from actual application.

Submitted papers must not substantially overlap papers that have been 
published or that are simultaneously submitted to a journal or a 
conference with proceedings. Submitted papers should be at most 15 
pages including the bibliography and well-marked appendices and 
formatted as a single column, using 11-point font and reasonable 
margins on letter-size paper. This format enhances readability for 
the reviewers. Accepted papers must be reformatted to 10 pages 
maximum, according to the ACM instructions at 
http://www.acm.org/sigs/publications/proceedings-templates, using the 
template Option 2 "WITH permission block". Committee members are not 
required to read the appendices, and so the paper should be 
intelligible without them. All submissions should be appropriately 
anonymized (i.e., papers should not contain author names or 
affiliations, or obvious citations). Submissions are to be made using 
the OpenConf system at www.acsac.org. Only PDF files will be 
accepted. Submissions not meeting these guidelines risk rejection 
without consideration of their merits. Papers must be received by the 
deadline above. Authors of accepted papers must guarantee that their 
papers will be presented at the conference.


Chair: Steven Rome, Booz Allen Hamilton
Co-Chair: Ken Shotting, DoD

The Case Studies in Applied Security Track is a critical part of the 
technical conference. It is an opportunity for professionals to share 
information that is current without writing a detailed technical 
paper, but enables attendees to learn about the next generation of 
products and solutions. It is open to anyone in the community such as 
vendors, network providers, systems integrators, government 
civil/federal/military programs or users across the spectrum of 
computer security applications. Potentially this is where attendees 
can learn about client needs and vendors solutions. This year we are 
especially interested in automated solutions based on existing 
knowledge. While the Case Studies will not be included in the 
Proceedings, the presentations will be posted to the ACSAC site 
following the conference.


Chair: Daniel Faigin, The Aerospace Corporation, USA

Courses (formerly known as Tutorials) are full (6 hour) or half (3 
hour) day classes on how to apply or use a particular technology to 
address a security need. A typical course submission includes an 
abstract of the course, a brief (1-2 page) outline, an instructor 
bio, an indication of length, and notes on prerequisites and 
textbooks. Course instructors receive an honorarium and expenses. If 
you would like to indicate a topic you would like to see, you may do 
that as well; please suggest an instructor if you can.


Chair: Kevin Butler, University of Oregon

Panels are encouraged on the topics listed above. Panels may frame a 
debate on a controversial question or summarize interesting results, 
but they must encourage audience participation. A typical submission 
will include a proposed moderator, panel members (usually 3-5) and an 
abstract of the proposed topic.


Chair: Benjamin Kuperman, Oberlin College

The poster session provides an opportunity for researchers and 
practitioners to present their new and innovative preliminary work in 
an informal, interactive setting. Conference attendees can learn 
about novel on-going research projects that might not yet be 
complete, but whose preliminary results are already interesting. 
Poster presenters will have an opportunity to discuss their work and 
get invaluable feedback from knowledgeable sources at an early stage 
of their research.

The Works in Progress (WiP) session offers short presentations (5 
minutes maximum) of ongoing work. These presentations highlight the 
most current work in both business and academia, emphasizing goals 
and value added, accomplishments to date, and future plans. Special 
consideration is given to topics that discuss real life security 
experience, including system implementation, deployment, and lessons learned.


Chair: Harvey Rubinovitz, The MITRE Corporation

ACSAC workshops are on up to date topics that attendees usually rate 
to provide a useful and exciting forum for information technology 
professionals (e.g., standards developers, software developers, 
security engineers, security officers) to exchange ideas, concerns, 
and opinions.


ACSAC offers conferenceships for students who otherwise would not be 
able to attend the conference. The conferenceship covers hotel, 
registration and a cash award to help defray the costs with 
transportation and food. Application deadline is 22 Sept 2011.


Visit www.acsac.org for additional conference and submission information.

On behalf or the 2011 ACSAC Organizing Committee, I invite you to 
join us in Orlando, and encourage you to consider making a submission 
to the program.

         Robert H'obbes' Zakon, Zakon Group LLC
         ACSAC 2011 General Chair

   ACSAC is sponsored by Applied Computer Security Associates (ACSA), 
a group of professionals who are working to facilitate information 
sharing among colleagues. We're an all-volunteer not-for-profit 
organization.  Our postal address is 2906 Covington Road, Silver 
Spring, MD  20910-1206.
    You can help ACSAC reach people who might benefit from this 
information. Feel free to forward this message with a personal note 
to your friends and colleagues.
    You can add, delete, or change your email subscription by 
clicking on ACSAC Mailing List at http://www.acsac.org