28th Annual Computer Security Applications Conference (ACSAC 2012)
Buena Vista Palace Hotel & Spa in the Walt Disney World Resort, Florida, USA

3-7 December, 2012 



The Annual Computer Security Applications Conference (ACSAC) is an 
internationally recognized forum where practitioners, researchers, 
and developers in information and system security meet to learn and 
to exchange practical ideas and experiences. If you are developing, 
researching, or implementing practical security solutions, consider 
sharing your experience and expertise at ACSAC.

We are especially interested in submissions that address the 
application of security technology, the implementation of systems, 
and lessons learned. Some example topics are:

     * Access control
     * Assurance
     * Audit
     * Biometrics
     * Boundary control
     * Cloud security
     * Cybersecurity
     * Denial of service protection
     * Distributed systems security
     * Electronic commerce security
     * Enterprise security management
     * Forensics
     * Identity management
     * Incident response planning
     * Insider threat protection
     * Integrity
     * Intellectual property rights protection
     * Intrusion detection and prevention
     * Malware
     * Mobile and wireless security
     * Multimedia security
     * Network resiliency
     * Operating systems security
     * Peer-to-peer security
     * Privacy and data protection
     * Privilege management
     * Product evaluation and compliance
     * Resilience
     * Security engineering
     * Security usability
     * Software security
     * Supply chain risk
     * Trust management
     * Virtualization security
     * VoIP security
     * Web 2.0/3.0 security


      Technical Papers*           1 June 2012
      Case Studies                1 June 2012
      Panels                      1 June 2012
      Training*                   1 June 2012
      Workshops                   1 June 2012
      Posters                     3 September 2012
      Works-in-Progress           3 September 2012
      Conferenceships             3 September 2012

* All paper and course/training submissions are peer-reviewed in a 
double-blind process. Also, awards will be given to the best paper 
and best student paper. Authors of the best papers will be invited to 
submit an extended version of their paper for publication in a 
premiere security journal (pending approval - details to be announced later).


Chair: Michael Locasto, University of Calgary
Co-Chair: Patrick Traynor, Georgia Institute of Technology

We solicit papers offering novel contributions in any aspect of 
applied security. Papers are encouraged on results that have been 
demonstrated to be useful for improving information systems security 
and that address lessons learned from actual application.

Submitted papers must not substantially overlap papers that have been 
published or that are simultaneously submitted to a journal or a 
conference with proceedings. Please ensure that your submission is a 
PDF file of a maximum of 10 pages (including all references and 
appendices) generated according to the ACM instructions at 
http://www.acm.org/sigs/publications/proceedings-templates, using the 
template Option 2 "WITH permission block". Committee members are not 
required to read the appendices. All submissions must be anonymous 
(i.e., papers should not contain author names or affiliations, or 
obvious citations). In the rare case that citing previous work in the 
3rd person is impossible, blind the reference and notify the PC 
Chair. Both of these constraints (page limit and anonymity) are hard 
constraints. Submissions not meeting these guidelines risk rejection 
without consideration of their merits.


Chair: Steven Rome, Booz Allen Hamilton
Co-Chair: Larry Wagoner, NSA

The Case Studies in Applied Security Track is a critical part of the 
technical conference. It is an opportunity for professionals to share 
information that is current without writing a detailed technical 
paper, but enables attendees to learn about the next generation of 
products and solutions. It is open to anyone in the community such as 
vendors, network providers, systems integrators, government 
civil/federal/military programs or users across the spectrum of 
computer security applications. Potentially this is where attendees 
can learn about client needs and vendors solutions. This year we are 
especially interested in automated solutions based on existing 
knowledge. While the Case Studies will not be included in the 
Proceedings, the presentations will be posted to the ACSAC site 
following the conference.


Chair: Daniel Faigin, The Aerospace Corporation

Courses (formerly known as Tutorials) are full (6 hour) or half (3 
hour) day classes on how to apply or use a particular technology to 
address a security need. A typical course submission includes an 
abstract of the course, a brief (1-2 page) outline, an instructor 
bio, an indication of length, and notes on prerequisites and 
textbooks. Course instructors receive an honorarium and expenses. If 
you would like to indicate a topic you would like to see, you may do 
that as well; please suggest an instructor if you can.


Chair: Kevin Butler, University of Oregon

Panels are encouraged on the topics listed above. Panels may frame a 
debate on a controversial question or summarize interesting results, 
but they must encourage audience participation. A typical submission 
will include a proposed moderator, panel members (usually 3-5) and an 
abstract of the proposed topic.


Chair: Benjamin Kuperman, Oberlin College

The poster session provides an opportunity for researchers and 
practitioners to present their new and innovative preliminary work in 
an informal, interactive setting. Conference attendees can learn 
about novel on-going research projects that might not yet be 
complete, but whose preliminary results are already interesting. 
Poster presenters will have an opportunity to discuss their work and 
get invaluable feedback from knowledgeable sources at an early stage 
of their research.

The Works in Progress (WiP) session offers short presentations (5 
minutes maximum) of ongoing work. These presentations highlight the 
most current work in both business and academia, emphasizing goals 
and value added, accomplishments to date, and future plans. Special 
consideration is given to topics that discuss real life security 
experience, including system implementation, deployment, and lessons learned.


Chair: Harvey Rubinovitz, The MITRE Corporation

ACSAC workshops are on up to date topics that attendees usually rate 
to provide a useful and exciting forum for information technology 
professionals (e.g., standards developers, software developers, 
security engineers, security officers) to exchange ideas, concerns, 
and opinions.


ACSAC offers conferenceships for students who otherwise would not be 
able to attend the conference. The conferenceship covers hotel, 
registration and a cash award to help defray the costs with 
transportation and food. Application deadline is 3 Sept 2012.


Visit www.acsac.org for additional conference and submission information.

ACSAC is sponsored by Applied Computer Security Associates (ACSA), a 
group of professionals who are working to facilitate information 
sharing among colleagues. We're an all-volunteer not-for-profit 
organization.  Our postal address is: ACSA, 2906 Covington Road, 
Silver Spring, MD  20910-1206.