============================================== CRiSIS'2007 International Conference on Risks and Security of Internet and Systems Colocated with IEEE GIIS 2-5 July 2007 Marrakech - Morocco ============================================== http://www.crisis2007.org ******************************************** **** Submission Deadline: March25, 2007 *** ******************************************** The Internet has become essential for the exchange of information. Many user groups from different backgrounds and with different objectives depend on it to perform their daily tasks. Various activities are carried out via the Internet: B2B, B2C, or between individuals who create their own virtual communities. Moreover, many companies are interconnecting their IT systems, including SCADA systems, directly or indirectly to the Internet. At the same time, the use of the Internet is facing increasing risks regarding privacy and security, in particular due to vulnerabilities induced by the complexity of Internet-related applications. Therefore, new security mechanisms and techniques should be deployed to achieve an assurance level acceptable for critical domains such as transportation, health, defence, banking, critical infrastructures, etc. Attackers nowadays do not lack motivation and they are more and more experienced. The existence of vulnerabilities encourages different kinds of attackers to exploit them and gain access to personal computers or penetrate into IT systems belonging to companies or administrations. In this context, dependability, security and privacy become a priority that should be addressed by all actors in research, industry, services and governments. ================ * T O P I C S * ================ The topics addressed by CRiSIS range from the analysis of risks, attacks and vulnerabilities to system survivability, passing through security policies and models, security mechanisms and privacy enhancing technologies. Authors are invited to submit research results as well as practical experiment or deployment reports. Industrial papers about applications or case studies are also welcomed in different domains (e.g., telemedicine, e-government, e-learning, e-commerce, critical infrastructures, etc.). The list of topics includes, but is not limited to: * Analysis and management of risk, attacks and vulnerabilities * Security and dependability of operating systems and network components * Web services and middleware security * Dependability and fault tolerance of Internet applications * Security and safety of critical infrastructures * Security and privacy of peer-to-peer system, wireless networks, VPN and embedded systems * Security of new generation networks, security of Voice-over-IP and multimedia * Security of database systems, security of e-commerce and electronic voting systems * Authentication, authorization and audit * Privacy protection and anonymization * Traceability and forensics * Security models and security policies * Formal methods, verification and certification * Key management Infrastructure (PKI) and trust management * Biometrics, watermarking, cryptography and security protocols * Access controls and security mechanisms * Use of smartcards and personal devices for Internet applications * Firewalls and intrusion detection systems * Viruses, worms and malicious codes * Attack data acquisition (honeypots) and network monitoring * Metrology, security evaluation, and security management * Organizational, ethical and legal issues. ============================= I M P O R T A N T D A T E S ============================= * Paper submission deadline: March 25, 2006 * Acceptance notification: April 25, 2006 * Final version due: May 15, 2006 ===================== S U B M I S S I O N S ===================== Papers must be written in English or French, and must be submitted electronically in PDF format. Maximum paper length is 8 printed pages for full papers or 4 pages for short papers, including figures in IEEE 2-column style (See http://www.computer.org/portal/site/cscps) The cover page should include paper title, author's full names, affiliations and complete addresses (telephone, fax, email), abstract, and a list of keywords. Paper submissions must be received by 25 March 2007, via CRiSIS 2007 website. SPECIAL ISSUE IN INTERNATIONAL JOURNAL ======================================= Authors of the best CRiSIS 2007 papers will be invited to submit extended versions for possible publication in a special issue of an International Journal. ========================= G E N E R A L C H A I R ========================= Yves Deswarte ================================== P R O G R A M C O M M I T T E E ================================== Anas Abou El Kalam LIFO - ENSI de Bourges (PC Chair) Rachida Ajhoun ENSIAS,Morocco Mahmoud Boufaida University of Constantine, Algeria Michel Cukier University of Maryland, USA Frédéric Cuppens ENST de Bretagne,France Marc Dacier Eurecom, France Sabrina De Capitani Università di Milano, Italy Hervé Debar France Télécom R&D, France Mourad Debbabi Concordia Institute of Information Systems, Canada Yuri Demchenko Universiteit van Amsterdam, Netherlands Geert Deconinck Katholieke Universiteit Leuven,Belgium Rachida Dssouli Concordia, University, Canada Aziz El Fazziki Université de Marrakech (FSSM), Morocco Jean-Guy Fontaine Istituto Italiano di Tecnologia, Italy Dieter Gollmann Technische Universität Hamburg-Harburg, Germany Frédéric Kratz LVR - ENSI de Bourges, France Catherine Meadows Naval Research Laboratory, USA Jean-Jacques Quisquater Université de Louvain, Belgium Michael Rusinowitch LORIA - INRIA, France Ahmed Serhrouchni ENST de Paris, France Hesham Soultan IBM, Egypt Gilles Trouessin Oppida, France Paulo Verissimo Universidade de Lisboa, Portugal