_________________________________________________________________________


The First ACM Computer Security Architecture Workshop

    http://www.rites.uic.edu/csaw

________________________________________________________________________

A workshop held in conjunction with the

ACM Conference on Computers and Communications

October 31, 2008 * George Mason University * Fairfax, Virginia, USA

Submission Deadline: 20 June 2008

________________________________________________________________________


The Computer Security Architecture Workshop (CSAW)--pronounced
see-saw---solicits papers on security architectures, their interfaces,
implementations, and implications.

Architectures, whether system or application, are composed of
abstractions (interfaces) and their implementations.  Security
Architectures are architectures which enable implementations that are
resilient to an appropriate and broad-based spectrum of threats.  An
evaluation of a Security Architecture requires understanding these
threats; the tradeoffs between different system goals, including
between security and non-security goals; the long-term appropriateness
of its interfaces; and the implementations it allows.  The best
interfaces are those that capture the most important issues, enable
different implementations, and are flexible enough to adapt (or be
adapted) to different threats.

Two well-known issues are particularly important: First, complexity is
a source of security holes. Second, security is a matter of the
weakest link.  Because of the need to balance off complexity versus
protections, these tradeoffs are often controversial.  Other tradeoffs
include performance, usability, and flexibility. This workshop focuses
on understanding the new ideas that will compose the next generation
of Security Architectures.

The design and evaluation of Security Architectures is of fundamental
importance to security.  And yet, many of our fundamental
architectures were created when security was less appreciated and less
well understood.  Since it is notoriously difficult to add security
after the fact, our systems are far too susceptible to attack.
Moreover, architectures, because they are broad based, are difficult
to understand and this is a specialized workshop in which Security
Architecture experts will gather.  As far as we know, this workshop is
unique in its focus on Security Architectures.

The workshop topics include, but are not limited to:


Authorization
Authentication
Network security
Distributed systems
Operating systems
Privacy
Applications and security frameworks
Specialized applications such as voting systems
Hardware/software co-design for security
Analysis of architectures
System composability (properties, pitfalls, analysis & reasoning
Assurance techniques
Case studies
Usability issues

_________________________________________________________________________


Submission instructions

Submitted papers must not substantially overlap papers that have been
published or that are simultaneously submitted to a journal or a
conference with proceedings. Submissions should be at most 6 pages in
doublecolumn ACM format, excluding the bibliography and well-marked
appendices. Please include page numbers on all submissions to make it
easier for reviewers to provide helpful comments. Committee members
are not required to read appendices, so the paper should be
intelligible without them. Final proceedings versions will be 10 pages
in double-column ACM format; although authors will have the option of
buying a limited number of additional pages. Submissions are not
anonymized.
For further details see \url{http://www.rites.uic.edu/csaw}.

_________________________________________________________________________

                    Important dates


Paper submissions due:           20 June 2008
Notification to the authors:   3rd week of July
Camera ready papers due:       10 August 2008
Poster/Lightning submission:   12 September 2008
Workshop date:                 31 October 2008

_________________________________________________________________________

                     Organization

General Chair: Vijay Atluri, Rutgers University

Organizers: Daniel J. Bernstein, Trent Jaeger, Angelos Keromytis,
Ravi Sandhu, and Jon A. Solworth

Program Chair: Trent Jaeger, Penn State University

Program Committee

Daniel J. Bernstein,UIC
Vinod Ganapathy, Rutgers
Tal Garfinkel, Stanford
Jonathon Giffin, Georgia Tech
Sam King, UIUC
Peter G. Neumann, SRI
Reiner Sailer, IBM Research
Ravi Sandhu, UTSA
Umesh Shankar, Google
Sean Smith, Dartmouth
Jon A. Solworth, UIC
Patrick Traynor, Penn State
Wietse Venema, IBM Research