_/_/_/_/ _/_/_/ _/_/_/_/ _/ _/ _/_/_/_/ _/_/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/_/_/_/ _/_/ _/_/_/_/ _/ _/ _/ _/ _/ _/ _/ _/ _/_/_/_/ _/_/_/ _/ _/ _/ _/_/_/_/ _/ _/ ============================================================================ Newsletter of the IEEE Computer Society's TC on Security and Privacy Electronic Issue 95 March 21, 2010 Hilarie Orman, Editor Sven Dietrich, Assoc. Editor cipher-editor @ ieee-security.org cipher-assoc-editor @ ieee-security.org Yong Guan Book Review Editor Calendar Editor cipher-bookrev @ ieee-security.org cipher-cfp @ ieee-security.org ============================================================================ The newsletter is also at http://www.ieee-security.org/cipher.html Cipher is published 6 times per year Contents: * Letter from the Editor * Commentary and Opinion o Richard Austin's review of "Managing the Human Factor in Information Security: How to win over staff and influence business managers", by David Lacey o Review of the Financial Cryptography conference (Tenerife, Canary Islands, Spain, January 25-28, 2010) by Vaibhav Garg and Debin Liu o Review of the Workshop on Ethics in Computer Security Research (Tenerife, Canary Islands, Spain, January 28-29, by Vaibhav Garg and Debin Liu o The Latest NIST Computer Security Publications Security Configuration Key History on PIV Cards Open Vulnerability Assessment Language IPv6 Deployment Smart Grid Security Strategy * List of Computer Security Academic Positions, by Cynthia Irvine (items from here emailed as "Part II") * Conference and Workshop Announcements o Calendar of Events o Upcoming calls-for-papers and events * Staying in Touch o Information for subscribers and contributors o Recent address changes * Links for the IEEE Computer Society TC on Security and Privacy o Becoming a member of the TC o TC Officers o TC publications for sale ==================================================================== Letter from the Editor ==================================================================== Dear Readers: Our newsletter has a detailed reviews of the Financial Cryptography conference and an interesting workshop on ethics in computer security research. No one can attend all the conferences in our field, and these detailed accounts, including questions and comments heard during the presentations, let a wide audience know what the pulse of the meeting was like. Richard Austin has also helped us keep up-to-date with his review of a recent book, "Managing the Human Factor in Information Security." In preparation for the upcoming 30th anniversary of the Security and Privacy Symposium (by the way registration is now open!), several people have been looking at its publication history. Our assistant editor to Cipher posed the problem of constructing a "dependency graph" showing which papers cite other Symposium papers. We have a depiction of the results at http://www.ieee-security.org/TC/oakcites.html and it shows some interesting facts. In 1987, the were five highly influential papers presented: Specifications for Multi-Level Security and a Hook-Up Property; A Comparison of Commercial and Military Computer Security Policies; A Multilevel Relational Data Model; Reasoning About Security Models; and Covert Channel Capacity. Based on the dependency graph, it would seem that the ideas in these papers continue to influence researchers today. The field, though, has drifted away from these high-level concepts towards a much more adversarial and application-specific approach. In retrospect, it should not be surprising. Who would have guessed, in 1987, that computers would be retail items, the FCC would be trying to get gigabit Internet connections to homes, and that political movements would begin with "tweets"? Speaking of tweets, the Cipher calendar of security-related events can be found on twitter.com under the name "ciphernews". There are few followers at the present time, but the experiment has minimal administrative overhead and will continue. One advantage is that deadline extensions are more likely to show up in the tweet version than in the online calendar version. I'm still waiting for picturephones and anti-gravity boots, Hilarie Orman cipher-editor @ ieee-security.org ==================================================================== Commentary and Opinion ==================================================================== Book reviews from past issues of Cipher are archived at http://www.ieee-security.org/Cipher/BookReviews.html, and conference reports are archived at http://www.ieee-security.org/Cipher/ConfReports.html ____________________________________________________________________ Book Review By Richard Austin 3/17/2010 ____________________________________________________________________ Managing the Human Factor in Information Security: How to win over staff and influence business managers by David Lacey Wiley 2009. ISBN 978-0-470-72199-5 Amazon.com USD 46.59 Information security tomes are popping up like mushrooms these days, and it takes something special to make one stand out among the other toadstools in the field. What attracted your humble correspondent to this one was a quote on the back cover: "Computers do not commit crimes. People do". That's a bit of wisdom that should be heard and heeded by a profession steeped in firewalls, intrusion detection, federated identity, encryption and all the other technological trappings that tend to fill our working days. Not that the technological things don't matter but if there's any lesson we can draw from the major breaches/security incidents/bad things that litter the trade press, it's that people, and their behavior, manage to trump most any of the technical controls we put in place. This implies that our security efforts must focus just as much on the people that operate and use a system as on the system itself. Examining what this dual focus really means is the task that Lacey set himself in the 11 chapters of this book. In the first chapter, "Power to the people", Lacey looks at what networking has really meant to power and value as it broke down barriers and made information flows easier to establish while complicating our information security lives almost beyond belief. He warns that the "classic" methods of locking down flows, erecting barriers, etc, are unlikely to be effective and challenges the reader to think of network solutions for what is really a network problem. The second chapter, "Everyone makes a difference", opens with the observation that while "everybody is responsible for security", you have to start somewhere and, by the way, just where should that "somewhere" be? Lacey's conclusion is that you really have to start everywhere by understanding each stakeholder's needs and contributions to "security". The security professional then tailors their interactions with each set of stakeholders based on their needs and sphere of action. For example, boards operate in the world of big risks and impacts while a customer wants a simple, easy-to-use interaction that is "secure" and doesn't require much effort on their part. Boards can effect large swathes of the organization while a customer can only really affect their own behavior. The third chapter, "There's no such thing as an isolated incident", takes a hard look at how to deal with situations gone wrong. There's a lot of wisdom in these few pages but one particularly notable point deals with the idea that there is often just as much to be learned from minor incidents and near misses as there is from a major crisis. By investigating and analyzing the root causes behind these lesser misfortunes, we may identify major crises while still in the incubation stage and spot those glaring defects in how we plan to confront a crisis when it occurs. Chapter 4 opens with the catchy title of "Zen and the art of risk management" and gives solid advice on this sometimes mystifying process. A particular gem is the sage observation that "Risk management is a measuring stick, not a decision making process" (p. 132). Chapter 5 confronts the thorny issue of trust ("Who can you trust?") and the threat of insider abuse. In organizational cultures where "Our people are our greatest asset" is a commonly heard mantra, it is sometimes difficult to think about one (or more) of those people being crooks and plan effectively for how to deter, identify or catch them. Chapter 6 confronts an issue that has doomed many security efforts, "Managing organization culture and politics". It identifies many of the reasons why "best laid plans" often go awry and offers guidance on how to align your efforts with the prevailing culture. The next three chapters ("Designing effective awareness programs", "Transforming organization attitudes and behavior" and "Gaining executive and business buy-in") delve into the processes for effectively modifying peoples' behavior in an organizational setting. Chapter 10, "Designing security systems that work", begins to sum up the content of the book by examining how to put it all into practice and pull together a system that can work and survive in the real world. I might suggest that this chapter actually be read first as it shows how all the threads covered in the other chapters fit together into the whole of a successful security program. The final chapter, "Harnessing the power of the organization", reflects somewhat the message of Chapter 1 but in the context of your own organization. In other words, your own organization is also a network and working within that concept will leverage its strength and resilience to enhance your own security program. Lacey does a great job of covering the "other half" of information security - the people half - with wit, clarity and charm. Rather than cataloging and lamenting the various ways that people can foul up the best-laid security plan, he draws on his extensive experience to show how we can work within those limits and foibles to develop security programs that work and can survive contact with the real world. In a bit of a change, this is a book that will most benefit the technical security professional who will likely have often been frustrated when a solid, technical plan fails to get approval or is trumped by human behavior in deployment. Following the sage advice in this book will enable them to start to look at people as less of an obstacle and more of a resource (or even partner) in achieving their security goals. ---------------------- Before beginning life as an itinerant university instructor and security consultant, Richard Austin spent some 30+ years in enterprise IT in roles ranging from software developer to security architect. He welcomes your thoughts and comments at rausti19 at Kennesaw dot edu ____________________________________________________________________ Review of Financial Cryptography Tenerife, Canary Islands, Spain, January 25-28, 2010 fc10.ifca.ai by Vaibhav Garg and Debin Liu ____________________________________________________________________ Disclaimer: The following review of the conference is limited by the authors ability to comprehend the various talks. If we make a mistake or quote someone incorrectly we ask for your apology. We do not intend to cause offense. The Fourteenth International Conference on Financial Cryptography and Data Security was held from January 25-28th in Tenerife, Canary Islands, Spain. The conference was supplemented by three workshops: the First Workshop on Real-Life Cryptographic Protocols and Standardization (RLCPS'10), the Workshop on Ethics in Computer Security Research (WECSR 2010), and the First International Workshop on Lightweight Cryptography for Resource-Constrained Devices (WLC'2010). There is a separate write-up for WECSR 2010. Day 1 Session Chair: Moti Yung, Google and Columbia University Invited Talk: Ueli Maurer, ETH Zurich: Constructive Cryptography - A primer He talked about the need to have a step wise development approach in cryptographic research. He introduces constructive cryptography, where one can modularize the process of research in order to adequately access what cryptography can and can not achieve. Session 1: Session Chair - Ahmad-Reza Sadeghi Paper 1: The Phish Market Protocol: Securely Sharing Attack Data Between Competitors Authors: Tal Moran, Harvard University, Tyler Moore, Harvard University This paper was presented by Tyler Moore. Banks hire "take-town" companies to patrol internet for phishing sites. Take-down companies compete for clients. For take down companies, this kind of data is considered competitive advantage. However, there might be significant gaps between two data sets. I might cost up to $330,000,000 when phishing data is not shared, which it is not. The paper presents a protocol to share data about phishing sites so as to not provide unfair advantage to any of the participants. Solution: Set up a phish-market to share phishing information. Buyer learns only URLs that phish its client banks. Seller cannot learn who the Buyer's client are. Buyer must pay for new each URL learned. Buyer doesn't pay for URLs he or she already known. They pay with encrypted coins and reveal only total payments to the seller. Transactions: Seller offers URL; Buyer sends encrypted payment; Buyer proves payment is good; Buyer proves he knew some URLs. Questions: What if the seller tries to sell fake data? The assumption here is that both the companies want to do business. Did you talk to take down companies? Yes we did. ------------------------------------------------------- Paper 2: Tree-Homomorphic Encryption and Scalable Hierarchical Secret-Ballot Elections Authors: Moti Yung, Columbia University, Aggelos Kiayias, Uconn This paper was presented by Moti Yung. He introduced homomorphic encryption and bush operation. The bush model is not scalable: load balancing issues, remote geographic locations, and overlay networks in peer to peer architectures. The idea is to distribute the entire computations, decryptions, over the different nodes of a tree. Thus solve the biggest brother problem where decryptions are all done at the root, and we have a tree homomorphic encryption, which is scalable. ------------------------------------------------------- Paper 3: Building Incentives into TOR Authors: Roger Dingledine, The Tor Project, Tsuen-Wan Ngan, Dan Wallach This paper won the best paper award. It was presented by Roger Dingledine. The TOR network has too few relays and they are too slow. There should incentives for nodes to become relays. For example, it should easy to become a relay, so you provide the users with a graphic user interphase, or point and click interface to become a relay. Also differentiate users by performance, reward the good ones and penalize the bad ones. An incentive would be that to get faster speeds a node would have to become a relay. Questions Does this proposal conflict with FCC net neutrality? No. ------------------------------------------------------- Paper 4: Automatically Preparing Safe SQL Queries Authors: Prithvi Bisht, A. Sistla, V.N. Venkatakrishnan, all from University of Illinois, Chicago This paper was presented by Prithvi Bisht. The problem is of SQL attacks on databases. The existing solutions have limitations. For example a developer may use PREPARE statement, but they would have parse each query individually. This paper presented an automated technique for sound program transformation to include PREPARE statements in place of unsafe SQL queries. Questions (Felix Gröbert) How do we identify data precisely? A. By using an SQL parser. ------------------------------------------------------- Session 2: Session Chair - Roger Dingledine Paper 1: Secure Multiparty AES Authors: Ivan Damgard, Aarhus University, Marcel Keller, Aarhus University This paper was presented by Marcel Keller. They presented a new protocol for AES encryption. They took the approach of inversion by masking that has the advantage of less operations online. They evaluated their technique using VIFF benchmark. They chose AES because of its arithmetic structure. ------------------------------------------------------- Paper 2: A formal approach for automated reasoning about off-line and non-blockable on-line guessing Authors: Bogdan Groza, Politehnica University, Marius Minea, Politehnica University The motivation was to automatically detect guessing attacks including undetectable online guessing attacks. The approach was verification based on pseudo-randomness. The image of a one-way function on the secret is known; the image of trap-door one-way function on the secret is known. Guessing rules: from one-way function images, by inverting one-way trapdoors. ------------------------------------------------------- Paper 3: Modulo Reduction for Paillier Encryptions and Application to Secure Statistical Analysis Authors: Jorge Guajardo, Bart Mennink, K.U.Leuven, Berry Schoenmakers They presented a protocol for secure modulo reduction in Homomorphic Paillier Cryptosystems. The efficiency of the protocol is independent of the bit length of the x being encrypted. The protocol can be used to compute statistics like mean etc. between multiple parties. ------------------------------------------------------- Paper 4: Signatures of Reputation: Towards Trust Without Identity Authors: John Bethencourt, U. of California, Berkeley, Elaine Shi, PARC, Dawn Song, UC Berkeley Pseudonyms are not good enough for trust. This paper presents signatures of reputation, a cryptographic primitive that allows for reputation with privacy and anonymity. It has formal privacy and security properties and users can obtain and prove reputation without being linked. Trust can be expressed through voting. ------------------------------------------------------- Paper 5: When Information Improves Information Security Authors: Jens Grossklags, Princeton University, Benjamin Johnson, Carnegie Mellon University, Nicolas Christin, Carnegie Mellon University This paper was presented by Jens Grossklags. Users lack incentives to take actions to protect information. There is a need to identify how valuable is information in the context of security decision making? Decision to invest in security by an agent is not based on another agent's decision. Self-protection is a public good, while self-insurance is a private good. For every expert user, there may be n-1 naive users. They considered three cases: weakest-link, best shot and total effort. They define the price of uncertainty as the ratio of the expected payoff in the complete information environment over the payoff in the incomplete information environment. ------------------------------------------------------- Paper 6: Intention-Disguised Algorithmic Trading Authors: Paul Syverson, Naval Research Laboratory, Will Yuen, Christopher Thorpe, Zhenming Liu This paper was presented by Paul Syverson. We need an algorithm for large market players (LMPs). LMPs try to hide the intentions that are hard to hide. Thus we need new infrastructures or protocols. The approach is a general model underlying trading strategies that leak no information to exploiters: curious observers, individual curious brokers, and colluding curious brokers. This approach uses existing infrastructure. Questions What is the transaction cost? A. We treat it as trade-off. ------------------------------------------------------- Day 2 Session Chair: Pino Caballero-Gil, University of La Laguna Invited Talk: Jean Pierre Hubaux, EPFL Switzerland: Security Mechanisms with Selfish Players in Wireless Networks He began with an introduction of Game Theory. He talked about Nash Equilibrium and gave couple examples to show how to achieve equilibrium solution using backward induction, as well as some concepts about extensive game, strategies in dynamic games, and subgame perfection. Some examples of application of game theory on security: security of physical and MAC layers and intrusion detection systems. He explained relationship between game theory and cryptography: game theory concepts can be used in design of cryptographic mechanism design for rational users. Examples of game theory application in security: revocation in ephemeral networks, location privacy. Wireless networks bring formidable challenges in terms of malicious and selfish behaviors. Game theory modeling of security mechanisms can help predicting and influencing by mechanism design the behavior of the involved parties. ------------------------------------------------------- Session 3: Session Chair - Ivan Damgard Paper 1: Multichannel protocols to prevent relay attacks Authors: Frank Stajano, University of Cambridge, Ford-Long Wong, Bruce Christianson This paper was presented by Frank Stajano. The primary idea presented was the use of distance bounding to prevent replay attacks. This is enabled by using two channels. Multichannel protocols against relay attacks: yield a more specific answer and use unrelayable channel to sample physical property of prover. Properties of unrelayable channel: unclonability, unsimulability, untransportability.. ------------------------------------------------------- Paper 2: What's in a Name? Evaluating Statistical Attacks on Personal Knowledge Questions Authors: Joseph Bonneau, University of Cambridge, Mike Just, Greg Matthews This paper was presented by Joseph Bonneau. Personal knowledge questions are cheap. The security provided however is bad and in terms of privacy user has to provide sensitive information. A targeted attacker can find this information by doing a web search, looking at public records, social engineering, dumpster diving or acquaintance attack. For a trawling attacker, given 100 accounts, there was 50% success after 5000 guesses for PINs and 50% success after 168 guesses for last names. The data was obtained by crawling facebook and from public sources. Question: What if you let user pick the questions? A. Users do not understand entropy. They usually pick mother' s maiden name since they have seen it many times and assume it is good. ------------------------------------------------------- Paper 3: PKI Layer Cake: New Collision Attacks Against the Global X.509 Infrastructure Authors: Dan Kaminsky, IOActive, Len Sassaman, Meredith Patterson, KU Leuven This paper was presented by Meredith Patterson. They did horrible things to X.509. There exploited semantic and syntactic inconsistencies. X.509 certificates are signed by CA. But several CA implementation flaws: DNS cache poisoning, using MD5 at all, border gateway protocol attacks. They had some recommendations to improve this. Validation parsing and generation should be the same. Reduce attack surface by using parser to generate implementations of protocols. Do not hand roll the parser. There is not way to equate two outputs otherwise - undecidable problem. Basic Encoding Rules (BER) are so permissive, use Distinguished Encoding Rules (DER) instead. Everyone should use the data the same way and interpret it the same way. Validate every layer and data at every layer. Certificate Authorities should test implementations. Questions 1. What was the worst you could do with null string attacks? You could control a site. You could also forge a Star cert. 2. Was the approach automated? No, we are looking to make it automated. Right now the payloads are handcrafted. Key point is validate the protocol and use a grammar in the parser. 3. Is the protocol under specified? A. Even if the protocol is well specified, you still need to implement it as a grammar. ------------------------------------------------------- Paper 4: A Learning-Based Approach to Reactive Security Authors: Adam Barth, UC Berkeley, Ben Rubinstein, UC Berkeley, Mukund Sundararajan, Stanford, John Mitchell, Stanford, Dawn Song, UC Berkeley, Peter Bartlett, UC Berkeley This paper was presented by Adam Barth. They challenged the assumptions that favor proactive security. Probabilistic model for an attacker is bad, since probabilistic models are good for random risks like fire. Attackers are strategic and for that we need stochastic models. Expected loss is not a good metric since it is driven by its tail. Instead use Value at Risk. The Attack graph model is directed graph and defender allocates budget over edges. ------------------------------------------------------- Session 4: Session Chair - Adam Barth Paper 1: Implementing a High-Assurance Smart-Card OS Authors: Paul Karger, IBM TJ Watson Research Center, David Toll, IBM, TJ Watson Research Center, Elaine Palmer, IBM, TJ Watson Research Center, Suzanne McIntosh, IBM, TJ Watson Research Center, Samuel Weber, Jonathan Edwards This paper was presented by Paul A. Karger. The goal was to improve the software security of smart cards. They designed a full blown operating system that looks like Unix. Applications are sand-boxed to control malicious behavior. For security policies regarding reading cards they used ISO 7816-4. Mandatory access based on modifications to Bell&LaPadula and Biba model. Privacy preserving authentication protocol that allows use of mandatory access controls in commercial settings across the entire Internet. Directory implementation: leaf files point to their parent directories pathname look up by linear search. Question: Why store file names multiple times? A. For consistency checking. ------------------------------------------------------- Paper 2: Unlinkable Priced Oblivious Transfer with Rechargeable Wallets Authors: Jan Camenisch, IBM Research - Zurich, Maria Dubovitskaya, IBM Russian Systems and Technology Laboratory Moscow Engineering Physics Institute, Gregory Neven, IBM Research - Zurich This paper was presented by Maria Dubovitskaya. The problem is that people and organizations can leak information by the data they purchase. The solution proposed is priced oblivious transfer. Existing priced oblivious transfer protocols have issues, for example purchases are linkable and there is not option to recharge. The authors proposed a new protocol to overcome these problems. Questions Have you thought about implementation? A. No. ------------------------------------------------------- Paper 3: A Traceability Attack Against e-Passports Authors: Tom Chothia, University of Birmingham, Vitaliy Smirnov This paper was presented by Tom Chothia. This paper talks about the security issues of using passports with RFID chips in them. ISO 14443 handles basic wireless communication. Government says that this is for 9 cm. But that is not true. Its based on on FCC guidelines. Real range is much greater, i.e. more than 50 cm. ISO 7816 causes generation of error messages that give more information. ICAO specifications of passports are publicly available. Given the problems in the system it is easy to monitor someone's passport and based on that their movements. Questions: What can you do? It is illegal to write 'wrap it in foil' in a public paper. Why is UK using BAC as opposed to USA using plain text? They have always used it. Can you use timing attacks to identify contents of passports? Yes but it is very error prone. Are you blaming RFID or just this implementation? RFID. What is the directionality for broadcast? A. Unidirectional. ------------------------------------------------------- Paper 4: Multiple Denominations in E-cash with Compact Transaction Data Authors: Aline Gouget, Gemalto, Sebastien Canard, Orange This paper was presented by Sebastien Canard from Orange. They talked about a new e-cash scheme that can be used to produce coins of different denominations. Questions Q1. (Jean Pierre-Hubaux) Why is e-cash useful for Orange? You can use it on the iPhone or any other kind of phones. Q2. Mobile phone have been around for a while. Why e-cash now? We use phones for everything now. So why not this? Comment: Main problem of e-cash is legislation for roles of telecom provider. Q3. What about overhead? Can't you use a whole pile of coins of denomination 1 for everything. A. It is not yet clear, which would be more efficient. ------------------------------------------------------- Session 5: Session Chair - Sven Dietrich Paper 1: On robust key agreement based on public key authentication Authors: Feng Hao, Thales E-Security This paper was presented by Feng Hao. They primarily talked about the limitations of formal analysis and also presented a new attack on HMQV. Provable security: Adversarial Models, Security Definitions, and Security Proofs. Everyone does formal analysis. But it should not only be theoretically secure but also practically secure. For example MQV vs. HMQV is highly debatable. MQV is not provable. But HMQV derived from MQV has proofs. Derivations consist of hash functions, remove static keys, and use ephemeral public keys. However, a small subgroup attack is possible. This attack should have been covered by formal analysis. MQV uses static separate from ephemeral but HMQV combines them for optimization purposes. That is not always good. Wormhole replay attack: Self communication can be attacked using man in the middle. HMQV assumes there is only one mobile client. This is a common problem with formal models. Models can only capture a subset of attackers capability. Questions: What is the impact of the first attack? A. Attacker can do transactions and repudiate given protocols. ------------------------------------------------------- Paper 2: All You Can Eat or Breaking a Real-World Contactless Payment System Authors: Timo Kasper, Ruhr-University Bochum, Christof Paar, Ruhr-University Bochum, Michael Silbermann, Ruhr-University Bochum The paper breaks the security of a real world contactless payment system. Contactless technology is used a lot. There are implementation issues. For example randomness is only based on time, so if you can fix time no more randomness. It is possible to build a system from off the shelf components that would fix the nonce on the card. You can use it extract all the keys from the card. And if it turns out that the keys are the same on all cards, you can now decrypt contents of many cards in milliseconds. You can even do electronic pick-pocketing. Question Have they upgraded yet? A. No they haven't. ------------------------------------------------------- Paper 3: Security Applications of Diodes with Unique Current-Voltage Characteristics Authors: Ulrich Rührmair, Christian Jaeger, Christian Hilgers, Michael Algasinger, György Csaba, Martin Stutzmann, TU Muenchen Ulrich Rührmair presented this paper. The paper talks about the use of diodes as a building block of COA/PUF/POF. The specific diodes are produced by the ALILE process. The structures produced are not clonable. POF: Secret binary key is stored in a non-volatile memory. Invasive attacks can get to that key. At the same time you can have a hardware and you can derive the key from the random components of the diodes. So key is not stored explicitly and it is harder to get invasively. You can get 3 bits of key per diode. Questions (Heng Fao) Did you consider that correlations might decrease entropy? Yes. Why is more difficult to get the key when you have it as hardware? A. If you look at the structure with a microscope you can't really tell anything, so one is forced to measure, which makes it difficult. ------------------------------------------------------- Paper 4: Designing for Audit: A Voting Machine with a Tiny TCB Authors: Ryan Gardner, Johns Hopkins University, Sujata Garera, Johns Hopkins University, Aviel Rubin, Johns Hopkins University What code is trusted?Behind the curtain even small code uses external libraries and operating system both of which allow possibility of exploitation. We utilize the idea of FROGS. We basically have a 1000 lines of ARM that we release to the auditors for checking. Its a three step process: Authentication: Check voter is genuine and give them a voter card. Ballot Selection Device: Save vote on card. Ballot Casting Device: Display vote + audio of vote and cast ballot. The paper basically talks about a voting machine that has very few lines of code to ensure that it can be audited and thus provide trust. Questions: Studies show that vote selection + vote casting never works because users never check? Yes. It is so most of the time. But it is better than not having the check. Can voters verify their votes? Not in this system. What about the code in the smart card? A. The only guarantee is that the data in the smart card is the same as the data on the display. ------------------------------------------------------- Paper 5: Verified by Visa and MasterCard SecureCode: or, How Not to Design Authentication Authors: Steven Murdoch, University of Cambridge, Ross Anderson, University of Cambridge This paper was presented by Ross Anderson. Single sign-on has not been successful with the exception to 3DS, which is the credit card companies answer to card not present fraud. Security and privacy of this scheme is bad. It is the worst single sign on protocol ever. It is successful because, merchants are not liable now. Also users lose statutory protection of signatures. Customers are liable for all losses. The paper basically talked about the problems inherent in the design of 3D Secure protocol. It says that the reason for the adoption of this protocol is technical but due the economics, since it allows the merchants to be liability free and puts the liability on the customer. Questions When the iFrame opens can you tell if TLS is used. No, you can't even tell the URL. How many are using this protocol? In Sept 2009, 240 million registered card holders. Do you think they will see that fraud is still high and switch to a different protocol? Once deployed it becomes a question of information governance, because everyone will say its not their problem. Comments on how to change regulatory effects? USA has it right. Reliability is not on users and also users can sue. ------------------------------------------------------- Paper 6: Using Sphinx to Improve Onion Routing Circuit Construction Authors: Aniket Kate, University of Waterloo, Ian Goldberg, University of Waterloo This paper was presented by Aniket Kate. The paper talked about the problem of using the same pseudonym across different sessions. If the same pseudonym is used the attacker can keep track of it and get some information about the identity of the user. The basic idea here is to change the pseudonym frequently. A new circuit construction methodology based of Sphinx was introduced and was proven secure in the universal composability framework. The new circuit enhancements were given for TOR, pairing based onion routing and certificate-less onion routing. ------------------------------------------------------- Rump Session Among other things, program chair Radu Sion talked about acceptance rate. He also noted that the program committee was only from Europe and USA. The best paper award presented to Roger Dingledine. Rachel Greendtadt talked about her research on attacks on stylography. She needs participants for her research. Roger Dingledine told stories about Iceland Banking crisis and China's Blue Shield program and what it means for security and privacy. Joseph Bonneau talked about the idea of electronic protest and using Internet as the new frontier demanding reforms. ------------------------------------------------------- Day 3 Session Chair: Ross Anderson, University of Cambridge Invited Talk: Lorrie Faith Cranor: Users do the darndest things: True stories from the CyLab Usable Privacy and Security Laboratory She talked about the various studies that her research group has conducted to study the way users interact with security software and warnings in order to try and understand how they make security decisions in real life. She also talked about the difficulties faced in this kind of research including the ethical and legal complications. One study she described was about looking at SSL certificate warnings and the effectiveness of different Internet browsers in presenting it. They found that FireFox 3 was most successful, but the reason might have been that Firefox 3 was newly deployed at the time of conducting the study and the users simply might have been unaware of how to ignore the warning. This example elucidated the problems of hidden variables with some of these studies and brings to light how difficult it might be to produce good study designs. Questions How do you deceive the users? Make the incentives reasonable. Would the results hold for a larger password dictionary? You can never be certain without actually doing the experiment. But I think they should. ------------------------------------------------------- Session 6: Session Chair - Gene Tsudik Paper 1: Cryptographic Protocol Analysis of AN.ON Authors: Benedikt Westermann, Q2S - NTNU, Rolf Wendolsky, Jondos GmbH, Lexi Pimenidis, iDev GmbH, Dogan Kesdogan, University of Siegen This paper was presented by Benedikt Westermann. They talk about Johndonym. Every time cascade gets initialized it generates new key pairs. This is done by open SSL but there is a bug in the Debian package only an small number of keys can be generated. In the encryption scheme the same IV is used for both directions and same key stream is generated by both mixes. Thus Johndonym is susceptible to replay attacks. Questions Was forward secrecy not considered? No. Can ANON fix this without architectural change? Yes, partially. They have to modify the protocol, but they have to update every mix, which takes time. ------------------------------------------------------- Paper 2: A CDH-Based Ring Signature Scheme with Short Signatures and Public Keys Authors: Sven Sche, Ruhr-Universitaet Bochum, Jg Schwenk This paper was presented by Sven Sche. They presented a new Ring signature scheme that is unforgeable under Computation Diffie Hellman (CDH) assumption for bilinear groups. ------------------------------------------------------- Paper 3: Measuring the Perpetrators and Funders of Typosquatting Authors: Tyler Moore, Harvard University, Benjamin Edelman, Harvard Business School This paper was presented by Tyler Moore. They found that a lot companies end up paying for self referential advertisements to type-sqautters since it is too expensive to try and have all squatters prosecuted. Many of such sites were being used to host pay per click advertisements. They built a crawler that would work on a distance metric to find similarly named websites. One finding was that the shorter the name of a website the lesser chance it has of being type-squatted. Questions How many sites were being used for phishing? None How much money do these squatters make? Based on a back of the envelope calculation, a lower bound might be 10 million dollars. Why do you think there was no phishing? A. Maybe because pay per click has lesser penalty than phishing which has higher penalty. We will probably see more advertising fraud. ------------------------------------------------------- Paper 4: Embedded SFE: Offloading Server and Network using Hardware Tokens Authors: Kimmo Jvinen, Helsinki University of Technology, Vladimir Kolesnikov, Bell Laboratories, Ahmad-Reza Sadeghi, Ruhr-University Bochum, Thomas Schneider, Ruhr-University Bochum This paper was presented by Thomas Schneider. They present the idea of Secure Function Evaluation (SFE) using garbled circuits. It is mostly not practical due to computational issues. There are also communication issues like amount of data storage required. This is in particular bad for mobile networks. To overcome these issues one does not send a lot of garbled circuits but only sends session information to save on overheads on computation and storage. Questions What about implementation cost? A. In practice we already have the hardware. Nothing extra is required. ------------------------------------------------------- Session 7: Session Chair - Maria Dubovitskaya Paper 1: Shoulder Surfing Safe Login in a Partially Observable Attacker Model Authors: Toni Perkovic, FESB, Mario Cagalj, FESB, Nitesh Saxena, Polytechnic Institute of NYU This paper was presented by Toni Perkovic. They presented a new authentication scheme that guards against shoulder surfing attacks. They then conduct a user study to measure the effectiveness of their scheme. Questions Did you compare these with coverage systems? No, we did not. A major drawback of this scheme is it requires new hardware. Using the Modulo 10 table it should be possible to break the password with intersection attack. A. I do not think so, because of the nature of the table. ------------------------------------------------------- Paper 2: Design and Implementation of a Key-Lifecycle Management System Authors: Mathias Bjorkqvist, Christian Cachin, Robert Haas, Xiao-Yu Hu, Anil Kurmus, Rene Pawlitzek, Marko Vukolic This paper was presented by Marko Vukolic. They presented an open standardized protocol for all vendors for compliance and interoperability. They address two issues, first they automate the task of deploying keys and certificates, and two, they introduce a new strict access control. Questions Are you planning to put this into a product? A. This is actually for an IBM product. ------------------------------------------------------- Paper 3: Secure Computation With Fixed-Point Numbers Authors: Octavian Catrina, Amitabh Saxena, International University in Germany The paper was presented by Octavian Catrina. The basic idea presented in the paper is that it should be possible to do secure computation with rational numbers with fixed points other than integers and boolean. The scheme presented allows the complete family of protocols including arithmetic operations and comparisons. Corruption threshold t<n/2, where n is the number of participants. Communication complexity can be computed by counting the number of times the primitive is invoked. ------------------------------------------------------- Paper 4: Practical Private Set Intersection Protocols with Linear Complexity Authors: Emiliano De Cristofaro, UCI, Gene Tsudik, UCI ------------------------------------------------------- Paper 5: Three-round Abuse-free Optimistic Contract Signing With Everlasting Secrecy Authors: Xiaofeng Chen, Xidian University, Fangguo Zhang, Haibo Tian, Yi Mu, Kwangjo Kim This paper was presented by Kwangjo Kim. Contract signing is important for markets. Prover and verifier might want to dispute or receive a signature on a common message M. For dispute resolution there is usually Trusted Third Party (TTP). Previous approaches however, ignore player privacy-fairness and are based on verifiable encryption of digital signatures with universally verifiable property that does not produce abuse freeness. Questions What are the communication channels, are they authenticated for example? A. Yes, we use authenticated channels. ------------------------------------------------------- Paper 6: Attacking of SmartCard-based Banking Applications with JavaScript-based Rootkits Authors: Felix Gröbert, Ruhr University Bochum, Daniel Bu&223;meyer, Ruhr University Bochum, Jörg Schwenk, Ruhr University Bochum, Christoph Wegener, Ruhr University Bochum This paper was presented by Felix Gröbert. They targeted the weaknesses of a USB based class 1 smart card readers that are more complex than standard class 1 readers. They also did a proof of concept. Questions Any statistics about banks' usage of readers in German banks? No. What is your contribution? Using Javascript in a webpage to modify data. ------------------------------------------------------- Panel:Importance of Confidential Network Security Information Exchange for Critical Financial Infrastructure (CFI) Protection - views from participants of the PARSIFAL project Panel Members: Bernhard Haemmerli, Acris GmbH & University of Applied Sciences Lucerne, Rafael Llarena, Atos Origin, Michael Samson, FI-ISAC y NVB, Thomas Kohler, UBS. Moderator: Henning Arendt, @bc, Previous Chair of European Finance Forum (Panel Members are from here on referred to by their first initial so B, R, M, T and H). H: There is a need for infrastructure change. We need Authentication and Denial of Service (DoS) resistance. We need to look at five years from now, as to what kind of infrastructural challenges will be there for the financial sector. There have been eight recommendations. We need cloud computing and virtualization on top of what is there. Digital identities should be made mandatory for financial sector. T: Private sector is prepared for major attacks. But networks between private and public sector is weak. Crisis is usually cross jurisdictional and national boundaries. This is bad. We are looking at a project between European banks. There needs to be an exchange of information to preserve time and resources. Questions 1. Other organizations have secure networks? Why can't you use the existing structures without trying to invent a new one? Banks are competitive and there is not a lot of trust. They do not think that existing networks provide enough protection. Comment: (Michael Samson) Banks need to cooperate and not be competitive when it comes to studying vulnerabilities. Key is trust. Networks for information exchange, are however, not secure. We are trying to have information exchange between larger banks but it is only starting off. What is being done for trustworthy information exchange? We are having a meeting of people to discuss possibilities, there is a formally signed agreement. We also try to have a stable group of people that meets instead of two new people every meeting. What is being done electronically? We do not do that. We exchange less sensitive information via email. We are trying to build a secure email network for sensitive information, which started a few years back. Is this networks for all the banks in Netherlands? Only members of FFI. There is a project underway called Communication Middleware for Monitoring Financial Critical Infrastructure (CoMiFin) - for secure information exchange. This is right now a two year research project. We are not sure if this can be deployed commercially. R: We need to stress the importance of 17 global providers in physical infrastructure protection and stress secure information exchange B: Trust is essential. We can build trust slowly. We need to use more social science than cryptography. Personal trust leads to institutional trust. It requires negotiation skills. See the middle ground between competition and collaboration. There are many dimensions to Critical Information Infrastructure Protection (CIIP), which has historically been the way to go: policy, technology, political negotiation, and directions for future research. We need to educate people in CIIP, but not many academic institutions have programs in CIIP. H: We need to look at the kind of tools needed for secure information exchange. Secure email would help. But trust in a person is more important. We need to be able to abstract the less sensitive part of all information and at least communicate that, since sensitive information, or red information, can not always be communicated. Question Simplified multilevel security has been seen as a working concept. A two level security would not help. Have you seen the security literature on this? We would like to know more. There is also the power plant industry. They handle information exchange. We need to have a central server. But there is political trouble in deciding where this server should reside. Trust also goes from real trust to abstract trust. Banks can not believe in abstract. We need to reinvent trust. Comment (Ross Anderson): For best practices you should look at USA. We need to look at how much more is being lost. We need to look at public information sharing, like releasing aggregate data about losses. Breach reporting is done in USA, UK, and France, why not elsewhere. Situation in UK is different. Fraud is limited. It is not very important. Problem for public is limited. We need to tell people to secure there computers. This kind of information can raise trust issues. Customer trust would lower if they knew that banks released losses. Question: While the main goal is trust between banks, but you also want confidential networks between banks. The protocols used are flawed. This can only be fixed if network providers work with banks. M: Yes it is a problem. There have not been real attacks though. At the same time we do take measures. We are talking to other countries that are not taking measures. Ross Anderson: What about VISA's new vulnerability in Hardware Security Module (HSM)? This raises a question of Internet governance. Previously you could ask IBM to fix things. But EMV is not well governed. T: Simple response, as long as we do not face losses, we do nothing. R: In Europe, it is difficult to have a common view. Private banks and third parties need to come together. B: ICASI are providing some services. H: We need new infrastructure rather than the continuously developed infrastructure we have. Questions We see the same attacks again and again. The move to mitigate is slow. Maybe we need collaboration between banks and research community. It is not a matter of money, it is a matter of will. In Italy, loss is low, so there is no will. In Italy there is lots of card cloning. But its cheap. Maybe loss seems low, because customer is liable, not banks. No answer. (Paul Syverson) There are many platforms for secure information exchange. Are any of these being used by banks. Don't know. Banks are dumping liability on customer and then calling losses low. Isn't that unethical? No answer. M: Banks are changing. We are going to EMV cards. We try to monitor strange behavior. Reports from Cambridge are very strong. We play it down. We can't move too quickly. Its not practical. B: CoMiFin does not trust academia. They are afraid of over reaction. It is difficult to train academics. R: We need trust between academia and financial sector. M: Fraud is illegal. We can't change too quickly since number of systems involved is too large. T: I concur with Michael. We have many dedicated initiative to improve security. We need supranational initiatives. CoMiFin is a good example of research community and finance working together. It is not, however, a silver bullet. ____________________________________________________________________ Review of Workshop on Ethics in Computer Security Research Tenerife, Canary Islands, Spain, January 28-29, 2010 by Vaibhav Garg and Debin Liu ____________________________________________________________________ Disclaimer: The following is a review of the workshop is limited by the authors ability to comprehend the many dimensions of the various talks. If we make a mistake or quote someone incorrectly we ask for your apology in advance and when notified will try to rectify as soon as possible. Disclaimer II: In some scenarios the speakers are Roger Dingledine for Roger, Paul Syverson for Paul, Lorrie Faith Cranor for Laurie and Sven Dietrich for Sven, David Dittrich for David. We apologize for using first names. It is not to imply familiarity, it was done only for simplicity. If you said something and you are not mentioned by name, we again apologize. Most of notes were taken by hand and in retrospect not very legible. The workshop was held on January 28th, 2010. It was co-located with the fourteenth international conference on Financial Cryptography and Data Security. The workshop was held in Tenerife, Canary Islands, Spain. This report gives a short summary of each of the talks and then reports the questions asked. Where possible we will also list the person who asked the question. Slides of the talks and other information is available here: http://www.cs.stevens.edu/~spock/wecsr2010/program.html KEYNOTE The keynote talk was given by Ken Fleischmann from the University of Maryland. His talk was titled, "Preaching what we practice: Teaching Ethics to Computer Security" and the slides are available here: http://www.cs.stevens.edu/~spock/wecsr2010/slides/FleischmannWECSR2010.ppt. He talked about the importance of awareness and how it is critical to make the computer security community realize the real world consequences of their research. He recommended the using existing individual value systems in order to get the researchers to realize the ethical implications of their work. He suggests that this ‘fine tuning’ would be work better than trying to make computer security researchers ‘better people’. Questions Sven: Intercultural approach to ethics should be considered since different security communities have different value systems. Maybe we should look at the differences. The question is how do we go about collecting this data? A: Culture is broader than national culture. A survey based approach can be considered for data collection since it is more scalable. But it needs to be supplemented with interviews. Values may be driven by culture for example by Islam in Lebanon or political systems for example communism in China. A: While spirituality and religion do affect value systems, they are only one of the many factors. Well but it can have significant consequences. For example, in Lebanon if an employer does not pay well, the employee is not expected to be ethical by the religion. A. Yes, but we have to take into account the value systems of all stakeholders not just one while at the same time allowing for tradeoffs. Sven: In Defcon it is perfectly acceptable to expose passwords. So different security communities have different values. To study this how do we setup a remote survey. A: Look at the people who publish in security, get their info and send them questions. We need to ask questions like religion, organization along with where do they stand on critical issues. These surveys can be anonymous. Q: What about moral relativism? A. While everyone might have different value systems, we need to collaborate and make living documents that reflect our value systems and keep it relevant at the same time. A CASE STUDY ON MEASURING STATISTICAL DATA IN THE TOR ANONYMITY NETWORK (presenters: Roger Dingledine and Karsten Loesing) Roger: How do we collect data on TOR usage? We have a bunch of questions to answer. For example, what kind of behavior do we see when people are anonymous? Can we deanonymize users by traffic or by content? Can we give them a Java applet to unmask them? What application protocols do they use? What language are the web pages? Do they use SSL? Do they check SSL fingerprints? There are some questions that I do not want to answer. But grad students come up to me and say, "I want to break the law in following ways." At the same time TOR funders want to see growth in users in places with human rights issues. We also want to react to blocking mechanisms quickly. Can we publish traffic trace? No, we should not. Cause if we all publish traffic traces, the aggregate data might reveal information that individual snippets do not. We should ask people to get IRB approval for collecting this kind of data. The only people who are writing papers are those who are doing it wrong. At the same time we do not want people to stop doing research because of legal hassles. In general, Roger talked about the importance of doing research on anonymous networks and in particular data gathered from these anonymous networks. But he also points out the dangers of doing this kind of research. For example, if people using the TOR network thought that TOR was storing their activity data, they would probably switch to a different anonymizing network. There is also the cost of possible consequences. He talked about how researchers need to realize the implications of this research the importance of having a body like the IRB that can oversee research proposals to ensure ethical conduct. He concluded suggesting a shift from," Don’t do that! You might get it wrong" to "Here are some guidelines for getting it right". Questions - Is pen register legal? You need to fill a form out. But without authority it is a criminal offense not a civil one. However, at the same time, feds would never prosecute for this because they do not want a precedent to be set in this case. There is also the storage law, which says that if your mail has been in storage for 18 months it is not subject to wiretap laws. - EFF suggests, "Stay the frak away from content" but they have vested interest. How about the argument that you are not hurting anyone? - Well the idea is that good people should be able to publish so we need some guidelines. - What about user’s expectation of privacy Roger: There are different jurisdictional provisions. US worries about wiretapping. EU worries about data protection. Do not collect more data than you need and do not mishandle the data that you have. Paul: There is the question of what do you do with old data. If you throw it out, how do the other researchers know that you collected data and it was good? Roger: We should not do anything that helps people launch attacks. Do not collect data in secret. Do not have data sitting around. We can let IRB decide, but they are not fully informed. Lorrie: We can give IRB guidelines. Roger: It is not always possible to do informed consent. We can try for community consent. But irrespective of that we have to explain to the user how we are protecting them. (back and forth, back and forth) There was a fairly heated debate and the eventual guidelines were: Collect as little data as possible: Data minimization Data should be published as aggregate: Data Aggregation Only collect data that is publishable and then publish it: Transparency A CASE STUDY IN ETHICAL DECISION MAKING REGARDING REMOTE MITIGATION OF BOTNETS (presenter: David Dittrich) David: We might disrupt the experience of good people when we try to investigate malware. This might make us appear as the bad guys and we might thus waste the time of law officers who deal with cyber crime who are looking for actual criminals. Every time we publish a research article we provide knowledge and tools to the bad guys to improve their attacks. The talk basically stressed on the fact that researchers need to work with the law enforcement agencies (LEA) instead of in isolation. Especially since malware is becoming more complex everyday. Used to be one could use the command and control channel to control a botnet now they have peer to peer botnets. It also talked about the nature of cyber vigilantes and how and whether researchers should fill that role. Questions Is it ethical to alter an active crime scene? Roger: Maybe it is. If I know LEA is going to fail. Paul: But it is hard to figure out if they are going to fail or succeed. David: Maybe we should a certification for who gets to study criminals. Serge Egelman: Vigilante justice is usually a consequence of inadequate law enforcement. So anecdotically it seems law enforcement has been bad. Paul: There is also a national security aspect to this. Sven: There are times when law enforcement cannot obtain data and researchers can. Rachel Greenstadt: Watching vs. vigilante. Maybe we need to have thresholds over which intervention is justified. ETHICAL PROACTIVE THREAT RESEARCH (presenter: John Aycock) The presentation was in four acts. It had the following actors: Adversary, Moral Agent, Security Personnel, Internet using public, and Researcher. Act 1: The tragedy of the user Security people usually have the same answers for the public. Internet is bad, switch to Apple, run antivirus, patch, don’t click on things, firewall etc. The message has been the same despite the growth of the number of threats. The motivation for attacks have changed as well. Attacks are now targeted. Security has mostly been reactive. In any other adversarial model like war we know that there can be no victory without offense. We need to do this for computer security. We need revolutionary vs. evolutionary thinking. Act 2: Ethical standards for proactive research - Creation of new threats is unethical. Lets talk utilitarianism. To be ethical you need to show utility and no net negative impact. Deontological must demonstrate no harm is being done. So for any school of ethics we need a vetting process like IRB. But malicious software under current guidelines does not require ethics clearance. This is different from Biology where you have to go to safety office first. Act 3: Ethical Research Methods We talk only about research methods and not impact of publishing. Safe ones are like: mathematical modeling (no code), simulation, component testing (if you can break you task into individual component, which by themselves are harmless), existence proof (looking at viability), Gendanke experiment (only the idea is important). Act 4: Ethical dissemination Why do this? Why give bad guys ideas? Because it is not ethical to do proactive research and not do something about it. Questions Paul: What if you do not know what to recommend? A: Don’t disclose the attack in the NY times. Disclose it to professionals working in the industry like AV companies . Len: You can also give it to the ISPs, especially if it requires an infrastructural change. Sven: Or to CERT David: I think we should require certification from people who want to do this kind of research. Lorrie: How do you propose to enforce it? There was a back and forth discussion on this but no common ground was reached other than CERT seemed like the best bet. A FRAMEWORK FOR UNDERSTANDING AND APPLYING ETHICAL PRINCIPLES IN NETWORK AND SECURITY RESEARCH (presenter: Erin Kenneally) She talked about the difference in the growth of technology and the slow rate at which law catches up with it. She qualifies the grey zone between the two as the one to be most important for ethical research. Belmont report came out with ethical guidelines for biomedical research. Belmont 202 is for ICT research. Ethical Impact Assessment or EIA is an extension of Privacy Impact Assessment or PIA. The idea is that if you give researchers tools, they will embrace them. Technical people do not like grey area. Consent is a problem. Benefits should be shared between the researchers and the research subject. Access the full range of risks, minimize harm and then mitigate. In theory you don’t break any laws. But legal due diligence might be hard so you can change risk posture by getting agreements like from ISPs. Questions What do you mean by identifiable info? It is a non-trivial problem. Everything seems identifiable. We have to consider reasonable deanonymization. We have to look at probable vs. possible. Len & Roger: What do you with the information that is already out there. By today’s standard the deanonymization might lead to less than probable chance, but in a few years with evolving technology it might be very much probable. That is true. But we can’t look into the future. We can only judge by the standard of the time. PANEL: TOWARDS A CODE OF ETHICS FOR COMPUTER SECURITY RESEARCH (panelists: Lorrie Faith Cranor, Erin Kenneally, Len Sassaman, moderator: Sven Dietrich) for brevity purposes they will referred here as C, K, S and D respectively C: I work with user studies data. Then there is network data and then there are people who study criminal behavior. CS people have no idea about IRB and how it applies to them. We need to improve the IRB process. Guidelines for IRB focused on CS research. Dissemination of results requires a completely different set of guidelines. K: We are working on a document for research guidelines for CS research. We require feedback so that the document is something that is adopted. Publish your ethical impact like you publish your methodology in a paper. We need to have a library for ethical impact assessment. We need to document out impressions of impact so that we can learn from the past. S: A number of projects that I work on, it is not possible to get IRB approval because you do not know who those systems are. We tried a bunch of attacks that we did not disclose. We talked to various vendors and got them to take action. The response was surprisingly good. In 2000, they would consider this kind of research to be adversarial. But things have changed. I recently saw a crypto primitive that was about to be broken being preemptively phased out. D: So you think some years ago this kind of ethical research would not have been possible? S: Yes. It would have only generated negative reaction but the institutional mindset is changing. K: Do you think there is a need for a formalized disclosure channel? S: We have a current best practice where we notify the stakeholder and then give them a time window usually 60-90 days. C: Is it written down anywhere? David: Who was the driving force? S: The stakeholders. We also talked to CERT and told them we were going to publish at Blackhat in 6 months. So we had 6 months to work things out. C: Maybe when we submit to conferences we should be asked to submit and ethical impact statement. S: I agree. D: This is not completely unprecedented. Last year a paper was rejected on ethical grounds. Other papers have provided ethical justification and been accepted. In general the panel discussed the need to do ethical research. Len pointed out that it is now possible to do ethical research, that the stakeholders are willing to learn. There was also a discussion over a need or requirement for an ethical impact statement for research dissemination in terms of say a publications. The ethical impact statement can only be in the online form if the space on paper is a constraint in terms of publishing. Len also raised the problem with disclosing vulnerabilities before publishing. The vulnerabilities are fixed because they are disclosed but then they may be found less interesting by people who make the decision of publishing them. Another idea was to build NDA into the disclosure of vulnerabilities so the researcher can hold someone accountable if their research is leaked before they can publish it. ==================================================================== Listing of academic positions available by Cynthia Irvine ==================================================================== All information is at: http://cisr.nps.edu/jobscipher.html Posted March 2010 University of Versailles St-Quentin-en-Yvelines and CNRS PRiSM Laboratory - "Cryptology and Information Security" group Versailles, France Assistant Professor position (Chaire d'Excellence CNRS) Deadline for applications: 25 March 2010 http://www.prism.uvsq.fr/~logo/MCF-0781944P-0424.htm English translation: http://translate.google.com/translate?js=y&prev=_t&hl=en&ie=UTF-8&layout=1&eotf=1&u=http%3A%2F%2Fwww.prism.uvsq.fr%2F~logo%2FMCF-0781944P-0424.htm&sl=auto&tl=en Posted February 2010 UMass Amherst Amherst, MA Assistant/Associate Professor, Department of Finance and Operations Management March 15, 2010 is the priority date, but applications will be accepted until a successful candidate is found https://cybersecurity.umass.edu/?q=node/32 Posted October 2009 Naval Postgraduate School Monterey, California Faculty Positions Open until filled http://www.nps.edu/Academics/Schools/GSOIS/Departments/CS/Faculty/Openings/CSFacultyOpenings.html Posted April 2009 Technische Universitat Darmstadt Computer Science Department Darmstadt, Germany PostDocs and PhD students Open until filled http://www.mais.informatik.tu-darmstadt.de/Positions.html Posted January 2009 Temple University Department of Computer and Information Science Philadelphia, PA Senior Faculty Position - Associate or Full Professor Open until filled http://www.temple.edu/cis/news/index.html#SeniorFacultyPosition Posted November 2008 Florida International University School of Computing and Information Sciences Miami, Florida Faculty Positions Review begins January 15, 2009; will continue until position filled. http://www.cis.fiu.edu/news/recruit08-09.php Posted February 2008 Imperial College London Department of Computing London, United Kingdom http://www3.imperial.ac.uk/computing/situations-vacant -------------- This job listing is maintained as a service to the academic community. If you have an academic position in computer security and would like to have in it included on this page, send the following information: Institution, City, State, Position title, date position announcement closes, and URL of position description to: irvine@cs.nps.navy.mil ==================================================================== Additional Academic Position Listing ==================================================================== TENURE-TRACK ASSISTANT PROFESSOR Stony Brook University's Department of Computer Science invites applicants for tenure-track faculty positions for Fall 2010 or Spring 2011. Highly qualified junior candidates in the general area of computer systems, including but not limited to operating systems, parallel/distributed systems, cloud computing, embedded systems, green computing, mobile computing, networking, cybersecurity, and architecture are encouraged to apply. We are particularly interested in candidates with a broad-based systems expertise and experimental systems building experience. Applicants should hold a Ph.D. in Computer Science or a closely related discipline. The Department currently has over 40 faculty members and is expected to recruit additional members in the next few years. There are five main research areas in the department: computer systems, visual computing, logic programming/database, concurrency/verification, and algorithms. Detailed information on the research activities of these groups can be found in the department home page: http://www.cs.stonybrook.edu. The Department is in a stage of significant expansion, including a new Computer Science building, along with a new Center of Excellence in Wireless and Information Technology (CEWIT) building. The Department is also associated with the New York Center for Computational Sciences (NYCCS) and the New York Blue supercomputer. Home to many highly ranked graduate research programs, Stony Brook University is located 60 miles from New York City on Long Island's scenic North Shore. Our 1,100-acre campus is home to 24,000 undergraduate, graduate, and doctoral students and more than 13,500 faculty and staff, including those employed at Stony Brook University Medical Center, Suffolk County's only academic medical center. Stony Brook University is a member of the prestigious Association of American Universities and co-manager of nearby Brookhaven National Laboratory (BNL), a multidisciplinary research laboratory supporting world class scientific programs utilizing state-of-the-art facilities such as the Relativistic Heavy Ion Collider, the National Synchrotron Light Source, the Center for Functional Nanomaterials, and the NewYorkBlue IBM BG/L+P supercomputer, owned by Stony Brook and managed by BNL. Stony Brook is a partner in managing the Laboratory for the Department of Energy, and is the largest institutional scientific user of BNL facilities. As such, many opportunities exist for collaborative research, and in some cases, joint appointments can be arranged. Applicants should apply online at: https://hiring.cs.stonybrook.edu. Review of applications will begin immediately and will continue until the position is filled. For a full position description or application procedures, visit http://www.stonybrook.edu/jobs (Ref. #F-6062-09-10). Equal opportunity/affirmative action employer. ==================================================================== Government Publications ==================================================================== Latest NIST Computer Security Publications http://csrc.nist.gov/publications/PubsDrafts.html ------------------------------------------------------------------------- Mar. 18, 2010 SP 800-128 DRAFT Guide for Security Configuration Management of Information Systems http://csrc.nist.gov/publications/drafts/800-128/draft_sp800-128-ipd.pdf NIST announces the publication of Initial Public Draft Special Publication 800-128, Guide for Security Configuration Management of Information Systems. The publication provides guidelines for managing the configuration of information system architectures and associated components for secure processing, storing, and transmitting of information. Security configuration management is an important function for establishing and maintaining secure information system configurations, and provides important support for managing organizational risks in information systems. NIST requests comments on the Initial Public Draft of Special Publication 800-128, by June 14, 2010. Please submit comments to sec-cert@nist.gov. ------------------------------------------------------------------------- Mar. 18, 2010 NIST IR-7676 DRAFT Maintaining and Using Key History on Personal Identity Verification (PIV) Cards http://csrc.nist.gov/publications/drafts/800-128/draft-nistir-7676.pdf NIST announces that Draft NIST Interagency Report 7676, Maintaining and Using Key History on Personal Identity Verification (PIV) Cards, has been released for public comment. NIST requests comments on Draft NIST IR 7676 by 5:00pm EDT on April 23, 2010. Please submit your comments to PIV_comments@nist.gov with "Comments on Public Draft NISTIR 7676" in the subject line. ------------------------------------------------------------------------- Mar. 10, 2010 NIST IR-7669 DRAFT Open Vulnerability Assessment Language (OVAL) Validation Program Derived Test Requirements http://csrc.nist.gov/publications/drafts/nistir-7669/draft-nistir-7669.pdf Draft NIST Interagency Report (IR) 7669, Open Vulnerability Assessment Language (OVAL) Validation Program Derived Test Requirements, describes the requirements that must be met by products to achieve OVAL Validation. Validation is awarded based on a defined set of OVAL capabilities by independent laboratories that have been accredited for OVAL testing by the NIST National Voluntary Laboratory Accreditation Program. Draft NISTIR 7669 has been written primarily for accredited laboratories and for vendors interested in receiving OVAL validation for their products. If you have questions or want to send comments regarding this document, please send email to: IR7669comments@nist.gov. There is a 30-day period for comments and the deadline to submit comments is Friday, April 9, 2010. ------------------------------------------------------------------------- Feb. 22, 2010 SP 800-119 DRAFT Guidelines for the Secure Deployment of IPv6 http://csrc.nist.gov/publications/drafts/800-119/draft-sp800-119_feb2010.pdf NIST announces the public comment release of Special Publication (SP) 800-119, Guidelines for the Secure Deployment of IPv6. IPv6 (Internet Protocol version 6) is the next generation Internet Protocol, accommodating vastly increased address space. This document describes and analyzes IPv6's new and expanded protocols, services, and capabilities, including addressing, DNS, routing, mobility, quality of service, multihoming, and IPsec. For each component, there is a detailed analysis of the differences between IPv4 and IPv6, the security ramifications and any unknown aspects. It characterizes new security threats posed by the transition to IPv6 and provides guidelines on IPv6 deployment, including transition, integration, configuration, and testing. It also addresses more recent significant changes in the approach to IPv6 transition. NIST requests comments on Draft SP 800-119 by April 23, 2010. Please submit comments to draft-sp800-119-comments@nist.gov with "Comments SP 800-119" in the subject line. ------------------------------------------------------------------------- Feb. 2, 2010 NIST IR-7628 DRAFT Smart Grid Cyber Security Strategy and Requirements http://csrc.nist.gov/publications/drafts/800-119/draft-nistir-7628_2nd-public-draft.pdf NIST announces that the second draft of NIST IR 7628, Smart Grid Cyber Security Strategy and Requirements, is now available for public comment. The second draft of the document contains the updated overall security strategy for the Smart Grid and updated logical interface diagrams, privacy, bottom-up analysis, and vulnerability class analysis sections. In addition, new chapters on research and development themes and standards assessment have been included. Finally, an overall functional logical Smart Grid architecture is included. Please submit comments to cswgdraft2comments@nist.gov ==================================================================== News briefs from past issues of Cipher are archived at http://www.ieee-security.org/Cipher/NewsBriefs.html ==================================================================== Conference and Workshop Announcements Upcoming Calls-For-Papers and Events ==================================================================== The complete Cipher Calls-for-Papers is located at http://www.ieee-security.org/CFP/Cipher-Call-for-Papers.html The Cipher event Calendar is at http://www.ieee-security.org/Calendar/cipher-hypercalendar.html ____________________________________________________________________ Cipher Event Calendar Did you know that you can follow "ciphernews" on Twitter and get this same information? ____________________________________________________________________ Calendar of Security and Privacy Related Events maintained by Hilarie Orman Date (Month/Day/Year), Event, Locations, web page for more info. 3/22/10- 3/24/10: WiSec, 3rd ACM Conference on Wireless Network Security, Stevens Institute of Technology, Hoboken, NJ, USA; http://www.sigsac.org/wisec/WiSec2010 3/22/10- 3/26/10: SAC-CF, 25th ACM Symposium on Applied Computing, Computer Forensics Track, Sierre, Switzerland; http://comp.uark.edu/~bpanda/sac2010cfp.pdf 3/22/10- 3/26/10: SAC-TRECK, 25th ACM Symposium on Applied Computing, Trust, Reputation, Evidence and other Collaboration Know-how Track, Sierre, Switzerland; http://www.trustcomp.org/treck/ 3/22/10- 3/26/10: SAC-ISRA, 25th ACM Symposium on Applied Computing, Information Security Research and Applications Track, Sierre, Switzerland; http://www.albany.edu/~er945/CfP_SAC2010_ISRA.html 3/22/10- 3/26/10: SAC-SEC, 25th ACM Symposium on Applied Computing, Computer Security Track, Sierre, Switzerland; http://www.dmi.unict.it/~giamp/sac/10cfp.html 3/26/10: HOST, IEEE International Symposium on Hardware-Oriented Security and Trust, Anaheim, California, USA; http://www.engr.uconn.edu/HOST/ Submissions are due 3/26/10: TrustBus, 7th International Conference on Trust, Privacy & Security in Digital Business, Bilbao, Spain; http://www.isac.uma.es/trustbus10; Submissions are due 3/27/10: ADBIS, 14th East-European Conference on Advances in Databases and Information Systems, Track on Personal Identifiable Information: Privacy, Ethics, and Security, Novi Sad; http://perun.im.ns.ac.yu/adbis2010/organization.php; Submissions are due 3/28/10: FTDC, 7th Workshop on Fault Diagnosis and Tolerance in Cryptography, Held in conjunction with the CHES 2010, Santa Barbara, CA, USA; http://conferenze.dei.polimi.it/FDTC10/ Submissions are due 3/29/10- 4/ 2/10: SESOC, International Workshop on SECurity and SOCial Networking, Mannheim, Germany; http://www.sesoc.org 3/30/10: Journal of Communications, Special Issue on Recent Advances on Controlling Unwanted Internet Traffic; http://www.academypublisher.com/jcm/si/jcmsi_racuit.html; Submissions are due 4/ 1/10: ESORICS, 15th European Symposium on Research in Computer Security, Athens, Greece; http://www.esorics2010.org; Submissions are due 4/ 1/10: IDMAN, 2nd IFIP WG 11.6 Working Conference on Policies & Research in Identity Management, Oslo, Norway; http://ifipidman2010.nr.no/ifipidman2010/index.php5/Main_Page; Submissions are due 4/ 1/10: LIS, Workshop on Logics in Security, Copenhagen, Denmark; http://lis.gforge.uni.lu/index.html; Submissions are due 4/ 2/10- 4/ 4/10: AH, 1st ACM Augmented Human International Conference, Megeve ski resort, France; http://www.augmented-human.com/ 4/ 3/10: PST, 8th International Conference on Privacy, Security and Trust, Ottawa, Canada; http://pstnet.unb.ca/pst2010; Submissions are due 4/ 4/10: RAID, 13th International Symposium on Recent Advances in Intrusion Detection, Ottawa, Canada; http://www.RAID2010.org; Submissions are due 4/ 5/10: SECURECOMM, 6th International Conference on Security and Privacy in Communication Networks, Singapore; http://www.securecomm.org/ Submissions are due 4/ 7/10: SCN, 7th Conference on Security and Cryptography for Networks, Amalfi, Italy; http://scn.dia.unisa.it/ Submissions are due 4/ 9/10: HealthSec, 1st USENIX Workshop on Health Security and Privacy, Washington DC, USA; http://www.usenix.org/healthsec10/cfpa/ Submissions are due 4/10/10: FCC, 6th Workshop on Formal and Computational Cryptography, Edinburgh, UK; http://research.microsoft.com/~fournet/fcc2010/ Submissions are due 4/10/10: Springer Transactions on Computational Science, Special Issue on Security in Computing; http://www.springer.com/computer/lncs?SGWID=0-164-6-151275-0; Submissions are due 4/13/10: EuroSec, European Workshop on System Security, Held in conjunction with the Annual ACM SIGOPS EuroSys conference, Paris, France; http://www.iseclab.org/eurosec-2010/ 4/13/10- 4/14/10: WISTP, 4th Workshop on Information Security Theory and Practice, Passau, Germany; http://www.wistp.org/ 4/13/10- 4/15/10: IDtrust, 9th Symposium on Identity and Trust on the Internet, Gaithersburg, Maryland, USA; http://middleware.internet2.edu/idtrust/2010/ 4/13/10- 4/16/10: ASIACCS, 5th ACM Symposium on Information, Computer and Communications Security, Beijing, China; http://www.dacas.cn/asiaccs2010 4/17/10: ACM-CCS, 17th ACM Conference on Computer and Communications Security, Chicago, IL, USA; http://www.sigsac.org/ccs/CCS2010/cfp.shtml; Submissions are due 4/20/10: RFIDSec, 6th Workshop on RFID Security, Istanbul, Turkey; http://www.projectice.eu/rfidsec10/index.html; Submissions are due 4/20/10: SIN, 3rd International Conference on Security of Information and Networks, Taganrog, Rostov-on-Don, Russia; http://www.sinconf.org/sin2010/ Submissions are due 4/21/10- 4/23/10: CSIIRW, Cyber Security and Information Intelligence Research Workshop, Oak Ridge National Laboratory, Oak Ridge, Tennessee, USA; http://www.csiir.ornl.gov/csiirw 4/27/10: LEET, 3rd USENIX Workshop on Large-Scale Exploits and Emergent Threats: Botnets, Spyware, Worms, and More, Held in conjunction with the 7th USENIX Symposium on Networked Systems Design and Implementation (NSDI 2010), San Jose, CA, USA; http://www.usenix.org/events/leet10/cfp/ 4/30/10: VizSec, 7th International Symposium on Visualization for Cyber Security, Ottawa, Ontario, Canada; http://www.vizsec2010.org; Submissions are due 4/30/10: MIST, 2nd International Workshop on Managing Insider Security Threats, Held in conjunction with IFIPTM 2010, Morioka, Iwate, Japan; http://isyou.hosting.paran.com/mist10/ Submissions are due 5/ 1/10: SCC, 2nd International Workshop on Security in Cloud Computing, Held in Conjunction with ICPP 2010, San Diego, California, USA; http://bingweb.binghamton.edu/~ychen/SCC2010.htm; Submissions are due 5/ 3/10: HotSec, 5th USENIX Workshop on Hot Topics in Security, Washington DC, USA; http://www.usenix.org/events/hotsec10/cfp/ Submissions are due 5/15/10: ICTCI, 4th International Conference on Trusted Cloud Infrastructure, Shanghai, China; http://ppi.fudan.edu.cn/ictci2010/index.html; Submissions are due 5/16/10- 5/19/10: SP, 31st IEEE Symposium on Security and Privacy, The Claremont Resort, Oakland, CA, USA; http://oakland10.cs.virginia.edu/cfp.html 5/20/10: SADFE, 5th International Workshop on Systematic Approaches to Digital Forensic Engineering, Held in conjunction with the IEEE Symposium on Security and Privacy (SP 2010), Oakland, CA, USA; http://conf.ncku.edu.tw/sadfe/sadfe10/ 5/21/10: MetriSec, 6th International Workshop on Security Measurements and Metrics, Held in conjunction with the International Symposium on Empirical Software Engineering and Measurement (ESEM 2010), Bolzano-Bozen, Italy; http://www.cs.kuleuven.be/conference/MetriSec2010/ Submissions are due 5/26/10- 5/28/10: MOBISEC, 2nd International ICST Conference on Security and Privacy in Mobile Information and Communication Systems, Catania, Sicily; http://mobisec.org/ 5/30/10: SIDEUS, 1st International Workshop on Securing Information in Distributed Environments and Ubiquitous Systems, Fukuoka, Japan; http://www.sideus-conf.org; Submissions are due 5/30/10: eCRS, eCrime Researchers Summit, Dallas, Texas, USA; http://www.ecrimeresearch.org/2010/cfp.html; Submissions are due 6/ 4/10: NPSec, 6th Workshop on Secure Network Protocols, Held in conjunction with ICNP 2010, Kyoto, Japan; http://webgaki.inf.shizuoka.ac.jp/~npsec2010/ Submissions are due 6/ 7/10- 6/ 8/10: WEIS, 9th Workshop on the Economics of Information Security (WEIS), Harvard University, Cambridge, MA, USA; http://weis2010.econinfosec.org/cfp.html 6/ 8/10- 6/10/10: RFIDSec, 6th Workshop on RFID Security, Istanbul, Turkey; http://www.projectice.eu/rfidsec10/index.html 6/ 9/10- 6/11/10: SACMAT, 15th ACM Symposium on Access Control Models and Technologies, Pittsburgh, PA, USA; http://www.sacmat.org 6/13/10: SA&PS4CS, 1st International Workshop on Scientific Analysis and Policy Support for Cyber Security, Held in conjunction with the 5th International Conference on Mathematical Methods, Models, and Architectures for Computer Networks Security (MMM-ACNS 2010), St. Petersburg, Russia; http://www.comsec.spb.ru/saps4cs10/ Submissions are due 6/13/10- 6/14/10: HOST, IEEE International Symposium on Hardware-Oriented Security and Trust, Anaheim, California, USA; http://www.engr.uconn.edu/HOST/ 6/14/10: ACSAC, 26th Annual Computer Security Applications Conference, Austin, Texas, USA; http://www.acsac.org; Submissions are due 6/14/10: D-SPAN, 1st International Workshop on Data Security and PrivAcy in wireless Networks, Held in conjunction with WoWMoM 2010, Montreal, QC, Canada; http://home.gwu.edu/~nzhang10/DSPAN2010/ 6/14/10- 6/15/10: MIST, 2nd International Workshop on Managing Insider Security Threats, Held in conjunction with IFIPTM 2010, Morioka, Iwate, Japan; http://isyou.hosting.paran.com/mist10/ 6/15/10: ISC, 13th Information Security Conference, Boca Raton, Florida; http://math.fau.edu/~isc2010/ Submissions are due 6/16/10- 6/18/10: IFIP-TM, 4th IFIP International Conference on Trust Management, Morioka, Japan; http://www.ifip-tm2010.org/ 6/21/10- 6/23/10: Trust, 3rd International Conference on Trust and Trustworthy Computing, Berlin, Germany; http://www.trust2010.org/ 6/21/10- 6/23/10: DBSec, 24th Annual IFIP WG 11.3 Working Conference on Data and Applications Security, Rome, Italy; http://dbsec2010.dti.unimi.it 6/21/10- 6/24/10: OWASP-AppSec-Research, OWASP AppSec Research 2010, Stockholm, Sweden; http://www.owasp.org/index.php/OWASP_AppSec_Research_2010_-_Stockholm,_Sweden 6/22/10- 6/25/10: ACNS, 8th International Conference on Applied Cryptography and Network Security, Beijing, China; http://www.tcgchina.org/acns2010/ 6/25/10: HST, 10th IEEE International Conference on Technologies for Homeland Security, Waltham, MA, USA; http://ieee-hst.org/ Submissions are due 6/25/10: ICDCS-SPCC, 1st International Workshop on Security and Privacy in Cloud Computing (ICDCS-SPCC), Held in conjunction with the IEEE International Conference on Distributed Computing Systems (ICDCS 2010), Genoa, Italy; http://www.ece.iit.edu/~ubisec/workshop.htm. 6/28/10- 6/30/10: IH, 12th Information Hiding Conference, Calgary, Alberta, Canada; http://ih2010.cpsc.ucalgary.ca 6/28/10- 7/ 2/10: SHPCS, 5th Workshop on Security and High Performance Computing Systems, Held in conjunction with the 6th International Wireless Communications and Mobile Computing Conference (IWCMC 2010), Caen, Normandy, France; http://leibniz.diiga.univpm.it/~spalazzi/caen/ 6/29/10- 7/ 1/10: TSP, 3rd IEEE International Symposium on Trust, Security and Privacy for Emerging Applications, Bradford, UK; http://trust.csu.edu.cn/conference/tsp2010/Call_for_Papers.htm 6/30/10: International Journal of Information Technologies and Systems Approach, Special Issue on Privacy and Security Issues in IT; http://www.igi-global.com/journals/details.asp?ID=6720&v=callForPapersSpecial; Submissions are due 7/ 8/10- 7/ 9/10: DIMVA, 7th Conference on Detection of Intrusions and Malware & Vulnerability Assessment, Bonn, Germany; http://www.dimva.org/dimva2010 7/14/10- 7/16/10: SOUPS, Symposium On Usable Privacy and Security, Redmond, WA, USA; http://cups.cs.cmu.edu/SOUPS/ 7/20/10: FCC, 6th Workshop on Formal and Computational Cryptography, Edinburgh, UK; http://research.microsoft.com/~fournet/fcc2010/ 7/21/10- 7/23/10: POLICY, IEEE International Symposium on Policies for Distributed Systems and Networks, Fairfax, Virginia, USA; http://www.ieee-policy.org 7/26/10- 7/28/10: SECRYPT, 5th International Conference on Security and Cryptography, Athens, Greece; http://www.secrypt.icete.org 8/ 9/10- 8/13/10: LIS, Workshop on Logics in Security, Copenhagen, Denmark; http://lis.gforge.uni.lu/index.html 8/10/10: HealthSec, 1st USENIX Workshop on Health Security and Privacy, Washington DC, USA; http://www.usenix.org/healthsec10/cfpa/ 8/10/10: HotSec, 5th USENIX Workshop on Hot Topics in Security, Washington DC, USA; http://www.usenix.org/events/hotsec10/cfp/ 8/11/10- 8/13/10: USENIX-Security, 19th USENIX Security Symposium, Washington, DC, USA; http://www.usenix.org/events/sec10/cfp/ 8/17/10- 8/19/10: PST, 8th International Conference on Privacy, Security and Trust, Ottawa, Canada; http://pstnet.unb.ca/pst2010 8/21/10: FTDC, 7th Workshop on Fault Diagnosis and Tolerance in Cryptography, Held in conjunction with the CHES 2010, Santa Barbara, CA, USA; http://conferenze.dei.polimi.it/FDTC10/ 8/30/10- 9/ 3/10: TrustBus, 7th International Conference on Trust, Privacy & Security in Digital Business, Bilbao, Spain; http://www.isac.uma.es/trustbus10 9/ 6/10- 9/ 9/10: MMM-ACNS, 5th International Conference on Mathematical Methods, Models, and Architectures for Computer Networks Security, St. Petersburg, Russia; http://comsec.spb.ru/mmm-acns10/ 9/ 7/10- 9/10/10: SECURECOMM, 6th International Conference on Security and Privacy in Communication Networks, Singapore; http://www.securecomm.org/ 9/ 7/10- 9/11/10: SIN, 3rd International Conference on Security of Information and Networks, Taganrog, Rostov-on-Don, Russia; http://www.sinconf.org/sin2010/ 9/ 9/10: SA&PS4CS, 1st International Workshop on Scientific Analysis and Policy Support for Cyber Security, Held in conjunction with the 5th International Conference on Mathematical Methods, Models, and Architectures for Computer Networks Security (MMM-ACNS 2010), St. Petersburg, Russia; http://www.comsec.spb.ru/saps4cs10/ 9/13/10- 9/15/10: SCN, 7th Conference on Security and Cryptography for Networks, Amalfi, Italy; http://scn.dia.unisa.it/ 9/13/10- 9/16/10: SCC, 2nd International Workshop on Security in Cloud Computing, Held in Conjunction with ICPP 2010, San Diego, California, USA; http://bingweb.binghamton.edu/~ychen/SCC2010.htm 9/14/10: VizSec, 7th International Symposium on Visualization for Cyber Security, Ottawa, Ontario, Canada; http://www.vizsec2010.org 9/15/10: MetriSec, 6th International Workshop on Security Measurements and Metrics, Held in conjunction with the International Symposium on Empirical Software Engineering and Measurement (ESEM 2010), Bolzano-Bozen, Italy; http://www.cs.kuleuven.be/conference/MetriSec2010/ 9/15/10- 9/17/10: RAID, 13th International Symposium on Recent Advances in Intrusion Detection, Ottawa, Canada; http://www.RAID2010.org 9/20/10- 9/22/10: ESORICS, 15th European Symposium on Research in Computer Security, Athens, Greece; http://www.esorics2010.org 9/20/10- 9/23/10: IFIP-TC9-HCC9, IFIP TC-9 HCC-9 Stream on Privacy and Surveillance, Held in conjunction with the IFIP World Computer Congress 2010, Brisbane, Australia; http://www.wcc2010.org/migrated/HCC92010/HCC92010_cfp.html 9/20/10- 9/24/10: ADBIS, 14th East-European Conference on Advances in Databases and Information Systems, Track on Personal Identifiable Information: Privacy, Ethics, and Security, Novi Sad; http://perun.im.ns.ac.yu/adbis2010/organization.php 10/ 4/10-10/ 8/10: ACM-CCS, 17th ACM Conference on Computer and Communications Security, Chicago, IL, USA; http://www.sigsac.org/ccs/CCS2010/cfp.shtml 10/ 5/10: NPSec, 6th Workshop on Secure Network Protocols, Held in conjunction with ICNP 2010, Kyoto, Japan; http://webgaki.inf.shizuoka.ac.jp/~npsec2010/ 10/18/10-10/20/10: ICTCI, 4th International Conference on Trusted Cloud Infrastructure, Shanghai, China; http://ppi.fudan.edu.cn/ictci2010/index.html 10/18/10-10/20/10: eCRS, eCrime Researchers Summit, Dallas, Texas, USA; http://www.ecrimeresearch.org/2010/cfp.html 10/25/10-10/28/10: ISC, 13th Information Security Conference, Boca Raton, Florida; http://math.fau.edu/~isc2010/ 11/ 4/10-11/ 6/10: SIDEUS, 1st International Workshop on Securing Information in Distributed Environments and Ubiquitous Systems, Fukuoka, Japan; http://www.sideus-conf.org 11/ 8/10-11/10/10: HST, 10th IEEE International Conference on Technologies for Homeland Security, Waltham, MA, USA; http://ieee-hst.org/ 11/18/10-11/19/10: IDMAN, 2nd IFIP WG 11.6 Working Conference on Policies & Research in Identity Management, Oslo, Norway; http://ifipidman2010.nr.no/ifipidman2010/index.php5/Main_Page 12/ 6/10-12/10/10: ACSAC, 26th Annual Computer Security Applications Conference, Austin, Texas, USA; http://www.acsac.org ____________________________________________________________________ Journal, Conference and Workshop Calls-for-Papers (new since Cipher E94) ___________________________________________________________________ HOST 2010 IEEE International Symposium on Hardware-Oriented Security and Trust, Anaheim, California, USA, June 13-14, 2010. http://www.engr.uconn.edu/HOST/ (Submissions due 19 March 2010) HOST covers security and trust issues in all types of electronic devices and systems such as ASICs, COTS, FPGAs, microprocessors/DSPs, and embedded systems. The mission of HOST is to provide a forum for the presentation and discussion of research that is of critical significance to the security of, and trust in, modern society's microelectronic-supported infrastructures. Papers and presentations that address any of the following "hot topics" are of high interest to the symposium. Papers addressing HOST issues outside of these areas will be considered equally relevant in the review process: - Trojan Detection and Isolation - Authenticating Foundry of Origin - Side Channel Analysis/Attacks - Watermarking - FPGA Design Security - Hardware focused Cryptography - IC Metering - Physical Unclonable Functions - Embedded and Distributed Systems Security - Hardware Intrusion Detection and Prevention - Security Engineering - Scan chain Encryption ------------------------------------------------------------------------- TrustBus 2010 7th International Conference on Trust, Privacy & Security in Digital Business, Bilbao, Spain, August 30 - September 3, 2010. http://www.isac.uma.es/trustbus10 (Submissions due 26 March 2010) The advances in the Information and Communication Technologies (ICT) have raised new opportunities for the implementation of novel applications and the provision of high quality services over global networks. The aim is to utilize this 'information society era' for improving the quality of life for all citizens, disseminating knowledge, strengthening social cohesion, generating earnings and finally ensuring that organizations and public bodies remain competitive in the global electronic marketplace. Unfortunately, such a rapid technological evolution cannot be problem free. Concerns are raised regarding the 'lack of trust' in electronic procedures and the extent to which 'information security' and 'user privacy' can be ensured. The conference will provide an international forum for researchers and practitioners to exchange information regarding advancements in the state of the art and practice of trust and privacy in digital business. We are interested in papers, work-in-progress reports, and industrial experiences describing advances in all areas of digital business applications related to trust and privacy, including, but not limited to: - Anonymity and pseudonymity in business transactions - Business architectures and underlying infrastructures - Common practice, legal and regulatory issues - Cryptographic protocols - Delivery technologies and scheduling protocols - Design of businesses models with security requirements - Economics of Information Systems Security - Electronic cash, wallets and pay-per-view systems - Enterprise management and consumer protection - Identity and Trust Management - Intellectual property and digital rights management - Intrusion detection and information filtering - Languages for description of services and contracts - Management of privacy & confidentiality - Models for access control and authentication - Multimedia web services - New cryptographic building-blocks for e-business applications - Online transaction processing - PKI & PMI - Public administration, governmental services - P2P transactions and scenarios - Real-time Internet E-Services - Reliability and security of content and data - Reliable auction, e-procurement and negotiation technology - Reputation in services provision - Secure process integration and management - Security and Privacy models for Pervasive Information Systems - Security Policies - Shopping, trading, and contract management tools - Smartcard technology - Transactional Models - Trust and privacy issues in social networks environments - Usability of security technologies and services ------------------------------------------------------------------------- ADBIS 2010 14th East-European Conference on Advances in Databases and Information Systems, Track on Personal Identifiable Information: Privacy, Ethics, and Security, Novi Sad, September 20 - 24, 2010. http://perun.im.ns.ac.yu/adbis2010/organization.php (Submissions due 27 March 2010) Breaches of personally identifiable information (PII) have increased dramatically over the past few years and have resulted in the loss of millions of records. Breaches of PII are hazardous to both individuals and organizations. Individual harms may include identity theft, embarrassment, or blackmail. Organizational harms may include a loss of public trust, legal liability, or high costs to handle the breach (USA National Institute of Standards and Technology, 2009). According to U.S. Department of Health & Human Services, PII is "information in an IT system or online collection: (1) that directly identifies an individual, or (2) by which an agency intends to identify specific individuals in conjunction with other data elements, i.e., indirect identification. EU directive 95/46/EC calls it "personal data." ------------------------------------------------------------------------- FTDC 2010 7th Workshop on Fault Diagnosis and Tolerance in Cryptography, Held in conjunction with the CHES 2010, Santa Barbara, CA, USA, August 21, 2010. http://conferenze.dei.polimi.it/FDTC10/ (Submissions due 28 March 2010) In recent years applied cryptography has developed considerably, to satisfy the increasing security requirements of various information technology disciplines, e.g., telecommunications, networking, data base systems and mobile applications. Cryptosystems are inherently computationally complex and in order to satisfy the high throughput requirements of many applications, they are often implemented by means of either VLSI devices (crypto-accelerators) or highly optimised software routines (crypto-libraries) and are used via suitable (network) protocols. The high complexity of such implementations raises concerns regarding their reliability. Research is therefore needed to develop methodologies and techniques for designing robust cryptographic systems (both hardware and software), and to protect them against both accidental faults and intentional intrusions and attacks, in particular those based on the malicious injection of faults into the device for the purpose of extracting the secret key. Contributions to the workshop describing theoretical studies and practical case studies of fault diagnosis and tolerance in cryptographic systems (HW and SW) and protocols are solicited. Topics of interest include, but are not limited to: - modeling the reliability of cryptographic systems and protocols - inherently reliable cryptographic systems and algorithms - faults and fault models for cryptographic devices (HW and SW) - reliability-based attack procedures on cryptographic systems (fault-injection attacks) and protocols - adapting classical fault diagnosis and tolerance techniques to cryptographic systems - novel fault diagnosis and tolerance techniques for cryptographic systems - attacks exploiting micro-architecture components (cache, branch predictor, etc.) - physical protection against attacks - fault injection based attacks using FIB laser and chemistry - case studies of attacks, reliability and fault diagnosis and tolerance techniques in cryptographic systems. ------------------------------------------------------------------------- Journal of Communications, Special Issue on Recent Advances on Controlling Unwanted Internet Traffic, November 2010. http://www.academypublisher.com/jcm/si/jcmsi_racuit.html (Submission Due 30 March 2010) Guest editor: Zhenhai Duan (Florida State University, USA), Yingfei Dong (University of Hawaii, USA), and David H.-C. Du (University of Minnesota, USA) One of the key challenges facing today's Internet is the proliferation of unwanted Internet traffic such as spam, phishing scam, worm, virus, and Distributed Denial of Services (DDoS) attacks. They raise serious concerns over the suitability of the Internet for supporting critical infrastructures including communication, finance, energy distribution, and transportation in its current form. Building trustworthy networks to effectively control unwanted Internet traffic is a grand challenge faced by the networking community and has a profound impact on the future development of the Internet. In this special issue, we solicit original work on identifying new research and development challenges and developing new architectures, protocols, and techniques to control unwanted Internet traffic. Specific topics include, but are not limited to, the followings: - Accountable Internet architecture and protocol - IP spoofing control and IP traceback - Application-layer traffic traceback, e.g. VoIP traceback - Worm and virus propagation modeling and control - Botnet detection and control - Spam control - Phishing scam analysis and control - Novel applications of virtual machine technique in unwanted traffic control ------------------------------------------------------------------------- ESORICS 2010 15th European Symposium on Research in Computer Security, Athens, Greece, September 20-22, 2010. http://www.esorics2010.org (Submissions due 1 April 2010) ESORICS is the annual European research event in Computer Security. The Symposium started in 1990 and has been held in several European countries, attracting a wide international audience from both the academic and industrial communities. Papers offering novel research contributions in computer security are solicited for submission to the Symposium. The primary focus is on original, high quality, unpublished research and implementation experiences. We encourage submissions of papers discussing industrial research and development. Papers should focus on topics such as: - Access Control - Accountability - Anonymity - Applied Cryptography - Attacks and Viral Software - Authentication and Delegation - Data Integrity - Database Security - Inference Control - Identity Management - Information Flow Control - Intrusion Tolerance - Formal Security Methods - Language-based Security - Network Security - Privacy Enhancing Technologies - Risk Analysis and Management - Secure Electronic Voting - Security Architectures - Security Economics - Security for Mobile Code - Security for Dynamic Coalitions - Security in Location Services - Security in Social Networks - Security Models - Security Verification - System Security - Trust Models and Management - Trust Theories - Trustworthy User Devices ------------------------------------------------------------------------- IDMAN 2010 2nd IFIP WG 11.6 Working Conference on Policies & Research in Identity Management, Oslo, Norway, November 18-19, 2010. http://ifipidman2010.nr.no/ifipidman2010/index.php5/Main_Page (Submissions due 1 April 2010) Papers offering research contributions focusing on identity management in general and surveillance and monitoring in particular are solicited for submission to the 2nd IFIP WG-11.6 International Conference on Identity Management. Papers may present theory, applications or practical experiences in the field of national identity management, from both a technical and a social perspective, including, but not necessarily limited to: - History - Law - Philosophical and ethical aspects - Economics Impact of surveillance and monitoring in both the physical world and in cyberspace - Impact on society and politics - Impact on e-government and e-government applications - Consecutive developments in social tracking, -tracing and -sorting - Quality of identity management in general - Quality identity data, processes and applications - Security and identity management - User centered, usable and inclusive identity management - Attacks on identity management infrastructure and procedures Central storage of general and biometric identity data - Effectiveness of surveillance and monitoring in fighting terrorism, international crime and human trafficking - Methods of identification and authentication - Models of identification procedures - Models of inclusive identification and authentication procedures - Government PKI - (Possible) role of pseudonymous and anonymous identity in identity management - Electronic Ids European and worldwide policies and cooperation in the field of identity management and surveillance and monitoring - (Inter)national policies on unique identifiers /social security numbers / personalisation IDs - (Inter)national applications of biometrics - Vulnerabilities of electronic identification protocols - Federative identity management and de-perimetrization - Fraud, fraud detection, fraud resistence of technologies - Biometric verification, assurance, metrics and measurements - Fraud resistance of biometrics - Junction between (large scale) applications of identity management and surveillance and monitoring - Data Protection - Privacy and Privacy Enhancing Technologies (PETs) in identity management - Privacy Intrusion Technologies (PITs) in identity management - Privacy side-effects and privacy risks assessment of identity management Intelligence and (inter)national threats - Impersonation, identity fraud, identity forge and identity theft - Tracing, monitoring and forensics ------------------------------------------------------------------------- LIS 2010 Workshop on Logics in Security, Copenhagen, Denmark, August 9-13, 2010. http://lis.gforge.uni.lu/index.html (Submissions due 1 April 2010) In the past two decades, a number of logics and formal frameworks have been proposed to model and analyse interconnected systems from the security point of view. Recently, the increasing need to cope with distributed and complex scenarios forced researchers in formal security to employ non-classical logics to reason about these systems. The aim of this workshop is to bring together logicians and formal security researchers to foster the cross-fertilization between these two areas. Logicians have a lot to benefit from specifying and reasoning about real-world scenarios as well as researchers in security can apply recent advances in non-classical logics to improve their formalisms. We are interested in logical and formal foundations of security to the following topics: - Language-based security - Judgmental Analysis - Automated Theorem Proving - Term-Rewriting Systems - Logical Programming - Modal Logic - Dynamic Logic - Belief Revision Applies to - Access Control - Privacy - Protocol Verification - Security Architectures - Trust and Reputation Management - Static Analysis of Programs - Risk Management - Policy Compliance - Security in Multi-Agent System - Formal Cryptography ------------------------------------------------------------------------- PST 2010 8th International Conference on Privacy, Security and Trust, Ottawa, Canada, August 17-19, 2010. http://pstnet.unb.ca/pst2010 (Submissions due 3 April 2010) PST2010 provides a forum for researchers world-wide to unveil their latest work in privacy, security and trust and to show how this research can be used to enable innovation. This year's theme is "Privacy, Security and Trust by Design: PbD - The Gold Standard." With the growth and ubiquity of data in today's hyper-networked world, the need for trust has become more critical than ever. We need new paradigms that seek to integrate and build privacy, security and trustworthiness directly into technologies and systems from the outset and by default. PST2010 will include an Industry Day followed by two days of high-quality research papers whose topics include, but are NOT limited to, the following: - Privacy Preserving / Enhancing Technologies - Trust Technologies, Technologies for Building Trust in e-Business Strategy - Critical Infrastructure Protection - Observations of PST in Practice, Society, Policy and Legislation - Network and Wireless Security - Digital Rights Management - Operating Systems Security - Identity and Trust management - Intrusion Detection Technologies - PST and Cloud Computing - Secure Software Development and Architecture - Human Computer Interaction and PST - PST Challenges in e-Services - Implications of, and Technologies for, Lawful Surveillance - Network Enabled Operations - Biometrics, National ID Cards, Identity Theft - Advanced Training Tools - PST and Web Services / SOA - Information Filtering, Data Mining & Knowledge from Data - Privacy, Traceability, and Anonymity - National Security and Public Safety - Trust and Reputation in Self-Organizing Environments - Security Metrics - Anonymity and Privacy vs. Accountability - Recommendation, Reputation and Delivery Technologies - Access Control and Capability Delegation - Continuous Authentication - Representations and Formalizations of Trust in Electronic and Physical Social Systems ------------------------------------------------------------------------- RAID 2010 13th International Symposium on Recent Advances in Intrusion Detection, Ottawa, Canada, September 15-17, 2010. http://www.RAID2010.org (Submissions due 4 April 2010) This symposium, the 13th in an annual series, brings together leading researchers and practitioners from academia, government, and industry to discuss issues and technologies related to intrusion detection and defense. The Recent Advances in Intrusion Detection (RAID) International Symposium series furthers advances in intrusion defense by promoting the exchange of ideas in a broad range of topics. As in previous years, all topics related to intrusion detection, prevention and defense systems and technologies are within scope, including but not limited to the following: - Network and host intrusion detection and prevention - Anomaly and specification-based approaches - IDS cooperation and event correlation - Malware prevention, detection, analysis and containment - Web application security - Insider attack detection - Intrusion response, tolerance, and self protection - Operational experience and limitations of current approaches - Intrusion detection assessment and benchmarking - Attacks against IDS including DoS, evasion, and IDS discovery - Formal models, analysis, and standards - Deception systems and honeypots - Vulnerability analysis, risk assessment, and forensics - Adversarial machine learning for security - Visualization techniques - Special environments, including mobile and sensor networks - High-performance intrusion detection - Legal, social, and privacy issues - Network exfiltration detection - Botnet analysis, detection, and mitigation ------------------------------------------------------------------------- SECURECOMM 2010 6th International Conference on Security and Privacy in Communication Networks, Singapore, September 7-10, 2010. http://www.securecomm.org/ (Submissions due 5 April 2010) SecureComm'10 seeks high-quality research contributions in the form of well developed papers. Topics of interest encompass research advances in ALL areas of secure communications and networking. Topics in other areas (e.g., formal methods, database security, secure software, applied cryptography) will also be considered if a clear connection to private or secure communications/networking is demonstrated. ------------------------------------------------------------------------- SCN 2010 7th Conference on Security and Cryptography for Networks, Amalfi, Italy, September 13-15, 2010. http://scn.dia.unisa.it/ (Submissions due 7 April 2010) Security and privacy are increasing concerns in computer networks such as the Internet. The availability of fast, reliable, and cheap electronic communication offers the opportunity to perform electronically and in a distributed way a wide range of transactions of a most diverse nature. The Seventh Conference on Security and Cryptography for Networks (SCN 2010) aims at bringing together researchers in the field of cryptography and security in communication networks to foster cooperation and exchange of ideas. Original papers on all technical aspects of cryptography and security are solicited for submission to SCN 2010. Topics of interest are (but not limited to): - Anonymity - Implementations - Authentication - Symmetric-Key Cryptography - Complexity-based Cryptography - Privacy - Cryptanalysis - Cryptographic Protocols - Digital Signatures - Public-Key Cryptography - Hash Functions - Survey and State of the Art - Identification - Formal Methods in Security - Information-Theoretic Security ------------------------------------------------------------------------- HealthSec 2010 1st USENIX Workshop on Health Security and Privacy, Washington, DC, USA, August 10, 2010. http://www.usenix.org/healthsec10/cfpa/ (Submissions due 9 April 2010) HealthSec '10 is intended as a forum for lively discussion of aggressively innovative and potentially disruptive ideas on all aspects of medical and health security and privacy. A fundamental goal of the workshop is to promote cross-disciplinary interactions between fields, including, but not limited to, technology, medicine, and policy. Surprising results and thought-provoking ideas will be strongly favored; complete papers with polished results in well-explored research areas are comparatively discouraged. Workshop topics are solicited in all areas relating to healthcare information security and privacy, including: - Security and privacy models for healthcare information systems - Industrial experiences in healthcare information systems - Deployment of open systems for secure and private use of healthcare information technology - Security and privacy threats against and countermeasures for existing and future medical devices - Regulatory and policy issues of healthcare information systems - Privacy of medical records - Usability issues in healthcare information systems - Threat models for healthcare information systems ------------------------------------------------------------------------- Springer Transactions on Computational Science, Special Issue on Security in Computing, November/December 2010. http://www.springer.com/computer/lncs?SGWID=0-164-6-151275-0 (Submission Due 10 April 2010) Guest editor: Edward David Moreno (UFS Federal University of Sergipe, Brazil) This special issue on Security in Computing in the Springer Journal of TCS focuses on novel hardware implementation, new architectures, software solutions, novel applications, cryptographic algorithms and security protocols will become increasingly critical to good system performance, low-power and security. Original papers are solicited for this special issue. Particular emphases will be put on recent innovations about security in the mobile and embedded computing domains. Suggested topics include, but are not limited to: - Secure Architectures and Design - Security Evaluation and Testing - Cryptographic Algorithms and Techniques - Security policies, protocols and standards - Public- and symmetric-key cryptography in constrained environments such as RFID and smart cards - Security in Distributed and pervasive Systems, Grid Computing, P2P systems, Web services, Digital TV, Mobile Devices, Embedded Systems and Wireless Networks - Applications of Biometry and Biometric Systems in Security - Authentication and Authorization Models and Techniques - Application case studies of ICs for secure embedded computing - Formal verification of security properties and security protocols - Systems and Software Certification Methodologies - Relationships among software correctness, reliability, usability, safety, and security ------------------------------------------------------------------------- FCC 2010 6th Workshop on Formal and Computational Cryptography, Edinburgh, UK, July 20, 2010. http://research.microsoft.com/~fournet/fcc2010/ (Abstract Submissions due 10 April 2010) Since the 1980s, two approaches have been developed for analyzing security protocols. One of the approaches is based on a computational model that considers issues of complexity and probability. Messages are modelled as bitstrings and security properties are defined in a strong form, in essence guaranteeing security with high probability against all polynomial time attacks. However, it is difficult to prove security of large, complex protocols in this model. The other approach relies on a symbolic model of protocol execution in which messages are modelled using a term algebra and cryptographic primitives are treated as perfect black-boxes, e.g. the only way to decrypt a ciphertext is to use the corresponding decryption key. This abstraction enables simpler and often automated analyses of complex protocols. Since this model places strong constraints on the attacker, a fundamental question is whether such an analysis implies the strong security properties defined in the computational model. This workshop focuses on approaches that combine and relate symbolic and computational protocol analysis. Over the last few years, there has been a spate of research results in this area. One set of results establish correspondence theorems between the two models, in effect showing that for a certain class of protocols and properties, security in the symbolic model implies security in the computational model. In other work, researchers use language-based techniques such as process calculi, types, and logics to reason directly about the computational model. Several projects also investigate ways of mechanizing computationally sound proofs of protocols. The workshop seeks results in this area of computationally sound protocol analysis: foundations and tools. ------------------------------------------------------------------------- ACM-CCS 2010 17th ACM Conference on Computer and Communications Security, Chicago, IL, USA, October 4-8, 2010. http://www.sigsac.org/ccs/CCS2010/cfp.shtml (Submissions due 17 April 2010) The annual ACM Computer and Communications Security Conference is a leading international forum for information security researchers, practitioners, developers, and users to explore cutting-edge ideas and results, and to exchange techniques, tools, and experiences. The conference seeks submissions from academia, government, and industry presenting novel research on all practical and theoretical aspects of computer and communications security, as well as case studies and implementation experiences. Papers should have relevance to the construction, evaluation, application, or operation of secure systems. Theoretical papers must make a convincing argument for the practical significance of the results. All topic areas related to computer and communications security are of interest and in scope. Accepted papers will be published by ACM Press in the conference proceedings. Outstanding papers will be invited for possible publication in a special issue of the ACM Transactions on Information and System Security. ------------------------------------------------------------------------- RFIDSec 2010 6th Workshop on RFID Security, Istanbul, Turkey, June 8-10, 2010. http://www.projectice.eu/rfidsec10/index.html (Submissions due 20 April 2010) The workshop focuses on approaches to solve security and data-protection issues in advanced contactless technologies like RFID. It stresses implementation aspects imposed by resource constraints. Topics of the conference include but are not limited to: - New applications for secure RFID systems - Data protection and privacy-enhancing techniques for RFID - Cryptographic protocols for RFID (Authentication protocols, Key update mechanisms, Scalability issues) - Integration of secure RFID systems (Middleware and security, Public-key infrastructures, Case studies) - Resource-efficient implementation of cryptography (Small-footprint hardware, Low-power architectures) - Attacks on RFID systems - RFID security hardware e.g. RFID with PUF, RFID Trojans ------------------------------------------------------------------------- SIN 2010 3rd International Conference on Security of Information and Networks, Taganrog, Rostov-on-Don, Russia, September 7-11, 2010. http://www.sinconf.org/sin2010/ (Submissions due 20 April 2010) Papers addressing all aspects of security in information and networks are being sought. Researchers working on the following and related subjects are especially encouraged: realization of security schemes, new algorithms, experimenting with existing approaches; secure information systems, especially distributed control and processing applications, and security in networks; interoperability, service levels and quality issues in such systems; information assurance, security, and public policy. Topics of the conference include but are not limited to: - Access control and intrusion detection - Autonomous and adaptive security - Cryptographic techniques and key management - Information assurance - Network security and protocols - Security in information systems - Security tools and development platforms - Security ontology, models, protocols & policies - Secure ontology-based systems - Standards, guidelines and certification - Security-aware software engineering - Trust and privacy ------------------------------------------------------------------------- VizSec 2010 7th International Symposium on Visualization for Cyber Security, Ottawa, Ontario, Canada, September 14, 2010. http://www.vizsec2010.org (Submissions due 30 April 2010) This symposium brings together researchers and practitioners in information visualization and security to address the specific needs of the cyber security community through new and insightful visualization techniques. VizSec will be held in conjunction with the 13th International Symposium on Recent Advances in Intrusion Detection (RAID) September 15 - 17, 2010. VizSec will continue to provide opportunities for the two communities to collaborate and share insights into providing solutions for security needs through visualization approaches. ------------------------------------------------------------------------- MIST 2010 2nd International Workshop on Managing Insider Security Threats, Held in conjunction with IFIPTM 2010, Morioka, Iwate, Japan, June 14-15, 2010. http://isyou.hosting.paran.com/mist10/ (Submissions due 30 April 2010) During the past decades, information security developments have been mainly concerned with preventing illegal attacks by outsiders, such as hacking, virus propagation, and spyware. However, according to a recent Gartner Research Report, information leakage caused by insiders who are legally authorized to have access to some corporate information is increasing dramatically. These leakages can cause significant damages such as weakening the competitiveness of companies (and even countries). Information leakage caused by insiders occurs less frequently than information leakage caused by outsiders, but the financial damage is much greater. Countermeasures in terms of physical, managerial, and technical aspects are necessary to construct an integral security management system to protect companies' major information assets from unauthorized internal attackers. The objective of this workshop is to showcase the most recent challenges and advances in security technologies and management systems to prevent leakage of organizations' information caused by insiders. It may also include state-of-the-art surveys and case analyses of practical significance. We expect that the workshop will be a trigger for further research and technology improvements related to this important subject. Topics (include but are not limited to): - Theoretical foundations and algorithms for addressing insider threats - Insider threat assessment and modeling - Security technologies to prevent, detect and avoid insider threats - Validating the trustworthiness of staff - Post-insider threat incident analysis - Data breach modeling and mitigation techniques - Registration, authentication and identification - Certification and authorization - Database security - Device control system - Digital forensic system - Digital right management system - Fraud detection - Network access control system - Intrusion detection - Keyboard information security - Information security governance - Information security management systems - Risk assessment and management - Log collection and analysis - Trust management - IT compliance (audit) - Continuous auditing ------------------------------------------------------------------------- SCC 2010 2nd International Workshop on Security in Cloud Computing, Held in Conjunction with ICPP 2010, San Diego, California, USA, September 13 - 16, 2010. http://bingweb.binghamton.edu/~ychen/SCC2010.htm (Submissions due 1 May 2010) Cloud Computing has generated interest from both industry and academia since 2007. As an extension of Grid Computing and Distributed Computing, Cloud Computing aims to provide users with flexible services in a transparent manner. Services are allocated in a "cloud", which is a collection of devices and resources connected through the Internet. Before this paradigm can be widely accepted, the security, privacy and reliability provided by the services in the cloud must be well established. SCC'2010 will bring researchers and experts together to present and discuss the latest developments and technical solutions concerning various aspects of security issues in Cloud Computing. SCC'2010 seeks original unpublished papers focusing on theoretical analysis, emerging applications, novel system architecture construction and design, experimental studies, and social impacts of Cloud Computing. Both review/survey papers and technical papers are expected. Topics of the conference include but are not limited to: - Emerging threats to cloud-based services - Security models for new services - Cloud-aware web service security - Information hiding in Cloud Computing - Securing distributed data storage in the cloud - Privacy and security in Cloud Computing - Forensics - Robust network architecture - Cloud Infrastructure Security - Job deployment in the Cloud - Intrusion detection/prevention - Denial-of-Service (DoS) attacks and defense - Robust job scheduling - Secure resource allocation and indexing - Secure payment for cloud-aware services - User authentication in cloud-aware services - Security for emerging cloud programming models ------------------------------------------------------------------------- HotSec 2010 5th USENIX Workshop on Hot Topics in Security, Washington DC, USA, August 10, 2010. http://www.usenix.org/events/hotsec10/cfp/ (Submissions due 3 May 2010) While pragmatic and systems-oriented, HotSec takes a broad view of security and privacy and encompasses research on topics including, but not limited to, large-scale threats, network security, hardware security, software security, programming languages, applied cryptography, anonymity, human-computer interaction, sociology, and economics. We favor papers that propose new directions of research, advocate non-traditional approaches, report on noteworthy experience in an emerging area, or generate lively discussion around an important topic. Papers in well-explored research areas are discouraged. We expect that most accepted position papers will fall into one or more of the following categories: - Fundamentally new techniques, approaches, or perspectives for dealing with current security problems - New, major problems arising from new technologies that are now being developed or deployed - Truly surprising results that cause rethinking of previous approaches ------------------------------------------------------------------------- ICTCI 2010 4th International Conference on Trusted Cloud Infrastructure, Shanghai, China, October 18-20, 2010. http://ppi.fudan.edu.cn/ictci2010/index.html (Submissions due 15 May 2010) Cloud computing redefines ways for storing and processing information toward that information is permanently stored and processed in large data centers of shared server infrastructure, and temporarily cached on and used by client devices. This fundamental paradigm change in our IT infrastructure has given rise to many new trust and security challenges for protecting the user's information which is no longer under well physical controls of the user. Issues from data availability, integrity and confidentiality, trustworthiness of shared computing and storage resources, isolation of the user computing space in a virtualized data center, to IT regulations such as governance, risk and compliance (IT GRC), etc., now all have new concerns and face unanticipated vulnerabilities. These invite not only research for better understanding these new issues but also innovation for novel solutions to emerging problems. Topics of interests for ICTCI 2010 include, but not limited to, the following subject categories: - Theory and practice in Trusted Computing - Secure operating systems - Trusted virtual cloud infrastructure - Secure management of virtualized cloud resources - Secure network architecture for cloud computing - Security and privacy aware cloud protocol design - Access control for data center applications - Key management for data center applications - Trust and policy management in clouds - Identification and privacy in cloud - Remote data integrity protection - Off-premise execution software integrity and privacy - Secure computation outsourcing - Dynamic data operation security - Software and data segregation security - Failure detection and prediction - Secure data management within and across data centers - Availability, recovery and auditing - Secure wireless and mobile connections to the cloud ------------------------------------------------------------------------- MetriSec 2010 6th International Workshop on Security Measurements and Metrics, Held in conjunction with the International Symposium on Empirical Software Engineering and Measurement (ESEM 2010), Bolzano-Bozen, Italy, http://www.cs.kuleuven.be/conference/MetriSec2010/ September 15, 2010. (Submissions due 21 May 2010) Quantitative assessment is a major stumbling block for software and system security. Although some security metrics exist, they are rarely adequate. The engineering importance of metrics is intuitive: you cannot consistently improve what you cannot measure. Economics is an additional driver for security metrics: customers are unlikely to pay a premium for security if they are unable to quantify what they receive. The goal of the workshop is to foster research into security measurements and metrics and to continue building the community of individuals interested in this field. This year, MetriSec continues its co-location with ESEM, which offers an opportunity for the security metrics folks to meet the metrics community at large. The organizers solicit original submissions from industry and academic experts on the development and application of repeatable, meaningful measurements in the fields of software and system security. The topics of interest include, but are not limited to: - Security metrics - Security measurement and monitoring - Development of predictive models - Experimental validation of models - Formal theories of security metrics - Security quality assurance - Empirical assessment of security architectures and solutions - Mining data from attack and vulnerability repositories: e.g. CVE, CVSS - Static analysis metrics - Simulation and statistical analysis - Security risk analysis - Industrial experience ------------------------------------------------------------------------- SIDEUS 2010 1st International Workshop on Securing Information in Distributed Environments and Ubiquitous Systems, Fukuoka, Japan, November 4-6, 2010. http://www.sideus-conf.org (Submissions due 30 May 2010) At present time, the maturity of research in the field of distributed systems, such as P2P, Grid, Cloud or Internet computing, has pushed through new problems such us those related with security. In systems where the information freely flows across the network, the task of securing it becomes a real concern, and thus an interesting research challenge. For that reason, security is becoming one of the key issues when evaluating such systems and it is important to determine which security mechanisms are available, and how they fit to every particular scenario. The aim of this workshop is to provide a forum for the discussion of ideas on regards to the current challenges and solutions to security in an environment that is rapidly developing such as P2P, Grid, Cloud or Internet computing. The main topics include (but are not limited to): - Securing the Internet of Things (IoT) - Membership and access control - Identity management in distributed systems - Security in JXTA-based applications - Privacy and anonymity technologies - Secure distributed storage - Security issues in Vehicular Networks (VANETs) - Securing P2P networks against third-party attacks - Security and privacy in Delay-Tolerant Networks (DTN) - Integrating security in protocols - Assessment of information security ------------------------------------------------------------------------- eCRS 2010 eCrime Researchers Summit, Dallas, Texas, USA, October 18-20, 2010. http://www.ecrimeresearch.org/2010/cfp.html (Submissions due 30 May 2010) eCRS 2010 will bring together academic researchers, security practitioners, and law enforcement to discuss all aspects of electronic crime and ways to combat it, Topics of interests include (but are not limited to): - Phishing, rogue-AV, pharming, click-fraud, crimeware, extortion and emerging attacks - Technical, legal, political, social and psychological aspects of fraud and fraud prevention - Malware, botnets, ecriminal/phishing gangs and collaboration, or money laundering - Techniques to assess the risks and yields of attacks and the success rates of countermeasures - Delivery techniques, including spam, voice mail and rank manipulation; and countermeasures - Spoofing of different types, and applications to fraud - Techniques to avoid detection, tracking and takedown; and ways to block such techniques - Honeypot design, data mining, and forensic aspects of fraud prevention - Design and evaluation of user interfaces in the context of fraud and network security - Best practices related to digital forensics tools and techniques, investigative procedures, and evidence acquisition, handling and preservation ------------------------------------------------------------------------- NPSec 2010 6th Workshop on Secure Network Protocols, Held in conjunction with ICNP 2010, Kyoto, Japan, October 5, 2010. http://webgaki.inf.shizuoka.ac.jp/~npsec2010/ (Submissions due 4 June 2010) NPSec2010 focuses on two general areas. The first focus is on the development and analysis of secure or hardened protocols for the operation (establishment and maintenance) of network infrastructure, including such targets as secure multidomain, ad hoc, sensor or overlay networks, or other related target areas. This can include new protocols, enhancements to existing protocols, protocol analysis, and new attacks on existing protocols. The second focus is on employing such secure network protocols to create or enhance network applications. Examples include collaborative firewalls, incentive strategies for multiparty networks, and deployment strategies to enable secure applications. NPSec 2010 particularly welcomes new ideas on security in the context of future Internet design, such as architectural considerations for future Internet security and new primitives for supporting secure network protocol and application design. Topics of interest include but are not limited to: - Security in future Internet architectures (role of security in future architectures, integrating security in future protocols and applications) - Secure and/or resilient network protocols (e.g., internetworking/routing, MANETs, LANs and WLANs, mobile/cellular data networks, P2P and other overlay networks, federated trust systems, sensor networks) - Vulnerabilities of existing protocols and applications (both theoretical and case studies), including attacks - Key distribution/management - Intrusion detection and response - Incentive systems for P2P systems and manet routing - Secure protocol configuration and deployment - Challenges and security protocols for social networks ------------------------------------------------------------------------- SA&PS4CS 2010 1st International Workshop on Scientific Analysis and Policy Support for Cyber Security, Held in conjunction with the 5th International Conference on Mathematical Methods, Models, and Architectures for Computer Networks Security (MMM-ACNS 2010), St. Petersburg, Russia, September 9, 2010. http://www.comsec.spb.ru/saps4cs10/ (Submissions due 13 June 2010) The workshop is dedicated to the methods of scientific analysis and policy support for response to cyber intrusions and attacks. The main topics of the SA&PS4CS'2010 are detection, discrimination, and attribution of various activities of malefactors and response to cyber intrusions and attacks including national level information operations as well as identifying emergent cyber technologies supporting social and political activity management and trans-national distributed computing management. ------------------------------------------------------------------------- ACSAC 2010 26th Annual Computer Security Applications Conference, Austin, Texas, USA, December 6-10, 2010. http://www.acsac.org (Submissions due 14 June 2010) ACSAC is an internationally recognized forum for practitioners, researchers, and developers in information systems security. ACSAC's technical track is well established for presenting academically oriented research results, particularly those that have tangible practical applications. Topics of interest include, but are not limited to: - access control - applied cryptography - audit and audit reduction - biometrics - certification and accreditation - cybersecurity - database security - denial of service protection - distributed systems security - electronic commerce security - enterprise security management - forensics - identification & authentication - identify management - incident response planning - information survivability - insider threat protection - integrity - intellectual property rights - intrusion detection - mobile and wireless security - multimedia security - operating systems security - peer-to-peer security - privacy and data protection - product evaluation/compliance - risk/vulnerability assessment - securing cloud infrastructures - security engineering and management - security in IT outsourcing - service oriented architectures - software assurance - trust management - virtualization security - VOIP security - Web 2.0/3.0 security ------------------------------------------------------------------------- ISC 2010 13th Information Security Conference, Boca Raton, Florida, USA, October 25-28, 2010. http://math.fau.edu/~isc2010/ (Submissions due 15 June 2010) ISC is an annual international conference covering research (both theory and applications) in Information Security. The conference seeks submissions from academia, industry, and government that present novel research on all theoretical and practical aspects of Information Security. Topics of interest include, but are not limited to: - access control - accountability - anonymity and pseudonymity - applied cryptography - authentication - biometrics - computer forensics - cryptographic protocols - database security - data protection - data/system integrity - digital right management - economics of security and privacy - electronic frauds - formal methods in security - identity management - information dissemination control - information hiding and watermarking - intrusion detection - network security - peer-to-peer security - privacy - secure group communications - security and privacy in pervasive/ubiquitous computing - security in information flow - security in IT outsourcing - security for mobile code - security of grid computing - security of eCommerce, eBusiness and eGovernment - security in location services - security modeling and architectures - security models for ambient intelligence environments - security in social networks - trust models and trust management policies - embedded security ------------------------------------------------------------------------- HST 2010 10th IEEE International Conference on Technologies for Homeland Security, Waltham, MA, USA, November 8-10, 2010. http://ieee-hst.org/ (Submissions due 25 June 2010) The tenth annual IEEE Conference on Technologies for Homeland Security will focus on innovative technologies for deterring and preventing attacks, protecting critical infrastructure and individuals, and mitigating damage and expediting recovery. Submissions are desired in the broad areas of critical infrastructure and key resources protection (CIKR), border protection and monitoring, and disaster recovery and response, with application within about five years. ------------------------------------------------------------------------- International Journal of Information Technologies and Systems Approach, Special Issue on Privacy and Security Issues in IT, 2011. http://www.igi-global.com/journals/details.asp?ID=6720&v=callForPapersSpecial (Submission Due 30 June 2010) Guest editor: Frank Stowell (University of Portsmouth, England) and Vasilis Katos Democritus (University of Thrace, Greece) The topic of this special issue is motivated by the ease of collection, processing and dissemination of personal data and the concern about the unintended use or misuse of these data. Monitoring technologies are a fundamental component in IS security that serve as a policy violation detection mechanism but the expanding scope of ICT now means that it is not just the client that is affected but often the wider community e.g. CCTV monitoring as what may have been designed for specific end-users now impacts itself upon the majority. Monitoring has turned into systematic surveillance of emails, telephone usage and through CCTV general citizen activities. In a society where privacy is a fundamental human right the antagonism between privacy and security is a research issue of significance IS researchers as IS itself constitutes the means for feeding such antagonism between security and the privacy of the individual. This special issue invites a range of topics related to Privacy and the associated security issues created by the technology. Topics to be discussed in this special issue include (but are not limited to) the following: - Privacy preservation technologies for the citizen - Methodologies for analysing privacy requirements of an Information System - Protection of biometric data - Analysis and development of a systems view of security and its impact upon individual privacy - The Economics of security and privacy - The behavioural impact of monitoring and surveillance technologies - Opportunities and threats in emerging applications utilizing personal data - Privacy-centric systems ------------------------------------------------------------------------- The complete Cipher Calls-for-Papers is located at http://www.ieee-security.org/CFP/Cipher-Call-for-Papers.html The Cipher event Calendar is at http://www.ieee-security.org/Calendar/cipher-hypercalendar.html ____________________________________________________________________ Cipher Event Calendar ____________________________________________________________________ News Briefs ==================================================================== Information on the Technical Committee on Security and Privacy ==================================================================== ____________________________________________________________________ Information for Subscribers and Contributors ____________________________________________________________________ SUBSCRIPTIONS: Two options, each with two options: 1. To receive the full ascii CIPHER issues as e-mail, send e-mail to cipher-admin@ieee-security.org (which is NOT automated) with subject line "subscribe". OR send a note to cipher-request@mailman.xmission.com with the subject line "subscribe" (this IS automated - thereafter you can manage your subscription options, including unsubscribing, yourself) 2. To receive a short e-mail note announcing when a new issue of CIPHER is available for Web browsing send e-mail to cipher-admin@ieee-security.org (which is NOT automated) with subject line "subscribe postcard". OR send a note to cipher-postcard-request@mailman.xmission.com with the subject line "subscribe" (this IS automated - thereafter you can manage your subscription options, including unsubscribing, yourself) To remove yourself from the subscription list, send e-mail to cipher-admin@ieee-security.org with subject line "unsubscribe" or "unsubscribe postcard" or, if you have subscribed directly to the xmission.com mailing list, use your password (sent monthly) to unsubscribe per the instructions at http://mailman.xmission.com/cgi-bin/mailman/listinfo/cipher or http://mailman.xmission.com/cgi-bin/mailman/listinfo/cipher-postcard Those with access to hypertext browsers may prefer to read Cipher that way. It can be found at URL http://www.ieee-security.org/cipher.html CONTRIBUTIONS: to cipher @ ieee-security.org are invited. Cipher is a NEWSletter, not a bulletin board or forum. It has a fixed set of departments, defined by the Table of Contents. Please indicate in the subject line for which department your contribution is intended. Calendar and Calls-for-Papers entries should be sent to cipher-cfp @ ieee-security.org and they will be automatically included in both departments. To facilitate the semi-automated handling, please send either a text version of the CFP or a URL from which a text version can be easily obtained. For Calendar entries, please include a URL and/or e-mail address for the point-of-contact. For Calls for Papers, please submit a one paragraph summary. See this and past issues for examples. ALL CONTRIBUTIONS CONSIDERED AS PERSONAL COMMENTS; USUAL DISCLAIMERS APPLY. All reuses of Cipher material should respect stated copyright notices, and should cite the sources explicitly; as a courtesy, publications using Cipher material should obtain permission from the contributors. ____________________________________________________________________ Recent Address Changes ____________________________________________________________________ Address changes from past issues of Cipher are archived at http://www.ieee-security.org/Cipher/AddressChanges.html _____________________________________________________________________ How to become <> a member of the IEEE Computer Society's TC on Security and Privacy _____________________________________________________________________ You may easily join the TC on Security & Privacy by completing the on-line for at IEEE at http://www.computer.org/TCsignup/index.htm ______________________________________________________________________ TC Publications for Sale ______________________________________________________________________ IEEE Security and Privacy Symposium The 2009 hardcopy proceedings are not available. The DVD with all technical papers from all years of the SP Symposium and the CSF Symposium is $12, plus shipping and handling. The 2008 hardcopy proceedings are $10 plus shipping and handling; the 29 year CD is $10.00 The 2007 proceedings are available in hardcopy for $10.00, the 28 year CD is $10.00, plus shipping and handling. The 2006 Symposium proceedings and 11-year CD are sold out. The 2005, 2004, and 2003 Symposium proceedings are available for $10 plus shipping and handling. Shipping is $5.00/volume within the US, overseas surface mail is $8/volume, and overseas airmail is $14/volume, based on an order of 3 volumes or less. The shipping charge for a CD is $1 per CD (no charge if included with a hard copy order). Send a check made out to the IEEE Symposium on Security and Privacy to the 2010 treasurer (below) with the order description, including shipping method and shipping address. Al Shaffer Treasurer, IEEE Symposium Security and Privacy 2010 Glasgow East Annex, Rm. 218 (GE-218) 1411 Cunningham Rd. Naval Postgraduate School Montrerey, CA 93943 831/656\3319, voice oakland10-treasurer@ieee-security.org IEEE CS Press You may order some back issues from IEEE CS Press at http://www.computer.org/cspress/catalog/proc9.htm Computer Security Foundations Symposium Copies of the proceedings of the Computer Security Foundations Workshop (now Symposium) are available for $10 each. Copies of proceedings are available starting with year 10 (1997). Photocopy versions of year 1 are also $10. Contact Jonathan Herzog if interested in purchase. Jonathan Herzog jherzog@alum.mit.edu ____________________________________________________________________________ TC Officer Roster ____________________________________________________________________________ Chair: Security and Privacy SymposiumChair Emeritus: Hilarie Orman David Du Purple Streak, Inc. Department of Computer Science 500 S. Maple Dr. and Engineering Woodland Hills, UT 84653 University of Minnesota ieee-chair@purplestreak.com Minneapolis, MN 55455 du@umn.edu Vice Chair: Chair, Subcommittee on Academic Affairs: Sven Dietrich Prof. Cynthia Irvine Department of Computer Science U.S. Naval Postgraduate School Stevens Institute of Technology Computer Science Department, Code CS/IC +1 201 216 8078 Monterey CA 93943-5118 spock AT cs.stevens.edu (831) 656-2461 (voice) irvine@nps.edu Treasurer: Chair, Subcomm. on Security Conferences: Terry Benzel Jonathan Millen USC Information Sciences Intnl The MITRE Corporation, Mail Stop S119 4676 Admiralty Way, Suite 1001 202 Burlington Road Rte. 62 Los Angeles, CA 90292 Bedford, MA 01730-1420 (310) 822-1511 (voice) 781-271-51 (voice) tbenzel @isi.edu jmillen@mitre.org Newsletter Editor: Security and Privacy Symposium: General Chair 2010 Hilarie Orman Ulf Lindqvist Purple Streak, Inc. SRI 500 S. Maple Dr. Menlo Park, CA Woodland Hills, UT 84653 (650)859-2351 (voice) cipher-editor@ieee-security.org ulf.lindqvist@sri.com ________________________________________________________________________ BACK ISSUES: Cipher is archived at: http://www.ieee-security.org/cipher.html Cipher is published 6 times per year