Last Modified:7/21/08

Note: Please send new calls to cipher-cfp@ieee-security.org and take a moment to read the submission guidelines. And please see the Cipher Calendar for events sorted in date order. For all other questions, please contact cipher-cfp@ieee-security.org by email.

Contents

Special Issues of Journals and Handbooks

IEEE Network Magazine, Special Issue on Recent Developments in Network Intrusion Detection, 1st quarter of 2009. (Submission Due 1 August 2008) [posted here 6/11/08]

Guest editors: Thomas M. Chen (Swansea University, UK), Judy Fu (Motorola Labs, USA), Liwen He (BT Group, Chief Technology Office, UK), and Tim Strayer (BBN Technologies, USA)

Internet-connected computers are constantly exposed to a variety of possible attacks through exploits, social engineering, password cracking, and malicious software. Networks allow intruders to reach a large number of potential targets quickly and remotely with relatively low risk of traceability. Public attention on cyber attacks has grown with post-9/11 concerns over vulnerabilities of critical infrastructures and new regulations increasing accountability of organizations for loss of private data. Concerns have also been heightened by the prevalence of hidden spyware and bots among PC users.

Existing network-based intrusion detection methods depend on monitoring traffic and detecting evidence of attacks through known signatures or anomalous traffic behavior. However, intruders are continually changing their techniques to try new attack vectors and new ways to evade defenses. Network intrusion detection is challenged to adapt with new capabilities to recognize and respond to current attack methods.

The goal of this special issue of IEEE Network is to share new research developments in network intrusion detection. Papers should add to current understanding of new attack vectors, advances in packet collection and analysis, and state-of-the-art techniques for recognizing, tracing, and responding to attacks. Papers should contain substantial tutorial content and be understandable to a broad general audience, not only security experts. Topics of interest include:
- novel attacks and exploits
- novel methods for traffic data collection and anomaly detection
- network forensic techniques and best practices
- intrusion prevention systems
- deep packet inspection and classification at very high speeds/throughputs
- event correlation
- attack traceback and router support
- automatic signature generation
- detection of low intensity stealthy intrusions

For more information, please see http://www.comsoc.org/dl/net/ntwrk/special.html.

Wiley's Security and Communication Networks Journal, Special Issue on Security in Mobile Wireless Networks, 4th quarter of 2009. (Submission Due 30 September 2008) [posted here 4/28/08]

Guest editors: Abderrahim Benslimane (University of Avignon, France) Chadi Assi (Concordia University, Montreal, Canada), Stamatios V. Kartalopoulos (University of Oklahoma, USA), and Fred Nen-Fu Huang (National Tsing Hua University, Taiwan)

Security has become a primary concern in order to provide protected communication in mobile networks. Unlike the wired networks, the unique characteristics of mobile networks pose a number of nontrivial challenges to security design, such as open peer-to-peer network architecture, shared wireless medium, stringent resource constraints, highly dynamic network topology and absence of a trusted infrastructure. Ubiquitous roaming impacts on a radio access system by requiring that it supports handover between neighbouring cells and different networks. Also, mobile networks are more exposed to interferences than wired networks. There are several components that contribute to this: adjacent channels, co-channels, Doppler shifts, multipath, and fading. This SI aims to identify and explore the different issues and challenges related to security aspects in mobile networks. What are the impacts (benefits or inconvenience) of mobility on security? What are the appropriate mobility models to have a good level of security? Are Classical IDS approaches appropriate for mobile environments? How can be managed security when Mobility pattern and/or behaviour prediction? The complete security solution should span both layers, and encompass all three security components of prevention, detection, and reaction. Topics of interest include, but are not limited to, the following as they relate to mobile networks:
- Secure mobile PHY/MAC protocols
- Secure mobile routing protocols
- Security under resource constraints (e.g., energy, bandwidth, memory, and computation constraints)
- Performance and security tradeoffs in mobile networks
- Secure roaming across administrative domains
- Key management in mobile scenarios
- Cryptographic Protocols
- Authentication and access control in mobile networks
- Intrusion detection and tolerance in mobile network
- Trust establishment, negotiation, and management
- Secure mobile location services
- Secure clock distribution
- Privacy and anonymity
- Denial of service in mobile networks
- Prevention of traffic analysis

For more information, please see http://www3.interscience.wiley.com/cgi-bin/jtoc/114299116/.

EURASIP Journal on Wireless Communications and Networking, Special Issue on Wireless Physical Layer Security, April 1, 2009. (Submission Due 1 October 2008) [posted here 5/19/08]

Guest editors: Mérouane Debbah (Supélec, France), Hesham El-Gamal (Ohio State University, USA), H. Vincent Poor (Princeton University, USA), and Shlomo Shamai (Technion, Israel)

Security is a critical issue in multiuser wireless networks in which secure transmissions are becoming increasingly difficult to obtain in highly mobile and distributed environments. In his seminal works of the late 1940s, Shannon formalized the concepts of capacity (as a transmission efficiency measure) and equivocation (as a measure of secrecy). Together with Wyner's fundamental formulation of the wiretap channel in the 1970s, this work laid the groundwork for the area of wireless physical area security. Interest in this area has exploded in recent years, motivated by the rise of wireless networking in general and by the increasing interest in large mobile networks with light infrastructure, which are extremely difficult to secure by traditional methods.

The objective of this special issue (whose preparation is carried out under the auspices of the EC Network of Excellence in Wireless Communications NEWCOM++) is to gather recent advances in the area of wireless physical layer security from the theoretical, such as the analysis of the secrecy capacity of various channel models, to more practical interests such as the development of codes and other communication schemes that can provide security in real networks. Suitable topics for this special issue dedicated to physical layer security include but are not limited to:
- Opportunistic secrecy
- The wiretap channel with feedback
- Authentication over the wiretap channel
- Information theoretic secrecy of fading channels
- Secrecy through public discussion
- Wireless key distribution
- Multiuser channels with secrecy constraints
- MIMO wiretap channels
- Relay-eavesdropper channel
- Scheduling for secure communications
- Secure communication with jamming
- Game theoretic approaches for secrecy
- Codes for secure transmission
- Secure compression
- Cognitive approaches for secrecy
- Physical Secrecy and Common Randomness
- Secrecy with channel uncertainty

For more information, please see http://www.hindawi.com/journals/wcn/si/wpls.html.

Conference and Workshop Call-for-papers

NordSec 2008 13th Nordic Workshop on Secure IT Systems, Copenhagen, Denmark, October 9-10, 2008. (Submissions due 23 July 2008) [posted here 4/28/08]
The NordSec workshops are focused on applied computer security and are intended to encourage interchange and cooperation between research and industry. NordSec 2008 is organized by the Technical University of Denmark. NordSec 2008 has a special focus on "Security for the Citizens"; papers and extended abstracts on this topic are especially welcome. Topics include, but are not limited to, the following areas of computer security:
- Applied Cryptography
- Commercial Security Policies and Enforcement
- Communication and Network Security
- Computer Crime and Information Warfare
- Hardware and Smart Card Applications
- Internet and Web Security
- Intrusion Detection
- Language-based Techniques for Security
- New Ideas and Paradigms in Security
- Operating System Security
- PKI Systems and Key Escrow
- Privacy and Anonymity
- Security Education and Training
- Security Evaluations and Measurements
- Security Management and Audit
- Security Models
- Security Protocols
- Social-Engineering and Phishing
- Software Security, Attacks, and Defenses
- Trust and Trust Management

For more information, please see http://lbt.imm.dtu.dk/nsd08/nordsec08/.

MidSec 2008 1st International Workshop on Middleware Security, Held in conjunction with the 9th ACM International Middleware Conference (MIDDLEWARE 2008), Leuven, Belgium, December 2, 2008. (Submissions due 1 August 2008) [posted here 6/2/08]
Modern applications are more and more predominantly built around distributed programming paradigms. Event-based systems, mobile agent frameworks, peer-to-peer networks, grid computing, and Web service applications are examples of architectures that are used by a large share of the present software base. These paradigms expose applications to new, ever-growing security threats. For this reason, middleware platforms have always been mindful about offering out-of-the-box security services like communication encryption, user authentication, and access control. Such features are now considered commodities in many middleware platforms, e.g., CORBA, Java EE, and .NET. However, focused research is still necessary to address advanced areas of security. Examples are identity management, privacy and anonymity, accountability, application protection, and so on. The goal of this workshop is to provide a venue for the security and the middleware communities to collaborate and create new momentum for the topic area. Original submissions are welcome from both academic and industry experts. The topics of interest include, but are not limited to:
- Middleware security: middleware software is an asset on its own and has to be protected.
- Security co-design: trade-off and co-design between application-based and middleware-based security.
- Context-sensitive security middleware: advanced security services and features offered by the middleware layer to pervasive and situated systems.
- Policy-based management: innovative support for policy-based definition and enforcement of security concerns.
- Security features: interaction between security-specific and other middleware features, e.g., context-awareness.
- Advanced identification and authentication mechanisms: e.g., means to capture application-specific constraints in defining and enforcing access control rules.
- Availability: protection of availability of middleware services.
- Security in agent-based platforms: protection for mobile code and platforms.
- Security in aspect-based middleware: mechanisms for isolating and enforcing security aspects.
- Middleware-oriented security patterns: identification of patterns for sound, reusable security.
- Middleware-level security monitoring and measurement: metrics and mechanisms for quantification and evaluation of security enforced by the middleware.

For more information, please see http://www.cs.kuleuven.be/conference/MidSec2008/.

SAC-TREK 2009 24th ACM Symposium on Applied Computing (SAC 2009), Trust, Reputation, Evidence and other Collaboration Know-how (TRECK) Track, Honolulu, Hawaii, USA, March 8-12, 2009. (Submissions due 16 August 2008) [posted here 6/2/08]
The goal of the ACM SAC 2009 TRECK track remains to review the set of applications that benefit from the use of computational trust and online reputation. Computational trust has been used in reputation systems, risk management, collaborative filtering, social/business networking services, dynamic coalitions, virtual organisations and even combined with trusted computing hardware modules. The TRECK track covers all computational trust/reputation applications, especially those used in real-world applications. The topics of interest include, but are not limited to:
- Recommender and reputation systems
- Trust management, reputation management and identity management
- Pervasive computational trust and use of context-awareness
- Mobile trust, context-aware trust
- Web 2.0 reputation and trust
- Trust-based collaborative applications
- Automated collaboration and trust negotiation
- Trade-off between privacy and trust
- Trust/risk-based security frameworks
- Combined computational trust and trusted computing
- Tangible guarantees given by formal models of trust and risk
- Trust metrics assessment and threat analysis
- Trust in peer-to-peer and open source systems
- Technical trust evaluation and certification
- Impacts of social networks on computational trust
- Evidence gathering and management
- Real-world applications, running prototypes and advanced simulations
- Applicability in large-scale, open and decentralised environments
- Legal and economic aspects related to the use of trust and reputation engines
- User-studies and user interfaces of computational trust and online reputation applications

For more information, please see http://tech.groups.yahoo.com/group/trustcomp/.

SAC-SEC 2009 24th ACM Symposium on Applied Computing (SAC 2009), Computer Security Track, Honolulu, Hawaii, USA, March 8-12, 2009. (Submissions due 16 August 2008) [posted here 6/2/08]
Security is nowadays mandatory. However, it remains a tricky process including a variety of properties. The eigth edition of the Security Track strengthens its aims at bringing together researchers in any applied issues of computer and information security. The list of issues is vast, ranging from protocols to workflows. Topics of interest include but are not limited to:
- software security (protocols, operating systems, etc.)
- hardware security (smartcards, biometric technologies, etc.)
- mobile security (properties for/from mobile agents, etc.)
- network security (anti-virus, anti-hacker, anti-DoS tools, firewalls, real-time monitoring, etc.)
- alternatives to cryptography (steganography, etc.)
- security-specific software development practices (vulnerability testing, fault-injection resilience, etc.)
- privacy and anonimity (trust management, pseudonimity, identity management, etc.)
- safety and dependability issues (reliability, survivability, etc.)
- cyberlaw and cybercrime (copyrights, trademarks, defamation, intellectual property, etc.)
- security management and usability issues (security configuration, policy management, usability trials etc.)
- workflow and service security (business processes, web services, etc.)

For more information, please see http://www.dmi.unict.it/~giamp/sac/09cfp.html.

Inscrypt 2008 4th International Conferences on Information Security and Cryptology, Beijing, China, December 14-17, 2008. (Submissions due 20 August 2008) [posted here 7/14/08]
Authors are invited to submit full papers presenting new research results related to cryptology, information security and their applications. All submissions must describe original research that is not published or currently under review by another conference or journal. Areas of interest include, but are not limited to:
- Access Control
- Authentication and Authorization
- Biometric Security
- Distributed System Security
- Database Security
- Electronic Commerce Security
- Intrusion Detection
- Information Hiding and Watermarking
- Key Management and Key Recovery
- Network Security
- Security Protocols and Their Analysis
- Security Modeling and Architectures
- Provable Security
- Secure Multiparty Computation
- Foundations of Cryptography
- Secret Key and Public Key Cryptosystems
- Implementation of Cryptosystems
- Hash Functions and MACs
- Block Cipher Modes of Operation
- Intellectual Property Protection
- Mobile System Security
- Operating System Security
- Risk Evaluation and Security Certification
- Prevention and Detection of Malicious Codes

For more information, please see http://www.inscrypt.cn/inscrypt/.

ICIT 2009 IEEE International Conference on Industrial Technology (ICIT 2009), Special Session on Wireless Bluetooth Technologies and Cyber Security, Churchill, Victoria, Australia, February 10-13, 2009. (Submissions due 25 August 2008) [posted here 7/14/08]
Nowadays communication, entertainment, transportation, shopping and medicine have more and more relied on computers and the Internet. The widespread use of wireless computing, mobile devices and networks has raised security concerns. Cyber security aims at protection against unauthorized disclosure, transfer, modification, or destruction, whether accidental or intentional. We invite researchers, practitioners and others interested in wireless Bluetooth technologies and cyber security to submit original research paper or technical report to this Special Session on Wireless Bluetooth Technologies and Cyber Security conjunction with IEEE ICIT 2008. Topics are list as follows but are not limited to:
- Bluetooth Enterprise Systems
- Cellular Systems
- Digital Pens
- Multimedia communications over Wireless
- Location Management
- Wireless Networks Standards and Protocols
- RFID Systems
- Protocols for Mobile Networks
- Security, Privacy and Authentication in Mobile Environments
- Wireless Sensor Networks
- Key Management in Wireless Networks
- Key Distribution in Wireless Sensor Networks
- Cross-layer Design and Optimization
- Ad-hoc Wireless Networks
- Mobile Internet
- Bluetooth Internet
- Ubiquitous Networks
- Smart Sensors and Sensor Networks
- Bluetooth Home Networks
- 3G and 4G Wireless Networks

For more information, please see http://www.ieee-icit09.org/specialsessions.php.

ICIW 2009 4th International Conference on Information Warfare and Security, Breakwater Lodge, Cape Town, South Africa, March 26-27, 2009. (Submissions due 4 September 2008) [posted here 5/5/08]
Information warfare and security are at the forefront of modern defence strategies. Strong strands of research and interest are developing in the area, including the understanding of threats and risks to information systems, the development of a strong security culture, as well as incident detection and post incident investigation. The International Conference on Information Warfare and Security (ICIW) offers an opportunity for academics, practitioners and consultants from the US, North America and elsewhere who are involved in the study, management, development and implementation of systems and concepts related to information warfare or are interested in ways to improve information systems security, to come together and exchange ideas. This conference is continuing to establish itself as a key event for individuals working in the field from around the world.

For more information, please see http://academic-conferences.org/iciw/iciw2009/iciw09-home.htm.

ESSoS 2009 International Symposium on Engineering Secure Software and Systems, Leuven, Belgium, February 4-6, 2009. (Submissions due 8 September 2008) [posted here 6/30/08]
The goal of this symposium is to bring together researchers and practitioners to advance the states of the art and practice in secure software engineering. Being one of the few conference-level events dedicated to this topic, it explicitly aims to bridge the software engineering and security engineering communities, and promote cross-fertilization. The technical program includes an experience track for which the submission of highly informative case studies describing (un)successful secure software project experiences and lessons learned is explicitly encouraged. The Symposium seeks submissions on subjects related to its goals. This includes a diversity of topics including (but not limited to):
- scalable techniques for threat modeling and analysis of vulnerabilities
- specification and management of security requirements and policies
- security architecture and design for software and systems
- model checking for security
- specification formalisms for security artifacts
- verification techniques for security properties
- systematic support for security best practices
- security testing
- security assurance cases
- programming paradigms, models and DLS's for security
- program rewriting techniques
- processes for the development of secure software and systems
- security-oriented software reconfiguration and evolution
- security measurement
- automated development
- trade-off between security and other non-functional requirements
- support for assurance, certification and accreditation

For more information, please see http://distrinet.cs.kuleuven.be/events/essos2009/.

CISS 2009 Communication and Information Systems Security Symposium, Held in conjunction with the IEEE International Conference on Communications (ICC 2009), Dresden, Germany, June 14-18, 2009. (Submissions due 8 September 2008) [posted here 7/21/08]
With the advent of pervasive computer applications and due to the proliferation of heterogeneous wired and wireless computer and communication networks, security and privacy issues have become paramount. This Symposium will address all aspects of the modeling, design, implementation, deployment, and management of security algorithms, protocols, architectures, and systems. Furthermore, contributions devoted to the evaluation, optimization, or enhancement of security and privacy mechanisms for current technologies, as well as devising efficient security and privacy solutions for emerging technologies, are solicited. Topics of interest include, but are not limited to, the following:
- Authentication protocols and message authentication
- Biometric security: technologies, risks, vulnerabilities, bio-cryptography, mobile template protection
- Computer and network forensics
- Cryptography: Conventional public-key crypto, symmetric-key crypto, advanced crypto, and quantum crypto
- DDOS attacks, DNS spoofing, and countermeasures
- Formal trust models
- Information hiding and watermarking
- Information systems security
- Intrusion detection, localization, and countermeasures
- Mobile and Wireless network security, including ad hoc networks, P2P networks, 3G, 4G, sensor networks, Bluetooth, 802.11 family and WiMAX
- Network security metrics and performance
- Network traffic analysis techniques
- Operating systems security and log analysis tools
- Optical network security
- Privacy and privacy enhancing technologies
- Security modeling and protocol design
- Virtual private networks
- VoIP Security
- Vulnerability, exploitation tools and virus analysis
- Web, eBusiness, eCommerce, eGovernment security

For more information, please see http://www.ieee-icc.org/2009/.

NDSS 2009 16th Annual Network and Distributed System Security Symposium, San Diego, California USA, February 8-11, 2009. (Submissions due 12 September 2008) [posted here 5/19/08]
NDSS fosters information exchange among research scientists and practitioners of network and distributed system security services. The target audience includes those interested in practical aspects of network and distributed system security, with a focus on actual system design and implementation (rather than theory). A major goal is to encourage and enable the Internet community to apply, deploy, and advance the state of available security technology. The proceedings are published by the Internet Society. Submissions are solicited in, but not limited to, the following areas:
- Security of Web-based applications and services.
- Anti-malware techniques: detection, analysis, prevention.
- Intrusion prevention, detection, and response.
- Security for electronic voting.
- Combating cyber-crime: anti-phishing, anti-spam, anti-fraud techniques.
- Privacy and anonymity technologies.
- Network perimeter controls: firewalls, packet filters, application gateways.
- Security for emerging technologies: sensor networks, wireless/mobile (and ad hoc) networks, personal communication systems.
- Security for peer-to-peer and overlay network systems.
- Security for electronic commerce: e.g., payment, barter, EDI, notarization, timestamping, endorsement, and licensing.
- Implementation, deployment and management of network security policies.
- Intellectual property protection: protocols, implementations, metering, watermarking, digital rights management.
- Integrating security services with system and application security facilities and protocols.
- Public key infrastructures, key management, certification, and revocation.
- Special problems and case studies: e.g., tradeoffs between security and efficiency, usability, reliability and cost.
- Security for collaborative applications: teleconferencing and video-conferencing.
- Software hardening: e.g., detecting and defending against software bugs (overflows, etc.)
- Security for large-scale systems and critical infrastructures.
- Integrating security in Internet protocols: routing, naming, network management.

For more information, please see http://www.isoc.org/isoc/conferences/ndss/09/.

IFIP-DF 2009 5th Annual IFIP WG 11.9 International Conference on Digital Forensics, Orlando, Florida, USA, January 25-28, 2009. (Submissions due 15 October 2008) [posted here 4/14/08]
The IFIP Working Group 11.9 on Digital Forensics (www.ifip119.org) is an active international community of scientists, engineers and practitioners dedicated to advancing the state of the art of research and practice in the emerging field of digital forensics. The Fifth Annual IFIP WG 11.9 International Conference on Digital Forensics will provide a forum for presenting original, unpublished research results and innovative ideas related to the extraction, analysis and preservation of all forms of electronic evidence. Keynote presentations, revised papers and details of panel discussions will be published as an edited volume - the fifth in the series entitled Research Advances in Digital Forensics (Springer) in the summer of 2009. Technical papers are solicited in all areas related to the theory and practice of digital forensics. Areas of special interest include, but are not limited to:
- Theories, techniques and tools for extracting, analyzing and preserving digital evidence
- Network forensics
- Portable electronic device forensics
- Digital forensic processes and workflow models
- Digital forensic case studies
- Legal, ethical and policy issues related to digital forensics

For more information, please see http://www.ifip119.org.

FC 2009 13th International Conference on Financial Cryptography and Data Security, Accra Beach, Barbados, February 23-26, 2009. (Submissions due 17 October 2008) [posted here 6/2/08]
At its 13th year edition, Financial Cryptography and Data Security (FC'09) is a well established and major international forum for research, advanced development, education, exploration, and debate regarding security in the context of finance and commerce. Original papers, surveys and presentations on all aspects of financial and commerce security are invited. Submissions must have a strong and visible bearing on financial and commerce security issues, but can be interdisciplinary in nature and need not be exclusively concerned with cryptography or security. Possible topics for submission to the various sessions include, but are not limited to:
- Anonymity and Privacy
- Auctions and Audits
- Authentication and Identification
- Biometrics
- Certification and Authorization
- Commercial Cryptographic Applications
- Digital Cash and Payment Systems
- Digital Incentive and Loyalty Systems
- Digital Rights Management
- Economics of Information Security
- Financial Regulation and Reporting
- Fraud Detection
- Game Theoretic Approaches to Security
- Identity Theft, Spam, Phishing and Social Engineering
- Infrastructure Design
- Legal and Regulatory Issues
- Microfinance and Micropayments
- Monitoring, Management and Operations
- Reputation Systems
- RFID-Based and Contactless Payment Systems
- Risk Assessment and Management
- Secure Banking and Financial Web Services
- Securing Emerging Computational Paradigms
- Security and Risk Perceptions and Judgments
- Smart Cards and Secure Tokens
- Transactions and Contracts
- Trust Management
- Underground-Market Economics
- Virtual Economies
- Voting Systems

For more information, please see http://fc09.ifca.ai/.

IFIP-CIP 2009 Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, Hanover, New Hampshire, USA, March 22-25, 2009. (Submissions due 31 December 2008) [posted here 7/21/08]
The IFIP Working Group 11.10 on Critical Infrastructure Protection is an active international community of researchers, infrastructure operators and policy-makers dedicated to applying scientific principles, engineering techniques and public policy to address current and future problems in information infrastructure protection. Papers are solicited in all areas of critical infrastructure protection. Areas of interest include, but are not limited to:
- Infrastructure vulnerabilities, threats and risks
- Security challenges, solutions and implementation issues
- Infrastructure sector interdependencies and security implications
- Risk analysis and risk assessment methodologies
- Modeling and simulation of critical infrastructures
- Legal, economic and policy issues related to critical infrastructure protection
- Secure information sharing
- Infrastructure protection case studies
- Distributed control systems/SCADA security
- Telecommunications network security

For more information, please see http://www.ifip1110.org.

Archival Journals Regularly Specializing in Security and Privacy

Journal of Privacy Technology (JOPT),   Editor-in-Chief:  Michael Shamos
This online-only Journal, started in 2004 and  operated by Carnegie Mellon University, is a forum for the publication of original current research in privacy technology. It encourages the submission of any material dealing primarily with the technological aspects of privacy or with the privacy aspects of technology, which may include analysis of the interaction between policy and technology or the technological implications of legal decisions.  More information can be found at http://www.jopt.org/.

IEEE Security and Privacy Magazine,   Editor-in-Chief: George Cybenko
IEEE Security & Privacy provides a unique combination of research articles, case studies, tutorials, and regular departments covering diverse aspects of information assurance such as legal and ethical issues, privacy concerns, tools to help secure information, analysis of vulnerabilities and attacks, trends and new developments, pedagogical and curricular issues in educating the next generation of security professionals, secure operating systems and applications, security issues in wireless networks, design and test strategies for secure and survivable systems, and cryptology.  More information can be found at http://computer.org/security/.

ACM Transactions on Information and System Security,   Editor-in-Chief: Michael Reiter
ACM invites submissions for its Transactions on Information and System Security, inaugurated in November 1998. TISSEC publishes original archival-quality research papers and technical notes in all areas of information and system security including technologies, systems, applications, and policies. Papers should have practical relevance to the construction, evaluation, application, or operation of secure systems. Theoretical papers will be accepted only if there is convincing argument for the practical significance of the results. Theory must be justified by convincing examples illustrating its application. More information is given on the journal web page at http://www.acm.org/tissec.

IEEE Transactions on Dependable and Secure Computing,   Editor-in-Chief: Ravishankar K. Iyer
The IEEE Transactions on Dependable and Secure Computing publishes archival research results related to research into foundations, methodologies, and mechanisms that support the achievement—through design, modeling, and evaluation—of systems and networks that are dependable and secure to the desired degree without compromising performance. The focus will also include measurement, modeling, and simulation techniques, and foundations for jointly evaluating, verifying, and designing for performance, security, and dependability constraints. More information is given on the journal web page at http://www.computer.org/tdsc/.

The Kluwer International Series on ADVANCES IN INFORMATION SECURITY.
The purpose of the Advances in Information Security book series is to establish the state of the art and set the course for future research in information security. The scope of this series includes not only all aspects of computer and network security, but related areas such as fault tolerance and software assurance. The series will serve as a central source of reference for information security research and developments. The series aims to publish thorough and cohesive overviews on specific topics in Information Security, as well as works that are larger in scope than survey articles and that will contain more detailed background information. The series also provides a single point of coverage of advanced and timely topics and a forum for topics that may not have reached a level of maturity to warrant a comprehensive textbook. Prospective Authors or Editors: If you have an idea for a book that would fit in this series, we would welcome the opportunity to review your proposal. Should you wish to discuss any potential project further or receive specific information regarding book proposal requirements, please contact either Sushil Jajodia (jajodia@gmu.edu,703-993-1653) or Lance Wobus (lance.wobus@wkap.com, 781-681-0602)
 
Journal of Computer Security,   Editor-in-Chief: Sushil Jadodia and Jonathan Millen
JCS is an archival research journal for significant advances in computer security. Subject areas include architecture, operating systems, database systems, networks, authentication, distributed systems, formal models, verification, algorithms, mechanisms, and policies. Submissions: send six copies to one of the editors in chief: Sushil Jadodia, CSIS, George Mason University, 440 University Drive, Fairfax, VA 22030, or Jonathan Millen, The MITRE Corporation, 202 Burlington Rd., Bedford, MA. Subscriptions: contact IOS Press, Niewe Hemweg 6B, 1013 BG Amsterdam, Netherlands, (e-mail: order@iospress.nl) for information about individual or institutional subscriptions or back issues. More information is given on the journal web page at http://www.mitre.org/jcs.
 
Computers & Security,   Editor-in-Chief: E. Schultz
Computers & Security aims to satisfy the needs of managers and experts involved in computer security by providing a blend of research developments, innovations, and practical management advice. Original submissions on all computer security topics are invited, particularly those of practical benefit to the practitioner. Four copies of papers from 5-10,000 words should be sent to the editor, N. Dudley, at Elsevier Advanced Technology, P.O. Box 150, Kidlington, Oxford, OX5 1AS, United Kingdom. Telephones: voice +44(0)1865 843848 / 843000; fax +44 (0) 1865 843971.  More information can be found at http://www.elsevier.com/locate/issn/01674048.
 
International Journal of Information Security,   Editors-in-Chief: D. Gollmann; J. Lopez; C.A. Meadows; E. Okamoto
The International Journal of Information Security, IJIS, aims to provide prompt publication of important technical work in information security, attracting any person interested in communications, commerce, banking, medicine, or other areas of endeavor affected by information security. Any research submission on theory, applications, and implementations of information security is welcomed. This includes, but is not limited to, system security, network security, content protection, applications and foundations of information security. More information is given on the journal web page at http://link.springer.de/link/service/journals/10207/index.htm.
 
International Journal of Network Security,   Editors-in-Chief: Min-Shiang Hwang
International Journal of Network Security is an international official journal of Science Publications, publishing original articles, reviews and short communications of a high scientific and technology in network security. Subjects covered include: access control, computer security, cryptography, communications security, data security, database security, electronic commerce security, information security, multimedia security, and network security. Authors are strongly encouraged to submit their papers electronically by using online manuscript submission at http://ijns.nchu.edu.tw/, or submit their Word, ps or pdf file to the editor-in-chief (via Email: mshwang@isrc.nchu.edu.tw): Min-Shiang Hwang, at the Department of Management Information Systems, National Chung Hsing University, Taiwan, R.O.C.  More information can be found at http://ijns.nchu.edu.tw/.
 
International Journal of Security and Networks,   Editors-in-Chief: Yang Xiao
International Journal of Security and Networks is an archival research journal for significant advances in network security. Subject areas include attack models, security mechanisms, security services, authentication, authorization, access control, multicast security, data confidentiality, data integrity, non-repudiation, forensics, privacy protection, secure protocols, formal analyses, intrusion detection, key management, trust establishment, revocation of malicious parties, security policies, fraudulent usage, dependability and reliability, prevention of traffic analysis, network security performance evaluation, tradeoff analysis between performance and security, security standards, etc. All papers must be submitted online at http://www.inderscience.com/ijsn/. More information is given on the journal web page at http://www.inderscience.com/ijsn/.
 
International Journal of Critical Infrastructure Protection,   Editors-in-Chief: Sujeet Shenoi
International Journal of Critical Infrastructure Protection's primary aim is to publish high quality scientific and policy papers in all areas of critical infrastructure protection. Of particular interest are articles that weave science, technology and policy to craft sophisticated yet practical solutions that will secure information, computer and network assets in the various critical infrastructure sectors. All papers must be submitted online at http://www.elsevier.com/locate/ijcip. More information is given on the journal web page at http://www.elsevier.com/locate/ijcip.
 
IEEE Transactions on Information Forensics and Security,   Editors-in-Chief: Pierre Moulin
IEEE Transactions on Information Forensics and Security aims to provide a unified locus for archival research on the fundamental contributions and the mathematics behind information forensics, information security, surveillance, and systems applications that incorporate these features. Authors are strongly encouraged to submit their papers electronically to the online manuscript system, Manuscript Central, via sps-ieee.manuscriptcentral.com.  More information can be found at http://www.ieee.org/organizations/society/sp/tifs.html.