FORMATEX, a Spanish technological organization, in collaboration with the Computer Science and Physics Department of the University of Extremadura (Spain) is now editing a volume within our Information Society book series, on Techno-Legal aspects of Information Society. Some of the topics covered by this edition are: Security of Information Systems, Networking, E-commerce, Networks and Liberties, Informatic crimes, Public security vs. secret communications, Legal protection of software and digital contents, Digital Libraries, Rights Management in the Digital Era, Electronic signature, Electronic means of payment, Ethical issues, Law and Computer Science, Cryptography, Legal Expert Systems, Teleworking, e-Government, Cybersquatting, Typosquatting etc, Domain names and Trademarks, Thesaurus and documental techniques, Law Databases, Law in Internet. The Call for Papers' website is available at www.formatex.org/isbook/callforpaper.htm with details on deadlines, manuscripts format, etc. Submissions are due November 25, 2002.
IEEE Journal on
Selected Areas in Communications, Special issue on Design and Analysis
Techniques for Security Assurance. Publication: 1st quarter 2003. Editors:
Li Gong (SUN Microsystems), Joshua Guttman (The MITRE Corp), Peter Ryan (Carnegie
Mellon University), and Steve Schneider (University of London). Submission deadline is
March 1, 2002.
[posted here 7/26/01]
Information security plays a dominant and increasingly critical role in
society. It is therefore essential that we have effective
tools and techniques to design and evaluate secure
systems and demonstrate that they meet their
security requirements. The application of rigorous methods
to the specification, modeling, analysis, and design of security-critical
systems has made considerable strides in recent years, and
the field is rapidly gaining in maturity. The scope
of this issue will range over all rigorous, mathematically well
founded, approaches to all aspects of security system development. This
issue is intended to gather together the leading edge approaches in
this area. Papers are solicited in
the following areas:
* Security protocol analysis
* Computer security models and policies
* Information flow
* Secure architectures
* Mobility
* Tools for security analysis
* Languages
* Logics
* Static/typechecking techniques
* Smartcards
Original, unpublished contributions and invited articles will be
considered for the issue. The paper should be no longer
than 20 double-spaced pages, excluding illustrations
and graphs and follow the IEEE J-SAC manuscript
format described in the Information for Authors. Authors
wishing to submit papers should send an electronic version (postscript
or PDF files ONLY) to Steve Schneider at S.Schneider@rhul.ac.uk
by March 1, 2002.
Information and
Security: An International Journal. Special issue on agent-based
technologies. Publication: May 31, 2002.
Editor: Petya Ivanova (Center for National Security and
Defense Research, Bulgarian Academy of Sciences). Submission
date: abstract and intent to submit a paper - February 28, 2002;
final papers - March 31, 2002. [posted here 2/12/02]
The field of autonomous agents and multi-agent systems is an exciting and
rapidly expanding area of research and development. In the last few years,
there has been a growing interest in the application of agent-based systems
to various security-related and military domains. In this special issue of
Information & Security we shall present the results achieved in this area,
discuss the benefits (and drawbacks) that agent-based systems may bring to
the military and the broader security community, and provide a list of research
and practical challenges that should be tackled in the near future so that the
full potential of agent-based systems is realized. Topics include, but are not
limited to:
- General and specific architectures of agents in different settings and environments
- Cooperation and competition; coordination and collaboration
- Negotiation, consensus development, conflict detection and resolution
- Communication protocols and languages (communication standards)
- Intelligent cognitive activities jointly realized by multiple agents, e.g., distributed problem solving, planning, learning, and decision making
- Emergent behavior and organizational intelligence
- Organizational structuring and dynamics
- Mobile agents as general-purpose framework for distributed applications
- Performance issues; security, reliability, and robustness
- Agents and the interoperability of heterogeneous systems
- Human-agent interaction and interfaces
- Architectures, environments and languages for mobile and secure information services
- Agent capability requirements in military applications
We intend to present successful applications of agents and multi-agent systems
in the following domains:
- Military decision support systems and complex problem-solving
- Military training and education
- Collection and organization of knowledge available on the Internet
- Information retrieval, dissemination, and monitoring across multiple applications
For instructions and additional information on manuscript preparation, see:
www.isn.ethz.ch/publihouse/InfoSecurity. Questions can be addressed to
infosec@mbox.digsys.bg.
Computer
Communications, Special issue on Network Security. Publication: spring
2002. Editors: Brian Neil Levine, University of Massachusetts, and
Clay Shields, Purdue University. Submission deadline is October 5, 2001.
[posted here 2/20/01]
The Internet has become the cornerstone for the proliferation of networking
technology. The quality of the security and privacy of the services, protocols,
and infrastructure that make up the Internet is a key factor in its
continued growth and survivability. This special issue will collect and
archive the state of the art in Network Security for existing and future network
technologies, publishing research that explores: The security of infrastructure
and systems that form the network (such as routers, application-level proxies,
and servers); The security of protocols and services that work end-to-end (such
as DNS, HTTP, multimedia conferencing and virtual environments, and e-commerce);
Protocols that protect the privacy of users on the network. An emphasis on
deployable systems and the inclusion of an analysis of their network performance
in the presence of security mechanisms is ideal. Areas of interest include, but
are not limited to:
- Network privacy and anonymity
- Multicast and group-communication security
- Intrusion detection and response
- Network traceback
- Integrating security in Internet protocols
- Security analysis of Internet protocols
- Network performance evaluation of network security protocols;
- Denial-of-service attacks and counter measures
- Virtual private networks
- Security for wireless networks and technologies
Through the publication of this special issue, we wish to bring together researchers from the security and networking communities that have not
previously had a common forum in which to share methodologies and techniques.
Instructions for submitting a paper are given at signl.cs.umass.edu/comcom.
Information on Computer Communications can be found at www.troubador.co.uk/comcom/fp.htm
and www.troubador.co.uk/comcom/fp.htm.
IEEE Internet
Computing, Special Issue on Peer-to-Peer Networking. Guest editor: Li
Gong, Sun Microsystems. Publication date: January/February 2002. Submissions due June 1, 2001. [posted here
2/20/01]
The term peer-to-peer networking is applied to a wide range of technologies
that greatly increase the utilization of information, bandwidth, and
computing resources in the Internet. Frequently, these P2P technologies
adopt a network-based computing style that neither excludes nor inherently
depends on centralized control points. Apart from improving performance in
terms of information discovery, content delivery, and information processing,
such a style also can enhance the overall reliability and fault-tolerance
of the computing system. This special issue of Internet Computing will
showcase significant developments in the general area of peer-to-peer
networking. Topics of interest include (but are not limited to):
1. Peer naming, discovery, and organization
2. Peer-based communication and information sharing
3. Systems support for peer-to-peer networking
4. Security support for peer-to-peer networking
5. Peer-based network infrastructure including operating systems
6. Peer-based services and applications
Ideally, submissions will report advances that (a) use a simple and elegant solution to solve a seemingly complicated problem, (b) have a
solid theoretical foundation but a realistic implementation path, and (c) are readily deployable over currently existing Internet
infrastructure. We discourage strictly theoretical or mathematical papers on modeling of peer-to-peer computing. If you are uncertain
about your submission in terms of scope, please provide an abstract to the guest editor for clarification before submission.
(note: the complete call for papers has not been posted on the IEEE web
site yet. We will update this Cipher entry when the URL is
known. In the interim, you may choose to contact the guest editor,
Dr. Li Gong at li.gong@sun.com)
IEEE Computer, Special
issue on embedded system security. Guest editors: William A. Arbaugh,
University of Maryland, and Leendert Van Doorn, IBM Research.
Submission deadline is March 15, 2001.
[posted here 12/18/00]
Embedded systems range from personal digital
assistants to disk controllers and from home thermostats to microwave
regulators. These near-ubiquitous devices are often networked and
thus present security challenges similar to those already of concern on
the Internet. This special issue will consider the security and
privacy that networked embedded systems present. Submissions are
sought on all topics relating to embedded system security including risk
analysis, privacy issues, software security architectures, security
requirements for embedded operating systems, embedded cryptographic
devices, using embedded devices to build secure systems, and secure
firmware upgrades. For further information see www.cs.umd.edu/~waa/ieee-cfp.html.
Internet Computing
,
Call for papers on "Widely Deployed Internet Security Solutions",
November/December 2000, Guest Editors: Li Gong and Ravi Sandhu.
(Submissions due: April 28, 2000) [posted here January 28, 2000].
The goal of this special issue is two-fold. One is to reflect on
security technology that have made into mainstream products and have been
widely deployed within the past decade. An interesting perspective is why
these solutions were picked over other competing solutions and what made
them more attractive and acceptable. The other part of the goal is to
access the state of the art in security research and technology with the
hope that these investigations point to what may be deployed in the next
decade. Topics of Interest include (but are not limited to) descriptions
of and perspectives (historic, legal, etc.) on:
*
Security solutions that are widely deployed
*
Security solutions that were once fashionable but no longer in use
*
Prevailing security solutions that are becoming obsolete
*
Emerging security solutions that are likely to be widely deployed
We welcome submissions regarding security solutions covering all
aspect of computing, including operating systems, networking, databases, distributed systems, human-computer interaction, the web,
the Internet, information appliances, and wireless communication. However, we discourage abstract theory/idea papers, especially pure
cryptography theory or crypto protocol papers. Our focus is on security solutions that were, are, or will be widely deployed.
Submission instructions can be found on the journal web page at church.computer.org/internet/call4ppr.htm.
IEEE Software, Call for Articles & Reviewers, Malicious Information Technology: The Software vs. The People Publication: Sept./Oct. 2000. Guest Editors: Nancy Mead (nrm@sei.cmu.edu) and Jeffrey Voas (jmvoas@rstcorp.com). (Submissions due: April 1, 2000) [posted here November 3, 1999].
| * Intrusion detection | |
| * Information survivability | |
| * Federal critical infrastructure protection plans | |
| * Federal laws prohibiting encryption exports vs. US corporations | |
| * State-of-the-practice in security testing | |
| * The Internet's "hacker underground" | |
| * Corporate information insurance | |
| * Penalties for those convicted of creating viruses | |
| * Case studies in information security and survivability |
Journal of
Theoretical Computer Science, special issue on Dependable
Computing. Guest Editor: Gilles Motet.
(Submissions due: December 20, 1999)
[posted here October 15, 1999].
Papers should be sent as attached rtf, postscript or pdf files to
Guest Editor: Gilles Motet / LESIA DGEI, INSA, 135, avenue de
Rangueil / 31077 Toulouse cedex 4 / France. Email:
Gilles.Motet@insa-tlse.fr.
More information can be found at:
wwwdge.insa-tlse.fr/~lesia/tcs-call-for-paper.html.
Computer Communications Journal, special issue on
Advances in Research and Application of Network Security,
first quarter 2000. Guest Editors: Dr. M. Merabti (John Moores
University, UK), Dr. Q. Shi (John Moores University, UK),
and Dr. Rolf Oppliger (Swiss Federal Office of information
Technology & Systems) (full papers due September 1, 1999)
[posted here June 15, 1999].
The special issue aims to publish original research results of
both theoretical and practical significance. Topics of interest
include, but are not limited to
International Journal of Computer Systems: Science &
Engineering
Special Issue on Developing Fault-Tolerant Systems with Ada.
(Abstracts due June 1, 1999; full papers due: June 15, 1999)
[posted here: 2/5/99].
An electronic version of the abstract is to be sent to
A. Romanovsky
at: alexander.romanovsky@ncl.ac.uk (phone:+44 191 222 8135;
fax: +44 191 222 8232) by June 1, 1999. Full submissions are to be
forwarded by June 15, 1999 to one of the guest editors (electronic
submissions are encouraged): A. Romanovsky or A.J. Wellings at
andy@minster.cs.york.ac.uk More information:
www.cs.ncl.ac.uk/people/alexander.romanovsky/home.formal/ftada.html.
ACM Transactions on Software Engineering and Methodology
Special issue on Software Engineering and Security. Guest Editors:
Premkumar Devanbu (devanbu@cs.ucdavis.edu, UC Davis) and Stuart
Stubblebine, (stubblebine@cs.columbia.edu).
(DEADLINE EXTENDED TO JUNE 1, 1999) [posted here: 12/14/98].
Software system security issues are no longer only of primary
concern to military, government or infrastructure systems. Every
palmtop, desktop and TV set-top box contains or will soon contain
networked software. This software must preserve desired security
properties (authenticity, privacy, integrity) of activities ranging
from electronic commerce, electronic messaging, and browsing. From
being a peripheral concern of a limited and specialized group of
engineers, security has become a central concern for a wide range
of software professionals. In addition, software is no longer a
monolithic shrink-wrapped product created by a single development
organization with a well-defined software process. Instead, it is
composed of components constructed by many different vendors
following different practices. Indeed, software may even contain
elements that arrive and are linked in just prior to execution.
Customers need assurance that constituent components and mobile
code have certain desirable properties; this need conflicts with
the need for vendors to protect their proprietary information. The
issue of providing assurance without full disclosure has been
studied in security research, and needs to be applied to this problem.
To provide a focus for these and other interactions between security
and software engineering, ACM TOSEM will bring out a special issue
dedicated to the intersection of concerns between the two fields.
We solicit submissions that address the following issues and sub-areas:
IEEE Network Magazine, Special Issue on Network Security
(Nov/Dec 1999). Guest Editors: Bulent Yener, Bell Labs, Lucent
Technologies (yener@research.bell-labs.com), and Patrick Dowd,
Laboratory for Telecommunications Sciences, United States Department
of Defense (p.dowd@ieee.org). (Submission deadline: June 1, 1999)
[posted here: 3/15/99].
Network and Internet security has become a crucial requirement for
both users and service providers. The Internet is a commercial
infrastructure where sensitive and confidential personal and business
data are carried over public networks. Although security is often
treated as an after-thought, this attitude is changing. Security
within an application needs to be considered as a fundamental element
of the application, treated analogously to Quality of Service (QoS)
considerations. Security is often viewed as a one-size-fits-all
paradigm, but this is difficult to sustain due to the eclectic
collection of communications mediums that compose the Internet
infrastructure. The danger of a cookie-cutter strategy is that
security will contend with performance since it is not suited to the
environment. As the QoS requirements of applications and the physical
layer properties internetworking become more diverse, agile but robust
and consistent security solutions are needed. This is difficult, since
custom solutions typically have difficulty surviving in a mass market,
yet flexibility is needed for security use to become ubiquitous.
We are interested in tutorial-oriented research papers that describe
real services, software systems and experiments. Work-in-progress
papers describing the state of on-going research projects in Internet
security are encouraged. Research papers should demonstrate the
feasibility of the approach and describe the state of realization.
Case studies and applied papers should discuss the key factors that
made the system work and should also mention the pitfalls and problems
encountered and how they may be overcome. Topics of interest include:
| * Intrusion detection | * Authentication | |
| * Mobile code and agent security | * Privacy and anonymity | |
| * Key management | * Access control and Firewalls | |
| * Wireless, mobile network security | * Secure multicasting | |
| * Data integrity | * Security verification | |
| * Security protocols | * Policy modeling | |
| * Commercial security | * Electronic commerce | |
| * Security management |
IEEE Internet Computing, Special Issue on Survivable,
High-Confidence Distributed Systems (November/December 1999).
Guest Editor: Mike Reiter, Bell Labs (reiter@research.bell-labs.com)
(Submission deadline: 12 May 1999)
[posted here: 3/1/99].
As the world moves toward increasing reliance on computing networks,
it is essential to find ways of building distributed systems that
perform reliably under a wide range of circumstances that may
include both accidents and malicious attacks. A "survivable" system
is one that can make meaningful progress even when some (human or
computer) components fail to behave as expected, and particularly
when they behave in a way as to undermine the correct operation
of the system as a whole. Survivable systems may combine techniques
for detecting, masking, and adapting to such failures and attacks,
at the network level, a middleware layer, or in the higher-level
distributed application of interest. This issue examines the state
of the art in the design, implementation, and analysis of survivable
distributed systems and networks. Topics of interest include, but
are not limited to:
A special issue of
IEEE Transactions on Software Engineering ,
Special Issue on Current Trends in Exception Handling,
(abstracts due: February 15, 1999; papers: March 1, 1999)
[posted here December 8, 1998].
This special issue invites papers with focus on research results,
experience reports, and brief survey/tutorials on emerging research
challenges related to exception handling in (but not limited to) the
following areas:
A special issue of
IEEE Journal on
Selected Areas in Communications (JSAC)
Special Issue on Network Security. Publication date: January, 2000.
Guest Editors: Hilarie Orman, Ueli Maurer, Stephen Kent, and
Stephen Bellovin. (submissions due: February 5, 1999)
[posted here September 16, 1998].
This special issue of JSAC will be devoted to recent research
results that describe or forecast significant changes in the
feasibility of delivering security solutions (such as major
improvements in cryptographic efficiency), or describe progress in
areas that have been especially difficult, or are relevant to newer
technologies, such as optical or mobile wireless communication. Of
special interest are papers that relate their results to use on the
Internet today or to use on next generation networks. Papers are
solicited in the following areas: Cryptography-based network systems,
such as secure private networks and transactional security; Public-key
infrastructures; Applying new cryptographic methods to network
communication; New cryptographic protocols supporting secure network
systems; Anonymous communication; Recent cryptographic theory
advances; Optical network security; Mobile wireless network security;
Formal analysis of network security systems; Trends in network-based
attacks; Secure group communication; Policy expression and
enforcement. Papers in strongly related areas, especially those
involving novel technologies, are also encouraged. Manuscripts to be
considered for submission should be sent by email to Hilarie Orman
(ho@cs.arizona.edu) by February 5, 1999. The manuscripts must be in
Postscript, viewable in ghostscript, or six copies can be sent by
mail; contact Hilarie Orman well prior to the deadline for
the mailing address. Please note the IEEE formatting requirements;
information for authors can be found at:
gump.bellcore.com:5000/Guidelines/info.html
The JSAC home page is at
gump.bellcore.com:5000.
A special issue of
IEEE Computer , A baseline on security strategies
for the emerging broadband environment. Guest Editors:
Dr. Patrick Dowd, and Dr. John McHenry.
(submissions due: January 15, 1999)
[posted here December 8, 1999].
This special issue will focus attention on the integration of
networking and endpoint security. It will pull together both IP
and ATM networking security strategies and examine methods that
will allow homes and offices to safely explore the opportunities
provided by a "connected" environment. Topics including the emerging
broadband networking environment, IP and ATM security, integrated
security strategies, and security analysis are of particular interest.
Only electronic submissions (postscript, Adobe Acrobat, MS Word, or
Framemaker) will be considered - paper copies will not
be accepted. Please contact one of the guest editors if you have any
questions. GUEST EDITORS: Dr. Patrick W. Dowd, University of Maryland,
Department of Electrical Engineering, A.V. Williams Building,
College Park, MD 20742, and Dr. John McHenry, U.S. Department of
Defense, National Security Agency, Suite 6512, Ft Meade,
MD 20755-6512.
IEEE Communications Magazine Feature Topic Issue on The
Provision of Communication Services over Hybrid Networks
(publication: July 1999). Guest Editors: Jean-Pierre Hubaux and
David Nagel. (submissions due: January 5, 1999)
[posted here December 11, 1999].
This Feature Topic Issue is devoted to the architecture and provision
of services over hybrid networks. Topics of interest include:
A special issue of
Distributed and Parallel Databases: An International Journal
Kluwer Academic Publishers, Special issue Editors: Vijay Atluri
and Pierangela Samarati. (submissions due: September 30, 1998)
[posted here: July 6, 1998]
Recognizing the importance of the research in computer security,
Distributed and Parallel Databases: An International Journal
is organizing a special issue on security. The primary focus of this
special issue will be on high-quality original unpublished research,
case studies, as well as implementation experiences in any area of
computer and communication security. Suggested topics include but
are not limited to:
Accounting and Audit, Authorization and Access Control,
Authentication, Applied Cryptography, Computer Security and Public
Policy, Data/System Integrity, Electronic Commerce and Virtual
Banking, Information Warfare, Intrusion Detection, Intellectual
Property Protection, Privacy and Anonymity, Security for Digital
Libraries, Security in Data and Knowledge Bases, Security in Data
Warehouses, Security in Workflow Systems, Security in Mobile and
Wireless Systems, Security Management, Secure Networking and
Protocols. Manuscripts must be written in English and should
include a cover page with title, name and address (including e-mail
address) of author(s), an abstract, and a list of identifying
keywords. Manuscripts must be submitted as Postscript files via
electronic mail to Prof. Vijay Atluri at
atluri@andromeda.rutgers.edu.
In addition, send five hard copies of your submission to:
Melissa Parsons, Journals Editorial Office, Kluwer Academic
Publishers, 101 Philip Drive, Norwell, MA 02061, USA;
tel: (+1)781-871-6600; fax: (+1)781-878-0449; e-mail:
mparsons@wkap.com.
A special issue of Software Practice & Experience on Experiences
with Computer and Network Security. Guest editor: Gene Spafford
(spaf@cs.purdue.edu). (submissions due: July 1, 1998)
[Posted here: May 13, 1998]
Contact the editor for submission details. Papers describing both
`systems' and `applications' software in any computing environment
are acceptable. Typical topics include software design and
implementation, case studies, studies describing the evolution of
software systems, critical appraisals of systems, and the practical
aspects of software engineering. Theoretical discussions can be
included, but should illuminate the practical aspects of the work,
or indicate directions that might lead to better practical systems.
This special issue is specifically devoted to issues of computer
and network security software. We are seeking high-quality articles
relating to the above-mentioned themes. This includes papers on at
least the following topics: access control systems, auditing systems
and analysis, misuse and intrusion detection systems, applications
of cryptography, secure messaging systems, information protection
systems, security of mobile code, security of browsers and related
technology, security testing and assurance, firewall construction
and testing, experiences with new security programming paradigms,
development and experience with "hacking tools", experiences with
patching security flaws
The Journal of Computer Security,
JCS Special Issue
on Research in Intrusion Detection. Editor: Phillip A. Porras
(porras@csl.sri.com) (Submissions due: July 15, 1998)
[posted here: June 29, 1998]
This special issue seeks papers that describe research beyond the
scope or orthogonal to what the commercial intrusion-detection
community is producing. The intent is to capture results from key
efforts in the field, and to understand the directions and
motivations that are driving current and future research in this
area. Papers are solicited on all aspects of intrusion detection,
including the extension of intrusion-detection techniques to new
problem domains, as well as the application of other techniques to
intrusion detection. A complete list of topics is given in the
call-for-papers at
www.csl.sri.com/jcs-ids-call.html. Submissions should be
received by July 15, but earlier submissions are
encouraged. Manuscripts must be in English (dbl-spaced; 12 pt.).
Each copy should have a cover page with title, name and address
(including e-mail address) of author(s), an abstract of no more
than 200 words, and a list of identifying keywords. Editor:
Phillip A. Porras / Computer Science Laboratory / SRI International/
333 Ravenswood Avenue / Menlo Park CA 94025 / phone: 650-859-3232 /
fax: 650-859-2844 / porras@csl.sri.com.
The Journal of Computer Security is an archival journal published
quarterly. Its purpose is to present research and development results
of lasting significance in the theory, design, implementation,
analysis and application of secure computer systems. The Journal of
Computer Security represents today a main forum for ideas about the
meaning and implications of security and privacy, particularly those
with important consequences for the technical community.
IEEE Internet Computing
A special issue of IEEE Internet Computing, November/December 1998,
(submissions due: May 12, 1998) [Posted here: March 3, 1998]
Executable content systems like Java, DNA (ActiveX), JavaScript,
Postscript, Word Macros, and so on have had a fundamental impact on
computer security. The very concept of executable content involves
fetching and running data from a most-likely untrusted site. Often,
this happens behind the scenes without the client being aware of the
details. For example, when a Web user requests a page with a Java
applet embedded in it, the Java byte code is automatically downloaded
and begins to execute on a virtual machine in the user's browser.
This special issue will be devoted to security implications of mobile
code. In particular, we are interested in articles discussing:
Code signing technologies, including models for permissions,
capabilities, and principals;
Proof-carrying code and security policy resolution;
Implications of existing protocols such as SSL on proxy
scanning, intrusion detection, and firewalling;
Handling denial of service;
Design of secure interfaces for devices such as smart cards;
Security policy creation and management issues;
Injecting security into the software development process.
URL for submission process information:
computer.org/internet/
SIGMBOILE Mobile Computing and Communications Review, Volume 2, Issue 2.
(Submissions due: November 15, 1997) [posted here: 10/1/97].
The wireless communication revolution is bringing fundamental changes
to telecommunication and computing. Wide-area cellular systems and
wireless LANs promise to make integrated networks a reality and
provide fully distributed and ubiquitous mobile computing and
communications, thus bringing an end to the tyranny of
geography. Furthermore, services for the mobile user are maturing and
are poised to change the nature and scope of communication. This
publication serves to enhance the ability of ACM SIGMOBILE members to
keep up-to-date in this rapidly moving field, as well as serve as a
major focal point for the discussion of new directions of portable
computation and mobile networks for both the research and
market-driven communities. Papers on original research are solictited.
Please see the complete
call for papers for a list of topics of interest.
Paper submission will be handled electronically. Authors should Email
a PostScript version of their full paper to: editors_sigmobile@acm.org
Detailed submission instructions can be found on the MC2R web page
http://www.acm.org/sigmobile/MC2R
Special Issue of IEEE Personal Communications Magazine on Mobile
Systems and the Web (submissions are due November 1, 1997).
The information revolution that the pundits have been predicting seems
finally to be upon us. Instantaneous access to information, which has
always been dreamed of, is being realized today with the advent of the
World Wide Web. Browsing (surfing) the web is becoming an increasingly
common activity for computer users from all domains of life. A web
browser probably represents the most ubiquitous interface mechanism to
computers today, in terms of the number of people who are comfortable
in using it. Web access from mobile platforms would truly represent an
example of ubiquitous computing, realising the vision of computing
anytime, anywhere and by everyone. However, the reality is that HTTP
is not a mobile friendly protocol, and extremely wasteful of bandwidth.
The current model of browsing the web is also open to criticism along
the same lines. In general, the problems are one of resource
constrained browsing platforms connecting to the network via thin
pipes that are prone to disconnection. To facilitate web browsing from
mobile platforms, it is important to understand these limitations and
devise techniques and methodologies which will help alleviate these
problems. The special issue will be devoted to articles which describe
such techniques. A representative list (not all inclusive) of topics
would include the following as they impact web browsing from wireless
platforms:
* granularity reduction of multimedia data for wireless links
* information location and filtering
* prefetching and caching
* delayed fetching
* location dependent data
* improvements in HTTP protocol
* anticipatory caching
More information about submitting a paper can be found in the
call-for-papers.
IEEE Network Magazine Special Issue on PCS Network Management has a call for papers for topics on Internet computing. (Submissions due October 25, 1997.) [posted here 7/7/97]
IEEE Network Magazine Special Issue on Active and Programmable
Networks has a
call for papers for topics on Internet computing. (Submissions due
November 10, 1997.) [posted here 7/8/97]
New networking concepts, building on recent advances in mobile
software, have been proposed with the purposes of accelerating
services and enhancing network management. An active network can give
a high degree of control to users to customize their network services
dynamically. Users can in effect "program" their services by
injecting mobile programs in special packets that are executed at
network elements. These mobile programs can carry out management and
control functions as well, without the need for pre-programming
network elements. Such software-intensive networks rely on agreement
on a basic instruction set or primitives rather than consensus on
specific protocols and services. This special issue of IEEE Network will
present an overview of research in this area which is still in the early
stages. A complete list of topics can be found in the call for papers.
Authors are invited to submit hardcopies or electronic files of their
papers to tchen@gte.com. Papers should not exceed twenty double spaced
pages in length, excluding figures and diagrams. More information for
potential authors is available at the IEEE Network Home Page
http://www.comsoc.org/socstr/techcom/ntwrk/.
IEEE Internet Computing Magazine has a
call for papers for topics on Internet computing.
(submissions due July 9, 1997)
IEEE Internet Computing is a new bimonthly magazine from the IEEE
Computer Society designed to help the engineer productively use the
ever expanding technologies and resources of the Internet. Internet
Computing and IC on-line will provide developers and users with the
latest advances in Internet-based computer applications and supporting
technologies such as the World Wide Web, Java programming, and
Internet-based agents. Through the use of peer-reviewed articles as
well as essays, interviews, and roundtable discussions, IC will
address the Internet's widening impact on
engineering practice and society. Topics include system engineering
issues such as agents, agent message protocols, engineering ontologies,
web scaling, intelligent search, on-line catalogs, distributed document
authoring, electronic design notebooks, electronic libraries, security,
remote instruction, distributed project management, reusable service
access and validation, electronic commerce, and Intranets.
Author guidelines are available at
http://www.computer.org/pubs/internet/auguide.htm
Upcoming themes include: Agents (submissions due March 15, 1997),
Intranets (submissions due May 7, 1997), and Internet Economics
(submissions due July 9, 1997).
Theory and Applications of Object Systems (TAPOS):
special issue on Objects, Databases, and the WWW (submissions due
May 31, 1997).
As the Internet and the WWW become preferred media for broadcasting,
content dissemination, data access, personal communications, distance
education, electronic commerce, and other as yet unforeseen
applications, it becomes urgent to explore the interactions between
these new media and other well established technologies for information
access. This special issue will focus on the interaction among object
technology, database systems, and the WWW. The following is a
non-exhaustive list of topics of interest: Object technology on the
web; Accessing databases through the web; The web as a database;
Developing web-centered applications; and Applications. A complete
list of topics of interest alog with submission instructions can be
found in the
call for papers.
Journal of Telecommunication Systems, call for papers for a
special issue on multimedia systems.
(submissions due April 15, 1997).
Multimedia systems and applications have attracted significant
attention during the last few years. The ability to deliver
audio and video to end-users, in addition to data, has created
possibilities which will revolutionize industries ranging from
education and advertising, with applications such as digital
libraries, distant learning, expert advice and real-time video
clip playback, to tele-collaboration, electronic commerce and
entertainment, with such applications as video-conferencing,
telecommuting, video-on-demand, etc.
The Journal of Telecommunication Systems is planning a special
issue on multimedia to address this emerging technology. The
issue will address all issues of multimedia systems with special
focus on issues related to networking and telecommunication
systems. Papers are solicited for this issue in the following
areas (but not limited to): Multimedia information processing
compression/decompression); Multimedia storage and retrieval;
Network issues (QoS, protocols, performance/modeling, etc);
Telecommunication systems requirements for multimedia;
Telecommunication systems architecture and implementation;
Security issues; End-to-end multimedia system architecture;
and Multimedia applications and application design.
More information is available in the
call for papers and on the
journal web page.
ACM Mobile Computing and Communications Review.
The wireless communication
revolution is bringing fundamental changes to telecommunication and
computing. Wide-area cellular systems and wireless LANs promise to
make integrated networks a reality and provide fully distributed and
ubiquitous mobile computing and communications, thus bringing an end
to the tyranny of geography. Furthermore, services for the mobile user
are maturing and are poised to change the nature and scope of
communication. This publication serves to enhance the ability of ACM
SIGMOBILE members to keep up-to-date in this rapidly moving field, as
well as serve as a major focal point for the discussion of new
directions of portable computation and mobile networks for both the
research and market-driven communities. Specific topics of interest
include security, scalability and reliability issues for
mobile/wireless systems. More information can be found at the
web page.
Journal of Intelligent Information Systems (JIIS).
Special Issue on Data Mining. As a young, promising research area
with broad applications, data mining and knowledge discovery in
databases has attracted great interest in the research communities of
database systems, machine learning, statistics, high performance
computing, information retrieval, data visualization, and many others.
Security and social impact of data mining is a topic of interest.
Five hard copies of the paper, with the length limited to 20 pages,
should be submitted by November 1, 1996 to
the conference chair
. Also see web page.
Special Issue of the Journal on Special Topics in Mobile Networking
and Applications .
Journal Web
page. This special issue will concentrate on the problems
associated with mobile and wireless networking in the Internet,
primarily at the network layer and above. Internet security issues are
a relevant topic. Authors should email an electronic Postscript copy
of their paper to one of the guest editors by November 15, 1996.
Submissions should be limited to 20 double spaced pages, excluding
figures, graphs, and illustrations. Submissions can be sent to
perk@watson.ibm.com.
IEEE Software
Papers are solicited for a special issue of IEEE Software to
focus on security and privacy concerns and their impact on software
development. The full announcement
has all details. The goal of this special issue is to:
JCS Special issue on WWW security
.
The special issue of the Journal of Computer Security will
be focused on research and development efforts leading to identify
requirements and viable solutions for WWW security. Two kinds of
papers will be considered: regular papers presenting new research
results, and short papers describing ongoing projects. Editors of the
special issue: Elisa Bertino, Gianpaolo Rossi, and Pierangela
Samarati, Dipartimento di Scienze dell'Informazione, Universita' di
Milano, Via Comelico, 39/41, 20135-Milano, Italy; phone:
+39-2-55006227/257/272; fax: +39-2-55006253; e-mail:
bertino,rossi,samarati@dsi.unimi.it. More information at
http://www.dsi.unimi.it/Users/jcs-www.
Distributed Systems Engineering Journal
Special Issue on Future Directions for
Internet Technology. Contributions are invited on all aspects of
where the Internet is going technically including security. Guest
editors: Dr Brian E. Carpenter (brian@dxcoms.cern.ch,
WWW) and Prof J Crowcroft
(J.Crowcroft@cs.ucl.ac.uk, WWW).
ACM Journal, Wireless Networks
special issue on
Personal Communications. Personal communications provide
communication services anywhere, anytime, with anybody, and in any
form. To implement the personal communications concepts, extremely
sophisticated systems which integrate many diverse technologies are
required. This special focuses on the research and development of
advanced PCS technologies.
Journal of Computer-Mediated Communication (JCMC)
a quarterly electronic journal, has issued a call for papers for a
special issue on electronic commerce, including issues related to
security and privacy. The call for papers can be found at
http://cwis.usc.edu/dept/annenberg/steincfp.html.
Workshop on Data Mining for Counter Terrorism and Security,
(held in conjunction with the Third SIAM International Conference
on Data Mining), San Francisco, CA, USA, May 3, 2003. [posted here 10/15/02]
The purpose of this workshop is to discuss ways in which data mining
and machine learning can be used to analyze data from numerous sources
of high-complexity for the purpose of preventing future terrorist activity.
This is inherently a multidisciplinary activity, drawing from areas such
as intelligence, international relations, and security methodology.
From the data mining and machine-learning world this activity draws
from text mining, data fusion, data visualization, data warehousing,
and high scalability are necessary for a successful endeavor.
Papers in these areas with clear application to the issues of counter
terrorism are particularly solicited. Topics of interest include:
- Methods to integrate heterogeneous data sources, such as text, internet,
video, audio, biometrics, and speech
- Scalable methods to warehouse disparate data sources
-
Identifying trends in singular or group activities
-
Pattern recognition for scene and person identification
-
Data mining in the field of aviation security, port security, bio-security
-
Data mining on the web for terrorist trend detection.
More information can be found on the workshop web page at
http://ic.arc.nasa.gov/~ashok.
Second Annual PKI Research Workshop, NIST, Gaithersburg MD, USA, April 28-29, 2003. [posted here 10/30/02]
This workshop among leading security researchers will explore the issues relevant
to this area of security management, and will seek to foster a long-term research
agenda for authentication and authorization in populations large and small via
public key cryptography. We solicit papers, panel proposals, and participation.
The goals of this workshop are to cross-pollinate existing research
efforts, to identify the key remaining challenges in deploying public key
authentication and authorization, and to develop a research agenda addressing
those outstanding issues.
- What are the key areas in current PKI approaches that need further work?
- For each area, what approaches appear most promising?
- How do the approaches in one area affect the methodologies in other areas?
A complete list of topics of interest and the full call for papers can be found at the
workshop web site at
middleware.internet2.edu/pki03/.
ITCC 2003
International Conference on Information Technology: Coding and Computing,
Las Vegas, Nevada, April 28-30, 2003.
[posted here 6/27/02]
The rapid growth in information science and technology in general and the
complexity and volume of multimedia data in particular have introduced new
challenges for the research community. Of particular interest is the need
for a concise representation, efficient manipulation, and fast transmission
of multimedia data. Applications such as space science, tele-medicine, military,
and robotics deal with large volumes of data which need to be stored and
processed in real time. Topics of interest include:
- Digital Image, Video & Audio Processing - Information Hiding & Video Streaming
- Document Image Analysis
- Data Compression
- Authentication of Video and Audio Data
- Multimedia Computing
- Hybrid Source/Channel Coding
- Systems Interfacing and Integration
- Information Databases
- E-commerce Compressed Data Processing
- Data Storage Platforms
- Optical Data Transmission
- New Architectures for Multimedia Processing
- Graphics and Video Hardware
- Error Control Codes
- Video and Audio Codec Design
- Enterprise Architectures - Enterprise-wide Information Management
- Pervasive Computing
More information can be found on the conference web page at
www.cs.clemson.edu/~srimani/itcc2003/cfp.html.
ICEIS'2003
5th International Conference on Enterprise Information System,
Angers, France, April 23-26, 2003.
[posted here 9/17/02]
The purpose of the 5th International Conference on Enterprise Information
Systems (ICEIS) is to bring together researchers, engineers and practitioners
interested in the advances and business applications of information systems.
Four simultaneous tracks will be held, covering different aspects of Enterprise
Information Systems Applications, including Enterprise Database Technology,
Systems Integration, Artificial Intelligence, Decision Support Systems,
Information Systems Analysis and Specification, Internet Computing and
Electronic Commerce. Human factors issues in the development of these
applications are also considered. ICEIS focuses on real world applications;
therefore authors should highlight the benefits of Information Technology for
industry and services. Ideas on how to solve business problems, using IT,
will arise from the conference. Papers describing advanced prototypes,
systems, tools and techniques and general survey papers indicating future
directions are also encouraged. Both full research reports and work-in-progress
reports are welcome. More information can be found on the conference
web site at www.iceis.org.
BITE2003
The First International Workshop on Business Information Technology
Ethics (in conjunction with ICEIS 2003,
www.iceis.org), Angers, France,
April 22, 2003. [posted here 10/24/02]
"Praxis versus Theory" would best describe the overall theme of this
workshop in IT ethics. Computer ethics is a fledgling discipline that
is top-heavy with practical knowledge but desperately in need of a sound
theoretical base that it can claim as its own. Can original philosophical
theories or novel adaptations of other ethical paradigms better assist us
in improving the lot of professional practice in IT? Or must we always fall
back on the anachronistic greats of Western Philosophy to guide our moral
way through 21st century technologies? This workshop will serve as a forum
to gather researchers, practitioners, students and anyone with an interest
in the development of IT ethics as a means of improving professional practice.
Topics of interest include, but are not limited to:
- The social and cultural effects of IT on business practice
- Security and computer misuse
- Privacy and workplace monitoring
- Cross-cultural issues in IT ethics
- Ethics in project management
- Professional etiquette, standards and codes in IT
- Ethics in electronic commerce
- Empirical studies in IT ethics
- Ethics of software patents
- Professional responsibility in IT
- Corporate governance and IT
- Theoretical issues in IT professional practice
- Innovative training methods in IT ethics for professionals
- Submissions on other allied issues are also welcome
More information can be found on the workshop web page at
www.iceis.org/workshops/bite/bite2003-cfp.html.
IWWST'03
First International Workshop in Wireless Security Technologies,
London, UK, April 15-16, 2003.
[posted here 2/22/03]
Wireless Information Technology Research Centre in collaboration with
the British Computer Society, is organising the First International
Workshop in Wireless Security Technologies, IWWST '03. The complete
call for papers along with other conference information can be found at
http://iwwst.org.uk
CT-RSA 2003
Cryptographers' Track RSA Conference 2003, San Francisco, CA, USA, April 13-17, 2003. [posted here 8/1/02]
Following the success of the two previous editions, the Cryptographers' Track of RSA
Conference 2003 (CT-RSA 2003) will be run as an anonymously refereed conference with
proceedings. Original research papers pertaining to all aspects of cryptography as
well as tutorials or results presented in other conferences are solicited. Submissions
may present theory, techniques, applications and practical experience on topics
including, but not limited to: fast implementations, secure electronic commerce,
network security and intrusion detection, formal security models, comparison and
assessment, tamper-resistance, certification and time-stamping, cryptographic data
formats and standards, encryption and signature schemes, public key infrastructure,
protocols, elliptic curve cryptography, block cipher design, discrete logarithms
and factorization techniques, stream ciphers and Boolean functions, lattice reduction
and provable security. The program committee invites tutorials and research
contributions in the broad area of applications and theory of cryptography.
More information can be found at the workshop web page at
reg2.lke.com/rs3/rsa2003/crypto.html.
IPCCC'2003
The International Performance, Computing, and Communications Conference,
Phoenix, Arizona, USA, April 9-11, 2003 [posted here 9/17/02]
We encourage submission
of high-quality papers reporting original work in both theoretical and
experimental research that address the recent advances in algorithms,
architectures, protocols, wired and wireless network infrastructure, embedded
systems, and distributed and mobile systems and applications. Topics of
interest include, but are not limited to, the following:
- Network Security
- WDM Networks
- Power-aware Design and Computing
- Wireless Networks
- Grid Computing
- Web Server Performance
- Survivable Networks
- Internet Computing
- Performance Evaluation Methodologies
- Mobile and Networked Applications
- Embedded System Design and Integration
- High-Performance Computing
- Storage Systems (file systems, databases)
- Mobile and ad-hoc Networking
- Information Assurance
- Mobile and Ubiquitous Systems
- Network Protocols and Performance
More information can be found on the conference web page at
www.ipccc.org.
CHI2003
ACM Workshop on Human-Computer Interaction and Security Systems,
Fort Lauderdale, Florida, USA April 5 or 6, 2003
(position papers due January 17, 2003) [posted here 11/21/02]
The human factor is often described as the weakest part of a security system
and users are often described as the weakest link in the security chain.
This workshop will seek to understand the roles and demands placed on users
of security systems, and explore design solutions that can assist in making
security systems usable and effective. In addition to examining end-users,
this workshop will also examine the issues faced by security system developers
and operators. Security is a large topic so there are many areas where HCI
is important. Three obvious areas of interest are authentication (passwords,
biometrics, etc.), security operations (intrusion detection, vigilance, policies
and practices, etc.), and developing secure systems (developing for security,
understanding users, installation and operation support, etc.). We are interested
in receiving submissions on these topics, and suggestions of other possible topic
areas are also welcome. Position papers are due January 17, 2003. The
workshop will be held April 5 or 6, 2003 (to be finalized), in Fort Lauderdale,
Florida. The full CFP and other information is available here:
www.iit.nrc.ca/~patricka/CHI2003/HCISEC/.
WITS'03
Workshop on Issues in the Theory of Security (co-located with ETAPS'03),
Warsaw, Poland, April 5-6, 2003. [posted here 11/21/02]
WITS is the official workshop organised by the IFIP WG 1.7 on "Theoretical
Foundations of Security Analysis and Design", established to promote the
investigation on the theoretical foundations of security, discovering and
promoting new areas of application of theoretical techniques in computer
security and supporting the systematic use of formal techniques in the
development of security related applications. Extended abstracts of work
(accepted after selection and) presented at the Workshop are collected and
distributed to the participants. There will be no formally published
proceedings; however, selected papers will be invited for submission to
a special issue of the Journal of Computer Security. Suggested submission
topics include:
- formal definition and verification of the various aspects of
security:
confidentiality, privacy, integrity, authentication
and availability;
- new theoretically-based techniques for the formal analysis and
design of cryptographic
protocols and their manifold applications
(e.g., electronic commerce);
- information flow modeling and its application to the theory of
confidentiality policies,
composition of systems, and covert channel analysis;
- formal techniques for the analysis and verification of code
security, including mobile
code security;
- formal analysis and design for prevention of denial of
service;
- security in real-time/probabilistic systems
- security in coordination languages
The official web page of the conference is at the url
www.dsi.unive.it/IFIPWG1_7/wits2003.html.
SPI 2003
Security and Protection of Information, Brno, Czech Republic, March 28-30, 2003. [posted here 1/3/03]
The call for papers and a list of example topics may be found on the
conference web page at
www.vabo.cz/spi/defaulten.htm.
Speakers desiring to submit papers should e-mail an abstract of at
least 250 words along with a short CV/résumé of the speaker(s) to
Jaroslav Dockal (jaroslav.dockal@vabo.cz) by January 13th, 2003.
More details can be found in the call for papers.
Workshop on Privacy Enhancing Technologies 2003, Dresden, Germany, March 26-28, 2003.
[posted here 7/17/02]
Privacy and anonymity are increasingly important in the online world. Corporations
and governments are starting to realize their power to track users and their behavior,
and restrict the ability to publish or retrieve documents. Approaches to protecting
individuals, groups, and even companies and governments from such profiling and
censorship have included decentralization, encryption, and distributed trust.
The workshop seeks submissions from academia and industry presenting novel research
on all theoretical and practical aspects of privacy technologies, as well as
experimental studies of fielded systems. We encourage submissions from other communities
such as law and business that present their perspectives on technological issues. As
in past years, we will publish proceedings after the workshop. Suggested topics include
but are not restricted to:
- Efficient (technically or economically) realization of privacy services
- Techniques for censorship resistance
- Anonymous communication systems (theory or practice)
- Anonymous publishing systems (theory or practice)
- Attacks on anonymity systems (eg traffic analysis)
- New concepts in anonymity systems
- Protocols that preserve anonymity/privacy
- Models for anonymity and unobservability
- Models for threats to privacy
- Novel relations of payment mechanisms and anonymity
- Privacy-preserving/protecting access control
- Privacy-enhanced data authentication/certification
- Profiling, data mining, and data protection technologies
- Reliability, robustness, and attack resistance in privacy systems
- Providing/funding privacy infrastructures (eg volunteer vs business)
- Pseudonyms, identity, linkability, and trust
- Privacy, anonymity, and peer-to-peer
- Usability issues and user interfaces for PETs
- Policy, law, and human rights -- anonymous systems in practice
- Incentive-compatible solutions to privacy protection
- Economics of privacy systems
- Fielded systems and techniques for enhancing privacy in existing systems
More information can be found on the workshop web page at
www.petworkshop.org/.
The First International Workshop on Information Assurance, Darmstadt, Germany,
March 24, 2003. [posted here 8/13/02]
The IEEE Task Force on Information Assurance is sponsoring a workshop on information
assurance in cooperation with the ACM SIGSAC on research and experience in information
assurance. The workshop seeks submissions from academia and industry presenting novel
research on all theoretical and practical aspects of IA; possible topics include,
but are not limited to the following:
- Information Warfare and Operations
- Network Security
- Operating System Security
- Storage Security
- Intrusion Detection, Prediction, and Countermeasures
- Insider Attack Countermeasures
- Information Sharing in Coalition Settings
- Security Models
- Survivability and Resilient Systems
- Formal Methods for Security
- CCITSE Experience and Methodology
- IA Standardization Approaches
- Specification, Design, Development, and Deployment of IA Mechanisms
Papers with a systems perspective are especially welcome. In addition to the
dissemination of new research, another goal of the workshop is to bring together
researchers and practitioners from both governmental and civilian areas. More information
on the workshop can be found at
www.ieee-tfia.org/iwia2003/ .
SPC-2003
First International Conference on Security in Pervasive Computing,
Boppard, Germany, March 12-14, 2003.
[posted here 6/27/02]
The ongoing compression of computing facilities into small and
mobile devices like handhelds, portables or even wearable computers
will enhance an ubiquitous information processing. The basic paradigm
of such a pervasive computing is the combination of strongly
decentralized and distributed computing with the help of diversified
devices allowing for spontaneous connectivity via the internet.
The objective of this conference is to develop new security concepts
for complex application scenarios based on systems like handhelds,
phones, smartcards, and smart labels hand in hand with the emerging
technology of ubiquitous and pervasive computing. Particular
subjects are methods and technology concerning the identification
of risks, the definition of security policies, and the development
of security measures that are related to the specific aspects of
ubiquitous and pervasive computing like mobility, communication,
and secure hardware/software platforms. More information can be
found on the conference web page at
www.dfki.de/SPC2003.
NDSS'03
The 10th Annual Network and Distributed System Security Symposium,
San Diego, CA, USA, February 5-7, 2002.
[posted here 7/17/02]
The symposium fosters information exchange among research scientists and practitioners
of network and distributed system security services. The target audience includes those
interested in practical aspects of network and distributed system security, with a
focus on actual system design and implementation (rather than theory). A major goal
is to encourage and enable the Internet community to apply, deploy, and advance the
state of available security technology. Topics of interest include:
- Integrating security in Internet protocols: routing, naming, TCP/IP, multicast,
network management, and the Web.
- Intrusion avoidance, detection, and response: systems, experiences and architectures.
- Attack-resistant protocols and services:
* Network perimeter controls: firewalls, packet filters, application gateways
* Virtual private networks
* Public key infrastructure, key management, certification, and revocation
* Secure electronic commerce: e.g., payment, barter, EDI, notarization, time
stamping,
endorsement, and licensing
* Supporting security mechanisms and APIs; audit trails; accountability
* Implementation, deployment and management of network security policies
* Intellectual property protection: protocols, schemas, implementations, metering,
watermarking, digital rights management.
* Fundamental services on network and distributed systems: authentication, data integrity,
confidentiality, authorization, non-repudiation, and availability.
* Integrating security services with system and application security
facilities and protocols: e.g.,
message handling, file transport/access,
directories, time synchronization, data base
management, boot services,
mobile computing
* Security for
emerging technologies: sensor networks, specialized
test beds, wireless/mobile
(and ad hoc) networks, personal
communication systems, and large heterogeneous distributed systems.
* Special problems and case studies: e.g., interplay and tradeoffs
between security and efficiency,
usability, reliability and cost.
* Security for collaborative applications and services: teleconferencing
and video-conferencing,
group work, etc.
More information can be found on the
workshop web page at
www.isoc.org/isoc/conferences/ndss/03/index.shtml.
Workshop on Security and Assurance in Ad hoc Networks (in conjunction with
SAINT2003), Orlando, Florida, USA, January 28, 2003.
[posted here 9/17/02]
This half day workshop aims at providing a forum for the discussion of
security and assurance issues related to ad hoc networks as components
of the Internet. Technical papers describing original research are solicited.
Areas of particular interest include, but are not limited to:
- Security and fault tolerant issues in ad hoc networks
- Secure routing in ad hoc networks
- Applications of mobile agents and autonomous intelligent systems
- Tradeoffs between efficiency and security in ad hoc networks
- Bounds on efficiency in ad hoc networks
- Security protocols for group applications in ad hoc networks
- Self configuration in ad hoc networks
- Location discovery and management
- Timing and synchronization in ad hoc networks
- Secure, distributed algorithms for ad hoc networks
Please consult the Program Co-Chairs Alec Yasinsac (yasinsac@cs.fsu.edu) or
Mike Burmester (burmester@cs.fsu.edu) if you are uncertain whether your paper
falls within the scope of the workshop. Workshop information will be posted at
www.sait.fsu.edu/wsaan2003/.
SAINT2003
2003 Symposium on the Internet and Applications,
Orlando, Florida, USA, January 27-31, 2003. [posted here
3/15/02]
THEME: The Evolving Internet. The Symposium on Applications and the
Internet focuses on emerging and future Internet applications and
their enabling technologies. The symposium provides a forum for
researchers and practitioners from the academic, industrial, and
public sectors, to share their latest innovations on Internet
technologies and applications. Areas of particular interest include,
but are not limited to:
- Internet Agents
- Collaboration Technology: Groupware & telepresence and Internet communities
- Internet Content Management Systems: XML and semi-structured data,
information fusion, web-based databases, and data mining.
- Internet Content Delivery: web caching, multimedia, adaptations, QoS
- E-Business: infrastructure for e-services, brokering, negotiation,
B2B, Internet workflow, and virtual enterprise.
- Wireless and Mobile Internet: content adaptation, e-services, mobile
commerce
- Standards for Internet Applications: XML, SOAP, UDDI, WSDL, WSFL,
ebXML, Java, .NET, Sun One, others.
- GRID Computing
- Internet Appliances: smart phones, PDAs, sensor networks, smart home, etc.
- Novel Internet Applications
- Internet Security
- Network and Protocol Architecture
- Internet Operation and Performance
Information for prospective authors, including paper format and submission
instructions can be found in the symposium web page at
www.saint2003.org.
HICSS-36
Secure and Survivable Software Systems (Part of the Software Technology Track),
Big Island, Hawaii, USA, January 6-9, 2003. [posted here 3/28/02]
The focus of this minitrack is security and survivability in large, non-trivial,
software systems, with an emphasis on the last phases of the four stage
survivability model consisting of Resistance, Recognition, Recovery, and
Adaptation. Papers on Resistance and Recognition that address the need or
capacity for safety critical software systems to “fail-safe” and “fail-secure”
are also desired. Submissions will be sought from researchers in the area of
system survivability, software dependability, computer and network security,
fault-tolerance and intrusion tolerance, and economic or statistical modeling
of secure/survivable systems. Main minitrack topics include but are not limited to:
- System or software survivability
- Safety critical failure modes
- Network or system intrusion tolerance
- Modeling malicious behavior or attacks
- Mathematical models for verification of vulnerability to malicious acts
- Models for measurement, evaluation, or validation of survivability
- Software fault tolerance
- Design for dependability and/or survivability
- PRA and hybrid fault models accounting for malicious acts and events
More information can be found on the HICSS-36 conference web site is at www.hicss.hawaii.edu/ and the miitrack web site at
www.cs.uidaho.edu/~krings/HICSS36/HICSS36-cfp.htm
PKC2003
The Sixth International Workshop on Practice and Theory in Public Key
Cryptography, Miami, Florida, USA, January 6-8, 2003. [posted here 6/24/02]
PKC is the main annual workshop focusing on research on all aspects of public
key cryptography. PKC 2003 will for the first time be an IACR workshop.
Topics of interest include:
-
Certification and Time-stamping
- Computational Complexity Aspects
-
Cryptanalysis
- Discrete Logarithm
-
Electronic Cash/Payment
- Elliptic Curve Cryptography
-
Encryption Schemes
- Fast Implementations
-
Integer Factorization
- International Standards
-
Lattice Reduction
- Provable Security
-
Public Key Infrastructure
- Secure Electronic Commerce Signature Schemes
Further details are available at:
www.sait.fsu.edu/pkc2003.
BCS-FACS British Computer
Society Formal
Aspects of Security, Royal Holloway, University of London, UK,
December 19-20, 2002.
[posted here 7/17/02]
To celebrate its 25th Anniversary, the BCS-FACS (British Computer Society - Formal
Aspects of Computing) Specialist Group is planning to organize several events over
the next two years. The main aim is to highlight the use of formal methods, emphasize
their relevance to modern computing, and promote their wider applications. Papers
offering research contributions in formal aspects of computer security are solicited
for FASec. Topics of interest include:
-
Frameworks for formulating security requirements
-
Access control: requirements, models, mechanisms, and extensions
-
Theoretical foundations for access control models
-
Formal models for security management: keys, data integrity, accounting and audit.
-
Theoretical foundations of network and distributed systems security.
-
Specification, analysis, and verifications of cryptographic protocols.
- Theory of information flow.
-
Secure networking: authentication and intrusion detection.
-
Security for mobile code
-
Access control in distributed and mobile systems
-
Proof carrying code and byte-code verification
-
Smart-cards and secure PDAs
-
Safety and security: analogies and differences
-
Case studies and critical evaluations of formal methods for security
-
Tools based on formal methods for security requirements, analysis, and verification.
More information can be found on the workshop web page at
www.bcs-facs.org/.
ACSAC2002
18th Annual Computer Security Applications Conference, Las Vegas, Nevada, USA,
December 9-13, 2002. [posted here 3/16/02]
This internationally recognized conference provides a forum for experts in
information system security to exchange practical ideas about solving these
critical problems. We are looking for papers, panels and tutorials that address:
- Access control -Cryptographic protocols and applied cryptography
- Database Security - Denial of service protection
- Electronic commerce security - Firewalls and other boundary control devices
- Forensics - Identification and Authentication
- Information Survivability - Middleware and distributed systems security
- Mobile Security - Network security
- Operating systems security - PKI and certificate management
- Risk/vulnerability assessment - Intrusion detection
- Security engineering - Security against malicious mobile code
See the conference web page at www.acsac.org for details on submitting papers
and tutorial proposals.
ICISC
2002 Fourth International Conference on Information and
Communications Security, Kent Ridge Digital Labs, Singapore, December
9-12, 2002. [posted here
1/7/02]
Original papers on all aspects of information and communications security
are solicited for submission to ICICS’02. Areas of interests include but
not restricted to the following:
- Access Control Authentication and Authorization
- Biometric Security Cryptology
- Database Security Distributed System Security
- Electronic Commerce Security Fraud Control
- Information Hiding and Watermarking Intellectual Property Protection
- Internet and Intranet Security Intrusion Detection
- Key Management and Key Recovery Mobile System Security
- Network Security Operating System Security
- Protocols and Their Analysis Risk Evaluation and Security Certification
- Security Modeling and Architecture Virus and Worms
More information can be found on the conference web page at
www.krdl.org.sg/General/conferences/icics/Homepage.html.
ASIACRYPT
2002 Queenstown, New Zealand, December 1-5, 2002. [posted here 9/30/01]
Original papers on all technical aspects of cryptology are solicited for submission
to Asiacrypt 2002. The conference is organized by the International Association for
Cryptologic Research (IACR). Submissions must not substantially duplicate work that
any of the authors has published elsewhere or has submitted in parallel to any other
conference or workshop that has proceedings. More information can be found on the
conference web page at www.sis.uncc.edu/ac02.
WPES ACM Workshop on
Privacy in the Electronic Society (in association with 9th ACM Conference
on Computer and Communication Security), Washington, DC, USA, November 21, 2002 [posted here 5/28/02]
The increased power and interconnectivity of computer systems
available today provide the ability of storing and processing large
amounts of data, resulting in networked information accessible from
anywhere at any time. It is becoming easier to collect, exchange,
access, process, and link information. The goal of this workshop is to
discuss the problems of privacy in the global interconnected societies and
possible solutions to it. Topics of interest include, but are not
limited to:
- anonymity, pseudonymity, and unlinkability
- business model with privacy requirements
- data protection from correlation and leakage attacks
- electronic communication privacy
- information dissemination control
- privacy-aware access control
- privacy in the digital business
- privacy enhancing technologies
- privacy policies and human rights
- privacy and anonymity in Web transactions
- privacy threats
- privacy and confidentiality management
- privacy in the electronic records
- privacy in health care and public administration
- public records and personal privacy
- privacy and virtual identity
- personally identifiable information
- privacy policy enforcement
- privacy and data mining
- relationships between privacy and security
- user profiling
- wireless privacy
More information about the conference can be found at seclab.dti.unimi.it/~wpes.
SACT
First ACM Workshop on Scientific Aspects of Cyber Terrorism (in conjunction
with the ACM Conference on Computer and Communication Security), Washington,
DC, USA, November 21, 2002. [posted here 5/16/02]
The goal of this workshop is to address scientific contributions to understand
cyber terrorism and to fight cyber terrorism. Examples of possible topics of
interest include: methods to identify the most critical infrastructures,
methods to detect cyber terrorist attacks, methods to protect against cyber
terrorism (including survivability, quorum systems, PKI). Submissions should
clearly identify the relationship with cyber terrorism. Submissions on
cryptography/information security without proper motivation how these can be
used to address scientific issues on cyber terrorism will be rejected.
Non-scientific talks (such as surveys on efforts by different countries on
addressing cyber terrorism) will only be accepted if space permits. Talks
about political and non-scientific talks are not the main goal of the
workshop. Further details are available at www.sait.fsu.edu/sactworkshop/sact.html
DRM 2002
ACM Workshop on Digital-Rights Management (in conjunction with the
9th Annual ACM CCS Conference), Washington DC, USA,
November 18, 2002. [posted here 7/18/02]
The 2002 ACM Workshop on Digital-Rights Management (DRM 2002) will be held
on November 18, 2002 in Washington DC, in conjunction with the 9th Annual
ACM CCS Conference. The DRM 2002 submission deadline is August 1, 2002;
submissions on all technical, legal, and business aspects of DRM are solicited.
Additional information and submission instructions can be found at
crypto.stanford.edu/DRM2002/
CCS 2002 9th ACM
Conference on Computer and Communication Security, Washington DC, USA,
November 17-21, 2002. [posted here 3/15/02]
Papers offering novel research contributions in any aspect of computer
security are solicited for submission to the Ninth ACM Conference on Computer
and Communications Security. The primary focus is on high-quality original
unpublished research, case studies, and implementation experiences.
Papers should have practical relevance to the construction, evaluation,
application, or operation of secure systems. Theoretical papers must make
convincing argument for the practical significance of the results. Theory
must be justified by compelling examples illustrating its application.
Topics of interest include:
- access control
- security for mobile code
- cryptographic protocols
- key management
- information warfare
- authentication
- applied cryptography - e-business/e-commerce
- privacy and anonymity
- secure networking
- accounting and audit
- data/system integrity
- intrusion detection
- security management
- security verification
- database and system security
- smart-cards and secure PDAs
- inference/controlled disclosure
- intellectual property protection
- commercial and industry security
See the conference web site at www.acm.org/sigs/sigsac/ccs
for details on submitting a paper
IICIS 2002
Fifth IFIP TC-11 WG 11.5 Working Conference on Integrity and Internal
Control in Information Systems - New Perspectives from Academia and
Industry, Bonn, Germany, November 11-12, 2002. [posted here 3/28/01]
Confidentiality, integrity and availability are high-level objectives of IT
security. The IFIP TC-11 Working Group 11.5 has been charged with exploring
the area of the integrity objective within IT security and the relationship
between integrity in information systems and the overall internal control
systems that are established in organizations to support corporate
governance codes. This working conference series follows its tradition to
establish the basis for an ongoing dialog between IT security specialists
and internal control specialists so that both may work more effectively
together to assist in creating effective business systems in the future.
The goals for this conference are to find an answer to the following questions:
- what is the status quo of research and development in the area of integrity
and internal control
- where are the gaps between business needs on the one hand and research and
development
on the other and what needs to be done to bridge these gaps
- what precisely do business managers need to have confidence in the integrity
of their
information systems and their data
More information can be found on the conference web page http://www.db.cs.ucdavis.edu/IICIS2002/
NORDSEC2002
7th Nordic Workshop on Secure IT Systems, Karlstad University, Sweden,
November 7-8, 2002. [posted here 3/17/02]
The NordSec workshops were started in 1996 with the aim of bringing together researchers
and practitioners within computer security in the Nordic countries. The theme of the
workshops has been applied security, i.e., all kinds of security issues that could
encourage interchange and cooperation between the research community and the
industrial/consumer community. A main theme of NordSec 2002, to which a special track
within the workshop will be devoted, is Privacy Enhancing Technologies. NordSec 2002
will also specifically address the areas of Software Engineering and Quality of Service
in relation to IT security. Possible topics include, but are not limited to the following:
- Privacy and Privacy Enhancing Technologies
- Wireless Communication Security
- Inter/Intra/Extranet Security
- Security Protocol Modeling and Analysis
- E-and M-Business Security
- New Firewall Technologies
- Secure Infrastructures; TTP, PKI, Key Escrow/Recovery
- Computer Crime and Information Warfare
- Detecting Attacks, Intrusions and Computer Misuse
- Smart Card Applications
- Security Management and Audit
- Security Evaluations and Measurements
- Security in Commercial off-the-shelf Products, COTS
- Operating System Security
- Security Models
- New Ideas and Paradigms for Security
- Security Education and Training
- Quality of Service or Software Engineering in Relation to Security
More information can be found on the conference web page at www.cs.kau.se/nordsec2002.
ACSA Workshop on the Application of Engineering Principles to System
Security Design, Boston, MA, USA, November 6-8, 2002 [posted here
7/29/02]
The Applied Computer Security Associates (ACSA) is sponsoring a workshop
to examine engineering fundamentals, the principles and practice of
designing and building secure systems. The workshop will look at where we
have been in security engineering (formal methods, Orange book, Common
Criteria, penetrate and patch, Certification and Accreditation, Defense in
Depth) and where we should go. The workshop will consider such questions and
issues as:
- How can we do better at engineering secure systems?
- Do we need new paradigms?
- Have we not done a good job in applying the old techniques?
- Is the real problem just bad software engineering, not bad
security engineering?
- Is the problem poor maintenance, rather than poor
engineering?
- Is "Defense in Depth" a meaningful engineering concept or is
it bumper sticker engineering?
- Have we forgotten the past?
- Are we failing to teach new security engineers what we know?
The goal of the workshop is to begin a process of serious thinking about
these important issues. The output of the workshop will be a collection of
essays and technical papers on the issues discussed in the workshop. The
papers will be available on-line to the community. ACSA's intent is that the
output of the workshop becomes the kernel for a growing on-line collection
of theory, principles, and practice of security engineering. Over time this
site will maintain our history, our lessons learned, and principles for
getting it right the first time. More information can be
found on the workshop web page at
www.acsac.org/waepssd/cfp.html.
LawTech2002
ISLAT International Conference on Law and Technology, Cambridge, Massachusetts, USA,
November 6-8, 2002. [posted here
4/15/02]
This conference is an international forum for lawyers and engineers
interested in understanding the latest developments and implications of
technology in the field of law. It is an opportunity to exchange ideas and
information related to the intersection of these two areas. The conference
will address both the legal ramifications of new technology and how
technology advances the field of law. All papers submitted to this
conference will be peer reviewed by at least two members of the
International Program Committee. Acceptance will be based primarily on
originality and contribution. The full call for papers and an extensive
list of topics, including issues related to security and privacy, can
be found on the workshop web page at www.islat.org.
CCN 2002
IASTED International Conference on Communications and Computer Networks, Massachusetts
Institute of Technology, Cambridge, Massachusetts, USA, November 4-6, 2002.
[posted here 6/24/02]
This conference is an international forum for researchers and practitioners
interested in the advances and applications of computers and communications
networks including wireless and mobile communications. It is an opportunity
to present and observe the latest research, results, and ideas in these areas.
CCN 2002 will be held in conjunction with the IASTED International Conference
on "Parallel and Distributed Computing and Systems (PDCS 2002)" and
"Software Engineering and Applications (SEA 2002)". A complete list of
topics along with instructions for submitting a paper or a tutorial proposal
can be found on the conference web site at
www.iasted.org/conferences/2002/cambridge/ccn.htm.
Compsec2002
19th World Conference on Computer Security, Audit and Control,
London, UK, October 30-November 1, 2002.
[posted here 7/29/02]
The conference comprises over 50 presentations and interactive workshops
arranged within four parallel streams covering management concerns, infrastructure,
law and ethics, technical issues and case studies. Full programme and registration
information is available via the conference website at
www.compsec2002.com.
RAID'2002
Fifth International Symposium on Recent Advances in Intrusion Detection,
Zurich, Switzerland, October 16-18, 2002 (Held in conjunction with
Esorics 2002). [posted here 2/25/02]
This symposium, the fifth in an annual series, brings together
leading figures from academia, government, and industry to discuss
state-of-the-art intrusion detection technologies and issues from the
research and commercial perspectives. The RAID International Symposium
series is intended to further advances in intrusion detection by
promoting the exchange of ideas in a broad range of topics. The RAID 2002
program committee invites three types of submissions:
- Full papers presenting mature research results. Full papers accepted
for presentation at the Symposium will be published in the RAID 2002
proceedings published by Springer Verlag in its Lecture Notes in
Computer Science (LNCS) series.
- Extended abstracts presenting work-in progress, case studies and
implementation experiences. We welcome basically any type of
submission that is of general interest to the audience. Extended
abstracts accepted for presentation at the Symposium will be
published on the RAID web site.
- Panel proposals for presenting and discussing interesting topics in
the field of intrusion detection.
More information can be found on the conference web page at:
www.raid-symposium.org/raid2002/.
SREIS2002
Second Symposium on Requirements Engineering for Information Security,
Raleigh, North Carolina, USA, October 15-16, 2002. [posted here 1/11/02]
The second symposium on requirements engineering for information security
invites papers on a diversity of topics, particularly ones that point out new
directions. Theoretical, experimental, and experience papers are all
welcome. SREIS provides researchers and practitioners from various disciplines
with a highly interactive forum to discuss security and privacy-related
requirements. Specifically, we encourage attendance from those in the fields of
requirements engineering, software engineering, information systems, information
and network security and trusted systems as well as those interested in approaches
to analyzing, specifying, and testing requirements to increase the level
of security provided to users interacting with pervasive commerce,
research and government systems. Topics of interest include, but are not limited
to the following:
- solutions to known RE problems as applied to security and privacy
- RE for confidentiality, integrity, and availability
- industrial problem statements
- generalizations from individual industrial experiences
- RE for trusted Commercial Off-The-Shelf (COTS) systems
- empirical studies of industrial RE practice
- capture and expression of informal and ad hoc requirements
- managing conflicting requirements of operational effectiveness and
security
- methods for the specification and analysis of security requirements
- methods for ensuring compliance between requirements and policies
Information for authors about how to submit a paper will be available
via the symposium URL: www.sreis.org.
For additional information
contact: sreis-inf@cerias.purdue.edu
. The SREIS will be followed by the Second Annual Government-Industry
Forum on Strategies for the Development of Security Requirements and Security
Specifications for Critical Information Technologies. The forum, hosted
by the National Institute of Standards and Technology (NIST) will take place
on October 17, 2002 from 9:00 A.M. to 5:00 P.M. For further information,
please contact Dr. Ron Ross at (301) 975-5390 or rross@nist.gov.
ESORICS 2000 7th
European Symposium on Research in Computer Security, Zurich, Switzerland,
October 14-16, 2002.
[posted here 1/3/02]
ESORICS is the European research event in computer security with
audience from both the academic and industrial communities. For
background information about the symposium, and an html version of
this Call for Papers, see the ESORICS 2002 home page www.esorics2002.org. We are interested in papers that may present
theory, technique, applications, or practical experience on topics
related to information security, privacy and dependability.
The primary focus is on high-quality original unpublished research,
case studies and implementation experiences. We encourage submissions
of papers discussing industrial research and development.
Critical Systems Development with UML, Dresden, Germany,
September 30, 2002. [posted here
6/27/02]
The high quality development of critical systems (be it real-time,
security-critical, dependable/safety-critical, performance-critical, or
hybrid systems) is difficult. Many critical systems are developed, fielded,
and used that do not satisfy their criticality requirements, sometimes with
spectacular failures. The workshop aims to gather practitioners and
researchers to contribute to overcoming these challenges. Topics of
interest include:
- Applications of UML to: real-time systems, security-critical systems,
dependable / safety-critical systems, performance-critical systems,
embedded systems,
hybrid systems, and reactive systems
- Extensions of UML (UML-RT, UMLsec, Automotive UML, Embedded UML, ...)
- Using UML as a formal design technique for the development of critical
systems
- Critical systems development methods
- Modeling, synthesis, code generation, testing, validation, and
verification of critical systems
using UML
- Case studies and experience reports
More information can be found on the workshop web page at
www4.in.tum.de/~csduml02/.
Workshop on Socially-Informed Design of Privacy-enhancing Solutions in Ubiquitous
Computing (in conjunction with UBICOMP'2002), GÖTEBORG, Sweden, September 29, 2002.
[posted here 7/17/02]
Privacy-enhancing solutions, both technical and social, are needed to drive development
of ubiquitous computing in a socially acceptable direction. The goal of this workshop
is to develop an understanding of how social studies can inform the design and evaluation
of privacy-enhancing solutions (technical approaches and complementary social mechanisms)
in ubicomp. This workshop aims to provide a forum for ubicomp system developers,
security researchers, social scientists, legal experts and consumer privacy advocates
to collaboratively explore the future of socially-informed privacy-enhancing solutions
in ubiquitous computing. Questions from other disciplines other than computer science
(e.g., economics, sociology, law, public policy) will also contribute significantly
to the workshop. Topics of interest of this workshop include, but are not limited to:
Incentives; Contextual Factors; Trust; Metrics and Inspection; and Design Principles
and Solutions. Papers should be submitted to in PDF or MS Word format on or before
August 18, 2002 to xdjiang@cs.berkeley.edu.
It is recommended that authors limit their submissions to no more than 6 pages, A4 or
letter size. More information can be found at
guir.berkeley.edu/privacyworkshop2002.
CNS'02 2002
International Workshop on Cryptology and Network Security, San Francisco,
CA, USA, September 26-28, 2002. [posted here 2/18/02]
(CNS02) is to be held in conjunction with The 8th International
Conference on Distributed Multimedia Systems (DMS'2002) in San Francisco,
California, in September 2002. Original papers on all aspects of
cryptology and network security are solicited for submission to the
workshop. Both theoretical research papers in cryptology and research
results from practical applications in network security related areas are
welcome. Topics covered by the workshop will include, but are not limited
to, the following:
- Cryptography and cryptanalysis algorithms
- Authentication and digital signatures
- Client/Server system security
- Network security issues and protocols
- Web security
- Mobile agent security
- PKI
- Security architectures
- E-commerce security
- Information hiding and multimedia watermarking
- System intrusion protection and detection.
- Information security applications
More information can be found from: cs.anu.edu.au/~Chuan.Wu/conference/cns02_cfp.html
or contact Dr Chuan-Kun Wu, email: Chuan.Wu@cs.anu.edu.au
CMS2002 The Seventh IFIP
Communications and Multimedia Security Conference, Portoroz, Slovenia,
September 26-27, 2002. [posted here 12/7/01]
CMS 2002 is the seventh working conference on Communications and Multimedia
Security since 1995. State-of-the-art issues as well as practical experiences
and new trends in the areas will be the topics of interest again, as proven
by preceding conferences. Topics of interest include, but are not limited to
- Applied cryptography
- Biometry
- Combined multimedia security
- Communications systems security
- Cryptography - steganography
- Digital signatures
- Digital watermarking
- Internet, intranet and extranet security
- Legal, social and ethical aspects of communication systems security
- Mobile communications security
- Multimedia systems security
- New generation networks (NGN) security
- Possible attacks on multimedia systems
- Secure electronic commerce
More information can be found on the conference web page at:
www.setcce.org/cms2002/,
or contact: Prof. Borka Jerman-Blazic / Institut Jozef Stefan / Jamova 39 / SI-1000 Ljubljana
/ Slovenia / e-mail: cms02@setcce.org.
NSPW2002
New Security Paradigms Workshop, Virginia Beach, Virginia, USA, September 23-26,
2002. [posted here 1/16/02]
For ten years the New Security Paradigms Workshop has provided a
productive and highly interactive forum for innovative new approaches to
computer security. The workshop offers a constructive environment for
experienced researchers and practitioners as well as newer participants in
the field. The result is a unique opportunity to exchange ideas. NSPW 2002
will take place September 23 - 26, 2002 at the Founders Inn, Virginia Beach,
Virginia, about 2.5 hours from Washington, DC. The complete CFP is at
www.nspw.org.
ECC2002
The 6th Workshop on Elliptic Curve Cryptography, University of Essen, Essen, Waterloo
September 23-25, 2002. [posted here 4/8/02]
ECC 2002 is the sixth in a series of annual workshops dedicated to the
study of elliptic curve cryptography and related areas. The main themes
of ECC 2002 will be:
- The discrete logarithm and elliptic curve discrete logarithm problems.
- Efficient parameter generation and point counting.
- Provably secure cryptographic protocols for encryption, signatures
and key agreement.
- Efficient software and hardware implementation of elliptic curve
cryptosystems.
- Deployment of elliptic curve cryptography.
There will be approximately 15 invited lectures (and no contributed
talks), with the remaining time used for informal discussions. There
will be both survey lectures as well as lectures on latest research
developments. If you did not receive this announcement by email and
would like to be added to the mailing list for the second announcement,
please send email to ecc2002@math.uwaterloo.ca.
The announcements are
also available from the web sites: www.exp-math.uni-essen.de/~weng/ecc2002.html
and www.cacr.math.uwaterloo.ca
Workshop on Computer Forensics, Center for Secure and Dependable Systems,
University of Idaho, Moscow, Idaho, USA, September 23-25, 2002. [posted here 7/18/02]
This workshop is intended to provide a broad-spectrum approach to Computer
Forensics and to increase interactions between Information Security faculty,
students and practitioners. Speaker and presentation topics include
performing detailed analysis of systems, use of forensic evidence in the
legal system, tools available for forensic analysis, international
complications, and a corporate perspective. The first day will include a
tutorial on forensics by Dr. Sujeet Shenoi and the forensics team from the
University of Tulsa. The second day will feature subject experts presenting
on aspects of forensics, and the third day will have presentations from
researchers and practitioners. See the workshop web site for details at
www.csds.uidaho.edu/workshop/forensics.
ILPF 2002
The Annual Internet Law & Policy Forum Conference,
Seattle, WA, USA, September 17-19, 2002.
[posted here 6/23/02]
The Internet Law & Policy Forum is holding its annual conference on the topic
of Security v. Privacy on September 18-19, 2002 in Seattle, Washington. This
conference will explore the synergies and conflicts, both real and imagined,
between these two important policy objectives and the laws written to promote
them. On one hand, privacy is a critical element of maintaining data integrity,
which is one key security issue. On the other hand, the governmental need to
find and stop lawbreakers is facilitated by the ready access to a broad scope
of information. The conference will have a privacy track and a security track,
where speakers will explore key issues and concerns in the respective areas.
Some of the topics covered in these panels include: Privacy Global Survey:
Legislative Regimes and Cross-Cultural Dimensions; Practicalities of Compliance
with Law Enforcement Requests; Identifying and Selecting Appropriate
Authentication Options. Plenary sessions will cover topics from both perspectives.
More information can be found at the conference web page at
www.ilpf.org/conference2002.
SCN'02
The Third Workshop on Security in Communication Networks,
Amalfi, Italy, September 12-13, 2002.
[posted here 4/23/02]
SCN '02 aims at bringing together researchers in the field of security in
communication networks to foster cooperation and exchange of ideas. Papers
are solicited on all technical aspects of data security including:
- Anonymity -
Implementations
- Authentication -
Key Distribution
- Block Ciphers -
Operating Systems Security
- Complexity-based Cryptography -
Privacy
- Cryptanalysis -
Protocols
- Digital Signatures -
Public Key Encryption
- Electronic Money -
Public Key Infrastructure
- Hash Functions -
Secret Sharing
- Identification -
Survey and state of the art
More information can be found on the workshop web page at www.dia.unisa.it/SCN02/
IASTED'2002
IASTED Conference on Conference on Communication Systems and Networks,
Malaga, Spain, September 9-12, 2002. [posted here 12/27/01]
This conference is an international forum for researchers and practitioners interested in the advances in, and applications of,
networks and communication systems. This conference will be comprised of the following
four Symposia: Telecommunications Technology, Optical Communication Systems, Wireless Networks, and Satellite Communications and Antennas.
More information on areas of interest and complete instructions for
submitting a paper or tutorial proposal can be found at the conference web
site at: www.iasted.org and www.iasted.org/conferences/2002/spain/submit-371.htm
Trust and Privacy in Digital Business (on conjunction with
DEXA 2002), Aix-en-Provence, France,
September 2-6, 2002. [posted here 11/20/01]
The Internet and the powerful WWW have created a tremendous opportunity to
conduct business electronically. However, the lack of trust in electronic
procedures as well as the diversity of threatens to users' privacy are the major
inhibitors for a full deployment of digital business.
The purpose of this workshop is twofold: First, all issues of digital business,
focusing on trust and privacy problems will be discussed. Second, the workshop
will be a forum for the exchange of results and ongoing work performed in R&D
projects. Authors are invited to submit papers describing both theoretical and
practical work to: trustbus02@wi-inf.uni-essen.de or trustbus02@lcc.uma.es.
Papers accepted for presentation will be published by IEEE Computer Society
Press as proceedings of the DEXA'02 workshops. More information can
be found on the workshop web site at www.wi-inf.uni-essen.de/~dexa02ws/
WISA2002 The 3rd
International Workshop on Information Security Applications,
Jeju Island, Korea, August 28-30, 2002.
[posted here 3/16/02]
The areas of interest include, but are not limited to:
- Electronic Commerce Security
- Electronic Cash
- Smart Card Security
- Public Key Infrastructure
- Advanced Intrusion Detection System and Firewall
- Virtual Private Network
- Mobile Security
- Security Management
- Active Security
- Information Warfare
- Biometrics
- Digital Rights Management
- Optical Security
- Anti-Virus
Please see the conference web page at
icns.ewha.ac.kr/wisa2002 for details
on submitting papers.
CYRPTO'2002
The Twenty-Second Annual ICAR Crypto Conference, Santa Barbara, Ca, USA,
August 18-22, 2002. [posted here 2/13/02]
Original research papers on all technical aspects of cryptology are
solicited for submission to Crypto 2002, the Twenty-Second Annual IACR
Crypto Conference. Crypto 2002 is sponsored by the International
Association for Cryptologic Research (IACR), in cooperation
with the IEEE Computer Society Technical Committee on Security and
Privacy, and the Computer Science Department of the University of
California, Santa Barbara. Program Chair:
Moti Yung (moti@cs.columbia.edu).
General Chair: Rebecca N. Wright
(crypto2002@iacr.org)
www.iacr.org/conferences/crypto2002/
WTCP'2002
Workshop on Trusted Computing Paradigms (in conjunction with ICPP-2002),
Vancouver, British Columbia, Canada, August 18-21, 2002. [posted here 12/10/01]
The information technology revolution has changed the way business is
transacted, government operates, and national defense is conducted. Those
three functions now depend on an interdependent network of critical
information infrastructures. To build the secure and reliable systems
required for our increasingly mobile, interconnected information-technology
enabled society, research is needed to develop the large-scale information
systems of the future such that they not only behave as expected, but,
more importantly, continue to produce expected behavior against security
breaches and hostile attacks. Moreover, we must ensure that any service
disruptions that occur are infrequent, of minimal duration, manageable,
and cause the least damage possible. The aim of this workshop is to
consolidate state-of-the-art research in this area. Fundamental research
articles and practical experience reports are solicited. Topics of interest
include, but are not limited to:
- Specification, Design, Development, and Composition of Trustworthy Components
- Modeling, Analyzing, and Predicting Trust Properties of Systems and Components
- Policies and Standards for Building and Operating Trusted Systems and Components
- Assessment of Tradeoffs in Trustworthy System Design
- Personal Information Management in a Trustworthy Environment
- Management of Heterogeneous Trusted Computing Technologies
- Cyber Attack Prediction and Detection
- Information Operations to include Mining, Recovery, Security, and Assurance
- Secure and Safe Access to Autonomous Services and Applications
- Trusted Computing in Agent-based Environments
- Trusted Computing in Mobile and Wireless Environments
More information can be found on the conference web site at
www.cs.odu.edu/~wadaa/ICPP02/WTCP/
The 11th USENIX
Security Symposium, San Francisco, CA, USA, August 5-9, 2002. [posted here 12/7/01]
The USENIX Security Symposium program committee seeks
refereed paper
submissions in all areas relating to system and network security. If you are working in any practical aspects of security or applications of
cryptography, we would like to urge you to submit a paper. For more details on the submission process, authors are encouraged to consult the detailed author guidelines at:
www.usenix.org/events/sec02/cfp/
The Sixteenth Annual IFIP WG 11.3 Working Conference on Data and Application Security,
King's College, University of Cambridge, UK, July 29-31, 2002.
[posted here 9/22/01]
The conference provides a forum for presenting original unpublished research results,
practical experiences, and innovative ideas in data and applications security. Papers
and panel proposals are solicited. The conference is limited to about forty participants
so that ample time for discussion and interaction may occur. Additional information and
a list of topics can be found at
www.cis.utulsa.edu/ifip02. The conference location can be explored at
http://www.kings.cam.ac.uk/
and the WG 11.3 home page is at
sansone.crema.unimi.it/~ifip113.
FCS'02
LICS Satellite Workshop on Foundations of Computer Security, Copenhagen,
Denmark, July 26, 2002. [posted here 2/12/03]
Computer security is an established field of Computer Science of both
theoretical and practical significance. In recent years, there has been
increasing interest in logic-based foundations for various methods in
computer security, including the formal specification, analysis and design of
cryptographic protocols and their applications, the formal definition
of various aspects of security such as access control mechanisms, mobile
code security and denial-of-service attacks, and the modeling of information
flow and its application to confidentiality policies, system composition,
and covert channel analysis. The aim of this workshop is to provide a forum
for continued activity in this area, to bring computer security researchers in
contact with the FLoC community, and to give FLoC attendees an opportunity to
talk to experts in computer security. We are interested both in new results in
theories of computer security and also in more exploratory presentations that
examine open questions and raise fundamental concerns about existing theories.
Possible topics include, but are not limited to:
- Formal specification
cryptographic protocols and applications
- Foundations of verification
confidentiality and authentication
- Logic-based design
integrity and privacy
- Information flow analysis
availability and denial of service
- Security models
-for-
security policies
- Language-based security
covert channels
- Static analysis mobile code
- Composition issues
intrusion detection
- Statistical methods
malicious code confinement
More information can be found at the workshop web page: floc02.diku.dk/FCS/
VERIFY'02
Verification Workshop, in connection with CADE at FLoC
2002, Copenhagen, Denmark,
July 25-26, 2002. [posted here 1/16/02]
The aim of this verification workshop is to bring together people who
are interested in the development of safety and security critical
systems, in formal methods in general, in automated theorem proving, and
in tool support for formal developments. The overall objective of
VERIFY is on the identification of open problems and the discussion of
possible solutions under the theme "What are the verification problems?
What are the deduction techniques?". Topics include (but are not limited
to):
+ Access control
+ Protocol verification
+ ATP techniques in verification
+ Refinement & decomposition
+ Case studies (specification & verification)
+ Reuse of specifications & proofs
+ Combination of verification systems
+ Safety critical systems
+ Compositional & modular reasoning
+ Security for mobile computing
+ Fault tolerance
+ Security models
+ Gaps between problems & techniques
+ Verification systems
+ Information flow control
Information on submitting papers and panel proposals can be found on the
workshop web page at www.ags.uni-sb.de/verification-ws/verify02.html.
CSFW15 15th IEEE Computer Security Foundations Workshop, Keltic Lodge, Cape Breton,
Nova Scotia, Canada, June 24-26, 2002. [posted here 10/19/01]
This workshop series brings together researchers in computer science to
examine foundational issues in computer security. For background
information about the workshop, and an html version of this Call for
Papers, see the CSFW home page www.csl.sri.com/csfw/index.html
We are interested both in new results in theories of computer security and
also in more exploratory presentations that examine open questions and raise
fundamental concerns about existing theories. Both papers and panel proposals
are welcome. Possible topics include, but are not limited to:
Access control
Authentication
Data and system integrity
Database security
Network security
Distributed systems security
Anonymity
Intrusion detection
Security for mobile computing
Security protocols
Security models
Decidability issues
Privacy
Executable content
Formal methods for security
Information flow
Language-based security
VInfoSecu02
The International Conference on Information Security 2002,
Si Nan Story, Shanghai Science Hall, Shanghai, China, July 10-13, 2002.
[posted here 5/20/02]
Ever since the inception of the Internet, the importance of computer
and information security has been growing rapidly and there is no sign
of diminishing. In recognizing this trend, ACM, together with Shanghai
Computer Society (SCS) and China Computer Federation (CCF), is sponsoring
the 2002 International Conference on Information Security (InfoSecu'2002)
to be held in Shanghai, China. InfoSecu'2002 brings together researchers
and practitioners, not only from the local region, but also from around
the world, to exchange ideas and experiences in the field. Topics of interest
include:
- Access control and authorization
- Authentication, biometrics, and smartcards
- Commercial and industrial security
- Data integrity Access control and audit
- Database security
- Denial of service and its treatment
- Distributed systems security
- Electronic commerce
- Electronic privacy, anonymity
- Information flow
- Intrusion detection and survivability
- Language-based security
- Mobile code and agent security
- Network security
- Security protocols
- Security verification
- Viruses and other malicious code
More information can be found at the workshop web page at
www.cintec.cuhk.edu.hk/~infosecu02/.
FIRST
The 14th Annual Computer Security Incident Handling Conference, Hilton
Waikoloa Village, Hawaii, USA, June 24-28, 2002. [posted here 8/27/01]
The Forum of Incident Response and Security Teams is a global organization whose aim
is to facilitate the sharing of security-related information and to foster cooperation
in the effective prevention, detection, and recovery from computer security incidents.
Its members are CSIRTs (Computer Security Incident Response Teams) from government,
commercial, academic, and other environments. The FIRST conference (www.first.org/conference/2002/) brings together IT managers, system and network
administrators, security specialists, academics, security solutions vendors, CSIRT
personnel and anyone interested in
- the most advanced techniques in detecting and responding to computer security incidents
- the latest improvements in computer security tools, methodologies, and practice
- sharing their views and experiences with those in the computer security
incident response field
The Call For Papers is at: www.first.org/conference/2002/cfp.html
DSN2002
The International Conference on Dependable Systems and Networks, Bethesda,
Maryland, USA, June 23-26, 2002. [posted here 9/15/01]
The International Conference on Dependable Systems and
Networks 2002(DSN-2002) announces its Call for Contributions for full
papers, practical experience reports, workshop proposals, tutorials,
student forum, and fast abstracts. Full papers are due November 19th, 2001.
Please see www.dsn.org for submission information. Contributions are
invited in, but are not limited to:
- Analytical and Simulation Techniques for Performance and
Dependability Assessment
- Architectures for Dependable Computer Systems
- Dependability Benchmarking
- Dependability of High-Speed Networks and Protocols
- Dependability Modeling and Prediction
- Dependability in VLSI
- E-commerce Dependability
- Fault Tolerance in Transaction Processing
- Fault Tolerance in Distributed & Real-Time Systems
- Fault Tolerance in Multimedia Systems
- Fault Tolerance in Mobile Systems
- Information Assurance and Survivability
- Internet Dependability and Quality of Service
- Intrusion Tolerant Systems
- Measurement Techniques for Performance and Dependability Assessment
- Safety-Critical Systems
- Software Testing, Validation, and Verification
- Software Reliability
- Tools for Performance and Dependability Assessment
3rd
Annual IEEE Information Assurance Workshop, United Stated Military
Academy, West Point, NY, USA, June 17-19, 2002. [posted here 12/17/01]
The workshop is designed to provide a forum for Information Assurance researchers and practitioners to
share their research and experiences. Attendees hail from industry, government, and academia. The focus of this
workshop is on innovative, new technologies designed to address important Information Assurance issues.
Papers will be divided into two broad categories. Approximately 2/3 of the papers will focus on
innovative new research in Information Assurance. The remaining 1/3 of the papers will be recent experience
and lessons learned from Information Assurance practitioners. Areas of particular interest at this workshop are:
* Innovative intrusion detection and response methodologies
* Information warfare
* Information Assurance education and professional development
* Secure software technologies
* Wireless security
* Computer forensics
More information can be found on the conference web age at www.itoc.usma.edu/Workshop/2002.
Workshop on Statistical
and Machine Learning Techniques in Computer Intrusion Detection, The Johns
Hopkins University, Baltimore, MD, USA, June 11-13, 2002. [posted here 12/7/01]
Researchers in Computer Security are invited to participate. The following topic areas are of potential interest.
- Data Mining in Intrusion Detection/Network Data
- Program Profiling
- Pattern Recognition Techniques in Computer Security
- User Profiling
- Statistical Measures of Network Traffic
- Machine Profiling
- Intrusion Detection Datasets and Databases
- Computer Virus Epidemiology
- Evaluating IDS systems/Performance Measures
- Virus detection
- Visualization of Network Data
- Anomaly Detection
- Visualization of Intrusion Data
- Fingerprinting
- Random Graph Techniques
- Host Monitoring
- Network Monitoring
For more information, or to volunteer to chair a session, or to submit an abstract, please contact:
David Marchette
Naval Surface Warfare Center, Code B10
17320 Dahlgren Rd.
Dahlgren, VA 22448-5000 USA
marchettedj@nswc.navy.mil
POLICY2002
IEEE Third International Workshop on Policies for Distributed Systems and
Networks, June 5-7, 2002. [posted here
10/18/01]
POLICY 2002 invites contributions on all aspects of policy-based
computing. Papers must describe original work and must not have
been accepted or submitted for publication elsewhere. Submitted
papers will be evaluated for technical contribution, originality,
and significance. Topics of interest include, but are not limited
to the following:
- processes, methodologies, and tools for discovering, specifying,
reasoning about, and refining policy
- abstractions and languages for policy specification
- policy models for access-control, systems management, QoS
adaptation, intrusion detection, privacy
- policy based networking
- policy frameworks for active networks, mobile systems, e-commerce
- implementation models and techniques
- integrating policies into existing systems and environments
- provisioning of policies
- business rules and organizational modeling
- trust models and trust management
- extensions and refinements to policy standards
- case studies of applying policy-based technologies
See the conference web page at www.policy-workshop.org/2002/
for details.
NCISSE'2002
The 6th National Colloquium for Information Systems Security Education,
Redmond, Washington, USA, June 3-7, 2002. [posted here 9/15/01]
The colloquium solicits papers from practitioners, students, educators, and
researchers. The papers should discuss course or lab development, INFOSEC
curricula, standards, best practices, existing or emerging programs, trends,
and future vision, as well as related issues. We are especially interested in
novel approaches to teaching information security as well as what should be
taught. This includes the following general topics:
- Assessment of need (e.g. how many information security
workers/researchers/faculty are needed?)
- Integrating information assurance topics in existing graduate or
undergraduate curricula
- Experiences with course or laboratory development
- Alignment of curriculum with existing information assurance education
standards
- Emerging programs or centers in information assurance
- Late breaking topics
- Best practices
- Vision for the future
Papers reporting work in progress are also welcomed, especially if enough
information to evaluate the work will be available at the time of the colloquium.
Please see the NCISSE web site at www.ncisse.org for details on submitting a paper.
Workshop on Economics and Information Security, University of California, Berkeley,
CA, USA, May 16-17, 2002. [posted here 1/17/02]
Do we spend enough on keeping `hackers' out of our computer systems? Do we not
spend enough? Or do we spend too much? Many system security failures occur not
so much for technical reasons but because of failures of organisation and
motivation. For example, the person or company best placed to protect a system
may be insufficiently motivated to do so, because the costs of system failure
fall on others. Such perverse incentives raise many issues best
discussed using economic concepts such as externalities, asymmetric
information, adverse selection and moral hazard. They are becoming
increasingly important now that information security mechanisms are
not merely used to protect against malicious attacks, but also to
protect monopolies, differentiate products and segment markets. There
are also interesting security issues raised by industry monopolization
and the accompanying reduction in product heterogeneity. For these and
other reasons, the confluence between information security and
economics is of growing importance. We are organising the first workshop on the
topic, to be held in the School of Information Management and Systems at the
University of California, Berkeley, on the 16th and 17th May 2002. In order to
keep the event informal and interactive, attendance will be limited to
about 30-35 participants. If you would like to participate, please
send us a position paper (of 1-2 pages) by the 31st March 2002.
We welcome interest not just from economists and information security
professionals, but from people with relevant experience, such as in
the insurance industry, corporate risk management, or law enforcement
agencies. More information can be found on the workshop web page at www.cl.cam.ac.uk/users/rja14/econws.html
WWW2001
The Eleventh International World Wide Web Conference, Sheraton Waikiki
Hotel, Honolulu, Hawaii, USA, May 7-11, 2002. [posted here 8/2/01]
Beginning with the first International WWW Conference in 1994, this prestigious series
of the International World Wide Web Conference Committee (IW3C2) also provides a
public forum for the WWW Consortium (W3C) through the annual W3C track. The conference
will consist of a three-day technical program, preceded by a day of tutorials and
workshops and followed by a "Developers Day." Developers Day will be devoted to
in-depth technical sessions designed specifically for web developers. The technical
program will include refereed paper presentations, peer-reviewed presentations, plenary
sessions, panels and poster sessions describing current work. Areas of interest for the
refereed paper track include:
- Applications
- Browsers and User Interfaces
- Electronic Commerce and Security
- Hypermedia
- Languages
- Mobility and Wireless Access
- Multimedia
- Performance
- Searching, Querying, Indexing, and Crawling
- Semantic Web
Authors of special merit papers will be invited to submit extended versions for
publication in a special issue of the IEEE Transactions on Knowledge and Data
Engineering. Please see the conference web site and full call-for-papers
at www2002.org (or email info@www2002.org) for information.
The 1st Annual PKI
Research Workshop, NIST, Gaithersburg, MD, USA, April 24-25, 2002.
[posted here 12/10/01]
To a large extent, the hoped-for public key infrastructure has not "happened yet." PKI for large, eclectic populations has not
materialized; PKI for smaller, less diverse "enterprise" populations is
beginning to emerge, but at a slower rate than many would like or had
expected. Why is this? This workshop among leading security researchers
will explore the issues relevant to this question, and will seek to foster
a long-term research agenda for authentication and authorization in large
populations via public key cryptography. The workshop is intended to
promote a vigorous and structured discussion---a discussion well-informed
by the problems and issues in deployment today. Submitted works for panels,
papers and reports should address one or more critical areas of inquiry.
Topics include (but not are not limited to):
* Cryptographic methods in support of security decisions
* The characterization and encoding of security decision data (e.g.,
name spaces, x509,
SDSI/SPKI, XKMS, PGP, SAML, Keynote, PolicyMaker, etc),
policy mappings and languages, etc.
* The relative security of alternative methods for supporting security
decisions
* Privacy protection and implications of different approaches
* Scalability of security systems; (are there limits to growth?)
* Security of the rest of the components of a system
* User interface issues with naming, multiple private keys, selective
disclosure
* Mobility solutions
* Approaches to attributes and delegation
* Discussion of how the "public key infrastructure" required may differ
from the "PKI" traditionally defined
See the workshop web site at www.cs.dartmouth.edu/~pki02/index.shtml for details.
PET2002
Workshop on Privacy Enhancing Technologies, San Francisco, CA, USA, April 14-15, 2002.
[posted here
8/24/01]
Privacy and anonymity are increasingly important in the online world.
Corporations and governments are starting to realize their power to
track users and their behavior, and restrict the ability to publish
or retrieve documents. Approaches to protecting individuals, groups,
and even companies and governments from such profiling and censorship
have included decentralization, encryption, and distributed trust.
The workshop seeks submissions from academia and industry presenting
novel research on all theoretical and practical aspects of privacy
technologies, as well as experimental studies of fielded systems.
We encourage submissions from other communities such as law and business
that present these communities' perspectives on technological issues. We
will publish accepted papers in proceedings in the Springer Lecture
Notes in Computer Science (LNCS) series.
Suggested topics include but are not restricted to:
* Efficient realization of privacy services
* Techniques for and against traffic analysis
* Attacks on anonymity systems
* New concepts for anonymity systems
* Novel relations of payment mechanisms and anonymity
* Models for anonymity and unobservability
* Models for threats to privacy
* Techniques for censorship resistance
* Resource management in anonymous systems
* Pseudonyms, linkability, and trust
* Policy and human rights -- anonymous systems in practice
* Fielded systems and privacy enhancement techniques for existing systems
* Frameworks for new systems developers
More information can be found on the workshop web page
at www.pet2002.org.
Sixth Annual Distributed Objects
and Components Security Workshop, Baltimore, Maryland, USA, March 18-21, 2002.
[posted here 1/24/02]
For the complete Call for Presentations and instructions on how to submit a
proposal, see www.omg.org/news/meetings/docsec2002/call.htm. The workshop,
hosted by the Object Management Group and co-sponsored by Promia, Inc. and the
National Security Agency (NSA), will provide a forum for discussing the issues
associated with securing integrated application systems. Interested individuals
or organizations are invited to submit via email, a brief abstract by of the
presentation/position they are proposing for the Workshop. The Workshop Program
Committee is seeking proposals on the following topics:
- Existing and emerging DOC application middleware
- DOC applications and secure online identity
- Emerging security technologies and specifications
- User Case Studies
- Vendor Case Studies
- Academic or industrial research
- Research into techniques and technologies for specifying and verifying security
- Realization of security architectures
- Integration
- Security validation
- Security Systems Management
For additional details on the topics and instructions on how to submit
abstracts, refer to http://www.omg.org/news/meetings/docsec2002/call.htm.
FC'2002
Financial Cryptography, Southhampton, Bermuda, March 11-14, 2002. [posted here 9/17/01]
Original papers are solicited on all aspects of financial data security and digital
commerce for submission to the Sixth Annual Conference on Financial Cryptography.
FC '02 brings together researchers in the financial, legal, cryptologic, and data
security fields to foster cooperation and exchange of ideas. A list of
topics of interest is given on the conference web page
at www.crypto.com/papers/fc02cfp.html
IPTPS'02
The First International Workshop on Peer-to-Peer Systems, Cambridge, MA,
USA, March 7-8, 2002. [posted here
10/16/01]
Peer-to-peer has emerged as a promising new paradigm for distributed
computing. The 1st International Workshop on Peer-to-Peer Systems
(IPTPS'02) aims to provide a forum for researchers active in
peer-to-peer computing to discuss the state-of-the-art and to identify
key research challenges in peer-to-peer computing.
The goal of the workshop is to examine peer-to-peer technologies,
applications and systems, and also to identify key research issues and
challenges that lie ahead. In the context of this workshop,
peer-to-peer systems are characterized as being decentralized,
self-organizing distributed systems, in which all or most
communication is symmetric. Topics of interest include, but are not
limited to:
* novel peer-to-peer applications and systems
* peer-to-peer infrastructure
* security in peer-to-peer systems
* anonymity and anti-censorship
* performance of peer-to-peer systems
* workload characterization for peer-to-peer systems
See the conference web page at www.cs.rice.edu/Conferences/IPTPS02/ for
details.
Cryptographer's Track
at the RSA 2002 Conference, San Jose, California, USA, February 18-22,
2002. [posted here 5/1/01]
Following the success of the new approach to the
Cryptographers' Track 2001, the Cryptographers' Track of RSA Conference 2002 will be run as an anonymously refereed
conference with proceedings edited in Springer-Verlag's Lecture Notes in the Computer Science series.
Original research papers pertaining to all aspects of cryptography as well as tutorials and overviews are solicited.
Submissions may present theory, techniques, applications and practical experience on topics including, but not limited to:
fast implementations, secure electronic commerce, network security and intrusion detection, formal security models,
comparison and assessment, tamper-resistance, certification and
time-stamping, cryptographic data formats and standards, encryption and signature schemes, public key infrastructure,
cryptographic protocols, elliptic curve cryptography, block ciphers, stream ciphers, hash functions, discrete logarithms
and factorization techniques, lattice reduction and provable security.
More information can be found at
www.rsaconference.com/rsa2002/cryptotrack.html.
PKC'2002
International Workshop on the Practice and Theory of Public Key Cryptography, Paris, France, February 12-14, 2002.
[posted here 9/17/01]
PKC2002, the fourth conference in the International
workshop series on the practice and theory in public key cryptography, is
soliciting original research papers pertaining to all aspects of public
key encryption and signatures. Submissions may present theory,
techniques, applications and practical experience on topics including but
not limited to:
Certification and
time-stamping encryption data
formats
provable security
cryptanalysis
encryption
schemes
public key infrastructure
comparison and
assessment
fast
implementations
secure electronic commerce
discrete
logarithm
integer
factorization
signature data formats
electronic
cash/payments
international
standards
signature schemes
elliptical curve
cryptography
lattice
reduction
signcryption schemes
More information can be found on the conference web page at www.novamedia.fr/conferences/conferences/confpkc.html
FAST
2002 File and Storage Technologies Conference, Monterey, CA,
USA, January 28-29, 2002. [posted here
5/6/01]
Sponsored by USENIX, The Advanced Computing Systems Association,
in cooperation with ACM SIGOPS and IEEE TCOS. The FAST conference will bring
together the top storage systems researchers and practitioners, to explore the
design, implementation and uses of storage systems. It will also feature the best
work in file and storage systems to date. FAST is the successor to IOPADS,
which for several years was the top conference dedicated to parallel
and distributed I/O systems. FAST 2002 will consist of two days of technical
presentations, including refereed papers, invited talks, and an introductory
keynote address. A session of work-in-progress presentations is planned, and
informal Birds-of-a-Feather sessions may be organized by attendees. The FAST 2002
Program Committee invites you to contribute your ideas, proposals and papers for,
the invited talks program, refereed papers track, and Work-in-Progress Reports.
We welcome submissions that address any and all issues relating to File and
Storage Systems. The Call for Papers with submission guidelines and suggested
topics [which includes security issues] is now available at: www.usenix.org/events/fast/cfp/.
WITS'2001
Workshop on Issues in the Theory of Security (in conjunction with
POPL'02), Portland, Oregon, USA, January 14-15, 2002. [posted here 7/19/01]
The IFIP WG 1.7 on "Theoretical Foundations of Security Analysis and Design"
was established to investigate the theoretical foundations of security. It aims
to discover and promote new ways to apply theoretical techniques in computer
security, and to support the systematic use of formal techniques in the
development of security related applications. Extended abstracts of work presented at the Workshop will be collected before
the workshop and distributed to the participants. As in 2000, there will
be no formally published proceedings of this year's workshop; however, selected
papers will be invited for submission to a special issue of the Journal of
Computer Security based on the Workshop. Researchers are invited to submit
extended abstracts of original work on topics in the spirit of the workshop.
Possible topics for submitted papers include, but are not limited to:
Indocrypt'2001
Second International Conference on Cryptology in India, Chennai, India,
December 16-20, 2001. [posted here
12/20/00]
Original papers on all technical aspects of cryptology are solicited for
submission to Indocrypt 2001. Detailed instructions for submission
of a paper are given on the conference web site at www.cs.iitm.ernet.in/indocrypt.
ACSAC'2001,
17th Annual Computer Security Applications Conference, New Orleans, USA,
December 10-14, 2001. [posted here
2/20/01]
We are currently soliciting papers, panels, forums, case studies, and
tutorial proposals for the 17th Annual Computer Security Applications
Conference (ACSAC) to be held 10 – 14 December 2001 in New Orleans,
Louisiana, USA. For general information or questions about ACSAC, please
see our web page at www.acsac.org or email
Publicity_Chair@acsac.org.
For specific submission-related information, please see the
following web page: www.acsac.org/2001/cfp.
IW2001
2nd Australian
Information Warfare and Security Conference, Scarborough,
Perth, Western Australia, November 29-30, 2001. [posted here 3/2/01]
The conference will be held in conjunction with the Working for
E-Business conference (see www.we-bcentre.com/conf2001)
to be held at the Rendevous Observation City,
Scarborough, Perth, Western Australia.
Sample conference topics areas include but are not restricted to:
- E-Intelligence/counter-intelligence
- Perception management
- Information warfare theory
- Electro-magnetic pulse weapons
- Information security
- Cryptography
- Physical security
- Security policy
- Information warfare policy
- Information warfare techniques
- Hacking
- Infra-structure warfare
- National security policy
- Corporate defense mechanisms
- Security for small to medium enterprises
- Information warfare and security education
See the workshop web page at www.we-bcentre.com/iw2001/
for more details.
Yuforic'01
Youth Forum in Computer Science and Engineering, Valencia, Spain, November
29-30, 2001. [posted here
5/4/01]
Sponsored by Universidad Politecnica de Valencia, the IEEE Computer Society and
the Spanish Section of the IEEE. YUFORIC is the IEEE Computer Society's dynamic
new program to bring students and new professionals together in a forum for
exchanging ideas and sharing experiences. YUFORIC features a series of workshop,
held worldwide, emphasizing presentations of studies-in-progress by university
students and new professionals in industry and academia. Discussion and interaction
are highlighted. Young and/or new professionals will be encouraged to take the
lead in guiding students' research interests. In turn, university
students will gain better insight into the ongoing, real-world activities
of the professional community. The topics of interest include, but are not
limited to:
- Frameworks, architectures and models for e-commerce
- Commerce oriented middleware services (CORBA, DCOM, J2EE, etc.)
- Intelligent and mobile agent technology for e-commerce
- Web and Java technology for networked e-commerce
- User Interface support for e-commerce
- Auction and negotiation technology
- Security in e-commerce (digital certificate, PKI, smart-cards,
transaction-based security, IPR
management)
- Authentication in e-commerce environment
- Quality assurance in e-commerce
- Trading of intangible goods
- Electronic Payment methods
- Mobile commerce
- Multi device platform for e-commerce (WAP, set-top box, web, etc.)
- E-commerce application case studies
- E-commerce based business models
For more information about the workshop please visit our web site at
yuforic.upv.es
ICICS'2001
Third International Conference on Information and Communications Security,
Xian, China, November 13-16, 2001. [posted here
3/14/00]
ICICS’01 covers all aspects of theory and application of information and communications security.
More information can be found on the conference web page at homex.coolconnect.com/member2/icisa/icics2001.html
CCS-8
Eighth ACM Conference on Computer and Communications Security,
Philadelphia, Pennsylvania, USA, November 6-8, 2001. [posted here 12/19/00]
Papers offering novel research contributions in any aspect of
computer security are solicited for submission to the Eighth ACM Conference on Computer and Communications Security. Papers may
present theory, technique, applications, or practical experience. A
complete list of topics and instructions for submitting a paper or panel
proposal can be found on the conference web site at www.bell-labs.com/user/reiter/ccs8/
Workshop on Data Mining
for Security Applications (part of the 8th ACM Conference on Computer
Security November 6-8, 2001), Philadelphia, PA, USA, November 8, 2001.
[posted here
2/9/01]
This year the ACM's Conference on Computer Communications and Security
offers a special half-day workshop on data mining for security applications. This event provides an opportunity for attendees of
the ACM CCS to meet with researchers who are interested in applying data mining techniques to security applications and discuss critical
issues of mutual interest during a concentrated period. The topics of interest include, but are not limited to:
- Intrusion detection and analysis via data mining
- Data mining in forensics
- Text data mining as a tool for collecting criminal evidence
- Classification and clustering of intrusions, attacks and computer-related crimes
- Real-time detection
- Predictive tools for security
- Mining for inferences
Instructions for submitting an abstract and paper can be found on the
workshop web page at www.bell-labs.com/user/reiter/ccs8/
SPDRM'2001
Workshop on Security
and Privacy in Digital Rights Management (part of the 8th ACM Conference on Computer
Security Nov 6-8, 2001), Philadelphia, PA, USA, November 5, 2001.
[posted here
2/9/01]
Increasingly the Internet is used for the distribution of digital goods, including digital versions of books,
articles, music and images. The ease with which digital goods can be copied and redistributed make the
Internet well suited for unauthorized copying, modification and redistribution.
This workshop will consider technical problems faced by rights holders (who seek to protect their
intellectual property rights) and end consumers (who seek to protect their privacy and to preserve access
they now enjoy in traditional media under existing copyright law). The workshop seeks submissions from academia and industry presenting novel research on all theoretical
and practical aspects of DRM, as well as experimental studies of fielded systems. We encourage
submissions from other communities such as law and business that present these communities'
perspectives on technological issues. A complete list of topics and instructions for submitting a paper can be found o the workshop web page at
www.star-lab.com/sander/spdrm/.
SRDS-20 20th IEEE Symposium
on Reliable Distributed Systems, New Orleans, USA, November 4-7, 2001
(tentative). [posted here 2/9/01]
The objective of this symposium is to provide an effective forum for
researchers and practitioners who are interested in distributed
systems design and development, particularly with reliability,
availability, safety, security, or real-time properties. We welcome
original research papers as well as papers that deal with
development experiences and experimental results of operational
systems. We are also soliciting papers for an experience track
that presents on-going industrial projects, prototype systems,
exploratory or emerging applications, etc. The major areas of
interest include, but are not limited to, the following topics:
- Distributed systems with reliability, availability, security,
safety, and/or real-time requirements
- Distributed databases and transaction processing
- Parallel and distributed operating systems
- Internet systems and applications
- Mobile and ubiquitous computing
- Distributed multimedia systems
- Electronic commerce enabling technologies
- Distributed workflow and enterprise management systems
- Security and High Confidence Systems
- QoS control and assessment
- Analytical or experimental assessment of distributed systems
- Formal methods and foundations for reliable distributed computing
- Distributed objects and middleware systems
- Distributed and Web-based application systems
- Performance modeling and evaluations of reliable distributed systems
More information can be found on the conference web page at
srds.cs.umn.edu
NordSec
2001: Nordic Workshop on Secure IT-Systems, Copenhagen, Denmark,
November 1-2, 2001. [posted here
5/28/01]
The NordSec workshops address applied security in a broad sense and
aim at bringing together researchers and practitioners within computer
security in the Nordic countries - thereby establishing a forum for
discussion and co-operation between universities, industry and computer
societies. In 2001 the workshop is hosted by the Department of
Informatics and Mathematical Modeling at the Technical University of Denmark
in Copenhagen. More details are available on www.imm.dtu.dk/~nordsec.
ECC2001
The 5th
Workshop on Elliptic Curve Cryptography, University of Waterloo, Waterloo,
Canada, October 29-31, 2001. [posted here 9/28/01]
Due to the tragic events in the US, ECC 2001 was rescheduled from
Sep 17-19 to Oct 29-31. If you had registered for the Sep 17-19
workshop, then please send Frances Hannigan (fhannigan@math.uwaterloo.ca) a brief
email letting her know if you plan on attending the Oct 29-31 workshop;
if not, your registration fee will be refunded. We do have slots for new
registrants, so if you would like to attend please register as soon
as possible. We will include the revised lecture schedule in the Seventh
announcement to be mailed on October 8, 2001. ECC 2001 is the fifth in a series of annual
workshops dedicated to the study of elliptic curve cryptography and related areas. The
main themes of ECC 2001 will be:
- The discrete logarithm and elliptic curve discrete logarithm
problems.
- Provably secure discrete log-based cryptographic protocols for
encryption, signatures and key agreement.
- Efficient software and hardware implementation of elliptic curve
cryptosystems.
- Deployment of elliptic curve cryptography.
It is hoped that the meeting will encourage and stimulate further
research on the security and implementation of elliptic curve
cryptosystems and related areas, and encourage collaboration between
mathematicians, computer scientists and engineers in the academic,
industry and government sectors. More information can be found at the workshop web
site at www.cacr.math.uwaterloo.ca/.
TPRC2001
The 29th Research Conference on Communication, Information and Internet
Policy, Alexandria, Virginia, USA, October 27-29, 2001. [posted here 2/9/01]
TPRC hosts this annual forum for dialogue among scholars
and decision-makers from the public and private
sectors engaged in communication and information
policy. The purpose of the conference is to acquaint
policymakers with the best of recent research and to familiarize
researchers with the knowledge needs of policymakers and industry.
The TPRC program is assembled from submitted and invited abstracts.
TPRC is now soliciting proposals for papers for
presentation at its 2001 conference. Proposals
should be based on current theoretical and/or
empirical research relevant to the making of communication and
information policy, and may be from any disciplinary perspective.
TPRC welcomes national, international, or comparative studies. Topics
on interest and instructions for submitting a paper can be found
on the conference web page at www.tprc.org/TPRC01/2001.HTM
RAID'2001
Fourth International Symposium on the Recent Advances in Intrusion
Detection, Davis, California, USA. October 10-12, 2001. [posted here 12/19/00]
This symposium, the fourth in an annual series, brings together
leading figures from academia, government, and industry to discuss
state-of-the-art intrusion detection technologies and issues from the
research and commercial perspectives. The RAID International
Symposium series is intended to further advances in intrusion
detection by promoting the exchange of ideas in a broad range of
topics. The RAID'2001 program committee invites submission of both technical
and general interest papers and panels from those interested in
formally presenting their ideas during the symposium. RAID'2001 will
welcome full papers, short papers and panel proposals. Full papers are
intended for presenting mature research results, and short ones for
work-in-progress presentations. We also seek panel submissions in the
same areas. A complete list of topics of interest
along with instructions for submitting a paper or panel proposal can be
found at the conference web site at
www.raid-symposium.org/Raid2001/.
I3E
First IFIP Conference on e-commerce, e-business, e-Government, Zurich, Switzerland, October 4-5, 2001.
[posted here 1/30/01]
This conference is the first IFIP conference on e-commerce, e-business,
and
e-government sponsored by the three committees TC6, TC8, and TC11. It provides
a forum for users, engineers, and scientists in academia, industry, and
government to present their latest findings in e-commerce, e-business, or
e-government applications and the underlying technology to support those
applications. Areas of particular interest include but are not limited to:
- Pre-sales support, ordering, settlement, delivery, and payment
- Post-sales services and customer care
- Innovative business models and business process re-engineering
- Interorganizational systems, virtual organizations, and virtual
markets
- Supply chains, work flow management, control and audit mechanisms
- Procurement, negotiations and dynamic pricing models (bidding,
auctions)
- Trading of intangible goods
- Information & communication platforms, mobile agents, unified
messaging
- Security, privacy, and consumer protection
- Smart Cards and biometrics
- Information retrieval, data mining, semantic web
- Legal, social, cross-cultural issues
- Trust and confidence in digital signatures and certificates
- Mobile e-commerce and ubiquitous electronic markets
- Innovative government services for the citizen
- Strategic management of e-commerce, e-business, e-government
systems
- Measuring of E-Commerce impact/results
The conference will comprise a main track with papers in the topics above and
several minitracks dedicated to special topics. More information can be
found on the conference web page at
www.ifi.unizh.ch/I3E-conference
ISC'2001
Information Security Conference, Malaga, Spain, October 1-3, 2001.
[posted here 1/16/01]
Original papers are solicited for submission to the Information
Security Conference 2001. ISC aims to bring together individuals involved in multiple disciplines of information security to foster exchange of
ideas. The emphasis of the conference is multi-disciplines of information security. Topics include but not limited to:
- Biometrics
- Collaborative Applications
- Copyright Protection
- Distributed Trust Management
- E-Commerce Protocols
- Electronic Voting
- Information Hiding
- Intrusion Detection
- IP-Security
- Implementations
- Legal and Regulatory Issues - Payments/MicroPayments
- Notary Public
- Security Analysis Tools
- Tamper-Resistant SW/HW - Virtual Private Networks
- Watermark
- Web Security
Instruction for authors and more information on the conference are given on
the conference web site at www.isconference.org.
ISSE
2001 Information
Security Solutions Europe Conference, QEII Conference Centre, London, UK,
September 26-28,
2001. [posted here
12/18/00]
EEMA - The European Forum for Electronic Business and TeleTrusT - The
Association for the Promotion of Trustworthiness of IT-Systems invite
you to participate in the Call for Papers for ISSE 2001. ISSE is the European
institution for the presentation and discussion of technical,
organisational,
legal and political concepts for information security and data protection. As
a user-oriented conference it provides presentations and panel discussions
about existing and future information security solutions for large scale
corporations, enterprises, especially for SMEs, commerce, financial institutions,
public sector, health care, legal practitioners and security professionals.
An extensive list of topics of interest along with instructions for submitting
a paper is given in the full call-for-papers at
www.eema.org/isse.
InfoSecu01
ACM
International Conference on Information Security, Shanghai, China,
September 24-26, 2001. [posted here
2/20/01]
InfoSecu01 solicits previously unpublished papers offering novel
research and practice contributions in any aspect of computer security for submission to the 2001 symposium. Papers may represent advances in
the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application
domains. Topics of interest include, but are not limited to, the following:
- Access control, authorization, and audit
- Network security
- Authentication, biometrics, and smartcards
- Security protocols
- Commercial and industrial security
- Security verification
- Data integrity
- Viruses and other malicious code
- Database security
- Mobile code and agent security
- Denial of service and its treatment
- Language-based security
- Distributed systems security
- Information flow
- Electronic commerce
- Electronic privacy, anonymity
- Intrusion detection and survivability
For further information regarding InfoSecu01, please contact the conference secretariat
at bu-fl@cs.sjtu.edu.cn. The full call-for-papers is at java.sun.com/people/gong/conf/shanghai2001/cfp.txt
NSPW'2001
New Security Paradigms Workshop 2001, Cloudcroft, New Mexico, USA,
September 11-13, 2001. [posted here 1/16/01]
2001 is the tenth anniversary of the New Security Paradigms Workshop,
which has provided a productive and highly interactive forum for
innovative new approaches to computer security. The workshop offers
a constructive environment where experienced researchers and
practitioners work alongside newer participants in the field. In order to preserve the small, focused nature of the workshop,
participation is limited to authors of accepted papers and conference
organizers. Because we expect new paradigms we accept wide-ranging
topics in information security. Any paper that presents a significant
shift in thinking about difficult security issues or builds on a
previous shift is welcomed. Authors are encouraged to present
ideas that might be considered risky in some other forum. Details on
topics of interest along with instructions for submitting a
paper are given on the conference web site at
www.nspw.org.
Workshop on Operational
Text Classification Systems 2001 (in conjunction with ACM
SIGIR 2001 9/9-9/13), New Orleans, USA, September 13, 2001. [posted here 5/28/01]
Text classification research and practice has exploded in the past decade.
This work has been pursued under a variety of headings (text categorization,
automated indexing, text mining, topic detection and tracking, etc.).
Both the automated assignment of textual data to classes, and the automated
discovery of such classes (by techniques such as clustering) have been
of intense interest. A variety of practical applications have been
fielded, in areas such as indexing of documents for retrieval, hierarchical
organization of Web sites, alerting and routing of news, creation of
specialized information products, enforcement of information security,
content filtering (spam, porn, etc.), help desk automation, knowledge
discovery in textual and partially textual databases, and many others.
Experiments on text classification data sets have been widely presented
in a variety of forums. The technical details of operational text
classification, however, have rarely been discussed.
The goal of this workshop is to expose researchers and practitioners to
the challenges encountered in building and fielding operational text
classification systems. Workshop topics will include (but are not limited to):
* Cost effectiveness of automating text classification tasks
* Understanding what users want from classification systems
* Technical and personnel issues in using training data and prior
knowledge
* Trading off space, time, and other resources in the training,
adaptation, and execution phases of classification
* Integrating automated classification systems with pre-existing
software, organizational procedures, relevant laws, and cultural expectations
* Maintaining and monitoring effectiveness as text sources and classes
change over time
* Discovering, defining, updating, and explaining classes and
classifiers
* The roles of classification and related technologies (information
extraction, terminology discovery, etc.)
Participation in the workshop is limited. Please see
www.DavidDLewis.com/events/otc2001
for details on submissions.
Biometric Consortium 2001 Conference, Orlando, FL, USA, September 12-14,
2001. [posted here 8/24/01]
Sponsored by: National Institute of Standards (NIST) Information Technology
Laboratory (ITL) and Advanced Technology Program (ATP), the National
Security Agency (NSA), the DoD Biometric Management Office (BMO), and the General
Services Administration (GSA) Federal Technology Service,
Center for Smart Card Solutions. The conference is open to the Biometric Consortium members and to the
general public. More information, including a conference program,
can be found on the conference web site at
www.nist.gov/bc2001
IST'2001 International
Symposium on Telecommunications, Tehran, Iran, September 1-3, 2001.
[posted here 1/30/01]
The first International Symposium on Telecommunications will be organized by
the Iran Telecommunication Research Center (ITRC). The Symposium will be
sponsored by IEEE, IEE and ICT. It aims to provide a broad international
forum as well as an outstanding opportunity for scientific researchers,
academicians and telecommunication engineers to discuss new and emerging
technologies, progress in standards, services and their applications in
telecommunication and information systems. More information on the workshop,
along with a complete list of topics of interest can be found at www.itrc.ac.ir/ist2001
10th USENIX Security Symposium, Washington, D.C., August 13-17, 2001. [posted here 5/31/01] Practical security for the real world. Keynote address by Richard M. Smith, CTO, Privacy Foundation "Web-Enabled Gadgets: Can We Trust Them?" 24 Refereed papers on the best new research: Denial of Service, Math Attacks, Key Management, Hardware, Managing Code, Firewalls/Intrusion Detection, Operating Systems, and Authorization. Please see the conference web site at www.usenix.org/events/sec01 for details.
The Fifteenth Annual
IFIP WG 11.3 Working Conference on Database and Application Security,
Niagara on the Lake, Ontario, Canada, July 15-18, 2001. [posted here
6/9/01]
The conference provides a forum for presenting original unpublished research
results, practical experiences, and innovative ideas in database security.
Registration information is available at: www.csd.uwo.ca/conf/IFIP
Please register by June 15 to ensure a room in the hotel.
ACISP'2001
The Sixth Conference on Information Security and Privacy, Sydney,
Australia, July 2-4, 2001. [posted here
9/12/00]
Original papers pertaining to all aspects of computer systems and
information security are solicited for submission to the Sixth
Australasian Conference on Information Security and Privacy (ACISP
2001). Papers may present theory, techniques, applications and
practical experiences on a variety of topics including:
- Authentication and authority -
Cryptology
- Database security -
Access control
- Mobile communications security
- Network security
- Secure operating systems
- Smart cards
- Security management
- Risk assessment
- Secure commercial applications
- Copyright protection
- Key management and auditing
- Mobile agents security
- Secure electronic commerce
- Software protection & viruses
- Security architectures and models
- Security protocols
- Distributed system security
- Evaluation and certification
Detailed information about the conference can be found at
the conference web site: www.cit.nepean.uws.edu.au/~acisp01
EFCE
The Second Edinburgh Financial Cryptography Engineering Conference,
Edinburgh, Scotland, June 22-23, 2001. [posted here 1/2/01]
Edinburgh is again host to the international engineering
conference on Financial Cryptography. Individuals and companies active in
the field are invited to present and especially to demonstrate Running
Code that pushes forward the "state of the art". This is a
technical, practical meet. Presentations of demonstrable technology
in the field of Financial Cryptography are invited. As this is
a practical conference, we are hoping to accept every demonstrator.
More information can be found on the conference web site at www.efce.net/.
[Editor's note: It was not clear from the announcement if there is a
deadline for submitting your code and presentation. Please check the
web site for current information.]
MOS'2001 The 7th ECOOP Workshop on
Mobile Object Systems, (in association with the 15th European
Conference on Object-Oriented Programming), Budapest
Hungary, June 18, 2001. [posted here
2/20/01]
This year's workshop has two emphases. Firstly, it seeks experience
reports, as well as papers on design and development techniques for
mobile object applications. Application of the recent research results
in the development of real systems is crucial for the future of mobile
computing. Secondly, it brings together a group of active
researchers
working on security and fault tolerance to develop an understanding of
the important research problems and recent results in these areas. In
particular, it is felt that it should be beneficial to examine fault
tolerance and security issues together as secure agents systems can be
used for building fault tolerant systems and at the same time general
fault tolerance mechanisms can be applied for providing security.
Topics of interest and instructions for submitting a paper can be found on
the workshop web page at cui.unige.ch/~ecoopws.
Verification
Workshop (in connection with IJCAR
2001), Siena, Italy, June 19-19, 2001. [posted here 3/10/01]
The aim of this verification workshop is to bring together people who
are interested in the development of safety and security critical
systems, in formal methods in general, in automated theorem proving,
and in tool support for formal developments. The emphasis of this
years workshop is on the identification of open problems and the
discussion of possible solutions under the theme "What are the verification
problems? What are the deduction techniques?" Depending on quality submissions
the workshop will consist of two parts which each focus on one of these
questions followed by an overall discussion. Topics include (but are not limited
to):
- ATP techniques in verification + Refinement & decomposition
- Case studies (specification & verification) + Reuse of specifications
& proofs
- Combination of verification systems + Safety critical systems
- Compositional & modular reasoning + Security for mobile computing
- Fault tolerance + Security models
- Gaps between problems & techniques + Verification systems
- Protocol verification
Regular papers and discussion papers are encouraged. Please see the workshop
web page at www.ags.uni-sb.de/verification-ws/index.html for details.
FIRST'2001
The 13th Annual FIRST Conference on Computer Security and Incident
Handling, Toulouse, France, June 17-22, 2001. [posted here 10/4/00]
The Forum of Incident Response and Security Teams (FIRST)
conference brings together IT managers, system
and network administrators, security specialists,
academia, security solutions vendors, computer security incident
response team (CSIRT) personnel and anyone interested in the most advanced techniques in detecting and responding to computer
security incidents; the latest advances in computer security tools,
methodologies, and practice; and sharing their
views and experiences with those in the computer security
incident response field. The conference is a
five day event, comprising two days of tutorials and
three days of technical sessions which include refereed paper presentations,
invited talks, and panel discussions. More information on the
conference and submitting a paper can be found on the conference web page
at www.first.org/conference/2001/.
SCITS-II
IFIP WG 9.6/11.7 Working Conference on Security and Control of IT in
Society II, Bratislava, Slovakia, June 15-16, 2001. [posted here 9/30/00]
In the Global Information Society, dependencies on IT are
wide-spread already and still rising. Yet IT and the emerging Global
Information Infrastructure (GII) introduce new opportunities for criminal
activities, and new potential threats to people and society. These
threats and opportunities have to be countered and controlled in a
manner that balances the benefits of IT. In order to make good use
of the advantages offered by the new Global Information Infrastructure,
a secure and trustworthy environment is needed, which takes also
into account social and legal values. The working conference will
focus on legal, social, technical, and organisational aspects of
information infrastructures and of new global applications.
It will further address how to prevent emerging threats to IT
systems security as well as risks to people, organisations, and
society as a whole. Invited topics include, but are not limited
to the following:
- Case studies of Misuse
- Risks in the GII to system security, people, and society
- Risks of malware and intelligent agents
- Internet Fraud
- Risks through interception and tracking
technologies
- Risks analysis methods: new approaches and experiences
- Critical Information Infrastructure Protection and Social
Implications
- Approaches to high-tech crime prevention, detection, and
investigation
- International Cooperation in fighting high-tech crime
- Multilateral Security
- Protecting users/usees by Privacy-Enhancing Technologies
- Users´ security responsibilities
- Crypto / Anonymity debate
- IT law for preventing Misuse (e.g. in the area of Electronic Commerce)
- Regulations for Digital Signatures, concepts of Certification
Authorities
- Perception of security in society, security awareness
Complete instructions for submitting a paper can be found on the
conference web page at www.conference.sk/ifip/.
The 13th Annual Canadian
Information Technology Security Symposium, Ottawa, Canada, June 11-15,
2001. [posted here 11/22/00]
"Setting Our Sites
on Security". For
information: (613)991-8500; fax: (613)991-7251; Web site: www.cse-cst.gc.ca/cse/english/annual.html e-mail:
citss@cse-cst.gc.ca In English/French.
CSFW'14
14th IEEE Computer Security Foundations Workshop, Cape Breton, Nova
Scotia, Canada, June 11-12, 2001. [posted here
10/13/00]
This workshop series brings together researchers in
computer science to examine foundational issues in computer security.
For background information about the workshop, and an html version of
this Call for Papers, see the CSFW home page
www.csl.sri.com/csfw/csfw14/. We are interested both in new results
in theories of computer security and also in more exploratory
presentations that examine open questions and raise fundamental
concerns about existing theories. Both papers and panel proposals are
welcome. Possible topics include, but are not limited to:
- access control authentication data and system integrity
- database security network security distributed systems security
- anonymity intrusion detection security for mobile computing
- security protocols security models decidability
issues
- privacy executable content formal methods for
security
- information flow
IFIP/Sec
2001 16th International Conference on Information Security, Paris,
France, June 11-13, 2001. [posted here 10/30/00]
The annual conference devoted to information systems security,
organized by the TC-11 (Technical Committee on Security and
Protection in Information Processing Systems) of IFIP
(International Federation for Information Processing) will be
held on June 11-13, 2001, in Paris, France. The submission
deadline is 31 December 2000. Regular papers, panel proposals
and tutorial proposals should be sent to: ifipsec2001@gemplus.com.
More details on this call for papers can be found on: www.ifip.tu-graz.ac.at/TC11/SEC2001/.
SMC-IAW
2nd Annual IEEE Systems, Man, and Cybernetics Information Assurance Workshop,
United States Military Academy, West Point, New York, USA, June 5-6, 2001.
[posted here 11/22/00]
The purpose of the Information Assurance Workshop is to provide a forum for
discussion and sharing ideas in information assurance. Information assurance is
a broad area, and for purposes of this workshop, it includes the following topics:
Intrusion detection and response; Cryptography and its applications; Data and
information fusion; Computer security; Cyber ethics and policy;
Planning and decision support tools; Military and government research, development,
and application efforts. While this workshop focuses on novel applications of
simulations, agents, artificial intelligence, and operations research techniques
to ensuring the confidentiality, integrity, and availability of information, it
is not limited to these topics. If you are unsure of whether your paper would be
applicable, contact the Program Chair. More information can be found on the
conference web page at
www.itoc.usma.edu/Workshop/2001/Workshop2001.htm
SEEMAS'2001
First International Workshop on
Security of Mobile Multiagent Systems (to be held at the Fifth
International Conference on Autonomous Agents), Montreal, Canada, May 29,
2001. [posted here
1/30/01]
We welcome the submission of papers from the full spectrum of issues associated
with security in mobile multiagent systems, both in the public Internet and
in private networks. We particularly encourage the discussion of the following
topics:
- security policies for agent environments
- security mechanisms that can be implemented by using
(mobile) multiple
agents
- reasoning about security in an agent architecture
- security for agents (against other agents, malicious hosts, and
software failures)
- security for agent hosts (against agent attacks and agent deficiency)
- security through agents (for any form of malfunctioning in the network)
- application of security mechanism in a (mobile) multiagent context
- integration of traditional security mechanisms to the agent realm
- design methodologies for secure (mobile) multiagent systems
More information can be found on the conference web page at www.dfki.de/~kuf/semas/.
NCISSE'2001
Fifth National Colloquium for Information Systems Security Education,
George Mason University, Fairfax, Virginia, USA, May 22-24, 2001.
[posted here 1/9/01]
This colloquium, the fifth in an ongoing annual series,
will bring together leading figures from academia, government, and
industry to address the national need for security and assurance of our
information and communications infrastructure. This goal requires both an
information-literate work force that is aware of its vulnerability as well
as a cadre of information professionals that are knowledgeable of the
recognized "best practices" available in information security
and information assurance. This year the Colloquium
will trace security education and training from its beginning, through the
current state of art, and into the future. The colloquium is
interested in general submissions as well as student participation. The
papers should discuss course or lab development, INFOSEC curricula,
standards, best practices, existing or emerging programs, trends, and
future vision, as well as related issues. This year, we are particularly
interested in addressing "What does a good education in information
security require, and how are we to teach this?" To
answer this question, we are particularly interested in topics such as the
following (although others are also of interest):
* Assessment of need (e.g. how many information
security workers/researchers/faculty are needed?)
* Integrating information assurance topics in
existing graduate or undergraduate curricula
* Experiences with course or laboratory development
* Alignment of curriculum with existing information
assurance education standards
* Emerging programs or centers in information assurance
* Late breaking topics
* Best Practices
* Vision for the Future
Information about the conference, as well as instructions for submitting a
paper are given on the conference web site at
www.infosec.jmu.edu/ncisse/.
First Workshop on Information
Security Systems Rating and Ranking, Williamsburg, Virginia, May 21-23,
2001. [posted here
2/20/01]
After more than 20 years of effort in "security metrics," the
evolution of product evaluation criteria identification, Information
Assurance (IA) quantification, and risk assessment/analysis methodology
development, has led to the widespread need for a single number or digraph rating of the "security goodness" of a component or system.
Computer science has steadily frustrated this need--it has neither
provided generally accepted, reliable measures for rating IT security
nor has it applied any measures for security assurance. The goals of
this workshop are to recap the current thinking on "IA
metrics"
activities and to formulate a path for future work on IA rating/ranking
systems. Topics will include identifying workable successes or
capturing lessons learned from our failures, clarifying what is
measurable, and the addressing the impact of related technology
insertion. The expected workshop result is the determination of
"good"
indicators of the IA posture of a system. The workshop will serve as a
forum for group discussion, with topics determined by the participants.
Submission of a 4-to-5-page position paper is required for workshop
attendance.
For further information, please see: www.acsac.org/measurement
Deadline for submission of papers: March 30, 2001.
S&P'2001
2001 IEEE Symposium on Security and Privacy, Oakland, CA, USA, May 13-16,
2001. [posted here 9/16/00]
Previously unpublished papers offering novel research contributions in
any aspect of computer security or electronic privacy are solicited for
submission to the 2001 symposium. Papers may represent advances in
the theory, design, implementation, analysis, or empirical evaluation
of secure systems, either for general use or for specific application
domains. We particularly welcome papers that help us continue our
re-established emphasis on electronic privacy. Topics of interest
include, but are not limited to, the following:
- Commercial and industrial security
- Electronic privacy
- Mobile code and agent security
-
Distributed systems security
- Network security
- Anonymity
- Data integrity
- Access control and audit
- Information flow
- Security verification
- Viruses and other malicious code
- Security protocols
- Authentication
- Biometrics
- Smartcards
- Electronic commerce
- Intrusion detection
- Database security
- Language-based security
-
Denial of service
The conference may include panel sessions addressing topics of interest to the computer security
community. A continuing feature of the symposium will be a session of 5-minute talks, where attendees can present
preliminary research results or summaries of works published elsewhere.
Complete instructions for submitting papers, panel proposals, and 5-minute
talk abstracts can be found on the conference web page at www.ieee-security.org/TC/sp2001.html.
Eurocrypt'2001
20th Annual Eurocrypt Conference, Innsbruck, Austria, May 6-10,
2001. [posted here
8/13/00]
Original papers on all technical aspects of cryptology
are solicited for submission to Eurocrypt 2001, the 20th Annual Eurocrypt
Conference. It is organized by the International Association for Cryptologic
Research (IACR). See the conference web
page at www.ec2001.ocg.at
for more information.
SACMAT'2001
Sixth ACM Symposium on Access Control Models and Technologies, Chantilly,
VA, USA, May 3-4, 2001. [posted here 3/13/01]
SACMAT 2001 is the successor to the ACM Workshop on Role-Based
Access Control in which the organizers aim to provide a meeting
place for researchers in all facets of access control, including
models, systems, applications, and theory. Historically, access
control research has been published in their respective domains
or as niche work in general security conferences, but this
symposium gives researchers the opportunity to share their
perspectives with others interested in access control in
particular. Details on the program, registration and conference site
can be obtained from the conference web page at www.acm.org/sigsac/sacmat2001.html.
WWW10 The Tenth International World Wide Web Conference, Hong Kong, China.
May 1-5, 2001. [posted here
10/10/00]
Committed to advancing the Web to its full potential in the 21st century, WWW10
will offer a forum for Web researchers and practitioners to define, discuss,
and disseminate the most up-to-date Web techniques and information. Leaders
from industry, academia, and government will present the latest developments
in Web technology. The conference will consist of refereed paper sessions,
panel sessions, a poster track, a W3C track, and several specialized tracks
including Culture, E-commerce on the Web, Law and the Web, Vendors
Track, Web and Education, Web Internationalization, and Web and Society.
A complete list of topics of interest along with instructions for submitting
a paper can be found on the conference web site at
www10.org.
IHW'2001 4th International
Information Hiding Workshop,
Holiday Inn University Center, Pittsburgh, PA, USA, April 25-27, 2001
[posted here 2/26/00]
Many researchers are interested in hiding information or, conversely,
in preventing others from doing so. As the need to protect digital
intellectual property grows ever more urgent, this research is of
increasing interest to both the academic and business communities.
Current research themes include: copyright marking of digital objects,
covert channels in computer systems, detection of hidden information,
subliminal channels in cryptographic protocols, low-probability-of-intercept communications, and various kinds of
anonymity services ranging from steganography through location security
to digital elections. Interested parties are invited to submit papers on
research and
practice which are related to these areas of interest. Further information
can be obtained at chacs.nrl.navy.mil/IHW2001
or by contacting the program chair at ihw@itd.nrl.navy.mil
Ninth Cambridge International Workshop on Security Protocols, Cambridge,
England, April 25-27, 2001. [posted here
1/15/01]
You are invited to consider submitting a position paper to the Ninth
Cambridge International Workshop on Security Protocols.
Attendance is by invitation only, and in order to be
invited you must submit a position paper. This year's theme is
"Mobile Computing vs Immobile Security". This
theme includes (but is not limited to):
- location-dependent authorization
- portable hardware and alien infrastructure
- enforcing foreign security policy
- recognizing ambassadors and malware
- migrating user requirements.
We invite you to consider these issues. As usual, we don't insist
that position papers relate to the current theme in an obvious
way. The only pre-condition is that position
papers should concern some aspect of security
protocols, which may, but need not, involve cryptography. More
information on the workshop and the procedure for submitting a position
paper can be found at homepages.feis.herts.ac.uk/~comqjam/2001SPW-announce.html.
Cryptographic Security
Aspects of Smart Cards and the Internet, April 23-26, 2001, Amsterdam, The
Netherlands. [posted here 3/10/01]
The three and a half day workshop will cover subjects such as Cryptography
for Smart Cards, Network Security, Identity and Authentication and Smart Card
security. An exciting entertainment programme and a half day excursion have
also been planned to enable networking opportunities. To see the preliminary
programme visit www.sci-sec.org where you can register online or call the
SCI-SEC team on +44 (0)1273 515651 or e-mail info@sci-secCryptographic
Security Aspects of Smart Cards and the Internet
OPENARCH'01
The Fourth IEEE Conference on Open Architectures and Network Programming, Hilton Anchorage Hotel, Anchorage, Alaska, April 22-23, 2001.
[posted here 5/29/00]
The Fourth IEEE Conference on Open Architectures and Network
Programming invites participation in this international forum on active, and programmable networks.
Advances in open signaling and control, active networks, mobility management, transportable software, web-based services access, and
distributed systems technologies are driving a reexamination of existing network software architectures and the evolution of control
and management systems away from traditional constrained solutions. OPENARCH 2001 will foster a better understanding of these new network
software architectures and techniques that are making the network interface more flexible and robust.
Authors are invited to submit both full and short papers for consideration. Suggested topics include:
- Advances in active networks
- Open and innovative signaling systems
- Programming abstractions and interfaces for networks
- Service creation platforms
- Programming for mobility
- Programming for Quality of Service
- Intelligent agents and trading
- Distributed computing models and algorithms
- Security in an open object world
- Support for multiple control planes
- Control and resource APIs and object representations
- Performance of control architectures
- Experimental architectures and implementation techniques
- Enabling technologies, platforms and languages
(CORBA, WWW, Java, ...)
- Reliability of programmable networking technologies
- Modeling of network services
- Programmability support for virtual networks
- Interactive multimedia, multi-party cooperation and groupware
- Pricing and real-time billing
- Secure transactions processing and electronic commerce
- Active networks in telephony
OPENARCH is sponsored by the IEEE Communications Society and will be
co-located and organized in conjunction with INFOCOM 2001. Complete
instructions for submissions can be found on the conference web site at www.openarch.org
ICDCS'2001,
21st International Conference on Distributed Computing Systems, Phoenix,
AZ, USA, April 16-19, 2001. [posted here 7/30/00]
You are invited to submit a paper to the 21st International Conference on
Distributed Computing Systems. The conference covers the entire breadth
of distributed computing and is one of the premier conferences in the
area. Note that the call cactus.eas.asu.edu/ICDCS2001/call_for_papers.htm)
includes security topics.
FSE'2001,
Fast Software Encryption Workshop, Yokohama, Japan, April 2-4, 2001.
[posted here 1/2/01]
Fast Software Encryption is a seven-year-old workshop on symmetric
cryptography, including the design and cryptanalysis of block and stream ciphers,
as well as hash functions. More information can be found at the conference
web page at www.venus.dti.ne.jp/~matsui/FSE2001/ .
CaLC
2001 Cryptography and Lattices Conference, Brown University,
Providence, Rhode Island, USA, March 29-30, 2001. [posted here 6/2/00]
The focus of this conference is on all aspects of
lattices as used in cryptography and complexity theory. We hope that
the conference will showcase the current state of lattice theory and
will encourage new research in both the theoretical and the practical
uses of lattices and lattice reduction in the cryptographic arena.
We encourage submission of papers from academia, industry, and other
organizations. Topics of interest include the following, but any paper
broadly connected with the use of lattices in cryptography or complexity
theory will be given serious consideration:
- Lattice reduction methods,
including theory and practical implementation.
- Applications of lattice reduction methods in
cryptography, cryptanalysis and related areas of
algebra and number theory.
- Cryptographic constructions such as public key
cryptosystems and digital signatures based on lattice problems.
- Complexity theory of hard lattice problems
such as SVP and CVP.
- Other lattice related cryptographic
constructions, for example based on cyclotomic
fields, finite group rings, or group representations.
If you want to receive emails with subsequent Calls for Papers and
registration information, please send a brief mail to <jhs@math.brown.edu>.
More information can be found on the conference web site at www.math.brown.edu/~jhs/CALC/CALC.html
DODsec'2001
Fifth Workshop on Distributed Objects and Components Security, Annapolis,
MD, USA, March 26-29, 2001. [posted here 9/12/00]
Building on the success of four previous Distributed Object Computing
Security Workshops, but extending the subject to include
software component servers, the OMG is organizing
this Fifth DOCSec Workshop. Reflecting the emergence
of Components as a critical technology, DOCSec this year means Distributed
Objects and Component Security. The purpose of the workshop remains
the same, though: to bring together DOCSec users, vendors and
specification
developers to share experiences, requirements, and plans. A
complete list of topics of interest along with instructions for
submitting a paper can be found on the workshop web site at
www.omg.org/news/meetings/docsec2001/workshop.htm
ISADS
2001,
The Fifth International Symposium on Autonomous Decentralized Systems,
Dallas, Texas, USA, March 26-28, 2001. [posted here 5/29/00]
Driven by the continuous growth in the power, intelligence and openness of
computer, communication and control technologies, possibilities and opportunities for realizing highly efficient and dependable business and
control systems have been steadily increasing. Dynamically changing social and economic situations demand next-generation systems based on
emerging technologies and applications. Such systems are expected to have the characteristics of living systems composed of largely autonomous and
decentralized components. Such systems are called Autonomous Decentralized
Systems (ADS). While ISADS 2001 will primarily focus on advancements and innovation in
ADS concept, technologies, and applications related to the increasingly important topic of
Electronic Commerce, other themes such as telecommunications and heterogeneous system and application integration
will also be included. The scope of discussions on ADS shall include, but not be limited
to:
* Computer and communication architectures / intelligent network /Internet;
* Heterogeneous distributed information / control systems;
* Mobile agent /computer-supported cooperative works;
* Distributed software development and maintenance;
* Assurance, fault tolerance and on-line expansion;
* Object management architecture /design pattern / application frameworks;
* Emergent control and robotic systems;
* Novel applications: electronic commerce, telecommunications,
information service systems, manufacturing systems, real-time event management, office automation, traffic and
transportation control, logistics systems. See the conference web site at isads.utdallas.edu
for complete instructions on submitting a paper or a proposal for a panel
session.
FME2001
FORMAL METHODS EUROPE Formal Methods for Increasing Software Productivity,
Humboldt-Universitaet zu Berlin, Germany, March 12-16, 2001. [posted here 5/29/00]
FME 2001 is the tenth in a series of symposia organised by Formal Methods Europe, an independent association whose aim is to stimulate
the use of, and research on, formal methods for software development. The theme of FME 2001 is Formal Methods for Increasing Software
Productivity. This theme recognizes that formal methods have the potential to do more for industrial software development than enhance
software quality--they can also increase productivity at many different points in the software life-cycle. The symposium committee is
particularly interested in papers on the use of formal methods to
increase productivity, for example on:
- Codifying domain knowledge
- Re-using components
- Automatically generating code and/or documentation
- Improving the efficiency of software testing
- Enhancing analysis techniques for validation and verification
- Exploiting commonalities within product families
- Improving the maintainability and modifiability of software
- Empirical studies of effects on productivity
The symposium committee solicits full-length papers in two broad
categories:
1. Use of formal methods, including reports on industrial use, substantial
case studies, comparisons among methods, education, and technology transfer.
2. Development of formal methods, including motivating factors, theoretical
foundations, extensions, manual procedures, and tool support.
More information about the submission of papers, tutorial and workshop
proposals, can be found on the conference web site at www.informatik.hu-berlin.de/top/fme2001
NIAP Government-Industry IT Security Forum (following SREIS),
"Strategies for the Development of Security Requirements and
Specifications for Computing and Real-Time Control Systems",
Indianapolis, Indiana, USA, March 7, 2001. [posted here 2/9/01]
The National Institute of Standards and Technology and the
National Security Agency, partners in the National Information
Assurance Partnership (NIAP), invite interested parties to attend
a Government-Industry IT Security Forum to discuss potential public
and private sector strategies for the development of security
requirements and specifications needed for the protection of
government, business and personal computing and real-time control
systems. The primary purpose of the forum is to bring national
attention to the concept of security requirements definition and
its importance in developing a more secure information infrastructure
within the United States. Leaders from government, industry, and
academia will have an opportunity to share their views on the
role of security requirements in the development, testing and
acquisition of commercial products and systems. More information can
be found at niap.nist.gov
or the Purdue CERIAS web site at
www.cerias.purdue.edu/sreis.html.
SREIS
Symposium on Requirements Engineering for Information Security, Purdue
University CERIAS, West Lafayette, Indiana, USA, March 5-6, 2001.
[posted here 7/7/00]
The symposium is intended to provide researchers and practitioners
from various disciplines with a highly interactive forum to discuss
security and privacy-related requirements. Specifically, we encourage
those in the fields of requirements engineering, software engineering,
information systems, information and network security as well as
trusted systems to present their approaches to analyzing, specifying
and testing requirements to increase the level of security provided
to users interacting with pervasive commerce, research and government
systems. Symposium attendance will be limited. All attendees are
encouraged to submit a paper or position statement. Special emphasis
will be placed on attendance by graduate students participating in
PhD study. Some travel and expense scholarships for these students
will be available; preference will be given to students from CERIAS
Affiliate centers and programs. Submissions are encouraged addressing
a range of requirements engineering, security, and privacy issues,
such as:
- Solutions to known RE problems as applied to security and privacy
- Innovative research ideas initiating new research directions
- Industrial problem statements
- Generalizations from individual industrial experiences
- RE for trusted Commercial Off-The-Shelf (COTS) systems
- Empirical studies of industrial RE practice
- Capture and expression of informal and ad hoc requirements
- Managing conflicting requirements of operational effectiveness and
security
- Methods for the specification and analysis of security requirements
- Methods for ensuring compliance between requirements and policies
More information can be found on the symposium web site at
www.cerias.purdue.edu/SREIS.html
FC'01
Fifth International Conference on Financial Cryptography, Grand Cayman, BWI, February 19-22, 2001.
[posted here 9/11/00]
Original papers are solicited on all aspects of financial data security
and digital commerce in general for submission to the Fifth Annual
Conference on Financial Cryptography (FC01). FC01 aims to bring together
persons involved in the financial, legal and data security fields to
foster cooperation and exchange of ideas. Relevant topics include:
Anonymity Protection
Infrastructure Design
Auditability
Legal/ Regulatory Issues
Authentication/Identification
Loyalty Mechanisms
Certification/Authorization
Payments/Micropayments
Commercial Transactions
Privacy Issues
Copyright/ I.P. Management
Risk Management
Digital Cash/ Digital Receipts
Secure Banking
Systems
Economic Implications
Smart Cards
Electronic Purses
Trust Management
Implementations
Watermarking
Full Call for papers available at http://www.syverson.org.
The conference web site is http://fc01.ai
| - certification and time-stamping | - cryptanalysis |
| - comparison and assessment | - discrete logarithm |
| - electronic cash/payments | - elliptic curve cryptography |
| - encryption data formats | - encryption schemes |
| - fast implementation | - integer factorization |
| - international standards | - lattice reduction |
| - provable security | - public key infrastructure |
| - secure electronic commerce | - signature data formats |
| - signcryption schemes |
NDSS'01,
The Internet Society 2001 Network and Distributed System Security
Symposium, Catamaran Resort, San Diego, California, February 7-9, 2001. [posted here 5/10/00]
This symposium will foster information exchange among researchers and practioners of network and distributed system security services. The
intended audience includes those who are interested in the practical
aspects of network and distributed system security, focusing on actual
system design and implementation, rather than theory. A major goal of
the symposium is to encourage and enable the Internet community to apply,
deploy, and advance
the state of available security technology. The proceedings of the
symposium will be published by the Internet Society. The Program
Committee
invites both technical papers and panel proposals. Submissions are
solicited
for, but are not limited to, the following topics:
* Secure Electronic Commerce.
* Intellectual Property Protection.
* Network security policies.
* Integrating Security in Internet protocols.
* Attack-resistant protocols and services.
* Special problems and case studies.
* Security for collaborative applications and services.
* Fundamental security services.
* Supporting mechanisms and APIs.
* Integrating security services with system and application security facilities and protocols.
* Security for emerging technologies.
* Intrusion Avoidance, Detection, and Response.
* Network Perimeter Controls.
* Virtual Private Networks.
Submissions must be received by August 2, 2000. Complete submission
information can be found at www.isoc.org/ndss01/cfp. Dates,
final call for papers, advance program, and registration information are
available
at www.isoc.org/ndss01.
PRDC
2000 Pacific Rim International Symposium on Dependable Computing,
University of California at Los Angeles (UCLA), December 18-20,
2000. [posted here 5/29/00]
The Pacific Rim International Symposium on Dependable Computing (PRDC) is a symposium for dissemination of state-of-the-art research and
engineering practice in dependable computing with particular emphasis on systems
and software. This will be the seventh of this series of international symposia, and it
comes at a fortuitous time when many computer industries are recognizing
dependability to be one of their top problems due to the demands of the Internet.
Topics of interest include (but are not limited to):
- Design for system dependability
- Fault-tolerant systems and software
- Fault tolerance for parallel and distributed systems
- Software and hardware reliability, verification and testing
- Dependability measurement, modeling and evaluation
- Safety and security of computing systems
- Tools for design and evaluation of dependable systems
- Implications of emerging technologies on dependable system
design (e.g., deep submicron VLSI, pervasive computing)
- Application-specific dependable system (e.g., embedded systems, WWW servers, transaction
processing)
More information can be found on the conference web
site at www.cs.ucla.edu/PRDC2000/
HiPC'2000,
7th IEEE International Conference on High Performance Computing, special
session on performance modeling of mobile telecommunication networks,
December 17-20, 2000, Bangalore, India. [posted here
4/22/00]
The objective of this session is to bring together technologists and researchers
of international reputation to have a forum for discussions and presentations
of their state-of-the-art work in all aspects of wireless communications and
mobile computing, with particular emphasis on performance modeling and analysis
of mobile communications capability. Authors are invited to submit original unpublished manuscripts for a special
session on Mobile Computing. Topics of interest include (but not limited to):
* Performance modeling of wireless networks (PCS, Ad hoc, Satellite
Networks)
* Mobility, data, resource management, and scheduling issues in
wireless and mobile networks
* Mobile applications and tools for distributed databases
* Wireless Internet and WWW, simulation of wireless networks
* Mobile Agents
* Quality-of-service (QoS) provisioning
* Wireless multimedia systems
* Routing and location independent information access
* Parallel Simulation of large scale wireless systems
* Security, scalability and reliability for mobile/wireless
systems
* Architectures of mobile/wireless networks and systems
* Traffic integration for mobile applications
* Design and analysis of algorithms for mobile environments
* Influence of lower layers on the design and performance of
higher layers
* Scalable Servers Wireless Mobile Computing
Complete submission instructions are given on the
conference web page at:
www.hipc.org
ADCOM 2000, 8th
International Conference on Advanced Computing and Communications, Cochin,
India, December 14-16, 2000.
[posted here 4/22/00]
The annual conference of ACS is intended to provide a forum for
interaction amongst industry, professionals, researchers and government policy
planners with a view to sharing ideas, report findings, discuss products
and define future directions. The topics of interest include,
but are not limited to:
*High speed networks
* Parallel, distributed and networked computing
* Web based computing
* Business computing
* Parallel and distributed databases and data warehousing
* EDI and e-commerce
* Multimedia systems
* High performance graphics, visualization and virtual reality
* Secure computing
More information can be found on the conference web page
at: www.adcom2000.homepage.com/
FSTTCS 2000
The 20th Conference on the Foundations of Software Technology and
Theoretical Computer Science, New Delhi, India, December 13-15,
2000. [posted here 5/29/2000]
This annual conference provides a platform for presentation of original research results in
fundamental aspects of computer science. It also provides an excellent forum for meeting and exchanging ideas with people who are
at the frontline of software technology and theoretical computer science.
The Conference Proceedings will be published by Springer-Verlag in the series Lecture Notes in Computer
Science (LNCS). Previous proceedings appeared as LNCS Volumes: 880, 1026, 1180, 1346, 1530, 1738.
A list of topics of interest along with detailed instructions for
submitting a paper can be found at the conference web site at www.cse.iitd.ernet.in/~fsttcs20/
ACSAC, 16th
Annual Computer Security Applications Conference, Sheraton Hotel, New Orleans,
Louisiana, USA, December 11-15, 2000. [posted here 3/14/00]
[update 9/30/00: The advance program has been published
at www.acsac.org. This year’s
distinguished speaker is Dr. Eugene H. Spafford, and the invited
essayist is Dr Butler Lampson.]
The following topic areas are of potential interest to ACSAC.
Internet technologies
Intrusion detection and response / audit and audit reduction
Mobile computing
Network management and smart card
applications
Electronic commerce
Incident response planning -
governmental and other perspectives
Legal and ethical concerns over
protecting intellectual property
New paradigms for protecting electronic
intellectual capital
Software safety and program correctness
Crypto, key management, and digital
signature applications
Security in health care and law
enforcement
Defensive information warfare
Securing very high-speed
telecommunications (e.g., ATM)
We encourage technical papers that relate to any of the above topics or other applications of computer security. Papers will be refereed prior to selection and one author will be expected to present at the conference. Format of submission is explained on our web site: www.acsac.org/sub/PaperSubmission.html. Student papers can compete for best paper prizes and student conference scholarships are also provided. Panel discussions are always an important part of the conference since they promote a lively dialogue with all attendees and the panel members. Be sure to see our discussion page at members.boardhost.com/ACSACPanels/ If you have an idea for a panel or forum, see our web site for details: www.acsac.org/sub/panels/PanelsFora.html Again this year we will have a track devoted to actual applications where real world problems have been solved. Vendors, systems integrators, and users can share knowledge and we will also have a display area to complement this portion of the conference. For details, see our web site: www.acsac.org/sub/casestudies.html. Tutorials are either full day (6instruction hours) or half day (3 instruction hours). For details, see our web page at www.acsac.org/sub/tutorials/tutsub.html Got a question? See the FAQ on our web page at www.acsac.org, or email Publicity_Chair@acsac.org.
INDOCRYPT'2000,
First International Conference on Cryptology in India, Indian Statistical Institute,
Calcutta, India, December 10-13, 2000. (Submissions due: August 10, 2000)
[posted here 3/4/00]
Original papers on all technical aspects of cryptology are
solicited. Please see the conference web page at www.isical.ac.in/~indocryptr
for paper submission details.
Privacy'2000
Information & Security in the Digital Age, Ohio
Supercomputer Center, Columbus, Ohio, USA, November 29, 2000.
[posted here: 3/4/00].
The Technology Policy Group at the Ohio Supercomputer Center will be
hosting a conference entitled Information & Security in the Digital Age. Privacy2000 is a follow-up to last year's groundbreaking Ohio Business Privacy Forum, the
inaugural event in the TPG's Technology in Business Series (see www.osc.edu/techseries/
for information on the 1999 conference). Expected speakers include Professor
Peter P. Swire, Chief Counselor of Privacy for the Office of Management and
Budget for the United States; Jason Catlett, President Junkbusters; in addition, we are putting together a moderated roundtable to be televised on
public television. Through interactive workshops and panels, we seek to inform business,
industry, medical and legal personal, government, and the public on vital privacy issues and possible solutions. We expect this year's attendance to
be between 250-300. For more information, contact Mike Zandpour at Zandpour@osc.edu
(614-92-6477).
ICNP'2000
The Eighth International Conference on Network Protocols, Osaka, Japan,
November 14-17, 2000. [posted here 7/30/00]
ICNP deals with all aspects of communication protocols, from design and specification, to verification, testing, performance
analysis, and implementation. Protocol functions of interest include network
access, switching, routing, flow and congestion control, multimedia transport,
wireless and mobile networks, network security, web protocols and applications,
electronic commerce, network management, interoperability, internetworking,
home computing and networks and digital broadcasting. See the
conference web page at www-ana.ics.es.osaka-u.ac.jp/icnp2000/ for more
information.
LCN'2000
The 25th Annual IEEE Conference on Local Computer Networks, Tampa, FL,
USA, November 8-10, 2000. [posted here 7/30/00]
The IEEE LCN conference is the premier conference on leading edge and
practical computer networking. The emphasis of this conference is on practical solutions to important problems in computer networking.
Topics of interest include: Local Area Networks, Home Networks,
Wireless Networks, Storage Area Networks, Optical Networks, Real-time Networks, Active Networks, ATM, Gigabit Ethernet, LAN/WAN Internetworking, DSL Technologies, Network Management, Network Security, Network Reliability, Multicasting, Enabling QoS in
High-Speed Networks, Always On / Always Connected, Internet / Intranet, Anything-over-IP, IP-over-Anything, Performance Evaluation,
and Protocol Design and Validation. More information can be
found on the conference web page at www.ieeelcn.org.
NGC2000
The 2nd International Workshop on Networked Group Communication, Stanford University,
Palo Alto, California, USA, November 8-10, 2000. [posted here 5/29/2000]
The aim of the Workshop is to allow researchers and practioners to present the design and implementation techniques for networked group
communication. The focus of the Workshop is strictly on multicast and networked group
communication. This Workshop is the second and only international event in this area (first workshop was in Pisa, Italy,
in November 1999). Authors are invited to submit papers on any issue related to networked group communication,
including but not limited to:
- multicast congestion control
- multicast routing, naming, address allocation
- scalability in multicast services
- reliable and semi-reliable multicast protocols
- novel multicast architectures
- multicast security
- multicast deployment related issues
- multicast over heterogeneous media
- multipeer applications (distributed interactive apps, games,
DIS)
- QoS issues with multicast
- Pricing and economic model for multicast traffic
- group management techniques
- network engineering for multicast services
Information on submission of papers, along with additional information on the conference can be
found at the conference web site at www.cs.ucsb.edu/ngc2000
WSPEC'00,
1st Workshop on Security and Privacy in E-Commerce, November 4,
2000, Athens, Greece. Held in conjunction with the ACM Conference on
Computers and Communications Security (ACM-CCS'00) [posted here 3/20/00]
The First Workshop on Security and Privacy in E-Commerce seeks to bring
together practitioners and researchers to address the real-world security and privacy concerns in e-commerce. We are seeking contributions on topics
in security and privacy that will enable the e-commerce systems of tomorrow
to be developed more securely and robustly without compromising individual
privacy rights. The workshop will focus on group discussion and collaboration in identifying the important problems and potential solutions
in this important topic area. We are seeking research papers, business case studies, or system designs that
address security and privacy concerns. Topics of interest include:
* anonymizing e-commerce/Web transactions
* component-based software in e-commerce
* databases access control
* denial of service attacks and countermeasures
* detecting anomalous database transactions
* detection and recovery from Internet-based attacks
* e-commerce protocols
* e-commerce systems
* Internet client risks
* malicious software or Trojan functionality
* mobile agents in e-commerce
* novel attacks and countermeasures
* privacy negotiation/bartering
* privacy risks with cookies/tokens/identifiers
* software analysis and certification.
See www.rstcorp.com/conferences/WSPEC00/ for
the official Call For Papers.
AMOC 2000,
Asian International Mobile Computing Conference, Penang, Malaysia,
November 1-3, 2000.
[posted here 11/17/99]
This conference will provide a platform for researchers and experts
primarily from the Asian region to meet and discuss current issues
in this field. The focus on Asia is important because there are
unique regional issues not given attention in typical international
conferences, where technological issues in developed nations receive
centre stage. These unique issues include different infrastructural
and economic requirements; the effect of a more diverse
socio-economic environment on technological specifications; the
wider-ranging impact of wireless communication in rural areas and
the great interest in the rapid deployment of cutting edge technology
due to the high progress rate of technological implementation in
many Asian countries. A complete list of topics and guidelines for
submissions is given on the conference web site at
www.fsktm.um.edu.my/amoc/, or send email to amoc-submission@fsktm.um.edu.my.
CCS-2000,
7th ACM Conference on Computer and Communication Security, November 1-4,
2000, Athens, Greece. [posted here
11/11/99]
for submission to the 7th ACM Conference on
Computer and Communication Security. Papers may present theory, technique,
applications, or practical experiences on topics including:
| *Database Security | *Authentication and key management | |
| *New threats and attacks | *Authorization, access control, audit | |
| *Privacy and anonymity | *Cryptographic algorithms, protocols | |
| *Steganography, watermarking | *New security architectures | |
| *Secure electronic commerce | *Intrusion detection and response | |
| *Security evaluation | *Licensing and intellectual property | |
| *Security education | *Malicious code and countermeasures |
Details on instructions for papers and panel proposals can be obtained from www.ccs2000.org (USA Mirror site: cimic.rutgers.edu/~atluri/ccs.html) or from Sushil Jajodia (jajodia@gmu.edu)
ACM-MM'2000
Eighth ACM International Multimedia Conference, Los Angeles, CA, USA,
October 30-November 3, 2000.
[posted here 7/30/00]
Technical issues, theory and practice, artistic and consumer innovations will bring together researchers, artists,
developers, educators, performers, and practitioners of multimedia. The technical program will consist of plenary sessions and talks with
topics of general interest in three main tracks: (1) multimedia processing and coding, including multimedia content analysis,
content-based multimedia retrieval, multimedia security, audio/image/video
processing, compression, etc., (2) multimedia system support and networking, including network protocols,
Internet, operating systems, middleware, servers, QoS, databases, thin clients,
etc., (3) multimedia tools, end-systems and applications, including hypermedia
systems, user interfaces, authoring, multi-modal interaction and integration,
multimedia education, design and applications of virtual environments, etc.
In addition to technical papers, there will be panel sessions,
demonstrations, tutorials, and poster sessions. For complete
information on the workshop, see the conference web site at www.acm.org/sigmm/MM2000
or contact one of the general chairs: Shahram Ghandeharizadeh (shahram@usc.edu),
Shih-Fu Chang (sfchang@ctr.columbia.edu).
Safecomp'2000
Rotterdam, the Netherlands, October 24-27, 2000.
[posted here 7/30/00]
Safecomp is an annual 2.5 days-event reviewing the state of the art, experiences and
new trends in the areas of computer safety, reliability and security regarding dependable applications of computer
systems. Safecomp focuses on critical computer applications. It is
intended to be a platform for technology transfer between academia, industry and research institutions. Papers are
invited on all aspects of computer systems in which safety, reliability and security are important. Industrial sectors
include, but are not restricted to medical devices, avionics, space industry, railway and road transportation, process
industry, automotive industry, power plants and nuclear power plants.
More information can be found on the conference web page at www.wtm.tudelft.nl/vk/safecomp2000/
| ISW'2000,
Third IEEE Information Survivability Workshop, Boston, MA, USA, October
24-26, 2000. [posted here 8/2/00] The Information Survivability Workshops provide a forum for researchers, practitioners, and sponsors to discuss problems associated with the survivability of mission-critical systems, and to identify solutions to these problems. A primary goal of the workshops is to identify and highlight new survivability research ideas that can contribute to the protection of critical infrastructures and critical applications. Another important goal is to foster research collaboration to improve the survivability of systems that support our global information society. Participation in the workshop is BY INVITATION ONLY, based on the submission of a short position paper (of up to 4 pages in length). The position paper should clearly indicate how the background or interests of the author(s) would contribute to the goals of the workshop. We are especially interested in submissions that either: (a) summarize new research results, (b) describe dependability and fault-tolerance approaches for enhancing survivability, (c) summarize case studies or experience with critical applications, or (d) document relevant policy or other approaches (such as insurance) that contribute to the survivability of critical applications. A complete list of topics of interest and instructions for submitting a position paper are given on the conference web site at www.cert.org/research/isw2000/cfp.html, or you may contact the workshop organizers at isw-2000@cert.org. |
OSDI'2000
Fourth Symposium on Operating System Design and Implementation, San Diego,
CA, USA, October 23-25, 2000.
[posted here 7/30/00]
Co-sponsored by IEEE TCOS and ACM SIGOPS. The goal of the fourth OSDI is to present
innovative, exciting work in the systems area. OSDI brings together professionals from academic
and industrial backgrounds and has become a premiere forum for discussing the
design, implementation, and implications of systems software. OSDI takes a broad view of what the
systems area encompasses and seeks contributions from all fields of systems practice, including:
operating systems, networking, distributed systems, parallel systems, mobile systems,
embedded systems, and the influence of hardware developments on systems and vice-versa.
For more information, see the symposium Web site,
www.usenix.org/events/osdi2000/, or
e-mail osdi2000chairs@usenix.org.
PROMS2000
Protocols for Multimedia Systems, Cracow, Poland, October 22-25, 2000.
[posted here 5/29/00]
The PROMS2000 conference is intended to contribute to a scientific,
strategical and practical cooperation between research institutes and industrial companies in the area of distributed multimedia applications,
protocols, and intelligent management tools, with emphasis on their provision over broadband networks.
An extensive list of topics of interest, along with instructions for
submitting a paper, can be found on the conference web page at PROMS2000.kt.agh.edu.pl/
Mathematical Sciences Research Institute Number-Theoretic
Cryptography Workshop, Berkeley, CA, USA, October 16-20, 2000.
[posted here: 7/30/00].
Organizers: Eric Bach, Dan Boneh, Cynthia Dwork, Shafi
Goldwasser, Kevin McCurley, and Carl Pomerance.
This workshop will focus on number-theoretic aspects of cryptography, and will be
cross-cultural, where the the cultures in question are ``mathematics'' and ``computer science. ''
We will be sufficiently flexible to accommodate anything exciting that arises between now and the fall of 2000, so any plans are
tentative. We will have several survey talks on the state of the
art of such central topics to number theory in cryptography as: integer factorization,
discrete logarithm algorithms, and elliptic curves. From the computer science side, we will survey:
positive applications of lattices to cryptography, lattice basis reduction techniques for
cryptanalysis, and "new'' number-theoretic assumptions in vogue in 2000.
A final survey talk will discuss two historical tracks that met in 1998: practical cryptosystems
(RSA, El-Gamal, OAEP, and Cramer-Shoup), and the theory that lead to increasingly stronger
notions of security and cryptosystems satisfying these notions (Goldwasser and Micali's construction for semantic security, Naor
and Yung's construction for chosen-ciphertext security in the pre-processing mode,
Dolev, Dwork and Naor's construction for
non-malleability against chosen-ciphertext in the post-processing mode, and
Cramer-Shoup's efficient non-malleable cca-post construction). The program committee for the cryptography conference is: Eric Bach, Dan
Boneh, Cynthia Dwork, Shafi Goldwasser, Kevin McCurley, and Carl Pomerance.
Additional information about the conference and registration can be found
at /www.msri.org/calendar/workshops/0001/Algorithmic_Number_Theory/number/
IC3N'2000,
Ninth International Conference on Computer Communications and Networks,
Las Vegas, Nevada, USA, October 16-18, 2000.
[posted here: 7/30/00].
ICCCN is a major international forum to present original and fundamental
advances in the field of Computer Communications and Networks. It also serves to foster communication among researchers and practitioners working
in a wide variety of scientific areas with a common interest in improving Computer Communications and Networks.
Topics of interest include:
* Optical Communication Networks Wireless/Mobile/Satellite Comm Networks
* ATM Networking Internet Services/Applications
* Wireless Multimedia Applications Real-time Communications
* Quality of Services (QoS) Issues LAN/WAN Internetworking
* Network Interoperability Personal Communication Services
* Network Control Management Broadband Networks
* Intelligent Networks Multicast and Routing Protocols
* Network Security Media Access Control/Mobility Algorithms
* Network Reliability High Speed Network
OAM/Protocols
* Video-on-Demand Data Traffic Engineering
* Network Management/Billing Global Infrastructure Network Evolution
* Network Processor Technology Performance Modeling/Analysis
* Communication Software Protocol Design/Validation/Testing
* Networked Databases Network Architectures
* Terabit optical switching/routing architectures and signaling
More information can be found on the conference web site at icccn.cstp.umkc.edu.
NORDSEC'2000,
Fifth Nordic Workshop on Secure IT Systems - Encouraging Cooperation,
Reykjavik, Iceland, October 12-13, 2000. [posted here 3/14/00]
The NORDSEC workshops were started in 1996 with the aim
to bring together researchers and practitioners within IT security in the
Nordic countries. These workshops have remained a forum for co-operation
between the Nordic research organizations, industry and the computer
societies. The emphasis of the workshop is to encourage interchange and
cooperation between the research community and the industrial and software
development community. The theme of the workshop is applied security,
i.e., all kinds of security issues for all kinds of information technology
systems. We are in particular looking for contributions that deal with
technology transfer and application of research in development.
Furthermore, this year's NORDSEC will look more specifically at several
Special Topics that are closely related to Computer Security, but are not
often discussed in the same forum: Software Engineering, Virus Protection,
and Privacy Protection. Details are to be found on the conference website
at www.ru.is/nordsec2000/
SOFTCOM'2000,
Eighth International Conference on Software, Telecommunications and
Computer Networks (co-sponsored by the IEEE Communications Society), held
aboard the luxury ship "Marko Polo", October 10-14, 2000.
[posted here 7/30/00].
SoftCOM 2000 provides an open forum for communication technology
researchers and engineers to discuss new and emerging systems, standards
and services, and their applications in telecommunication and information
systems. Topics to be addressed include, but are not limited to the
following:
* Telecommunication Software Production, Tools, Evaluation and Languages
* Object and Component Technologies in Telecommunication Software
* Telecommunication Services Design and QoS
* Internet Environments and Service
* IP Based Networks and Services
* High-Speed Protocols and Networks
* Wireless Communications
* Multimedia Systems and Services
* Computer Telephone Integration
* Information Security
* AI and Recognition Methods
* Virtual Environments
* Computer Methods in Biomedicine
* Electromagnetic Compatibility
More information can be found on the conference web site
at www.fesb.hr/SoftCOM/2000/NS/Call_For_Papers.htm
DISC'2000,
14th International Symposium on DIStributed Computing, Toledo, Spain, October 4-6, 2000.
[posted
here January 27, 2000].
Original contributions to theory, design, analysis, implementation, or application of distributed systems and networks are solicited. Topics of
interest include, but are not limited to: distributed algorithms and their
complexity, fault-tolerance of distributed systems, consistency conditions,
concurrency control, and synchronization, multiprocessor/cluster architectures
and algorithms, cryptographic and security protocols for distributed systems,
distributed operating systems, distributed computing issues on the internet and
the web , distributed systems management, distributed applications, such as
databases, mobile agents, and electronic commerce, communication network architectures and protocols, specification, semantics, and verification of
distributed systems. A "brief announcement track" has been
set up for ongoing work for which full papers are not ready yet or recent results
published elsewhere are suitable for submission as brief announcements.
More information on submissions can be found at the conference web page at
is available at www.disc2000.org/
ECC'2000
The 4th Workshop on Elliptic Curve Cryptography, University of Essen, Essen,
Germany, October 4-6, 2000.
[posted here: 3/4/00].
ECC' 2000 is the fourth in a series of annual workshops dedicated to the
study of elliptic curve cryptography and related areas. The main themes of ECC'2000 will be:
* The discrete logarithm and elliptic curve discrete logarithm problems.
* Provably secure discrete log-based cryptographic protocols for
encryption, signatures and key agreement.
* Efficient software and hardware implementation of elliptic curve
cryptosystems.
* Deployment of elliptic curve cryptography.
There will be approximately 15 invited lectures (and no contributed talks), with the remaining time used for informal discussions. There
will be both survey lectures as well as lectures on latest research developments.
A list of confirmed speakers can be found on the conference web page (see
below). If you did not receive this announcement by email and would like to be added to the mailing list for the second
announcement, please send email to ecc2000@math.uwaterloo.ca. The announcements are also available from the web sites:
www.cacr.math.uwaterloo.ca
and www.exp-math.uni-essen.de/~galbra/ecc2000.html
ESORICS 2000,
6th European Symposium on Research in Computer
Security Toulouse, France, October 4-6, 2000. [posted here 11/4//99]
We solicit papers describing original ideas and new results on
the foundations and applications of computer security. The primary
focus is on high-quality original unpublished research, case studies
and implementation experiences. We encourage submissions of papers
discussing industrial research and development. Suggested topics
include but are not limited to:
|
* Distributed Systems |
* Theoretical Foundations of Security |
|
|
* Operating Systems Security |
* Telecom. and High Speed Network Security |
|
|
* Network Security |
* Security and mobile systems |
|
|
* Internet Security |
* Security in Data and Knowledge Bases |
|
|
* Electronic Commerce |
* Development of Secure Systems |
|
|
* Security of small systems |
* Management of Secure Systems |
|
|
* Intellectual Property Protection |
* Multimedia and Digital Libraries |
|
|
* Security Evaluation |
* Security versus other Requirements |
|
|
* New applications of Cryptography |
Details on submissions of papers and panel proposals and other information available at www.cert.fr/esorics2000/ and from Frederic.Cuppens@cert.fr .
RAID' 2000
Third International Workshop on the Recent Advances in Intrusion Detection
(in conjunction with ESORICS 2000), Toulouse, France, October 2-4, 2000.
[posted here February 7, 2000]
This workshop, the third in an ongoing annual series, will bring together
leading figures from academia, government, and industry to discuss
state-of-the-art intrusion detection technologies and issues from
the research and commercial perspectives. RAID 2000 will welcome full
papers in addition to extended abstracts and panel proposals, and has
organized peer review to publish hardcopy proceedings. Regarding
paper submissions, submissions to RAID 2000 can be
either a full-length paper or an extended abstract.
Full papers are intended for the presentation of
mature research results, while extended abstracts are intended
for work-in-progress presentations. It is expected that more time
will be allocated to full paper presentations. Panel submissions are
also sought in the same areas. This year, we are emphasizing the following
topic areas (see the workshop web page for a more detailed list):
| * Assessing, measuring and classifying intrusion-detection systems | |
| * IDS in High Performance and Real-Time Environments | |
| * Vulnerabilities and Attacks | |
| * IDS Integration | |
| * Innovative Approaches | |
| * Practical Considerations |
ISSE'
2000, Barcelona, September 27-29, 2000. [posted here 1/27/00].
ISSE is the European institution for the presentation and discussion of
technical, organizational, legal and political concepts for information security and data protection.
The conference provides presentations and panel discussions about existing
and future information security solutions for large scale corporations, enterprises, especially
SMEs, commerce, financial & public sector,
healthcare, legal practitioners and security professionals. An
extensive list of topics and submission instructions are given in the full
call-for-papers.
Workshop on Telecommunications Security, The University of Tulsa,
Tulsa, Oklahoma, USA, September 27-28, 2000. [posted here 6/9/00]
The purpose of the workshop is to identify the security issues and solutions emerging as
telecommunications and information networks converge and support telephony and data
services. Of particular interest are issues related to convergence, the Next Generation
Network, active networks, voice over Internet Protocol (IP), unified messaging systems,
multi-service networks, and universal broadband access. The workshop will integrate the
needs of the industry, the current state of research in academia, and the relevant
government research programs. Presentations are solicited in three areas:
1.How will the telecommunications world change and what security issues will arise?
2.What is the state of current telephony security research?
3.What is the appropriate role of government in addressing these problems?
Industry representatives are encouraged to submit position papers on their view of the
emerging public and private infrastructures and any proposed architectures, especially
security architectures, to provide services over those infrastructures. Descriptions of
current and future security threats, vulnerabilities, and requirements are encouraged.
Academic representatives are encouraged to submit papers of their current security
research in public and private telecommunications networks. Of particular interest are the
areas of fraud prevention, intrusion detection, availability solutions, privacy, and secure
management schemes. Differences between security issues and solutions for emerging telecommunications
networks, computer data-oriented and infrastructure operations networks should be
emphasized. This is a self-supporting workshop, and each attendee's (including speakers)
organization is expected to provide the necessary support for attendance. All attendees
are expected to participate in the discussions and presentations. There will be relatively
few slots available for those who are not presenting. For additional information on submissions ,
please call Dr. Paul Brusil at 978-922-6586 or visit niap.nist.gov/telecomm/
EDOC'2000 Fourth
International Enterprise Distributed Object Computing Conference, Makuhari,
Japan, September 25-28, 2000 [posted here 7/30/00]
The goal of EDOC 2000 is to provide a forum for leading researchers and
industry experts to discuss problems, solutions, and experiences in meeting
practical enterprise computing needs. EDOC 2000 will include industrial experience sessions for which practitioners are encouraged to submit
experience reports stating the problems addressed, methods used, results and
lessons learned. EDOC 2000 addresses generic issues relating to the context in which
enterprise systems are built and deployed as well as the distributed object and
component technologies needed to deploy systems for specific application domains. EDOC 2000 encourages submissions on applications and industry
experience in such domains as electronic commerce, enterprise application integration, supply-chain management, and web-based distributed applications.
More information can be found on the conference web site at www.iijima.ae.keio.ac.jp/edoc/cfp.html
or send email to edoc-info@soft.flab.fujitsu.co.jp.
WISAC
Workshop on Innovations in Strong Access Control, Monterey, California,
September 25-27, 2000 [posted here 6/16/00]
WISAC is an invitational workshop whose goal is to increase the understanding of the different communities with an interest in
Strong Access Control (SAC) technology; to develop statements of requirements for communities by bringing together customers with
a need for SAC solutions with vendors, developers and researchers; and to determine the next steps for
growth of SAC technology. WISAC is an invitational workshop. This format has been selected
to keep the workshop size down and to keep the discussions focused. To request an invitation, please
submit (by 11:59 PM PDT, Monday, June 26, 2000) a description of your organization and
its involvement with or needs for information technology for security policy enforcement to
faigin@aero.org. Please mark this submission clearly as WISAC
RFI. More information can be found at the workshop web page at
cisr.nps.navy.mil/events/WISAC/WISAC_index.html
CARDIS 2000,
IFIP CARDIS 2000 Fourth Smart Card Research and Advanced
Application Conference HP Labs, Bristol, UK, September
20-22, 2000. [posted here: 11/8/99].
Smart cards or IC cards offer a huge potential for information
processing purposes. The portability and processing power of IC
cards allow for highly secure conditional access and reliable
distributed information systems. The research challenges range
from electrical engineering on the hardware side to tailor-made
cryptographic applications on the software side, and their
synergies. The CARDIS conferences aim to bring together researchers
who are active in all aspects of design of IC cards and related
devices and environment, such as to stimulate synergy between
different research communities and to offer a platform for
presenting the latest research advances. Additional information
at www.cardis.org.
PKS' 2000
Catch the Perfect Wave of the New Mobile World, San Jose, CA, USA,
September 19-21, 2000. [posted here 7/30/00]
PKS 2000 is a forum where developers, security architects, product
managers and business leaders will learn about and discuss such topics as:
What new business opportunities will arise from the convergence of
wireless voice communication, remote data access and the Internet? Which of the emerging standards and protocols will drive the next
generation wireless data systems and services? How are powerful new
public-key systems, such as the Elliptic Curve Cryptosystem, facilitating the new world of wireless/mobile
e-business? See the conference web site at www.certicom.org/sitemap_frames/news_pks_fs.html
for more information the presentation topics.
NSPW' 2000
New Security Paradigms Workshop 2000, Ballycotton,
County Cork, Ireland, September 19-21, 2000. [posted here
1/27/00]
For eight years, the New
Security Paradigms Workshop has provided a productive and highly
interactive forum in which innovative new approaches (and some radical
older approaches) to computer security have been offered, explored,
refined, and published. The workshop offers a constructive environment
where experienced researchers and practitioners work alongside newer
participants in the field. The result is a unique opportunity to
exchange ideas. Because these are new
paradigms, we cannot predict what subjects will be covered. Any paper that
presents a significant shift in thinking about difficult security issues
or builds on a previous shift will be welcomed. To participate, please submit your paper, justification,
and attendance statement, preferably via e-mail, to both Program Chairs --
Cristina Serban (cserban@att.com) and Brenda Timmerman (btimmer@ecs.csun.edu)
-- by Friday, March 31, 2000 (hardcopy submissions must be received by
Friday, March 24, 2000). Further details on the required format of
submissions are available on the NSPW web site at
www.nspw.org/
| International School on
Foundations of Security Analysis and Design, September 18-30, 2000,
Bertinoro,
Italy.
The school covers two weeks (from Monday 18 to Saturday 30, September 2000)and alternates four lecturers per week on monographic courses of about 6/8 hours each. Saturdays are reserved for presentations given by those participants that intend to take advantage of the audience for discussing their current research in the area. The school is organised at the Centro Residenziale Universitario of the University of Bologna, situated in Bertinoro, a small village on a scenic hill with a wonderful panorama, in between Forli' and Cesena (about 50 miles south-east of Bologna, 15 miles from the Adriatic sea). The school offers eight main courses, each composed of 3/4 seminars (on different days), each seminar of 2 hours. In alphabetic order, the lecturers of the eight main courses are the following: Li Gong (Javasoft - Sun Microsystems, Palo Alto), Java Security; Andrew D. Gordon (Microsoft Research, Cambridge) Process Calculi for Security and Mobility; Roberto Gorrieri (University of Bologna)Classification of Security Properties; Joshua Guttman (Mitre, Bedford) Security Goals: Packet trajectories and strand spaces; Peter Ryan (SRI, Cambridge) Mathematical Models of Computer Security; Pierangela Samarati (University of Milano)Access Control: Policies, Models, Architectures and Mechanisms; Paul Syverson (Naval Research Lab, Washington) The Logic of Security Protocols; Moti Yung (CertCo Inc., New York)Cryptographic Technology and Protocols in E-Commerce. Further short courses will be given by: Carlo Blundo (Univ. of Salerno)Introduction to Cryptography; Luigia Carlucci Aiello and Fabio Massacci (Univ. of Roma "La Sapienza")Planning, Logic Programs and Security Protocols; Pierpaolo Degano (Univ. of Pisa)Control Flow Analysis for security; Rocco De Nicola (Univ. of Firenze) Testing for spi Processes; Fausto Giunchiglia (Univ. of Trento)Model Checking Using a Logic of Belief;- Roberto Segala (Univ. of Bologna) Applied Cryptography. More information can be foune on the course web page at www.cs.unibo.it/~gorrieri/fosad. |
Biometric
Consortium 2000 Conference "Biometric Technologies...Emerging into
the Mainstream", NIST, Gaithersburg, MD, USA, September
13-14, 2000. [posted here 8/ 2/00]
Some of the topics that will be examined include:
- What are the technological issues and challenges looming ahead?
- What are the user requirements?
- What standards are available or are being developed?
- How is interoperability achieved?
- How assurance is achieved?
-What novel applications of biometrics does the industry envision for secure personal authentication and identification?
More information on the conference can be found at www.nist.gov/bc2000, or contact Fernando L. Podio of the Information Technology Laboratory of NIST at bc2000@biometrics.org or at (301) 975-2947.
ASA/MA 2000
Second International Symposium on Agent Systems and Applications, Fourth International Symposium on Mobile Agents,
ETH Zurich, Switzerland, September 13-15, 2000. [posted here
1/ 27/00]
Areas of interest are: agent applications, agent systems, multi-agent systems,
mobile agents, and mobile code. Possible topics include: development tools, security, scalability, fault
tolerance, communication, collaboration and coordination, languages, standards, design patterns, applications in mobile computing and wireless
networks, applications in electronic markets and commerce, applications in active networks, market-based control, resource management, agent
societies and ensembles, World-wide-web integration. Submission
guidelines are at www.inf.ethz.ch/ASA-MA/submit.html;
additional workshop information can be found at: www.inf.ethz.ch/ASA-MA/ or
www.cs.dartmouth.edu/ASA-MA/
ICECCS'2000
Sixth IEEE International Conference on Engineering of Complex Computer
Systems, Boissonade Tower, Ichigaya Campus, Hosei University, Tokyo, Japan,
September 11-15, 2000. [posted here 1/27/00]
The goal of this conference is to bring together industrial, academic, and
government experts, from a variety of user domains and software disciplines,
to determine how the disciplines' problems and solution techniques interact
within the whole system. The scope of interest includes long-term research issues, near-term complex
system requirements and promising tools, existing complex systems, and commercially available tools.
Papers are solicited in all areas related to complex computer-based systems, including the causes of complexity and means of avoiding, controlling, or coping with complexity. Topic areas include, but are not
limited to:
- System and Software Architecture and Systems Engineering
- Tools, Environments, and Languages for Complex Systems
- Complex Data Management, including Distributed, Real-Time, and Mobile
Databases
- Formal Methods and Approaches to Achieving Dependability in Complex
Systems
- Integration of Heterogeneous Technologies
- Software and System Development Processes for Complex Systems
- Human Factors and Collaborative ("Groupware") Aspects
- Interoperability and Standardization
- System and Software Safety and Security
Detailed instructions for submitting a paper, a panel proposal, or a
tutorial proposal are given on the conference web page at www.polimi.it/iceccs2000.
WECS'2000 Practicum Workshop on Education in Computer Security,
Center for Information Systems Security Studies and Research, Naval Postgraduate School, Monterey, California, USA,
September 11-13, 2000.
This workshop helps those new to computer security teach a well-organized comprehensive Computer and Network
Security course or update CS and IT courses with relevant security information. The workshop will clarify confusing topics
and will address important information often not found in introductory texts. The workshop is organized and conducted by
experienced security educators. Topics covered will include:
- A scientific or engineering approach to security (as opposed to patches and ad hoc solutions).
- Debunking many popular computer security and cryptography myths.
- Many real life simple and beautiful examples that illustrate
important concepts.
- Subtle important issues that are often overlooked or misunderstood.
- Analogies and projects that are useful in teaching difficult topics.
- Ideas for demonstrations and laboratory exercises.
More information can be found on the workshop web page at cisr.nps.navy.mil/events/wecs/wecs2000_announce.html
ISSSTA 2000,
IEEE Sixth International Symposium on Spread Spectrum Techniques
and Applications, Sheraton Tara, Parsippany, NJ, USA,
September 6-8, 2000. [posted here: 9/3/99].
Prospective authors are cordially invited to submit papers in
particular but not exclusively on the following topics: THEORY
(Spreading codes and sequences, waveform design,
spectral shaping; synchronization, acquisition, tracking;
coding and modulation for SS; direct sequencing, frequency
hopping, hybrid concepts; digital and analog SS signal
processing, estimation theory; CDMA, SSMA, interference
cancellation, joint (multiuser) detection, capacity; information
security, ECM, EVCCM, LPI; antennas for SS, propagation effects,
channel modelling, anti-fading techniques, RAKE; coexistence
SS/other systems, overlay systems, EMC; networking; power
control, AGC, amplifier nonlinearities. SYSTEM DESIGN: Tools for SS system design, modeling and
simulation, application of AI; frequency allocation; networking
aspects, handover, dynamic channel allocation; SS techniques in
education. COMMUNICATIONS: Mobile & cellular, CDMA, SSMA, satellite; digital
broadcasting; power line communications; radio relay; optical SS
communications; wireless LANs; SS bus systems, consumer
applications, remote control; packetized data & voice networks.
NAVIGATION, RANGING, CHANNEL SOUNDING: GPS, GLONAS, radar,
lidar,
pulse compression; wideband channel sounding; deep-space
applications; correlation techniques to measure flow and speed;
SS time domain reflectometry. DEVICES AND
CIRCUITS: ASICs for SS, chip sets, digital
correlators,
frequency synthesizers, all digital transmitter and receiver
implementations, SAW, CCD, neural networks. Please submit five double-spaced copies of original papers to the
ISSSTA 2000 Technical Program Committee Chairman as per schedule.
Detailed submission instruction and other information can be found
on the conference web page at:
www.ISSSTA2000.org.
CoopIS'2000
In Cooperation with VLDB'2000,
Neptune Hotel, Eilat, Israel, September 6-8, 2000. [posted here
5/29/2000]
CoopIS'2000 is the seventh conference in the series and the fifth conference organized by the International Foundation on Cooperative
Information Systems (IFCIS). It is sponsored by the International Foundation in Cooperative Information Systems (IFCIS), and the IBM
Research Laboratory in Haifa (other sponsors pending). It replaces the erstwhile international workshops on Interoperability in
Multidatabase Systems (IMS) and the conference series on Cooperative Information Systems (CoopIS &
ICICIS). The conference web page is at www.haifa.il.ibm.com/coopis2000.html
MDDS'2000
Third International Workshop on Mobility in Databases and Distributed
Systems (in conjunction with DEXA'2000), Greenwich, UK, September 6-8, 2000.
[posted here
7/30/2000]
The focus of this workshop is on mobility issues in distributed systems and databases.
The objective of this workshop is to bring together researchers and practitioners with
mobile networking background, database research interests, advanced applications and
distributed computing systems research and development skills to discuss all aspects of
emerging mobile computing paradigm. Both the theoretical papers and papers reporting
implementation and practical results will be presented. Details
about DEXA'2000 can be found at www.dexa.org;
the MDDS'2000 workshop web page is at www.ct.monash.edu.au/DPMC/mdds/mdds2000/
DEXA2000
11th International Conference and Workshop on Database and Expert
Systems Applications, London - Greenwich, United Kingdom, September 4- 8, 2000.
[posted here 5/29/00]
The aim of DEXA 2000 is to present both research contributions in the area of data and expert systems and a large spectrum of already
implemented or just being developed applications. DEXA will offer the opportunity to extensively discuss requirements, problems, and
solutions in the field. The workshop and conference should inspire a fruitful dialogue between developers in practice, users
of database and expert systems, and scientists working in the field.
The conference web page is at www.dexa.org/dexa00/
NBIS2000
The Third International Workshop on Network-Based Information Systems in conjunction with the 11th International Conference on Database
and Expert Systems Applications (DEXA'2000), Greenwich, United Kingdom, September 4-8, 2000.
[posted here 5/29/00]
The main objective of this workshop is to bring together researchers
from both network systems and information systems with the aim of encouraging the exchange of ideas and experience between these two
communities. Topics of interest include but are not limited to:
* Communication Networks and Protocols
* Internet Applications
* Web-based database systems
* Distributed Cooperating Information Systems
* Groupware
* Distributed and Parallel Algorithms
* Multimedia Computing and Communication Systems
* Mobile Computing Systems
* Distributed Object-Oriented Systems
* Interoperable Systems
* Electronic Commerce
* Security and Privacy
* Distributed Fault-Tolerant Systems
More information can be found on the conference web page
at www.takilab.k.dendai.ac.jp/conf/dexa2000/nbis/
CRYPTO 2000,
Santa Barbara, California, USA, August 20-24, 2000. [posted here
5/29/00]
Crypto 2000 is organized by the International Association for
Cryptologic Research (IACR), in cooperation with the IEEE Computer Society Technical Committee on Security and Privacy, and the Computer
Science Department of the University of California, Santa Barbara. For other information contact
Mathew Franklin, General Chair, Crypto 2000
Xerox Parc
3333 Coyote Hill Road
Palo Alto, CA 94304
USA
Phone: 650-812-4228 ; FAX: 650-812-4471 ;
E-mail: crypto2000@iacr.org
CHES'2000, Workshop on
Cryptographic Hardware and Embedded Systems, Worcester Polytechnic
Institute, Worcester, Massachusetts, USA., August 17-18, 2000.
[posted here 2/4/00]
The focus of this workshop is on all aspects of cryptographic hardware and
embedded system design. Of special interest are contributions that describe new methods for efficient hardware
implementations and high-speed software for embedded systems. The topics of interest include but are not limited to:
* Computer architectures for public-key cryptosystems
* Computer architectures for secret-key cryptosystems
* Reconfigurable computing and applications in cryptography
* Cryptographic processors and co-processors
* Modular and Galois field arithmetic architectures
* Tamper resistance on the chip and board level
* Architectures for smart cards
* Tamper resistance for smart cards
* Efficient algorithms for embedded processors
* Special-purpose hardware for cryptanalysis
* Fast network encryption
* True and pseudo random number generators
If you want to receive emails with subsequent Call for Papers and registration information, please send a brief mail to
ches@ece.orst.edu. Complete
instructions for authors can be found on the workshop web page at www.ece.WPI.EDU/Research/crypt/ches.
You may also contact the Program Chairs Cetin Kaya Koc (Koc@ece.orst,
+1 541 737 4853) or Christof Paar (christof@ece.wpi.edu, +1 508 831 5061).
USENIX,
9th USENIX Security Symposium, Denver, Colorado, USA,
August 14-17, 2000. [posted here: 9/20/99].
The USENIX Security Symposium brings together researchers,
practitioners, system administrators, system programmers, and others
interested in the latest advances in security and applications of
cryptography. Please see the conference web site at
www.usenix.org/events/sec2000 for more information on the
symposium, a detailed list of topics of interest, and the procedure
for submitting a paper.
SAC'2000,
Seventh Annual Workshop on Selected Areas in Cryptography, August 14-15,
2000, Waterloo, Ontario, Canada. [posted here 3/20/00]
Workshop Themes:
- Design and analysis of symmetric
key cryptosystems.
- Primitives for private key cryptography,
including block and stream ciphers, hash functions and MACs.
- Efficient implementations of
cryptographic systems in public and private key cryptography.
- Cryptographic solutions for
web/internet security.
Details on submitting a paper are given on the conference web page at www.cacr.math.uwaterloo.ca/conferences/2000/SAC2000/announcement.html
4th International Workshop on Discrete Algorithms and Methods for Mobile Computing & Communications,
Boston, Massachusetts, USA, August 11, 2000. In conjunction with ACM MobiCom 2000.
[posted here 1/27/00].
The introduction of mobility raises a number of new research issues. This workshop is devoted to discrete algorithms
and methods in the context of mobile and wireless computing and communications. Contributions are solicited in all areas related to mobile computing and
communications where discrete algorithms and methods are utilized, including, but not limited to:
*
distributed algorithms frequency allocation
*
scheduling location tracking
*
site allocation multi-hop packet radio networks
*
wireless networks synchronization
*
cryptography and security error correcting codes
*
handover (handoff) telecommunications
* modeling optimization
* routing satellite communication
Instructions for submitting a paper or a panel proposal are given on the
conference web page at www.cis.udel.edu/~elloyd/dialm.d/home.htm.
Since deadlines overlap, dual submission of papers to MobiCom and DIALM is encouraged. Any paper accepted for MobiCom will automatically be
removed from consideration for DIALM.
MSWiM'2000,
Third ACM International Workshop on Modeling, Analysis and Simulation of
Wireless and Mobile Systems, in conjunction with MobiCom 2000, August
6-11, 2000, Boston, MA, USA. [posted here
4/22/00]
This workshop will focus on all aspects of wireless systems, particularly modeling analysis and simulation in wireless communication.
In its third year, the 2000 International ACM Workshop on Modeling and
Simulation of Wireless and Mobile Systems, will take place in Boston, MA, just
after the International Conference on Mobile Computing and Networking (MobiCom 2000) to be held in Boston, August 6-11, 2000. This is an excellent
opportunity to partake in two events covering a wide range of research in wireless and mobile systems.
Authors are encouraged to submit both theoretical and practical results of significance. Demonstration of new tools/simulation languages are very
welcome. A complete list of topics of interest, along with
directions for submitting a paper are given on the workshop web page at:
www.tlc.polito.it/mswim
RBAC'2000
Fifth ACM Workshop on Role-Based Access Control, Technical University of Berlin,
Berlin, Germany, July 26-28, 2000. [posted here 1/27/00]
The ACM workshops on RBAC bring together researchers, developers, and practitioners to discuss the application of RBAC to both traditional and
emerging systems and the development of new modeling paradigms for future applications. The workshop invites participation from
the database, network, distributed systems, operating systems, security and
application communities. See the workshop web page at www.acm.org/sigsac/rbac2000.html
for information on submitting a paper or panel proposal.
FMCS'2000
Workshop on Formal Methods and Computer Security, Chicago, Illinois, USA,
July 20, 2000. [posted here
March 13, 2000]
Computer security protocols are notoriously difficult to get right. Surprisingly simple problems with some well known protocols have been found
years after the original protocol was published and extensively analyzed. Our workshop goal is to bring together the formal methods and security
communities. Security is a current hot topic in the formal methods
community, and we hope that this workshop can help focus these energies. Topics of interest include descriptive techniques (specification languages,
models, logics) and analysis techniques (model checking, theorem proving, and
their combination), as applied to protocols for authentication, fair exchange,
electronic commerce, and electronic auctions. However, this list is not exclusive. We particularly want to hear about new approaches, new problems, new
security properties, and new protocol bugs. Reports on work in progress are
welcome. The program of the workshop will include a keynote address by Doug
Tygar, a
number of technical sessions (with talks of about 15-20 minutes duration), and
a panel discussion. An extended abstract (about 5-10 pages) explaining recent
research results or work in progress should be mailed electronically to
fmcs-2000@cs.cmu.edu, to be received by April 14, 2000. More information
can be found at the conference web site at www.cs.cmu.edu/~veith/fmcs/
PODC'2000,
Nineteenth Annual ACM SIGACT-SIGOPS Symposium on Principles of
Distributed Computing, Portland, Oregon, USA, July 16-19, 2000. [posted here: 8/30/99].
Research contributions on the theory, design, specification,
implementation or application of distributed systems are solicited.
This year PODC will be held in conjunction with a workshop on
middleware (information concerning the workshop will be posted on
the PODC web site once it is available). In light of this, PODC
especially encourages papers addressing distributed computing issues
in building and using middleware. Topics of interest include, but
are not limited to:
* distributed algorithms and their complexity,
* specification, semantics and verification of distributed systems,
* issues relating to the design and use of middleware platforms,
* fault tolerance of distributed systems,
* cryptographic and security protocols for distributed systems,
* mobile computing,
* distributed computing issues in the Internet, including the Web,
* communication network protocols and architectures,
* multiprocessor/cluster architectures and algorithms,
* distributed operating systems and databases,
* consistency conditions, concurrency control and synchronization,
* distributed object-oriented computing.
Conference presentations will have two formats: "Regular
presentations" of approximately 25 minutes accompanied by papers
of up to 10 pages in the proceedings, and "Brief announcements"
of approximately 10 minutes accompanied by one page abstracts in
the proceedings. Details on the conference and submission
procedure can be found on the conference web site at
www.podc.org/podc2000/, or contact the program chair,
Jim Anderson, by email, anderson@cs.unc.edu, or phone,
1-919-962-1757.
ACISP'2000,
Fifth Australasian Conference on Information Security and
Privacy, Brisbane, Australia, July 10-12, 2000. [posted here 9/13/99]
Papers pertaining to all aspects of information security and
privacy are solicited. Papers may present theory, techniques,
applications and practical experiences on any relevant topic
including: authentication and identification, database security,
mobile communications security, secure operating systems, security
and cryptography policy, security management, commercial
applications, key management and auditing, secure electronic
commerce, security architectures and models, distributed system
security, evaluation and certification, cryptology, access control,
network security, smart cards, risk assessment and copyright
protection. Please see the conference web page at
www.isrc.qut.edu.au/acisp2K for details.
| * | formal definition and verification of the various aspects of security: confidentiality, integrity, authentication and availability; |
| * |
new theoretically-based techniques for the formal analysis and design of cryptographic protocols and their manifold applications (e.g., electronic commerce); |
| * | information flow modeling and its application to the theory of confidentiality policies, |
| * | composition of systems, and covert channel analysis; |
| * | formal techniques for the analysis and verification of mobile code; |
| * | formal analysis and design for prevention of denial of service. |
Details on the conference and submission procedure can be found on the conference web site at www.dsi.unive.it/IFIPWG1_7/wits2000.html, or contact the program chair, Pierpaolo Degano, by email, degano@di.unipi.it, or phone, +39 050 887257, or fax, +39 050 887226.
IRISH2000
4th Irish Workshop on Formal Methods
National University of Ireland, Maynooth, July 5-6, 2000. [posted
here 5/29/2000]
The fourth in a series of annual Irish Workshops on Formal Methods will be held in the
National University of Ireland, Maynooth. We are now seeking submissions of
work in progress papers in the area of formal methods, theoretical computer science, and
mathematics covering the topics listed above. There will be opportunity for these papers to be submitted and reviewed as full papers, after
the workshop has completed. For the theoretical day the Programme Committee seeks submissions of
papers in the general area of formal methods, theoretical computer science, and mathematics, covering, but not restricted to, the
following topics: formal systems, proof systems, mathematical models of computing, semantics, tools, industrial and teaching experiences.
For the industrial day it is planned to offer industry-oriented tutorials. The idea is that these will provide an introduction to
formal methods, and be tailored to meet specific needs. The
conference web site is at www.cs.may.ie/IWFM00/
CSFW-13,
13th IEEE Computer Security Foundations Workshop, Cambridge,
England, July 3-5, 2000. [posted here: 11/10/99].
This workshop series brings together researchers in computer
science to examine foundational issues in computer security.
We are interested both in new results in theories of computer
security and also in more exploratory presentations that examine
open questions and raise fundamental concerns about existing
theories. Both papers and panel proposals are welcome. Possible
topics include, but are not limited to:
| *Access Control | *Authentication | *Data and System Integrity | |
| *Database Security | *Network Security | *Distributed Systems Security | |
| *Anonymity | *Privacy | *Security for Mobile Computing | |
| *Security Protocols | *Security Models | *Formal Methods for Security | |
| *Information Flow | *Executable Content |
IC'2000,
Special session at IC'2000, the First International Conference on Internet
Computing, Monte Carlo Resort, Las Vegas, Nevada, USA, June 26-29, 2000.
[posted here 2/15/00]
This special session, New Paradigms in Computer Security, at IC'2000
is to present recent advances in computer system security. The main focus will
be on new approaches for less vulnerable program generation and intrusion detection.
Papers are solicited on the topic areas include, but are not limited to:
|
* Analysis tools |
* Cases in Practice |
|
* Course or Lab development |
* Distributed System Architecture |
|
* Emerging Curricula |
* Intrusion Detection System Integration |
|
* IDS in distributed client-server computing |
* Processor and Software Architecture |
|
* Standards |
Submit extended abstracts in PDF or postscript format, limited to 1200 words in length, to ghlee@iastate.edu. The due date for the extended abstract is March 17, 2000. For more information on IC'2000, visit the conference web site at www.cs.umanitoba.ca/~iwic/.
FIRST'2000,
The 12th Annual FIRST Conference on Computer Security and
Incident Handling, Chicago, Illinois, USA, June 25-30, 2000. [posted here: 10/27/99].
The Forum of Incident Response and Security Teams (FIRST,
www.first.org ) brings security
incident response teams together including government, commercial,
and academic organizations. The conference is a five day event,
two days of tutorials and three days of technical sessions including
refereed paper presentations, invited talks, and panel discussions.
The focus of the FIRST'2000 conference is on the most recent practical
advances in computer security in all its aspects. The Program
Committee is soliciting original papers analyzing, among other
topics, methodologies for drafting security policies, recent
intrusion techniques, describing experiences in building incident
response capabilities, working security architectures, pros and
cons of both commercial and experimental pro-active security tools.
The deadline for submissions is NOVEMBER 15, 1999. The full
call for papers is at
www.first.org/conference/2000.
CITSS12
Canadian Information Technology Security Symposium,
Ottawa, Canada, June 19-23, 2000. [posted here 5/29/00]
We invite you to attend Building Trust for a Secure Global Economy, the 12th Annual Information Technology Security
Symposium. This annual event is sponsored by the Communications Security Establishment
(CSE), a Canadian Federal Government lead agency responsible for information technology security.
This year's symposium takes you inside some of the most important security issues facing businesses and governments today. CSE's
weeklong symposium features one and a half days of tutorials, a one-day plenary session and more than 36 in depth presentations
by Canadian and international experts in their fields. An industry leading vendor trade show
with more than 40 booths completes the program. Presentations will focus on:
- PKI issues and solutions
- e-commerce/e-business
- Critical Information Infrastructure Protection
- Intrusion detection
- Security in open source software
More info on the symposium web page at www.cse-cst.gc.ca/cse/english/annual.html
20th Biennial Symposium on Communications, Department of Electrical and Computer Engineering, Queen's University, Kingston, Ontario, Canada, May 28-31, 2000. [posted here: 2/8/2000].
This symposium is intended to provide a forum for engineers and researchers in the area of communications and signal processing. Original papers are encouraged from new areas of research on communications, as well as those traditionally associated with this conference. A complete list of topics of interest (which includes cryptography and security) as well as submission instructions is provided on the conference web page at www.ece.queensu.ca/dept/sympcomm.html
NCISSE'2000
Fourth Colloquium for Information Systems Security Education, Washington
D.C., USA, May 23-25, 2000. (Papers due March 29, 2000) [posted here
February 12, 2000]
It is the task of American higher education to provide an
information-literate work force and to prepare information technology
professionals. To meet this urgent need, higher education must be informed
of the knowledge, skills and attitudes to be taught in the general
curricula and in the information curricula of its colleges and
universities. Industry and government must understand their role in
supporting higher education, not simply expecting higher education to be
responsive and informed about information security and assurance. The
National Colloquium for Information Systems Security Education (the
Colloquium) is established to serve as a living body to bring
government, industry and academia together to meet those challenges.
This year the colloquium introduces two paper tracks, one
general submission, the other restricted to student participation. The
papers in both tracks should discuss course or lab development, INFOSEC
curricula, standards, existing or emerging programs, and related issues.
This year, we are particularly interested in addressing the question,
"what is academia’s response to the shortfall of INFOSEC
workers?" To achieve this goal, we are
particularly interested in topics such as the following:
|
* Assessment of need for information security
workers/researchers/faculty |
|
|
* Integrating information assurance topics in existing curricula |
|
|
* Experiences with course or laboratory development |
|
| * Alignment of curriculum with existing information assurance education standards | |
|
* Emerging programs or centers in information assurance |
|
| *
Late breaking topics (see the complete call for papers) |
Papers which fall into the topic areas outlined above are particularly welcome, although contributions outside those topics may also be of interest. See the complete call for papers for more information on submitting a paper, and the conference web site at www.infosec.jmu.edu/ncisse/ for general information on the colloquium.
ICCC
First International Common Criteria Conference, Baltimore, Maryland, USA, May 23-25, 2000.
[posted here January 27, 2000].
The ICCC will bring together the signatories to the Mutual Recognition Arrangement, their national implementation scheme administrators,
accredited commercial testing laboratories, producers and consumers of information technology products, acquisition authorities and information
assurance professionals from government, industry and academia throughout the world.
There will be four tracks at the ICCC geared towards providing you with the
most up to date, accurate and complete information on the Common Criteria process.
Track A will focus on general information about the Common Criteria testing
programs in countries around the world. Track B will take a more technical approach suited for evaluators,
certifiers or validators looking for detailed technical information on the
specifics of testing under the Common Criteria. Track C will look at the latest protection profiles and the types of
tools and documents available to help you use the Common Criteria more effectively.
Track D will be a tutorial for those wanting to become more familiar with the Common Criteria, the Common Evaluation Methodology and the Common
Criteria Toolbox. For more detailed information on the ICCC or to register for the conference, visit the
National Information Assurance Partnership (NIAP) web site: www.niap.nist.gov/iccc.
For information on the vendor exhibits to be held in conjunction with the ICCC on May 23 and 24, contact Janin Hardin or Stephanie King at the
Federal Business Council, (800) 878-2940 or log on to: www.fbcinc.com/specialeventspage.htm.
S&P'2000,2000 IEEE Symposium on Security and Privacy, Oakland
CA, USA, May 14-17, 2000. [posted here: 8/17/99].
See the full CFP above or on the Cipher Web page or at
www.bell-labs.com/user/reiter/sp2000/index.html.
WWW9,
9th International World Wide Web Conference, Amsterdam, The
Netherlands, May 15-19, 2000. [posted here: 8/17/99].
Topics: E-Commerce, XML, Multimedia, Web Server Performance,
Searching and Querying, Protocols, Web Document Management, Java,
Web Site Design, Web Security, RDF, Database and Directory Services,
Collaboration, Accessibility, Metadata, New Languages Submitted
papers should present original reports of substantive new work in
areas that can be theoretical (models, analyses, techniques,
semantics), empirical (experiments, case studies), or
implementation-oriented (new systems, tools, methodologies, user
interfaces). Tutorial proposals are desired for both half-day and
full-day sessions on topics of current relevance to Web design,
services, operation, and use. Subjects of interest include XML,
DOM, Multimedia, E-commerce, Java, Dynamic HTML, Security,
Accessibility, Graphics and the Web, and other areas expected to
be of special interest in spring 2000. WWW9 workshops are intended
to provide a forum for highly interactive discussion on focused
topics. Workshop proposals should address current web-related issues
which can benefit from small-group information exchange and
discussion. Attendance at workshops will be limited.
Submission details are available at
www9.org.
MFPS,
The Sixteenth Workshop on the Mathematical Foundations of
Programming Semantics, Stevens Institute of Technology,
Hoboken, NJ, USA, April 13-16, 2000. [posted here 11/4/99].
The MFPS conferences are devoted to those areas of mathematics,
logic and computer science which are related to the semantics
of programming languages. The series particularly has stressed
providing a forum where both mathematicians and computer scientists
can meet and exchange ideas about problems of common interest. We
also encourage participation by researchers in neighboring areas,
since we strive to maintain breadth in the scope of the series.
The invited speakers for MFPS 16 are:
Samson Abramsky University of Edinburgh
Rance Cleaveland Stony Brook
Andy Gordon Microsoft Cambridge
Robin Milner University of Cambridge
Peter O'Hearn Queen Mary - Westfield
Dana Scott CMU
In addition to the invited talks, there will be special sessions
devoted to security and model checking. Those interested in
contributing a talk at the meeting should send a title and short
abstract to mfps@math.tulane.edu. The available slots will be
allocated on a first come, first served basis. As with other MFPS
workshops, the Proceedings for MFPS 16 will consist of a special
issue of the journal Theoretical Computer Science. All participants
at the meeting (whether they present a talk or not) will be invited
to submit a paper for the Proceedings; these submissions will be
refereed to the usual TCS standards. Additional information
available at
www.math.tulane.edu/mfps16.html or from
mfps@math.tulane.edu.
AES3,
Third Advanced Encryption Standard (AES) Candidate Conference,
New York, New York, USA, April 13-14, 2000. (Submissions due:
January 15, 2000) [posted here: 9/23/99]
In the summer of 1999, NIST began Round 2 of the technical
analysis of five candidate algorithms that have been selected as
finalists for the AES development effort. Near the end of
Round 2, the 3rd AES Candidate Conference (AES3) will focus on
discussion of the technical resuts of Round 2 and views on
candidates for Round 3. A complete call-for-papers is given on the
conference web page at
csrc.nist.gov/encryption/aes/round2/conf3/aes3conf.htm.
CFP'2000,
Computers, Freedom, and Privacy. CFP 2000 Challenging the Assumptions,
Toronto, Ontario, Canada, April 4-7, 2000. [posted here 8/17/99].
The theme of the tenth CFP conference is 'Challenging the
Assumptions'. After a decade of CFP conferences, it's time to
examine what we have learned. At CFP2000 we want to re-examine the
assumptions we have been making and consider which ones still make
sense as we move forward. Proposals are welcomed on all aspects of
computers, freedom, and privacy. We strongly encourage proposals that
challenge the future, tackle the hard questions, look at old issues
in new ways, articulate and analyze key assumptions, and present
complex issues in all their complexity. We are seeking proposals for
tutorials, plenary sessions, workshops, and birds-of-a-feather
sessions. We are also seeking suggestions for speakers and topics.
Sessions should present a wide range of thinking on a topic by
including speakers from different viewpoints. Complete submission
instructions appear on the CFP2000 web site at
www.cfp2000.org/submissions/.
IETF
March 27-31, 2000, 47th IETF, Adelaide, Australia
[from the IETF Web page at
www.ietf.org
The Internet Engineering Task Force (IETF) is a large open
international community of network designers, operators, vendors,
and researchers concerned with the evolution of the Internet
architecture and the smooth operation of the Internet. It is open to
any interested individual. The actual technical work of the IETF is
done in its working groups, which are organized by topic into several
areas (e.g., routing, transport, security, etc.). Much of the
work is handled via mailing lists. The IETF holds meetings three
times per year. Future IETF Meeting Sites:
|
|
Summer 1999 - 45th IETF, July 12-16, 1999, Oslo, Norway, Host: Uninett |
|
|
Fall 1999 - 46th IETF, November 8-12, 1999, Washington, DC, Host: Nortel |
|
|
March 2000 - 47th IETF, March 27-31, 2000, Adelaide, Australia, Host: Sellnet and connect.com.au |
OPENARCH'2000, The Third IEEE Conference on Open Architectures
and Network Programming, Tel Aviv, Israel, March 26-27, 2000.
[posted here: 12/6/99]
The Third IEEE Conference on Open Architectures and Network
Programming invites participation in this international forum
on open programmable networks. Advances in open signaling and
control, active networks, mobility management, transportable
software, Web-based services access, and distributed systems
technologies are driving a reexamination of existing network
software architectures and the evolution of control and management
systems away from traditional constrained solutions. OPENARCH 2000
will foster a better understanding of network software architecture
and the techniques becoming available to make it simpler, more
flexible, and more robust. In the spirit of the first and second
conferences, OPENARCH 2000 will provide researchers and developers
with a focused opportunity to present and discuss current work and
future directions in the systems, techniques, and performance of open
architectures. More information can be found on the conference
web page at
comet.columbia.edu/activities/openarch2000.
FC'2000,
Fourth Annual International Conference on Financial
Cryptography, Anguilla, British West Indies, February 21-24, 2000.
[posted here: 12/6/99]
The annual Financial Cryptography conference is organized by the
International Financial Cryptography Association (IFCA) to explore
all aspects of cryptography for financial applications. The
conference has international participation from business, legal and
technology communities. For more information, see the conference
web page at www.fc00.ai/.
NDSS'2000
Network and Distributed System Security Symposium San Diego,
California, USA, February 2-4, 2000.
[posted here: 2/20/99]
Technical papers and panel proposals are invited for the Internet
Society's Year 2000 Network and Distributed System Security Symposium
(NDSS 2000), tentatively scheduled for 2-4 February 2000 in San
Diego, California. The symposium will foster information exchange
among researchers and practitioners of network and distributed
system security services. The audience includes those who are
interested in the practical aspects of network and distributed
system security, focusing on actual system design and implementation
rather than theory. A major goal of the symposium is to encourage
and enable the Internet community to apply, deploy, and advance
the state of available security technology. Proceedings will be
published by the Internet Society. A best paper award will be
presented at the symposium to the authors of the best paper to be
selected by the program committee. The deadline for electronic
submission is 16 JUNE 1999. The complete call is available at
www.isoc.org/ndss00/.
| * Access control | * Authentication | |
| * Electronic commerce | * Applied cryptography | |
| * Viruses and worms | * Distributed system security | |
| * Database security | * Security policy | |
| * Key management | * Mobile system security | |
| * Auditing and accounting | * Network security | |
| * Security protocols | * Secure operating systems | |
| * Security architectures & models | * Security management | |
| * Secure intelligent agents | * Software Protection | |
| * Security evaluation & certification | * Smartcards and PDAS |
| *communications systems security | *mobile communications security | |
| *Internet, intranet and extranet security | *security of mobile code | |
| *multimedia systems security | *applied cryptography | |
| *electronic commerce and digital signatures | *security in distributed systems | |
| *secure teleworking, telecooperation, telemedicine | *legal, social and ethical aspects of communication systems security | |
| *standards for communication and multimedia systems security |
| * caching | * electronic commerce | |
| * information retrieval & searching | * Internet telephony | |
| * metacomputing | * mobile computing | |
| * monitoring | * performance | |
| * quality of service issues | * security | |
| * reliability and high availability | * traffic measurement | |
| * traffic models & statistics | * Web interfaces to databases |
| * Computer architectures for public-key cryptosystems | * Architectures for smart cards | |
| * Computer architectures for secret-key cryptosystems | * Tamper resistance for smart cards | |
| * Reconfigurable computing and applications in cryptography | * Tamper resistance on the chip and board level | |
| * Cryptographic processors and co-processors | * Fast network encryption | |
| * Modular and Galois field arithmetic architectures | * Efficient algorithms for embedded processors | |
| * Special-purpose hardware for cryptanalysis | * True and pseudo random number generators |
| * Availability | * Distributed caching and replication | |
| * Embedded systems | * Extensible operating systems | |
| * File and storage system | * Interoperability of heterogeneous systems | |
| * Mobile code and computing | * Multimedias | |
| * New algorithms and applications | * Personal digital assistants | |
| * Quality of service | * Reliability | |
| * Quality of service | * Reliability | |
| * Security and Privacy | * Web technologies | |
| * Ubiquitous computing and messaging |
| * Case studies of IDS in practice | * Statistical models for IDS | |
| * Anomaly detection systems | * Misuse detection systems | |
| * Host based approaches to IDS | * Network based approaches to IDS | |
| * Application based approaches to IDS | * IDS in cryptographically protected networks | |
| * Distributed IDS in large networks | * Correlation techniques | |
| * Event thresholding | * Reducing false positives | |
| * Alternative approaches |