Cipher Upcoming Conferences
Cipher
Calls for Papers



IEEE Computer Society's Technical Committee on Security and Privacy


 


Calls for Papers

Last Modified:06/10/13

Upcoming Conferences and Workshops

Note: The submission date has passed.

June 2013

SACMAT 2013 18th ACM Symposium on Access Control Models and Technologies, Amsterdam, The Netherlands, June 12-14, 2013. [posted here 10/08/12]
The ACM Symposium on Access Control Models and Technologies (SACMAT) continues the tradition, first established by the ACM Workshop on Role-Based Access Control, of being the premier forum for the presentation of research results and experience reports on leading edge issues of access control, including models, systems, applications, and theory. The missions of the symposium are to share novel access control solutions that fulfil the needs of heterogeneous applications and environments, and to identify new directions for future research and development. SACMAT provides researchers and practitioners with a unique opportunity to share their perspectives with others interested in the various aspects of access control. Papers offering novel research contributions in all aspects of access control are solicited for submission to the 18th ACM Symposium on Access Control Models and Technologies (SACMAT 2013). Topics of interest include but are not limited to:
- Access control models and extensions
- Access control requirements
- Access control design methodology
- Access control mechanisms, systems, and tools
- Access control in distributed and mobile systems
- Access control for innovative applications
- Administration of access control policies
- Economic models for access Control
- Hardware enhanced access Control
- Identity management
- Policy/Role engineering
- Safety analysis and enforcement
- Standards for access control
- Trust management
- Trust and risk models in access control
- Theoretical foundations for access control models
- Usability in access control systems
- Usage control

For more information, please see http://www.sacmat.org/.

TRUST 2013 6th International Conference on Trust and Trustworthy Computing, London, UK, June 17-19, 2013. [posted here 11/19/12]
TRUST 2013 is an international conference on the technical and socio-economic aspects of trustworthy infrastructures. It provides an excellent interdisciplinary forum for researchers, practitioners, and decision makers to explore new ideas and discuss experiences in building, designing, using and understanding trustworthy computing systems. The conference solicits original papers on any aspect (technical, social or socio-economic) of the design, application and usage of trusted and trustworthy computing. Papers can address design, application and usage of trusted and trustworthy computing in a broad range of concepts including, but not limited to, trustworthy infrastructures, cloud computing, services, hardware, software and protocols.

For more information, please see http://trust2013.sba-research.org.

CLHS 2013 Workshop on Changing Landscapes in HPC Security, Held in conjunction with ACM HPDC, New York, NY, USA, June 18, 2013. [posted here 02/05/13]
Providing effective and non-intrusive security within a HPC environment provides a number of challenges for both researchers and operational personnel. What constitutes HPC has expanded to include cloud computing, 100G networking, cross-site integration, and web 2.0 based interfaces for job submission and reporting, increasing the complexity of the aggregate system dramatically. This growing complexity and it's new issues is set against a backdrop of routine user and application attacks, which remain surprisingly effective over time. The CLHS workshop will focus on the problems inherent in securing contemporary large-scale compute and storage systems. To provide some clarification we have broken this out into four general areas or questions. First is Attribution: who is doing what in terms of process activity and/or network traffic? Second is looking beyond the interactive nodes: what is going on in the computing pool? Third involves job scheduler activity and usage: what is being run, how has it is been submitted and is this activity abnormal? Finally a more philosophical topic of why securing complex systems is so difficult and what can be done about it. While these specific areas are interesting starting points for papers and presentations, any original and interesting topic will be considered.

For more information, please see https://commons.lbl.gov/display/CLHS.

SPH 2013 26th International Symposium on Computer-Based Medical System, Security and Privacy in Healthcare IT Special track, Porto, Portugal, June 20-22, 2013. [posted here 02/05/13]
We are currently witnessing a rapidly moving transition trend towards electronic healthcare information systems. They have already proved to be essential tools in order to improve the management and quality of healthcare services. More recently, these systems have also started to promote great results on the improvement of patients’ health by enabling the creation of much more flexible, efficient and interoperable means by which practitioners and even patients can have access and manage healthcare data. However very complex technical challenges resulting from strict but necessary highly regulated environments, threats to patient safety, privacy, and security must be tackled and solved before we can safely have valuable and sensitive patient’s data being securely managed and used in much more flexible and potentially useful ways. Towards this end it is thus imperative to develop innovative methods and policies that ensure the secure acquisition and management of healthcare data, at the same time promoting its interoperability, it’s sharing, and its integrity and confidentiality in highly effective and secure ways. This special track focuses on original unpublished research on innovative methods, policies and concerns that can constitute the right building blocks for a new generation of electronic healthcare information systems that are at the same time more efficient, empowering and secure. So, it is expected novel articles about privacy, security, accountability and auditing for the healthcare sector. This special track also pretends to encourage the research dissemination to the stakeholders involved in healthcare information technologies, promoting the discussion on issues, challenges and solutions that are currently being developed all around the world.

For more information, please see http://www.dcc.fc.up.pt/sph.cbms2013/.

MWSN 2013 IEEE International Workshop on Security and Privacy of Mobile, Wireless and Sensor Networks, New Orleans, LA, USA, June 23, 2013. [posted here 02/11/13]
To cope with the rapid increase in mobile users and the increasing demand for mobile, wireless and sensor networks (MWSNs), it is becoming imperative to provide the necessary security protocols and privacy guarantees to users of MWSNs. In turn, these specific demands in security and privacy require new methodologies that are specifically designed to cope with the strict requirements of the networks. In general, the real-world performance of MWSNs crucially depends on the selected protocols, and their suitability and efficiency for the layers of the implementation. A satisfactory security design and protocol are therefore crucial for the performance of MWSNs. It is a great challenge to achieve efficient and robust realizations of such highly dynamic and secure MWSNs. Moreover, the study of security and privacy in the context of MWSNs provides insights into problems and solutions that are orthogonal to programming languages, programming paradigms, computer hardware, and other aspects of the implementation. The objective for this workshop is to address those topics, which we believe will play an important role in current and future research on and education of MWSNs.

For more information, please see http://www2.cs.uh.edu/mwsn/.

SOUPS 2013 Symposium On Usable Privacy and Security, Northumbria University, Newcastle, UK, July 24-26, 2013. [posted here 11/19/12]
The 2013 Symposium on Usable Privacy and Security (SOUPS) will bring together an interdisciplinary group of researchers and practitioners in human computer interaction, security, and privacy. The program will feature technical papers, a poster session, panels and invited talks, lightning talks and demos, and workshops and tutorials. We invite authors to submit original papers describing research or experience in all areas of usable privacy and security. Topics include, but are not limited to:
- innovative security or privacy functionality and design
- new applications of existing models or technology
- field studies of security or privacy technology
- usability evaluations of new or existing security or privacy features
- security testing of new or existing usability features
- longitudinal studies of deployed security or privacy features
- the impact of organizational policy or procurement decisions
- lessons learned from the deployment and use of usable privacy and security features
- reports of replicating previously published studies and experiments
- reports of failed usable security studies or experiments, with the focus on the lessons learned from such experience

For more information, please see http://cups.cs.cmu.edu/soups/.

PRISMS 2013 International Conference on Privacy and Security in Mobile Systems, Atlantic City, NJ, USA, June 24 - 27, 2013. [posted here 03/18/13]
PRISMS is the successor of MobiSec (International Conference on Security and Privacy in Mobile Information and Communication Systems). The conference under a new name (PRISMS) is organized this year with the co-sponsorship of IEEE. Its focus is the convergence of information and communication technology in mobile scenarios. This convergence is realised in intelligent mobile devices, accompanied by the advent of next-generation communication networks. Privacy and security aspects need to be covered at all layers of mobile networks, from mobile devices, to privacy respecting credentials and mobile identity management, up to machine-to-machine communications. In particular, mobile devices such as Smartphones and Internet Tablets have been very successful in commercialization. However, their security mechanisms are not always able to deal with the growing trend of information-stealing attacks. As mobile communication and information processing becomes a commodity, economy and society require protection of this precious resource. Mobility and trust in networking go hand in hand for future generations of users, who need privacy and security at all layers of technology. In addition, the introduction of new data collection practices and data-flows (e.g. sensing data) from the mobile device makes it more difficult to understand the new security and privacy threats introduced. PRISMS strives to bring together the leading-edge of academia and industry in mobile systems security, as well as practitioners, standards developers and policymakers. Contributions may range from architecture designs and implementations to cryptographic solutions for mobile and resource-constrained devices.

For more information, please see http://www.gws2013.org/prisms/.

ACNS 2013 11th International Conference on Applied Cryptography and Network Security, Banff, Alberta, Canada, June 25-28, 2013. [posted here 10/15/12]
The 11th International Conference on Applied Cryptography and Network Security seeks submissions from academia, industry, and government presenting novel research on all aspects of applied cryptography as well as network security and privacy. Papers describing novel paradigms, original directions, or non-traditional perspectives are also encouraged. The conference has two tracks: a research track and an industry track. Topics of interest include, but are not limited to:
- Access control
- Applied cryptography
- Automated protocols analysis
- Biometric security and privacy
- Complex systems security
- Critical infrastructure protection
- Cryptographic primitives and protocols
- Database and system security
- Data protection
- Digital rights management
- Email and web security
- Identity management
- Intellectual property protection
- Internet fraud
- Intrusion detection and prevention
- Key management
- Malware
- Network security protocols
- Privacy, anonymity, and untraceability
- Privacy-enhancing technology
- Protection for the future Internet
- Secure mobile agents and mobile code
- Security in e-commerce
- Security in P2P systems
- Security in pervasive/ubiquitous computing
- Security and privacy in cloud and grid systems
- Security and privacy in distributed systems
- Security and privacy in smart grids
- Security and privacy in wireless networks
- Security and privacy metrics
- Trust management
- Usability and security

For more information, please see http://acns2013.cpsc.ucalgary.ca/.

CSF 2013 26th IEEE Computer Security Foundations Symposium, Tulane University, New Orleans, Louisiana, USA, June 26 - 28, 2013. [posted here 11/19/12]
The Computer Security Foundations Symposium is an annual conference for researchers in computer security. CSF seeks papers on foundational aspects of computer security, e.g., formal security models, relationships between security properties and defenses, principled techniques and tools for design and analysis of security mechanisms as well as their application to practice. While CSF welcomes submissions beyond the topics listed below, the main focus of CSF is foundational security: submissions that lack foundational aspects risk rejection. New theoretical results in computer security are welcome. Possible topics include, but are not limited to:
- Access control
- Accountability
- Anonymity and Privacy
- Authentication
- Cryptographic protocols
- Data and system integrity
- Database security
- Data provenance
- Decidability and complexity
- Distributed systems security
- Electronic voting
- Executable content
- Formal methods for security
- Game Theory and Decision Theory
- Hardware-based security
- Information flow
- Intrusion detection
- Language-based security
- Network security
- Resource usage control
- Security for mobile computing
- Security models
- Socio-technical security
- Trust and trust management

For more information, please see http://csf2013.seas.harvard.edu/.

CSAW 2013 Cloud Security Auditing Workshop, Held in conjunction with the IEEE 9th World Congress on Services, Santa Clara, CA, USA, June 27 - July 2, 2013. [posted here 03/04/13]
Security concerns are a major impediment to the widespread adoption of cloud services. Cloud services often deal with sensitive information and operations. Thus, cloud service providers must provision services to rapidly identify security threats for increased information assurance. In addition, when a threat is identified or an attack is detected, incident reporting should be timely and precise to allow cloud tenants and users to respond appropriately. Detection and reporting require meta-information to be captured across the cloud in order to audit and monitor it for potential threats that may lead to attacks and to discern when and where an attack has already occurred. Capturing security relevant information and auditing the results to determine the existence of security threats in the cloud is challenging for multiple reasons. Cloud tenants rely on the cloud for diverse tasks and have services and data that may require isolation or be provisioned for composition with other services in cloud applications. Organizations may not have the logging capabilities in place for their services or may not be predisposed to share the information. Cloud management services are needed to log relevant events at their endpoints, including user interactions and interactions within the cloud federation. Consistent formats for capturing events and generating logs to be hosted within the cloud are not specified as part of current service level agreements (SLAs). Near real-time analysis is needed for prediction of potential threats in order to respond quickly to prevent an attack. Centralized analysis of information captured may present too much overhead for timely alerts and incident reporting. But distributed analysis must guarantee that the partial information it uses is sufficient to determine a threat. All analyses must consider the configuration of the cloud and its tenant services and resources. The goal of this one day workshop is to bring together researchers and practitioners to explore and assess varied and viable technologies for capturing security relevant events throughout the cloud and performing monitoring and analyses on the captured information to detect, prevent, and mitigate security threats. List of topics include:
- Languages and protocols for specifying, composing, and analyzing security-relevant, distributed logs of audit data from a cloud-wide perspective
- Cloud security, threat modeling, and analysis, including centralized/distributed attack detection and prediction/prevention algorithms based on audited information, and automated tools for capturing, integrating, and analyzing cloud audit data
- Algorithms and protocols for audit data stream delivery, manipulation, and analysis for big cloud audit data
- Access control and information flow control models for disclosure and modification of sensitive cloud audit data
- Methods for expressing and representing the cloud infrastructure and configuration to influence logging and monitoring processes
- Information assurance (authenticity, integrity, confidentiality and availability) of cloud audit data, including security and privacy policies and compliance with security controls such as NIST sp800-53 and Cloud Security Alliance guidance 3.0
- Service-level agreements that formalize and guarantee logging and analysis capabilities

For more information, please see http://www.csaw2013.org.

FCS 2013 Workshop on Foundations of Computer Security, Tulane University, New Orleans, Louisiana, USA, June 29, 2013. [posted here 03/04/13]
The aim of the workshop FCS'13 is to provide a forum for continued activity in different areas of computer security, bringing computer security researchers in closer contact with the LICS community and giving LICS attendees an opportunity to talk to experts in computer security, on the one hand, and contribute to bridging the gap between logical methods and computer security foundations, on the other. We are interested both in new results in theories of computer security and also in more exploratory presentations that examine open questions and raise fundamental concerns about existing theories, as well as in new results on developing and applying automated reasoning techniques and tools for the formal specification and analysis of security protocols. We thus solicit submissions of papers both on mature work and on work in progress. Possible topics include, but are not limited to:
- Automated reasoning techniques
- Composition issues
- Formal specification
- Foundations of verification
- Information flow analysis
- Language-based security
- Logic-based design
- Program transformation
- Security models
- Static analysis
- Statistical methods
- Tools
- Trust management

For more information, please see http://prosecco.inria.fr/personal/bblanche/fcs13/.

July 2013

NFSP 2013 2nd International Workshop on Network Forensics, Security and Privacy, Held in conjunction with the 33rd International Conference on Distributed Computing Systems (ICDCS 2013), Philadelphia, PA, USA, July 8, 2013. [posted here 12/24/12]
Cyberspace has been reshaped as an integration of businesses, governments and individuals, such as e-business, communication and social life. At the same time, it has also been providing convenient platforms for crimes, such as financial fraud, information phishing, distributed denial of service attacks, and fake message propagation. Especially, the emergence of social networks has raised significant security and privacy issues to the public. We have seen news of various network related security attacks from time to time, and defenders are usually vulnerable to detect, mitigate and traceback to the source of attacks. It is a new research challenge of fighting against criminals in the cyber space. The potential solutions involve various disciplines, such as networking, watermarking, information theory, game theory, mathematical and statistical modelling, data mining, artificial intelligence, multimedia processing, neural network, pattern recognition, cryptography and forensic criminology, etc.

For more information, please see http://www.faculty.umassd.edu/honggang.wang/nfsp2013/.

RFIDSEC 2013 9th Workshop on RFID Security, Graz, Austria, July 9-11, 2013. [posted here 12/24/12]
RFIDsec is the premier workshop devoted to security and privacy in Radio Frequency Identification (RFID) with participants throughout the world. RFIDsec brings together researchers from academia and industry for topics of importance to improving the security and privacy of RFID, NFC, contactless technologies, and the Internet of Things. RFIDsec bridges the gap between cryptographic researchers and RFID developers through invited talks and contributed presentations. Topics of the workshop include but are not limited to:
- New applications for secure RFID, NFC, and other constrained systems
- Resource-efficient implementations of cryptography o Small-footprint hardware and/or software o Low-power and/or low energy implementations
- Attacks on RFID systems: Side-channel attacks, Fault attacks, Hardware tampering
- Data protection and privacy-enhancing techniques
- Cryptographic protocols: Authentication protocols, Key distribution, Scalability issues
- Integration of secure RFID systems: Infrastructures, Middleware and security, Data mining and other systemic approaches to RFID security
- RFID hardware security: Physical Unclonable Functions (PUFs), RFID Trojans
- Case studies

For more information, please see http://rfidsec2013.iaik.tugraz.at/.

PST 2013 11th International Conference on Privacy, Security and Trust, Tarragona, Catalonia, July 10-12, 2013. [posted here 12/24/12]
PST2013 provides a forum for researchers world-wide to unveil their latest work in privacy, security and trust and to show how this research can be used to enable innovation. PST2013 will include one day of tutorials followed by two days of high-quality research papers whose topics include, but are NOT limited to, the following:
- Privacy Preserving / Enhancing Technologies
- Critical Infrastructure Protection
- Network and Wireless Security
- Operating Systems Security
- Intrusion Detection Technologies
- Secure Software Development and Architecture
- PST Challenges in e-Services, e.g. e-Health, e-Government, e-Commerce
- Network Enabled Operations
- Digital forensics
- Information Filtering, Data Mining and Knowledge from Data
- National Security and Public Safety
- Cryptographic techniques for privacy preservation
- Security Metrics
- Recommendation, Reputation and Delivery Technologies
- Continuous Authentication
- Trust Technologies, Technologies for Building Trust in e-Business Strategy
- Observations of PST in Practice, Society, Policy and Legislation
- Digital Rights Management
- Identity and Trust management
- PST and Cloud Computing
- Human Computer Interaction and PST
- Implications of, and Technologies for, Lawful Surveillance
- Biometrics, National ID Cards, Identity Theft
- PST and Web Services / SOA
- Privacy, Traceability, and Anonymity
- Trust and Reputation in Self-Organizing Environments
- Anonymity and Privacy vs. Accountability
- Access Control and Capability Delegation
- Representations and Formalizations of Trust in Electronic and Physical Social Systems

For more information, please see http://unescoprivacychair.urv.cat/pst2013/index.php?m=cfp.

DBSEC 2013 27th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy, Rutgers University, Newark, NJ, USA, July 15-17, 2013. [posted here 12/24/12]
The 27th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy provides a forum for presenting original unpublished research results, practical experiences, and innovative ideas in data and applications security. Both papers and panel proposals are also solicited. Papers may present theory, techniques, applications, or practical experience on topics of relevance to IFIP WG 11.3:
- Access Control
- Applied cryptography in data security
- Identity theft and countermeasures
- Integrity maintenance
- Intrusion detection
- Knowledge discovery and privacy
- Logics for security and privacy
- Organizational security
- Privacy-preserving data management
- Secure transaction processing
- Secure information integration
- Secure Semantic Web
- Secure sensor monitoring
- Secure Web Services
- Threats, vulnerabilities, and risk management
- Trust management

Additional topics of interest include (but are not limited to): Critical Infrastructure Protection, Cyber Terrorism, Information Warfare, Database Forensics, Electronic Commerce Security, and Security in Digital Health Care

For more information, please see http://dbsec2013.business.rutgers.edu/.

VOTE-ID 2013 4th International Conference on E-voting and Identity, University of Surrey, Guildford, UK, July 17-19, 2013. [posted here 12/24/12]
Electronic voting is a very active research area covering a broad range of issues, from computer security and cryptographic issues to human psychology and legal issues. The aim of Vote-ID is to bring together researchers and practitioners from academia, industry and governmental institutions, all working on e-voting systems. The scope covers all aspects of electronic voting systems, including, but not limited to:
- Design and evaluation of e-voting systems
- Security requirements and formal analysis
- Voter authentication and identity management
- Cryptographic voting schemes
- Verifiable election technologies
- Methods for reconciling voter identification with vote privacy
- Usability and accessibility
- Deployment and lifecycle concerns
- Implementation issues and trade-offs
- Legal, political and other interdisciplinary issues

For more information, please see http://www.voteid13.org/.

DIMVA 2013 10th International Conference on Detection of Intrusions and Malware & Vulnerability Assessment, Berlin, Germany, July 18-19 2013. [posted here 12/24/12]
The annual DIMVA conference serves as a premier forum for advancing the state of the art in intrusion detection, malware detection, and vulnerability assessment. Each year, DIMVA brings together international experts from academia, industry, and government to present and discuss novel research in these areas. DIMVA solicits submission of high-quality, original scientific papers presenting novel research on malware analysis, intrusion detection, and related systems security topics.

For more information, please see http://www.dimva.org/dimva2013.

SOUPS-RISK 2013 Workshop on Risk Perception in IT Security and Privacy, Newcastle, UK, July 24-26, 2013. [posted here 03/04/13]
This workshop is an opportunity to bring together researchers and practitioners to share experiences, concerns and ideas about how to address the gap between user perception of IT risks and security / organizational requirements for security and privacy. Willingness to perform actions for security purposes is strongly determined by the costs and perceived benefit to the individual. When end-users' perceptions of risk are not aligned with organization or system, there is a mismatch in perceived benefit, leading to poor user acceptance of the technology. For example, organizations face complex decisions when pushing valuable information across the network to mobile devices, web clients, automobiles and other embedded systems. This may impose burdensome security decisions on employees and clients due to the risks of devices being lost or stolen, shoulder surfing, eavesdropping, etc. Effective risk communication can provide a shared understanding of the need for, and benefits of secure approaches and practices. While risk perception has been studied in non-IT contexts, how well people perceive and react to IT risk is less well understood. How systems measure IT risk, how it is best communicated to users, and how to best align these often misaligned perspectives is poorly understood. Risk taking decisions (policies) are increasingly being pushed out to users who are frequently ill prepared to make complex technical security decisions based on limited information about the consequences of their actions. In other risk domains we know that non-experts think and respond to risk very differently than experts. Non-experts often rely on affect, and may be unduly influenced by the perceived degree of damage that will be caused. Experts, and risk evaluation systems, use statistical reasoning to assess risk. The purpose of this workshop is to bring together researchers and practitioners to share experiences, concerns and ideas about how to address the gap between user perception of IT risks and security / organizational requirements for security and privacy. Topics of interest include:
- Human decision and different attack types: Malware, eavesdropping, inadvertent loss / disclosure of information, phishing, browser attacks, etc.
- Research methods and metrics for assessing perception of risk
- Assessing value of assets and resources at risk
- Communicating and portrayal of risk - security indicators, status indicators, etc.
- Organizational versus personal risk
- The psychology of risk perception
- Behavioral aspects of risk perception
- Real versus perceived risk
- Other topics related to measuring IT risk and/or user perception of IT risk

For more information, please see http://cups.cs.cmu.edu/soups/2013/risk.html.

SECRYPT 2013 10th International Conference on Security and Cryptography, Reykjavik, Iceland, July 29-31, 2013. [posted here 02/11/13]
SECRYPT is an annual international conference covering research in information and communication security. The 10th International Conference on Security and Cryptography (SECRYPT 2013) will be held in Reykjavik, Iceland. The conference seeks submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of data protection, privacy, security, and cryptography. Papers describing the application of security technology, the implementation of systems, and lessons learned are also encouraged. The conference topics include, but are not limited to:
- Access Control
- Applied Cryptography
- Biometrics Security and Privacy
- Critical Infrastructure Protection
- Data Integrity
- Data Protection
- Database Security and Privacy
- Digital Forensics
- Digital Rights Management
- Ethical and Legal Implications of Security and Privacy
- Formal Methods for Security
- Human Factors and Human Behavior Recognition Techniques
- Identification, Authentication and Non-repudiation
- Identity Management
- Information Hiding
- Information Systems Auditing
- Insider Threats and Countermeasures
- Intellectual Property Protection
- Intrusion Detection & Prevention
- Management of Computing Security
- Network Security
- Organizational Security Policies
- Peer-to-Peer Security
- Personal Data Protection for Information Systems
- Privacy
- Privacy Enhancing Technologies
- Reliability and Dependability
- Risk Assessment
- Secure Software Development Methodologies
- Security and privacy in Complex Systems
- Security and Privacy in Crowdsourcing
- Security and Privacy in IT Outsourcing
- Security and Privacy in Location-based Services
- Security and Privacy in Mobile Systems
- Security and Privacy in Pervasive/Ubiquitous Computing
- Security and Privacy in Smart Grids
- Security and Privacy in Social Networks
- Security and Privacy in the Cloud
- Security and Privacy in Web Services
- Security and Privacy Policies
- Security Area Control
- Security Deployment
- Security Engineering
- Security in Distributed Systems
- Security Information Systems Architecture
- Security Management
- Security Metrics and Measurement
- Security Protocols
- Security requirements
- Security Verification and Validation
- Sensor and Mobile Ad Hoc Network Security
- Service and Systems Design and QoS Network Security
- Software Security
- Trust management and Reputation Systems
- Ubiquitous Computing Security
- Wireless Network Security

For more information, please see http://secrypt.icete.org.

August 2013

USENIX-Security 2013 22nd USENIX Security Symposium, Washington, DC. USA, August 14–16, 2013. [posted here 01/21/13]
The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the security of computer systems and networks. The USENIX Security Symposium is primarily a systems security conference. Papers whose contributions are primarily new cryptographic algorithms or protocols, cryptanalysis, electronic commerce primitives, etc., may not be appropriate for this conference. Refereed paper submissions are solicited in all areas relating to systems and network security, including:
- Analysis of network and security protocols
- Applications of cryptographic techniques
- Attacks with novel insights, techniques, or results
- Authentication and authorization of users, systems, and applications
- Automated tools for source code analysis
- Botnets
- Cryptographic implementation analysis and construction
- Denial-of-service attacks and countermeasures
- Embedded systems security
- File and filesystem security
- Forensics and diagnostics for security
- Hardware security
- Human-computer interaction, security, and privacy
- Intrusion and anomaly detection and prevention
- Malicious code analysis, anti-virus, anti-spyware
- Mobile system security
- Network infrastructure security
- Operating system security
- Privacy-enhancing technologies
- Security architectures
- Security education and training
- Security for critical infrastructures
- Security in heterogeneous and large-scale environments
- Security in ubiquitous computing environments
- Security policy
- Self-protecting and self-healing systems
- Techniques for developing secure systems
- Technologies for trustworthy computing
- Wireless security
- Web security, including client-side and server-side security

For more information, please see https://www.usenix.org/conference/usenixsecurity13.

WISA 2013 14th International Workshop on Information Security Applications, Jeju Island, Korea, August 19-21, 2013. [posted here 04/15/13]
This year's program committee chairs decide to convert WISA to be a venue for discussing system security and offensive technology issues among researchers in Asia. More specifically, it will resemble two well-known conferences: USENIX Security and WOOT. The primary focus of WISA 2013, therefore, is on systems and network security, and the secondary focus is on offensive technology. Accordingly, the workshop will be composed of two tracks: regular and OT (Offensive Technology). Regular paper submissions are solicited in all areas relating to systems and network security, including:
- Analysis of network and security protocols
- Anonymity and censorship-resistant technologies
- Applications of cryptographic techniques
- Authentication and authorization of users, systems, and applications
- Automated tools for source code/binary analysis
- Botnet defense
- Critical infrastructure security
- Cryptographic implementation analysis and construction
- Denial-of-service attack countermeasures
- Embedded systems security
- Forensics
- Hardware and physical security
- Human-computer interaction, security, and privacy
- Intrusion/anomaly detection and prevention
- Malware analysis
- Mobile/wireless/cellular system security
- Network infrastructure security
- Operating system security
- Physical security
- Security architectures
- Security in heterogeneous and large-scale environments
- Security in ubiquitous computing environments
- Security policy
- Storage and file system security
- Techniques for developing secure systems
- Trustworthy computing
- Web security, including client-side and server-side security

For more information, please see http://www.wisa.or.kr/.

CHES 2013 Workshop on Cryptographic Hardware and Embedded Systems, Co-located with the 33rd Annual International Cryptology Conference (CRYPTO 2013), Santa Barbara, California, USA, August 20-23, 2013. [posted here 12/24/12]
CHES covers new results on all aspects of the design and analysis of cryptographic hardware and software implementations. The workshop builds a bridge between the cryptographic research community and the cryptographic engineering community. With participants from industry, academia, and government organizations, the number of participants has grown to over 300 in recent years. CHES 2013 will be co-located with the 33rd Annual International Cryptology Conference, CRYPTO 2013, in Santa Barbara, California, USA. This will provide unique interaction opportunities for the communities of both conferences. In addition to a track of high-quality presentations, CHES 2013 will offer invited talks, tutorials, a poster session, and a rump session. The topics of CHES 2013 include but are not limited to:
- Cryptographic implementations
- Attacks against implementations and countermeasures against these attacks
- Tools and methodologies
- Interactions between cryptographic theory and implementation issues
- Applications

For more information, please see http://www.chesworkshop.org/ches2013/.

GreenCom 2013 IEEE International Conference on Green Computing and Communications, Security, Privacy, and Trust Computing Track, Beijing, China, August 20-23, 2013 . [posted here 04/01/13]
Computer networks, communication systems, and other IT infrastructures have caused severe environmental problems by consuming significant amounts of power, increasing greenhouse gas emissions, and lead to pollution during the production and disposal. To reduce such environmental problems and create a sustainable environment, new energy models, algorithms, methodologies, platforms, tools and systems are pressing. Thus, green computing and communications solutions should be designed with more renewable energy, higher energy efficiency, lower greenhouse gas emission, and less harmful materials. The 2013 IEEE International Conference on Green Computing and Communications (GreenCom 2013) will be an exciting international forum for scientists, engineers, and researchers to exchange their novel works regarding advancements in the state-of-art of green computing and communications, as well as to identify the emerging research topics and open issues for further researches. The Security, Privacy, and Trust Computing Track of the conference seeks submissions from the industry and academia, presenting novel research contributions to computer security, privacy, and trust management. Topics of interest include, but are not limited to:
- Coding and cryptography for green communications and computing
- Remote data integrity and possession
- Dependability, availability and forensics in clouds
- Secure cooperative computation
- Private information retrieval from clouds
- Distributed computation and access control on encrypted data
- Security and privacy in vehicular networks
- Privacy enhanced social networks
- Security and privacy in electronic healthcare networks
- Security and privacy in Internet of things
- Privacy in data disclosure and mining
- Green cryptography for resource-constraint information systems
- Secure smart grid technology for future green energy management
- Lightweight cryptography for green computing
- Digital forensics and crimes
- Cloud computing security
- Security policy and privacy requirements
- Cyber security
- Biometrics
- Digital watermarking
- Quantum cryptography
- Physical layer security for communications
- Security algorithms and applications

For more information, please see http://www.china-iot.net/GreenCom2013.htm.

TGC 2013 8th International Symposium on Trustworthy Global Computing, Buenos Aires, Argentina, August 30-31, 2013. [posted here 03/18/13]
The Symposium on Trustworthy Global Computing is an international annual venue dedicated to safe and reliable computation in the so-called global computers, i.e., those computational abstractions emerging in large-scale infrastructures such as service-oriented architectures, autonomic systems and cloud computing. The TGC series focuses on providing frameworks, tools, algorithms and protocols for designing open-ended, large-scaled applications and for reasoning about their behaviour and properties in a rigorous way. The related models of computation incorporate code and data mobility over distributed networks that connect heterogeneous devices and have dynamically changing topologies. We solicit papers in all areas of global computing, including (but not limited to):
- theories, languages, models and algorithms
- language concepts and abstraction mechanisms
- security, trust, privacy and reliability
- resource usage and information flow policies
- software development and software principles
- model checkers, theorem provers and static analyzers

For more information, please see http://sysma.lab.imtlucca.it/tgc2013/.

September 2013

ECTCM 2013 1st International Workshop on Emerging Cyberthreats and Countermeasures, Co-located with ARES 2013, University Regensburg, Germany, September 2-6, 2013. [posted here 03/04/13]
The First International Workshop on Emerging Cyberthreats and Countermeasures aims at bringing together researchers and practitioners working in different areas related to cybersecurity. After organizing three informal workshops on Early Warning Systems in IT in the past three years, we strongly believe that the next step is to give the workshop a more formal structure in context of an internationally acclaimed scientific conference. The focus of this year's workshop is on IT Early Warning, Malware Detection and Analysis, Targeted Attacks, Cryptanalysis, and Privacy Protection. Contributions demonstrating both current weaknesses and threats as well as new countermeasures are welcome.

For more information, please see http://www.ectcm.net.

SeCIHD 2013 3rd IFIP International Workshop on Security and Cognitive Informatics for Homeland Defense, Held in conjunction with the 8th ARES Conference (ARES 2013), Regensburg, Germany, September 2-6, 2013. [posted here 03/18/13]
In the last years significant work has been undertaken by Governments and local agencies with respect to the protection of critical infrastructures and public-private sector coordination in the event of a cyber-attack. Threats to cities and their social infrastructures, e.g. from crime, and terrorism, endanger human life directly and indirectly. Resilience of critical infrastructures is gaining importance as a core concept to cope with such threats. In general, this means strengthening social infrastructures to prevent or mitigate such threats and to consistently deliver the intended services in a trustworthy and "normal" way even in changing situations. Information and communication infrastructure (ICT) is a primary part of the social infrastructure and therefore one of the central objects of these attacks. As a consequence, effective response capabilities must be properly organized and closely coordinated because, at the time of a cyber-attack, it is not possible to immediately determine whether the attacker is a script kiddie, an insider, a rogue actor (organized crime, terrorist organization, or radical), or a nation state. Unlike traditional Defense categories (i.e., land, air, and sea), the capabilities required to respond to an attack on critical infrastructures will necessarily involve infrastructure owned and operated by both the public and the private sector. Exercising for effective digital systems security becomes thus a crucial task in order to strengthen the resilience of IT systems against arising threats. Advanced information technologies that are able to analyze and interpret complex patterns or situations and take the proper decisions in terms on countermeasures the basic building blocks of the above solutions. In this context, it is worth noting research that combines security and defense aspects with achievements in designing advanced systems for the acquisition and sophisticated semantic analysis of complex image patterns and group behaviors. Such systems use cognitive models of semantic interpretation and can be applied to develop e.g., algorithms and protocols used for the security of computer systems themselves, but also to ensure the confidentiality and security of communication networks. Thus, the aim of this workshop is collecting and discussing new ideas and solutions that can be used to develop globally understood safe solutions connected with activities to strengthen national defense capability. The workshop topics include (but are not limited to):
- Homeland Security and Information Processing
- Investigative and Computer System Related Forensic Techniques, Trends and Methods
- Network Forensics, Wireless and Mobile Forensics
- Cyber-Defense Threat Analysis
- Emergency Management, Including Prevention, Planning, Response, and Recovery
- Secure Communications, Cyber-Attack Countermeasures
- Vulnerability Analysis and Countermeasures
- Anomaly Detection
- Information Sharing and Secrecy
- Cryptographic Models for Homeland Defense
- Personal Security and Biometric
- Intelligent Robots and Unmanned Vehicles
- Target and Pattern Recognition
- Sensor and Data Analysis
- Semantic Image and Data Processing
- Information Fusion
- Emerging Threats in Intelligent Energy Systems
- Advanced Vision Algorithms
- Security and Privacy in Ambient Intelligence
- Context and Location-aware Computing
- Embedded Systems in Security
- Knowledge-based Systems for Internet Security
- Security Issues and Protocols for Internet Services
- Privacy and Trust for Internet Services
- Artificial Intelligence and Computational Intelligence
- Cognitive Informatics
- Security and Privacy in Power-Grid Systems
- Cognitive Models of the Brain
- Mathematical Foundations of Computing and Cryptography
- Biologically Inspired Information Systems and Secret Data Management
- Cognitive Image and Scene Understanding
- Intelligent Health Technologies

For more information, please see http://isyou.info/conf/secihd13/.

DPM 2013 8th International Workshop on Data Privacy Management, Held in conjunction with ESORICS 2013, Egham, U.K., September 12-13, 2013. [posted here 04/15/13]
The aim of this workshop is to discuss and exchange the ideas related to privacy data management. We invite papers from researchers and practitioners working in privacy, security, trustworthy data systems and related areas to submit their original papers in this workshop. Topics of interest include, but are not limited to the following:
- Privacy Information Management
- Privacy Policy-based Infrastructures and Architectures
- Privacy-oriented Access Control Languages and Models
- Privacy in Trust Management
- Privacy Data Integration
- Privacy Risk Assessment and Assurance
- Privacy Services
- Privacy Policy Analysis
- Lightweight cryptography & Cryptanalysis
- Query Execution over Privacy Sensitive Data
- Privacy Preserving Data Mining
- Hippocratic and Water-marking Databases
- Privacy for Integrity-based Computing
- Privacy Monitoring and Auditing
- Privacy in Social Networks
- Privacy in Ambient Intelligence (AmI) Applications
- Individual Privacy vs. Corporate/National Security
- Code-based Cryptology
- Privacy in computer networks
- Privacy and RFIDs
- Privacy and Big Data
- Privacy in sensor networks

For more information, please see http://research.icbnet.ntua.gr/DPM2013/.

QASA 2013 2nd International Workshop in Quantitative Aspects in Security Assurance, Held in conjunction with ESORICS 2013, Egham, U.K., September 12-13, 2013. [posted here 04/15/13]
There is an increasing demand for techniques to deal with quantitative aspects of security assurance at several levels of the development life-cycle of systems & services, e.g., from requirements elicitation to run-time operation and maintenance. The aim of this workshop is to bring together researchers and practitioners interested in these research topics with a particular emphasis techniques for service oriented architectures. The scope of the workshop, is intended to be broad, including aspects as dependability, privacy, risk and trust. The list of topics includes, but it is not limited to:
- Probabilistic/stochastic model checking
- Quantitative information flow analysis
- Quantitative issues in access and usage control
- Security testing techniques
- Static/dynamic code analysis techniques
- Metrics for security, trust and privacy
- Incremental/modular security assurance analysis
- Process compliance assurance techniques
- Tool support for quantitative security assurance
- Simulation techniques
- Model-driven techniques for security, trust, risk and privacy
- Assurance cases modelling and analysis

For more information, please see http://www.iit.cnr.it/qasa2013.

CRITIS 2013 8th International Workshop on Critical Information Infrastructures Security, Amsterdam, The Netherlands, September 16-18, 2013. [posted here 04/15/13]
The annually held CRITIS conference is devoted to Critical (Information) Infrastructure security, protection and resilience. Modern societies increasingly depend on critical infrastructures. Those themselves increasingly depend on and are entangled with Information and Communication Technologies (ICT). Disruption or loss of (ICT-based) critical infrastructures may result in serious consequences for the functioning of the society, the economy, the functioning of governments, the ecology and social well-being of people, and in the most unfortunate cases loss of human lives, livestock and other animals. As a consequence, the security, reliability and resilience of these infrastructures are critical for the society. Critical (Information) Infrastructure Protection (C(I)IP) is therefore a major objective for governments, companies, operators of these infrastructures and the worldwide research community. CRITIS 2013 is set to continue a well-established tradition of presenting innovative research and exploring new challenges for the protection of critical information-based infrastructures (CIP/CIIP). CRITIS brings together stakeholders from industry, operators and governments as well as researchers and professionals from academia, applied research organisations and industry interested in all different aspects of C(I)IP. One focus of CRITIS 2013 is on the new challenges of cyber resilience of smart cities and smart mobility, a topic that will be highlighted by thought provoking and visionary keynote speeches and by conference papers.

For more information, please see http://www.critis2013.nl.

CMS 2013 14th Joint IFIP TC6 and TC11 Conference on Communications and Multimedia Security, Magdeburg, Germany, September 25-26, 2013. [posted here 02/11/13]
The conference provides a forum for engineers and scientists in information security. Both state-of-the-art issues and practical experiences as well as new trends in these areas will be once more the focus of interest just like at preceding conferences. The conference will address in particular security and privacy issues in mobile contexts, web services (including social networking) and ubiquitous environments. We solicit papers describing original ideas and research results on topics that include, but are not limited to: applied cryptography, biometrics, forensics, secure documents and archives, multimedia systems security, digital watermarking, distributed DRM policies, attack resistant rndering engines, adaptive anomaly detection, censorship resistance, risk management, mobility and security/privacy, mobile identities, privacy enhanced identity management, security/privacy policies and preferences, social networks security/privacy, security/privacy in geo-localized applications, security/privacy in VoIP`, security policies (including usage control), web services security, economics of network and information security (NIS), SOA security, ubiquitous and ambient computing security, cloud computing security/privacy, wireless and ad hoc network security, RFID tags and (multimedia) sensor nodes security, security technology effectiveness, incentivizing security.

For more information, please see http://www.cms2013.de.

SECURECOMM 2013 9th International ICST Conference on Security and Privacy in Communication Networks, Sydney, Australia, September 25-27, 2013. [posted here 03/18/13]
Securecomm seeks high-quality research contributions in the form of well-developed papers. Topics of interest encompass research advances in ALL areas of secure communications and networking. Topics in other areas (e.g., formal methods, database security, secure software, theoretical cryptography) will be considered only if a clear connection to private or secure communication/networking is demonstrated. Topics of interest include, but are not limited to, the following:
- Security & Privacy in Wired, Wireless, Mobile, Hybrid, Sensor, Ad Hoc networks
- Network Intrusion Detection and Prevention, Firewalls, Packet Filters
- Malware, botnets and Distributed Denial of Service
- Communication Privacy and Anonymity
- Network and Internet Forensics Techniques
- Public Key Infrastructures, Key Management, Credential Management
- Secure Routing, Naming/Addressing, Network Management
- Security & Privacy in Pervasive and Ubiquitous Computing, e.g., RFIDs
- Security & Privacy for emerging technologies: VoIP, peer-to-peer and overlay network systems

For more information, please see http://securecomm.org/2013/.

SeTTIT 2013 Workshop on Security Tools and Techniques for Internet of Things, Co-located with the BODYNETS 2013 conference, Boston, Massachusetts, USA, September 30 - October 2, 2013. [posted here 03/18/13]
E-health systems have the objective to continuously monitor the state of patients in order to increase knowledge and understanding of their physical status. Being a system of systems, the Internet of Things (IoT) has to master the challenge of integrating heterogeneous systems across technology boundaries. Timely delivery of observation data is a key aspect to identifying potential diseases and anomalies. IoT systems are vulnerable to attacks since communication is mostly wireless and thus vulnerable to eavesdropping, things are usually unattended and thus vulnerable to physical attacks, and most IoT elements are short on both the energy and computing resources necessary for the implementation of complex security-supporting schemes. Among the plethora of applications that can benefit from the IoT, the workshop will have a particular focus on security aspects in eHealth and in the broad-sense of well-being. Security aspects in other application domains of the IoT are also of interest. The workshop will address security issues that are particular to the context of using IoT for eHealth including threat modeling, risk assessment, privacy, access control, and fault-tolerance. Theoretical, modeling, implementation, and experimentation issues will be discussed to build an accurate general view on the security of medical BANs. One of the major challenges that will be underlined by the workshop participants is the combination of different security models needed for the sub-networks of the IoT (e.g., BAN, PAN, LAN, MANET) with consideration of the severe computational, storage, and energy limitations of the elementary smart nodes. We encourage contributions describing innovative work addressing the use of information and communication technologies in medical applications. Topics of interest include, but are not limited to:
- Definition of accurate metrics to assess the threats and the risks associated to IoT for eHealth
- Identification and description of new attack scenarios that are specific to IoT architectures
- Context-awareness for IoT security in eHealth
- Soft trust management in IoT
- Risk-based adaptive security for IoT
- Analytics and predictive models for adaptive security in IoT
- Adaptive security decision-making models for IoT
- Evaluation and validation models for adaptive security in IoT
- Lightweight cryptographic protocols for IoT
- Investigation of the security properties that should be fulfilled by the transmission of patient data across body area networks
- Designing secure heterogeneous BAN architectures for eHealth applications
- Implementing practical testbeds that allow the analysis of the security performance of BANs
- Monitoring the security level of the eHealth applications relying on IoT
- Analyzing the results of experiments conducted using real patient data and studying the security performance of the associated architectures

For more information, please see http://settit.bodynets.org/2013/show/home.

October 2013

CNS 2013 1st IEEE Conference on Communications and Network Security, Washington D.C., USA, October 14-16, 2013. [posted here 10/08/12]
Cyber security has become an important research and development area for academia, government, and industry in recent years. As government and industry investment in cyber security research continues to grow, there will be a dramatic increase in the amount of new results generated by the research community, which must be disseminated widely amongst the research community in order to provide the peer review feedback that is needed to ensure that high-quality solutions that address important and emerging security issues are developed. As a leading professional society focusing on communications technologies, IEEE Communications Society (ComSoc) has identified the need for a high-quality security conference that would focus on communications-oriented aspects of security. IEEE ComSoc has thus decided to launch a new conference dedicated to Communications and Network Security. This new conference is positioned to be a core ComSoc conference (at a level comparable to IEEE INFOCOM ) and will serve as a premier forum for cyber security researchers, practitioners, policy makers, and users to exchange ideas, techniques and tools, raise awareness, and share experience related to security and privacy. IEEE CNS seeks original high-quality technical papers from academia, government, and industry. Topics of interest encompass all practical and theoretical aspects of communications and network security, all the way from the physical layer to the various network layers to the variety of applications reliant on a secure communication substrate. Submissions with main contribution in other areas, such as information security, software security, system security, or applied cryptography, will also be considered if a clear connection to secure communications/networking is demonstrated. Particular topics of interest include, but are not limited to:
- Security and Privacy in the Internet, peer-to-peer networks, overlay networks
- Security and Privacy in Wi-Fi, Wi-Max, ad hoc, mesh, sensor, and RFID networks
- Security and Privacy in emerging technologies: social networks, cognitive radio networks, disruption/delay tolerant networks, vehicular networks, cloud computing, smart grid
- Cross-layer methods for enhancing security
- Information-theoretic security
- Anonymization and privacy in communication systems
- Traffic analysis, location privacy and obfuscation of mobile device information
- Physical layer security methods: confidentiality and authentication
- Secure routing, network management
- Intrusion detection
- Computer and network forensics
- Vulnerability, exploitation tools, Malware, Botnet, DDoS attacks
- Key management and PKI
- Security metrics and performance evaluation, traffic analysis techniques
- Web, e-commerce, m-commerce, and e-mail security
- Social, economic and policy issues of trust, security and privacy
- Ensuring the availability of communications, survivability of networks in the presence of denial of service
- Jamming and jamming-resistance
- Multipath routing around network holes

For more information, please see http://www.ieee-cns.org.

CRiSIS 2013 8th International Conference on Risks and Security of Internet and Systems, La Rochelle, France, October 23-25, 2013. [posted here 03/25/13]
The topics addressed by CRiSIS range from the analysis of risks, attacks to networks and system survivability, as well as security models, security mechanisms and privacy enhancing technologies. Prospective authors are invited to submit research results as well as practical experiment or deployment reports. Industrial papers about applications and case studies, such as tele medicine, banking, e-government and critical infrastructure, are also welcome. The list of topics includes but is not limited to:
- Analysis and management of risk
- Attacks and defenses
- Attack data acquisition and network monitoring
- Cryptography, Biometrics, Watermarking
- Dependability and fault tolerance of Internet applications
- Distributed systems security
- Embedded system security
- Empirical methods for security and risk evaluation
- Hardware-based security and Physical security
- Intrusion detection and Prevention systems
- Organizational, ethical and legal issues
- Privacy protection and anonymization
- Risk-aware access and usage control
- Security and risk assessment
- Security and risks metrics
- Security and dependability of operating systems
- Security and safety of critical infrastructures
- Security and privacy of peer-to-peer system
- Security and privacy of wireless networks
- Security models and security policies
- Security of new generation networks, security of VoIP and multimedia
- Security of e-commerce, electronic voting and database systems
- Security of social networks
- Smartphone security and privacy
- Traceability, metrology and forensics
- Trust management
- Use of smart cards and personal devices for Internet applications
- Web and cloud security

For more information, please see http://secinfo.msi.unilim.fr/crisis2013/.

November 2013

CCS 2013 20th ACM Conference on Computer and Communications Security, Berlin, Germany, November 4-8, 2013. [posted here 03/18/13]
The ACM Conference on Computer and Communications Security (CCS) is the flagship annual conference of the Special Interest Group on Security, Audit and Control (SIGSAC) of the Association for Computing Machinery (ACM). The conference brings together information security researchers, practitioners, developers, and users from all over the world to explore cutting-edge ideas and results. It provides an environment to conduct intellectual discussions. From its inception, CCS has established itself as a high standard research conference in its area.

For more information, please see http://www.sigsac.org/ccs/CCS2013/.

HST 2013 13th annual IEEE Conference on Technologies for Homeland Security, Waltham, Massachusetts, USA, November 12 - 14, 2013. [posted here 01/21/13]
The 13th annual IEEE Conference on Technologies for Homeland Security (HST '13), will be held 12 - 14 November will bring together innovators from leading academic, industry, business, Homeland Security Centers of Excellence, and government programs to provide a forum to discuss ideas, concepts, and experimental results. Produced by IEEE with technical support from DHS S&T, IEEE Boston Section, and IEEE-USA and organizational support from MIT Lincoln Laboratory, Raytheon, Battelle, and MITRE, this year's event will once again showcase selected technical paper and posters highlighting emerging technologies in the areas of Cyber Security, Attack and Disaster Preparation, Recovery, and Response, Land and Maritime Border Security and Biometrics & Forensics.

For more information, please see http://www.ieee-hst.org.

IWSEC 2013 8th International Workshop on Security, Okinawaken Shichouson Jichikaikan, Japan, November 18-20, 2013. [posted here 03/18/13]
Original papers on the research and development of various security topics, as well as case studies and implementation experiences, are solicited for submission to IWSEC 2013. Topics of interest for IWSEC 2013 include but are not limited to:
- Anonymity
- Application Security
- Authentication, Authorization and Access Control
- Biometrics
- Block/Stream Ciphers
- Cloud Computing Security
- Cryptographic Implementations and their Analysis
- Cryptographic Protocols
- Cryptanalysis
- Data and System Integrity
- Database Security
- Digital Forensics
- Digital Signatures
- E-business/e-commerce/e-government Security
- Hash Functions
- Information Hiding
- Information Law and Ethics
- Intellectual Property Protection
- Intrusion Prevention and Detection
- Malware Prevention and Detection
- Mobile System Security
- Network Security
- Privacy Preserving Systems
- Public Key Cryptosystems
- Quantum Security
- Risk Analysis and Risk Management
- Security Architectures
- Security for Consumer Electronics
- Security for Critical Infrastructures
- Security Management
- Secure Multiparty Computation
- Security for Ubiquitous/Pervasive Computing
- Smart Card and RFID Security
- Software Security
- System Security
- Web Security

For more information, please see http://www.iwsec.org/2013/.

ICICS 2013 15th International Conference on Information and Communications Security, Beijing, China, November 20-22, 2013. [posted here 02/11/13]
The 2013 International Conference on Information and Communications Security will be the 15th event in the ICICS conference series, started in 1997, that brings together individuals involved in multiple disciplines of Information and Communications Security in order to foster exchange of ideas. Original papers on all aspects of Information and Communications Security are solicited for submission to ICICS 2013. Areas of interest include, but are not limited to:
- Access control
- Information Hiding and Watermarking
- Anonymity
- Intellectual Property Protection
- Anti-Virus and Anti-Worms
- Intrusion Detection
- Authentication and Authorization
- Key Management and Key Recovery
- Biometric Security
- Language-based Security
- Cloud Security
- Network Security
- Computer / Digital Forensics
- Operating System Security
- Data and System Integrity
- Privacy Protection
- Database Security
- Risk Evaluation and Security Certification
- Distributed Systems Security
- Security for Mobile Computing
- Electronic Commerce Security
- Security Models
- Engineering issues of Crypto/Security Systems
- Security Protocols
- Fraud Control
- Smartphone Security
- Grid Security
- Trusted and Trustworthy Computing

For more information, please see http://icsd.i2r.a-star.edu.sg/icics2013/.