Contents
ACSAC 19
The 19th Annual Computer Security Applications Conference, Las
Vegas, Nevada USA, December 8-12, 2003. [posted here 3/8/03]
The 19th Annual Computer Security Applications Conference is an
internationally recognized conference that provides a forum for
experts in information system security to exchange practical ideas
about solving real problems. Papers and proposals that address the
application of technology, the implementation of systems, and
lessons learned will be given special consideration. The ACSAC
Program Committee is looking for papers, panels, forums, case
studies presentations, tutorials, workshops, and works in progress
that address practical solutions to problems related to protecting
commercial enterprises or government information infrastructures. A
list of topics of interest along with other conference information
can be found at www.acsac.org.
CEC2003
Special session at the Congress on Evolutionary Computation,
Canberra, Australia, December 8-12, 2003. [posted here 5/11/03]
There is a growing interest from the computer security community
toward Evolutionary Computation techniques, as a result of these
recent successes, but there still are a number of open problems in
the field that should be addressed. This special session will try to
do it by asking for submissions in all areas of evolutionary
computation dealing with applications to computer security, and by
giving the interested researchers an opportunity to review the
current state-of-art of the topic, exchange recent ideas, and
explore promising new directions. We would like to invite your
participation in the special session Evolutionary Computation in
Computer Security at the CEC-2003, an opportunity to meet leading
researchers in the field, exchange ideas and initiate
collaborations. Relevant topics include, but are not limited to
Cellular automata, Genetic Algorithms, Genetic Programming,
Classifier Systems, Simulated Annealing, Evolutionary Strategies,
Tabu Search,Bio-inspired systems, etc. in:
- Design of cryptographic primitives, including: pseudo-random
number generators,
block ciphers, stream ciphers, hash functions, S-Boxes, etc...
- Analysis and/or cryptoanalysis of cryptographic primitives
- Cryptography
- Improvement of cryptographic primitives
- Network security
- Intrusion detection systems
- Host security
More information can be found at
http://tracer.uc3m.es/CFP-SS-CEC2003.html/.
WSTI'03
Workshop on Security of Information Technologies, Algiers, Algeria,
December 8-10, 2003. [posted here 6/19/03]
This workshop aims to provide a forum for information security
professionals to exchange practical experiences or theoretical
research efforts in information security about solving these
critical problems. Authors are invited to submit papers, and
tutorials that address:
- Access control -
Anonymity and Privacy
- Applied cryptography - Audit and
audit reduction
- Biometrics -
Certification and accreditation
- Cryptographic protocols - Database
Security
- Denial of service protection - Firewalls
- Forensics -
Formal models
- Identification and Authentication - Information hiding,
steganography
- Integrity -
Intellectual property rights protection
- Intrusion detection - Mobile
Environment Security
- Network Protocols security - Operating systems
security
- Risk/vulnerability assessment - Security
management
- Wireless Security
More information can be found on the conference web page at
http://leria.epitech.net/wsti03/en/home.htm.
Communications Security Symposium (part of
the IEEE GLOBECOM 2003 workshop), San Francisco, CA, USA, December
1-5, 2003. [posted here 11/13/02]
The inaugural symposium on Communications Security solicits
submissions of new results in all security topics for wireless,
mobile, ad hoc, peer-to-peer, or landline communication networks.
Please see the complete call posted at
www.globecom2003.com/CFP1.html (under GLOBECOM 2003 Symposia
Titles).
DMSEC'03
Workshop on Data Mining for Computer Security (at IEEE ICDM03),
Melbourne, Florida, USA, November 19, 2003. (submissions due August
22, 2003) [posted here 8/16/03]
Computer security is a broad field that encompasses issues both
theoretical and practical aspects. It is of incredible importance to
a wide variety of practical domains ranging from the banking
industry to multi-national corporations, from space exploration to
the intelligence community and so on. Of interest to this workshop
are methods that address two aspects of computer security. The first
relates to how computers can be used to secure the information
contained within an organizations. Issues of critical importance
here could include the detection and/or prevention of unauthorized
access or attacks on computers and networks local to an organization
or entity. The second relates to how computers can be used to detect
hostile activity (surveillance) in a sensitive area (such as in an
airport). It is likely that such techniques will require data mining
techniques that work hand-in-hand with state-of-the-art computer
vision techniques. More information can be found at the workshop web
page
www.cs.fit.edu/~pkc/dmsec03/.
Workshop on RDIF Privacy and Security, MIT,
Cambridge, MA, USA, November 15, 2003. [posted here 8/16/03]
Radio Frequency Identification technology is fast becoming a
lightning rod for consumer privacy activists. Is RFID destined to
become the enabling technology for massive state-sponsored
surveillance, Big Brother's "call-home" chip? Or is RFID really
nothing more than a supply-chain management technology, it's dangers
being over-hyped by alarmists who fundamentally misunderstand the
technology? The goal of the RFID Privacy Workshop is to bring
together RFID technologists, boosters, critics, privacy activists
and journalists covering the space to establish some technical
truths and a creating a framework for understanding the growing body
of RFID policy issues. FORMAT: A series of speakers including
academics, RFID innovators, and privacy activists will discuss RFID
technology, policy and privacy. There will be ample time for
discussion and Q & A. For more information, see
http://rfidprivacy.org/.
IICIS'2003 Sixth IFIP TC-11 WG 11.5 Working Conference on
Integrity and Internal Control in Information Systems, Lausanne,
Switzerland, November 13-14, 2003. [posted here 1/11/03]
Confidentiality, integrity and availability are high-level
objectives of IT security. The IFIP TC-11 Working Group 11.5 has
been charged with exploring the area of the integrity objective
within IT security and the relationship between integrity in
information systems and the overall internal control systems that
are established in organizations to support corporate governance
codes. The goals for this conference are to find an answer to the
following questions: what is the status quo of research and
development in the area of integrity and internal control; where are
the gaps between business needs on the one hand and research and
development on the other and what needs to be done to bridge these
gaps; and what precisely do business managers need to have
confidence in the integrity of their information systems and their
data. Topics of interest include:
- integrity and internal control in Enterprise Resource Planning
systems
- integrity and internal control in e- and m-commerce
applications and infrastructure
- integrity and internal control in financial systems
- developments in internal control concepts and the impact on
integrity requirements
- integrity standards
- methods for dealing with incomplete or inconsistent information
- efficient methods for checking integrity
- integrity requirements necessary to implement an internal
control structure within an organization
- integrity of archival data
- integrity and authentication of digital documents
- trustworthy computation
More information and the full call-for-papers can be found on the
conference web site at
http://lbd.epfl.ch/e/conferences/IICIS03/index.html.
Adaptive and Resilient Computing Security
(ARCS), Santa Fe Institute Workshop, SFI, NM, November 5-6, 2003.
[posted here 2/3/03]
This workshop is the second in the series and will focus on the
theme of adaptive defence of information and computing networks. The
aim is to stimulate novel approaches to securing the information
infrastructure. In particular the workshop will consider long-term
developments and research issues relating to the defence of
information networks. The driving scientific motivation for this
workshop is to further our understanding of adaptive and self-organising
mechanisms that can be applied to the development of resilient and
robust information networks. In particular it will provide a forum
for commercial and academic researchers to exchange concepts and
issues within this domain. Following a highly successful first
event, this workshop will be based on two specific sub-themes. These
are:
- Bio-inspired Defence Systems
- Adaptive Security Mechanisms
Some of the specific problems, which will be addressed, include:
- Design of self-healing networks
- Optimization versus robustness
- Machine learning and defence strategies
- Dynamic stability in large-scale networks
- Self & non-self recognition, Immunology models
If interested please submit an extended 4 page abstract to Dr.
Robert Ghanea-Hercock / BTexact technologies, Adastral Park, Admin
2, Martlesham, Suffolk, UK. Email: robert.ghanea-hercock@bt.com
SASN
2003 Workshop on Security of Ad Hoc and Sensor Networks,
Washington, D.C., USA, October 31, 2003. [posted here 5/13/03]
Ad hoc and sensor networks are expected to become an integral part
of the future computing landscape. However, these networks introduce
new security challenges due to their dynamic topology, severe
resource constraints, and absence of a trusted infrastructure. This
workshop seeks submissions from academia and industry presenting
novel research on all aspects of security for ad hoc and sensor
networks, as well as experimental studies of fielded systems.
Submission of papers based on work-in-progress is encouraged. Topics
of interest include, but are not limited to, the following as they
relate to wireless networks, mobile ad hoc networks, or sensor
networks:
- Security under resource constraints, e.g., energy, bandwidth,
memory, and computation constraints
- Performance and security tradeoffs
- Secure roaming across administrative domains
- Key management
- Authentication and access control
- Trust establishment, negotiation, and management
- Intrusion detection and tolerance
- Secure location services
- Privacy and anonymity
- Secure routing
- Secure MAC protocols
- Denial of service
- Prevention of traffic analysis
More information can be found at
www.cs.gmu.edu/sasn.
2003 ACM Workshop on Survivable and
Self-Regenerative Systems (in association with the 10th ACM
Conference on Computer and Communications Security), George Mason
University, Fairfax VA, October 31, 2003 [posted here 5/13/03]
One of the key areas of current research in the fields of computer
and communication security is survivability, where the objective is
to survive attacks that exploit inevitable security vulnerabilities,
rather than to strictly prevent or detect intrusions or
vulnerabilities. Survivability research has explored the
intersection of Fault Tolerance and Security, and recently, the
notion of using self-regenerative capabilities in the context of
survivability has generated a significant interest in the community.
This workshop aims to provide a venue for scholars in this area to
exchange ideas and to explore research issues involving survivable
and self-regenerative systems. Papers offering original research
contributions in any aspect of this emerging field are solicited for
submission to this workshop. Topics of interest include, but are not
limited to, the following:
- Survivable Systems & Networks
- Self-Regenerative Systems & Networks
- Use of Self-Healing Techniques in Surviving Attacks
- Security vs. Fault Tolerance in building survivable and
self-regenerative systems
- Use of Self-Stabilization Techniques in Surviving Attacks
- Role of Formal Models in Survivable and Self-Regenerative
Systems
- Self-Adapting and Self-Securing Systems and Techniques
- Measuring and Quantifying Survivability and Self-Regeneration
- Role of Redundancy, Diversity, Unpredictability and Deception in
Survivable and
Self-Regenerative Systems
- Impact of Detection Accuracy and Latency on Survivability and
Self-Regeneration
More information can be found at
www.acm.org/sigs/sigsac/ccs/CCS2003/workshops.html.
SISW 2003 The
Second IEEE International Security in Storage Workshop, Washington,
DC, USA, October 31, 2003. [posted here 6/22/03]
The ability to create large shared storage systems in a secure
manner is an area that has received little formal research or
results. A comprehensive, systems approach to storage security is
required if storage consolidation is to succeed. This workshop
serves as an open forum to discuss storage threats, technologies,
methodologies and deployment. The workshop seeks submissions from
academia and industry presenting novel research on all theoretical
and practical aspects of designing, building and managing secure
storage systems; possible topics include, but are not limited to the
following:
- Cryptographic Algorithms for Storage
- Key Management for Storage
- Key Management for File Systems
- Attacks on Storage Area Networks and Storage
- Security for Mobile Storage
- Defining and Defending Trust Boundaries in Storage
- Relating Storage Security to Network Security
- Cryptanalysis of Systems and Protocols
- Novel Implementations
- Unintended Data Recovery
- Insider Attack Countermeasures
- Deployment of Secure Storage Mechanisms
- Security in Federated Systems
- Security for Internet Storage Service Providers
More information about the conference can be found at
www.stortek.com/hughes/sisw2003.
FMSE 2003 Formal
Methods in Security Engineering: From Specifications to Code,
Washington, D.C., USA, October 30, 2003. [posted here 3/28/03]
Information security has become a crucial concern for the commercial
deployment of almost all applications and middleware. Despite this
commonly recognized fact, the incorporation of security requirements
in the software development process is not yet well understood. The
deployment of security mechanisms is often done in an ad-hoc manner
only, without a formal security specification, often without a
thorough security analysis and almost necessarily without a formal
security validation of the final product. That is, a process is
lacking for making the transition from high-level security models
and policies through development to code. We aim to bring together
researchers and practitioners from both the security and the
software engineering communities, from academia and industry, who
are working on applying formal methods to designing and validating
large-scale systems. We are seeking submissions addressing
foundational issues in:
- security specification techniques
- formal trust models
- combination of formal techniques with semi-formal techniques
like UML
- formal analyses of specific security properties relevant to
software development
- security-preserving composition and refinement of processes
- faithful abstractions of cryptographic primitives and protocols
in process abstractions
- integration of formal security specification, refinement and
validation techniques in development methods and tools
More information can be found at
www.zurich.ibm.com/~mbc/FMSE02.
WPES 2003 2nd
Workshop on Privacy in the Electronic Society, Washington, D.C.,
USA, October 30, 2003. [posted here 4/14/03]
Privacy issues have been the subject of public debates and the need
for privacy-aware policies, regulations, and techniques has been
widely recognized. Goal of this workshop is to discuss the problems
of privacy in the global interconnected societies and possible
solutions to it. The workshop seeks submissions from academia and
industry presenting novel research on all theoretical and practical
aspects of electronic privacy, as well as experimental studies of
fielded systems. We encourage submissions from other communities
such as law and business that present these communities'
perspectives on technological issues. Topics of interest include,
but are not limited to:
- anonymity, pseudonymity, and unlinkability
- business model with privacy requirements
- data protection from correlation and leakage attacks
- electronic communication privacy
- information dissemination control
- privacy-aware access control
- privacy in the digital business
- privacy enhancing technologies
- privacy policies and human rights
- privacy and anonymity in Web transactions
- privacy threats
- privacy and confidentiality management
- privacy in the electronic records
- privacy in health care and public administration
- public records and personal privacy
- privacy and virtual identity
- personally identifiable information
- privacy policy enforcement
- privacy and data mining
- relationships between privacy and security
- user profiling
- wireless privacy
More information about the conference can be found at
http://seclab.dti.unimi.it/wpes2003.
CCS2003
The 10th ACM Conference on Computer and Communications Security,
Washington, DC, USA, October 27-31, 2003. [posted here 3/22/03]
Papers offering novel research contributions in any aspect of
computer security are solicited. The primary focus is on
high-quality original unpublished research, case studies, and
implementation experiences. Papers should have practical relevance
to the construction, evaluation, application, or operation of secure
systems. Theoretical papers must make convincing argument for the
practical significance of the results. Theory must be justified by
compelling examples illustrating its application. The primary
criterion for appropriateness for CCS is demonstrated practical
relevance. CCS can therefore reject perfectly good papers that are
appropriate for theory-oriented conferences. Topics of interest
include:
- access control - accounting and
audit
- security for mobile code - data/ system integrity
- cryptographic protocols - intrusion detection
- key management - security management
- information warfare - security verification
- authentication - database and
system security
- applied cryptography - smart-cards and secure
PDAs
- e-business/ e-commerce - inference/ controlled
disclosure
- privacy and anonymity - intellectual property
protection
- secure networking - commercial and
industry security
More information can be found at
www.acm.org/sigs/sigsac/ccs/CCS2003/.
The Workshop on Rapid Malcode (in
association with 10th ACM Conference on Computer and Communications
Security), Washington, D.C., October 27, 2003. [posted here
3/20/03]
In the last several years, Internet-wide infectious epidemics have
emerged as one of the leading threats to information security and
service availability. The vehicle for these outbreaks, malicious
codes called "worms", leverage the combination of software
monocultures and the uncontrolled Internet communication model to
quickly compromise large numbers of hosts. Current operational
practices have not been able to manage these threats effectively and
the research community is only now beginning to address this area.
The goal of this workshop is to bring together ideas, understanding
and experience bearing on the worm problem from a wide range of
communities including academia, industry and the government. We are
soliciting papers from researchers and practitioners on subjects
including, but not limited to:
- Modeling and analysis of propagation dynamics
- Automatic detection, characterization, and prediction
- Analysis of worm construction, current & future
- Propagation strategies (fast & obvious vs slow and stealthy)
- Reactive countermeasures
- Proactive defenses
- Threat assessment
- Forensic methods of attribution
- Significant operational experiences
More information can be found at
http://pisa.ucsd.edu/worm03/.
DRM203
ACM Workshop on Digital Rights Management, Washington DC, USA,
October 27, 2003. [posted here 7/2/03]
Original Research Papers on all aspects of Digital Rights Management
are solicited for submission to the 2003 ACM Workshop on Digital
Rights Management. Topics of interest include anonymous publishing,
architectures for DRM systems, auditing, business models for online
content distribution, copyright-law issues, digital policy
management, privacy and anonymity, risk management, robust
identification of digital content, security issues (including but
not limited to authorization, encryption, tamper resistance, and
watermarking) threat and vulnerability assessment, usability aspects
of DRM systems, web services. For more information visit the
Web-page of the workshop:
www.acm.org/sigs/sigsac/ccs/CCS2003/drm.html.
ACNS'03 First MiAn International Conference on Applied
Cryptography and Network Security, Kunming, China, October 16-19,
2003. [posted here 1/19/03]
The first MiAn International Conference on Applied Cryptography and
Network Security (ACNS’03) will be held in Kunming, China on
October 16-19, 2003, organized by MiAn (ONETS) Pte Ltd and in
cooperation with the local government. Original paper on all aspects
of applied cryptography and network security are solicited for
submission to the conference. Areas of interests include but not
restricted to: Biometric Security Applications, Cryptographic and
Anti-cryptographic Analysis, Cryptographic Applications, Data
Recovery and Coding, Differential Power Attacks, Efficient
Implementation, Firewall and Intrusion Detection, GPRS and CDMA
Security, Identification and Entity Authentication, Key Management
Techniques, Network Protocol and Analysis, PKI/PMI and Bridge CA,
Secure e-commerce and e-government, Security Management and
Strategy, Smart Card Security, Verification and Testing of Secure
Systems, Virus and Worms, VPN and SVN, WLAN and Bluetooth Security.
More information can be found at the conference web page at
www.onets.com.cn/dhe.htm.
Nordsec2003
Nordic Workshop on Secure IT Systems, Gjøvik University College,
Norway, October 15-17, 2003. [posted here 4/20/03]
The NORDSEC workshops started in 1996 with the aim of bringing
together researchers and practitioners within computer security in
the Nordic countries. The theme of the workshops have been applied
security, i.e., all kinds of security issues that could encourage
interchange and cooperation between the research community and the
industrial/consumer community. Possible topics include, but are not
limited to the following:
- Privacy and Privacy Enhancing Technologies
- Wireless Communication Security
- Inter/Intra/Extranet Security
- Security Protocol Modelling and Analysis
- E-and M-Business Security
- New Firewall Technologies
- Secure Infrastructures; TTP, PKI, Key Escrow/Recovery
- Computer Crime and Information Warfare
- Detecting Attacks, Intrusions and Computer Misuse
- Smart Card Applications
- Security Management and Audit
- Security Evaluations and Measurements
- Security in Commercial off-the-shelf Products, COTS
- Operating System Security
- Security Models
- New Ideas and Paradigms for Security
- Security Education and Training
- Quality of Service or Software Engineering in Relation to
Security
More information can be found at
www.hig.no/esorics2003/nordsec2003/.
ESORICS 2003 8th European Symposium on Research in Computer
Security, Gjøvik, Norway, October 13-15, 2003 [posted here
1/11/03]
Papers offering novel research contributions in any aspect of
computer security are solicited for submission to the Eighth
European Symposium on Research in Computer Security (ESORICS 2003).
Organized in a series of European countries, ESORICS is confirmed as
the European research event in computer security. The symposium
started in 1990 and has been held on alternate years in different
European countries and attracts an international audience from both
the academic and industrial communities. From 2002 it will be held
yearly. The Symposium has established itself as one of the premiere,
international gatherings on Information Assurance. Papers may
present theory, technique, applications, or practical experience on
topics including:
- access control -
network security
- accountability -
non-interference
- anonymity -
privacy-enhancing technology
- applied cryptography -
pseudonymity
- authentication -
security as quality of service
- covert channels -
secure electronic commerce
- cryptographic protocols - security
administration
- cybercrime -
security evaluation
- data integrity
- security management
- denial of service attacks -
security models
- dependability -
security metrics
-
firewalls -
security requirements engineering
- formal methods in security - security
verification
- inference control -
smartcards
- information flow control -
steganography
- information warfare -
subliminal channels
- intellectual property protection -
survivability
- intrusion detection -
system security
- intrusion tolerance -
transaction management
- language-based security -
trustworthy user devices
More information about the conference can be found at
www.hig.no/esorics2003/.
Workshop at ACM Ubicomp'03: Ubicomp
communities - privacy as boundary negotiation, Seattle, Washington,
USA, October 12, 2003. [posted here 7/10/03]
Ubiquitous computing conjures visions of big and little brother, and
ever-diminishing privacy. But it also opens up new forms of
communication, collaboration and social relations. This workshop
takes a balancing perspective: it treats community participation as
a goal, and balances the need for disclosure against the need for
privacy. Privacy is not an abstract consideration, but a practical
process of negotiating and managing boundaries. The workshop will
explore both social perspectives and technical approaches to this
issue, and aims to provide a forum for ubicomp system developers and
researchers, security researchers, and social scientists to
collaboratively explore the future of trust-sensitive and community
tools in ubicomp. More information can be found at
http://guir.berkeley.edu/privacyworkshop2003/.
ICICS'03 5th
International Conference on Information and Communications Security,
Huhehaote City, Inner-Mongolia, China, October 10-13, 2003. [posted
here 1/19/03]
Information and communication security is a challenging topic at the
best of times. This conference series brings together researchers
and scholars to examine important issues in this area. Original
papers on all aspects of information and communications security are
solicited for submission to ICICS2003. Areas of interests include
but not limited to: Access control, Anonymity, Authentication and
Authorization, Biometric Security, Data and System Integrity,
Database Security, Distributed Systems Security, Electronic Commerce
Security, Fraud Control, Information Hiding and Watermarking,
Intellectual Property Protection, Intrusion detection, Key
Management and Key Recovery, Language-based Security, Operating
System Security, Network Security, Risk Evaluation and Security
Certification, Security for Mobile Computing, Security Models,
Security Protocols, Virus and Worms. More information can be found
on the conference web page at
www.cstnet.net.cn/icics2003/.
CMS 2003 The
Seventh IFIP Communications and Multimedia Security Conference
(joint working conference IFIP TC6 and TC11), Turin, Italy, October
2-3, 2003. [posted here 11/20/02]
CMS 2003 is the seventh working conference on Communications and
Multimedia Security since 1995. State-of-the-art issues as well as
practical experiences and new trends in these areas are the topics
of interest of the conference:
- applied cryptography
- biometry
- multimedia security
- digital signature and digital watermarking
- infrastructure protection
- network and communication security
- security policies
- security of e-commerce
This year the organizers especially encourage submissions on
advanced topics such as security of wireless networks, survivability
of critical communication infrastructures, and protection of
electronic documents. Visit the web site for further information, or
download the PDF call for papers at
security.polito.it/cms2003/cfp.pdf.
ISC'03 6th
Information Security Conference, Bristol, United Kingdom, October
1-3, 2003. [posted here 12/7/02]
Original papers are solicited for submission to ISC 2003. ISC aims
to bring together individuals involved in multiple disciplines of
information security to foster exchange of ideas. Topics of interest
include, but are not limited to:
Access
Control Key
Management
Applied Cryptography
Legal and Regulatory Issues
Cryptographic Protocols
Mobile Code & Agent Security
Digital Rights Management
Network & Wireless Security
E-Commerce Protocols
Software Security
Formal Aspects of Security
Security Analysis Methodologies
Information Hiding
Trust Management
Intrusion Detection
More information can be found on the conference web page at
www.hpl.hp.com/conferences/isc03.
SEFM'2003
International Conference on Software Engineering and Formal Methods,
Brisbane, Australia, September 22-27, 2003. [posted here 3/20/03]
The objective of the conference is to bring together practitioners
and researchers from academia, industry and government to exchange
views on the theoretical foundation of formal methods, their
application to software engineering and the socio-economic impact of
their use. Authors are invited to submit both research and tool
papers. The scientific program will include paper and tool
presentations, tool demonstrations, tutorials and invited talks.
More information can be found on the conference web page at
www.svrc.uq.edu.au/Events/SEFM03/cfp.html.
MMM-ACNS-2003
The Second International Workshop "Mathematical Methods, Models and
Architectures for Computer Networks Security", September 20-24,
2003, St. Petersburg, Russia. [posted here 3/1/03]
The objective of the 2003 workshop is to bring together leading
researchers from academia and governmental organizations as well as
practitioners in the area of computer networks and information
security and facilitate personal interactions and discussions on
various aspects of information technologies in conjunction with
security problems arising in large-scale computer networks engaged
in information storing, transmitting, and processing. The complete
call for papers, with a list of topics of interest and information
on local arrangements can be found on the work shop web page at
http://space.iias.spb.su/mmm-acns03/.
WiSe 2003
Workshop on Wireless Security (in conjunction with MobiCom 2003),
San Diego, CA, USA, September 19, 2003. [posted here 4/20/03]
The objective of this workshop is to bring together researchers from
research communities in wireless networking, security, applied
cryptography, and dependability; with the goal of fostering
interaction. With the proliferation of wireless networks, issues
related to secure and dependable operation of such networks are
gaining importance. Topics of interest include, but are not limited
to:
- Key management in wireless/mobile environments
- Trust establishment
- Intrusion detection, detection of malicious behaviour
- Revocation of malicious parties
- Secure PHY/MAC/routing protocols
- Secure location determination
- Denial of service
- User privacy
- Anonymity, prevention of traffic analysis
- Dependable wireless networking
- Monitoring and surveillance
More information can be found on the conference web site at
www.ece.cmu.edu/~adrian/wise2003.
ETFA'2003 The 9th IEEE International Conference on Emerging
Technologies and Factory Automation (Special session on IT Security
for Automation Systems), September 16-19, 2003, Lisbon, Portugal.
[posted here 2/22/03]
Due to the increased interconnection between plant-floor systems and
enterprise-level computer systems up to and including public
networks like the Internet, and based on Internet protocols
(HTTP/TCP/IP), IT security issues and concerns have also reached the
domains of automation IT systems and automation communication
networks. IT security needs, constraints, and mechanisms for
automation systems are in various ways different from those of the
office computing environment, which creates the necessity, but also
the opportunity, for novel approaches. For this special session
papers are solicited which are concerned with:
- Specific security needs of automation
systems, e.g. with respect to security objectives, usage
scenarios, system topologies/architectures or operating
environment.
- Specific security mechanisms, devices,
processes, protocols and architectures for automation systems.
- IT security audits for automation devices
and systems.
More information can be found at
www.uninova.pt/etfa2003.
CHES
2003 Workshop on Cryptographic Hardware and Embedded Systems,
Cologne, Germany, September 8-10, 2003. [posted here 12/6/02]
The focus of this workshop is on all aspects of cryptographic
hardware and security in embedded systems. The workshop will be a
forum of new results from the research community as well as from the
industry. Of special interest are contributions that describe new
methods for efficient hardware implementations and high-speed
software for embedded systems, e.g., smart cards, microprocessors,
DSPs, etc. We hope that the workshop will help to fill the gap
between the cryptography research community and the application
areas of cryptography. Consequently, we encourage submissions from
academia, industry, and other organizations. All submitted papers
will be reviewed. The topics of CHES 2002 include but are not
limited to:
- Computer architectures for public-key and secret-key
cryptosystems
- Efficient algorithms for embedded processors
- Reconfigurable computing in cryptography
- Cryptographic processors and co-processors
- Cryptography in wireless applications (mobile phone, LANs,
etc.)
- Security in pay-TV systems
- Smart card attacks and architectures
- Tamper resistance on the chip and board level
- True and pseudo random number generators
- Special-purpose hardware for cryptanalysis
- Embedded security
- Device identification
Additional information can be found on the conference web page at
www.chesworkshop.org
RAID'2003
Sixth International Symposium on Recent Advances in Intrusion
Detection, Pittsburgh, PA, USA, September 8-10, 2003 [posted here
3/20/03]
The RAID International Symposium series is intended to further
advances in intrusion detection by promoting the exchange of ideas
in a broad range of topics. Paper submission and panel proposals are
invited on the following types of topics:
- Assessing, measuring, and classifying intrusion-detection
systems
- IDS cooperation and integration
- IDS interoperability standards and standardization
- IDSs in high-performance and real-time environments
- Vulnerabilities and attacks
- Innovative Approaches
- Practical Considerations
More information can be found on the conference web page at
www.raid-symposium.org/raid2003.
7th International Conference on
Knowledge-Based Intelligent Information & Engineering Systems
(special session on Artificial Intelligence Applications to
Information Security), St Anne's College, University of Oxford,
U.K., September 3-5, 2003. [posted here 11/11/02]
In spite of the efforts from Information Security researchers, there
are still a considerable number of unsolved problems that may
benefit from the application of Artificial Intelligence techniques.
The increasing awareness in solving such problems has resulted in a
concerted effort of Artificial Intelligence and Information Security
researchers. Therefore, AI techniques like agents, evolutionary
computation, neural networks, cellular automata, classic and fuzzy
logic and machine learning may play an important role in specific
problems concerning Information Security. We particularly encourage
the discussion of the following topics:
- Semantic analysis of cryptologic protocols,
- Security of mobile agents,
- Security through agents,
- Representation and use of trust induced by PKIs,
- Optimisation heuristics in cryptanalysis
- Machine Learning techniques in cryptanalysis - AI techniques in
cryptology
- Any other work addressing information security problems by
means of AI techniques
This session aims at bringing together members from the two research
communities, information security and artificial intelligence.
Consequently, discussion papers, conceptual papers, theoretical
papers and application papers will be welcomed. Please visit the
conference web site at
scalab.uc3m.es/~docweb/AIIS_KES03.html for more detail on the
topics of interest as well as general conference information.
TrustBus'03 Trust and Privacy in Digital Business (in
conjunction with DEXA 2003),
Prague, Czech Republic, September 1-5, 2003. [posted here 12/23/02]
The purpose of this workshop is twofold: First, all issues of
digital business, focusing on trust and privacy problems will be
discussed. In particular, we are interested in papers that deal with
trust and privacy, confidence and security, reliability and
consistency, fairness and legality, and other issues critical for
the success of future digital business. Second, the workshop should
be a forum for the exchange of results and ongoing work performed in
R&D projects, either on a national or international level. We
invite papers, work-in-progress reports, industrial experiences
describing advances in all areas of digital business applications,
including, but not limited to:
- Privacy & confidentiality management
- Trust architectures and underlying infrastructures
- Electronic cash, wallets and pay-per-view systems
- Businesses models with security requirements
- Enterprise management and consumer protection
- Trust and privacy issues in mobile environments
- Global security architectures and infrastructures
- Protocols and transactional models
- Trustful management and negotiation
- Public administration, governmental services
- Anonymous or pseudonymous access to Web services
- Reliability and security of content and data
- Intellectual property rights, watermarking and fingerprinting
- Common practice, legal and regulatory issues
- Trust issues in E-Services, E-Voting and E-Polling
- PKI, biometrics, smart cards
- Intrusion detection and information filtering
More information can be found on the conference web page at
www.uni-regensburg.de/Fakultaeten/WiWi/pernul/dexa03ws/.
First International Mobile IPR Workshop:
Rights Management of Information Products on the Mobile Internet,
Helsinki, Finland, August 27-28, 2003. [posted here 3/23/03]
MobileIPR Workshop welcomes papers on all aspects of rights
management related to information products such as music, electronic
books, videos, multimedia, games, or software distributed on the
Mobile Internet commercially or otherwise. Relevant topics include,
but are not limited to:
- Digital rights management (DRM) and technical tools to protect
and manage rights,
e.g. cryptographic systems, watermarking, rights expression
languages, and rights
management databases.
- Intellectual property rights (IPR) copyright, database right,
patent, and trademark.
- Privacy in relation to rights management, including protection
of confidential information.
- Contracts, especially open source licensing models in software
and content production.
- Societal and policy issues, including the effect of
non-governmental organizations and
citizens activism.
- Control of information products - economic and ethical
rationales too.
- Business models related to rights management.
- User-contributed content and rights management.
- Rights management in peer-to-peer, super-distribution, and
other new distribution models.
- Related enabling technologies and their impact on digital
rights management.
We welcome both full and short (experience) papers as well as
extended abstracts that address different aspects of rights
management. More information can be found on the workshop web page
at
www.hiit.fi/de/mobileipr/workshop/.
WISA 2003 The 4th International Workshop on Information Security
Applications, Jeju Island, Korea, August 25-27, 2003. [posted here
3/28/03]
The areas of interest include, but are not limited to:
- Internet Security - Cyber Indication and Intrusion Detection
- E-Commerce and Financial Cryptosystems - Smart Cards
and Secure Hardware
- Access Control and Database Security - Network
Security, VPNs and Firewalls
- Mobile
Security -
Biometrics and Human Interfaces
- Applied
Cryptography - Privacy
and Anonymity
- Public Key Cryptography / Key Management - Security
Management
- Threats and Information Warfare -
Digital Rights Management
- Virus
Protection -
Secure Software, Systems and Applications
Additional information can be found on the conference web page at
http://icns.ewha.ac.kr/wisa2003.
ICET'03
The 2003 International Conference on Emerging Technologies,
Minneapolis, Minnesota, USA, August 25-26, 2003. [posted here
3/9/03]
The goal of this conference is to foster cross-disciplinary
interaction in emerging technologies that are approaching sufficient
maturity for initial commercialization. By providing insights from
academia, research, industry, and funding communities the conference
will foster discussions on interactions of emerging technologies,
and the insights that can be harvested from other disciplines. Major
areas of interest for this conference are: Trusted and Reliable
Systems; Interconnected Computing; and Integrated
Bio/hardware/software Systems. More information is available at
www.rfbinternational.com.
NSPW 2003
New Security Paradigms Workshop, Centro Stefano Francini, Ascona,
Switzerland, August 18-21, 2003. [posted here 2/22/03]
For eleven years the New Security Paradigms Workshop has provided a
stimulating and highly interactive forum for innovative approaches
to computer security. In order to preserve the small, focused
nature of the workshop, participation is limited to authors of
accepted papers and conference organizers. NSPW is highly
interactive in nature. Authors are encouraged to present ideas that
might be considered risky in some other forum. All participants are
charged with providing feedback in a constructive manner. The
resulting brainstorming environment has proven to be an excellent
medium for furthering the development of these ideas. The
proceedings, which are published after the workshop, have
consistently benefited from the inclusion of workshop feedback.
Because we expect new paradigms, we accept wide-ranging topics in
information security. Papers that present a significant shift in
thinking about difficult security issues or builds on a previous
shift are welcomed. Our program committee particularly looks for new
paradigms, innovative approaches to older problems, early thinking
on new topics, and controversial issues that might not make it into
other conferences but deserve to have their try at shaking and
breaking the mold. More information can be found on the conference
web page at www.nspw.org.
ECC 2003 The 7th
Workshop on Elliptic Curve Cryptography, University of Waterloo,
Waterloo, Ontario, Canada, August 11-13, 2003 [posted here 2/15/03]
ECC 2003 is the seventh in a series of annual workshops dedicated to
the study of elliptic curve cryptography and related areas. The main
themes of ECC 2003 will be:
- The discrete logarithm.
- Efficient parameter generation and point counting.
- Provably secure cryptographic protocols.
- Efficient software and hardware implementation.
- Side-channel attacks.
- Deployment of elliptic curve cryptography.
There will be approximately 15 invited lectures (and no contributed
talks), with the remaining time used for informal discussions. There
will be both survey lectures as well as lectures on latest research
developments. More information can be found at
www.cacr.math.uwaterloo.ca.
IFIP WG11.2 2003
7th Annual IFIP WG 11.3 Working Conference on Data and Applications
Security Estes Park, Colorado, U.S.A., August 4-6, 2003 [posted
here 1/3/03]
The conference provides a forum for presenting original unpublished
research results, practical experiences, and innovative ideas in
data and applications security. Papers and panel proposals are
solicited. Topics of interest include but is not limited to:
- Critical Infrastructure Protection
- Cyber Terrorism
- Information Warfare
- Intrusion Protection
- Damage assessment and repair
- Database Forensics
- PTN security
- Electronic Commerce Security.
More information about the conference can be found at
www.cs.colostate.edu/~ifip03.
USENIX Security 2003
12th USENIX Security Symposium, Washington, DC, USA August 4-8, 2003
[posted here 9/17/02]
The USENIX Security Symposium brings together researchers,
practitioners, system administrators, system programmers, and others
interested in the latest advances in security of computer systems.
Refereed paper submissions are being solicited in all areas relating
to systems and network security, including:
- Adaptive security and system management
- Analysis of malicious code
- Analysis of network and security protocols
- Applications of cryptographic techniques
- Attacks against networks and machines
- Automated tools for source code analysis
- Authentication and authorization of users, systems, and
applications
- Denial-of-service attacks
- File and file system security
- Firewall technologies
- Intrusion detection
- Privacy preserving (and compromising) systems
- Public key infrastructure
- Rights management and copyright protection
- Security in heterogeneous and large-scale environments
- Security of agents and mobile code
- Security of Internet voting systems
- Techniques for developing secure systems
- World Wide Web security
Since USENIX Security is primarily a systems security conference,
papers regarding new cryptographic algorithms or protocols, or
electronic commerce primitives, are in general discouraged.
ECOOP
2003 Workshop on Exception Handling in Object Oriented
Systems: towards Emerging Application Areas and New Programming
Paradigms, Darmstadt, Germany, July 21-25, 2003. [posted here
1/3/03]
The workshop will provide a forum for discussing the unique
requirements for exception handling in the existing and emerging
applications, including pervasive computing, ambient intelligence,
the Internet, e-science, self-repairing systems, collaboration
environments. We invite submissions on research in all areas of
exception handling related to object oriented systems, in
particular: formalisation, distributed and concurrent systems,
practical experience, mobile object systems, new paradigms (e.g.
object oriented workflows, transactions, multithreaded programs),
design patterns and frameworks, practical languages (Java, Ada 95,
Smalltalk, Beta), open software architectures, aspect oriented
programming, fault tolerance, component-based technologies. We
encourage participants to report their experiences of both benefits
and obstacles in using exception handling, reporting, practical
results in using advanced exception handling models and the best
practice in applying exception handling for developing modern
applications in the existing practical settings. To participate in
the workshop, the prospective attendees are required to submit 4-7
page position papers (in the LNCS format) to Alexander Romanovsky (alexander.romanovsky@ncl.ac.uk)
by April 25. Additional information can be found on the workshop web
page:
www.cs.ncl.ac.uk/~alexander.romanovsky/home.formal/ehoos2003.html.
Security in Distributed Computing (special
track of the 22nd Annual ACM SIGACT-SIGOPS Symposium on Principles
of Distributed Systems), Boston, Massachusetts, USA, July 13-16,
2003. [posted here 10/15/02]
We are soliciting research contributions on the design,
specification, implementation, application and theory of secure
distributed computing. We welcome submissions on any topic in the
intersection of security and distributed computing, including but
not limited to:
- Secure multiparty and two-party computations
- Secret sharing and verifiable secret sharing
- Resiliency to corruptions: distributed, forward and proactive
security
- Security, privacy and anonymity in the Internet and in mobile
communication systems
- Secure/security protocols and distributed algorithms
- Secure multicast and broadcast
- Denial of service (clogging) and its prevention
- Non-repudiation, certification and time stamping protocols
- Distribution of intellectual property and its (copyright)
protection
- Secure distributed marketplaces, auctions, and gambling
- Cryptographic protocols, including: authentication, key
management, etc.
- Secure electronic commerce, banking and payment protocols
- Security for Peer to Peer computing
- Secure bandwidth reservation and QOS
- Distributed access control and trust management
- Secure mobile agents and mobile code
- Security for Storage Area Networks
The special track is an integral part of PODC; see
www.podc.org/podc2003/
for additional information.
ACISP
2003 The Eighth Australasian Conference on Information
Security and Privacy, Wollongong, Australia, July 9-11, 2003.
[posted here 2/15/03]
Original papers pertaining to all aspects of computer systems and
information security are solicited for submission to the Eighth
Australasian Conference on Information Security and Privacy (ACISP
2003). Papers may present theory, techniques, applications and
practical experiences on a variety of topics including:
-
Cryptology
- Mobile communications security
- Authentication and authorization - Secure
operating systems
- Access
control - Security
management
- Network security
- Secure commercial applications
- Smart
cards - Key
management and auditing
- Risk assessment
- Secure electronic commerce
- Copyright protection -
Security architectures and models
- Mobile agents security -
Evaluation and certification
- Software protection and viruses -
Privacy and policy issues
- Security
protocols - Computer
forensics
- Distributed system security -
Intrusion detection
- Database security More information can be found on the
conference web page at
www.itacs.uow.edu.au/research/NSLabs/acisp03/.
CSFW16 16th IEEE
Computer Security Foundations Workshop, Asilomar, Pacific Grove, CA,
USA, June 30-July 2, 2003. [posted here 10/5/02]
This workshop series brings together researchers in computer science
to examine foundational issues in computer security. We are
interested both in new results in theories of computer security and
also in more exploratory presentations that examine open questions
and raise fundamental concerns about existing theories. Both papers
and panel proposals are welcome. Possible topics include, but are
not limited to:
- Access control - Authentication -
Data and system integrity
- Database security - Network security -
Distributed systems security
- Anonymity - Intrusion detection -
Security for mobile computing
- Security protocols - Security models -
Decidability issues
- Privacy - Executable content -
Formal methods for security
- Information flow - Language-based security
Information on submitting papers and panel proposals can be found on
the workshop web page at
www.csl.sri.com/csfw/csfw16.
ECIW 2003
European Conference on Information Warfare and Security, University
of Reading, United Kingdom, June 30-July 1, 2003. [posted here
12/3/02]
The second European Conference on Information Warfare and Security (ECIW)
is an opportunity for academics, practitioners and consultants from
Europe and elsewhere who are involved in the study, management,
development and implementation of systems and concepts to combat
information warfare or to improve information systems security to
come together and exchange ideas. The conference in July 2003 is
seeking qualitative, experience-based and quantitative papers as
well as case studies and reports of work in progress from academics,
information systems practitioners, consultants and government
departments. Topics may include, but are not limited to,
e-Intelligence/counter-intelligence, Perception management,
Information warfare theory, Electro-magnetic pulse weapons,
Information, computer and network security, Cryptography, Physical
security, Security policy, Information warfare policy, Information
warfare techniques, Hacking, Infra-structure warfare, National
security policy, Corporate defence mechanisms, Security for small to
medium enterprises, Cyber Terrorism, Ethical, Political and Social
Issues relating to Information Warfare, Information warfare and
security education, Legal issues concerned with information warfare
and e-Crime, Cyber-terrorism. In addition to multiple streams of
papers, the conference committee are inviting proposals for
workshops and tutorials on topics related to Information Warfare and
research methods applicable to this field. The full call-for-papers
and registration details can be found
www.mcil.co.uk/conf-management.htm.
SecCo
2003 1st International Workshop on Security Issues in
Coordination Models, Languages and Systems (affiliated with ICALP
2003), Eindhoven, the Netherlands, June 28-29, 2003. [posted here
12/19/02]
Coordination models and languages, which advocate a distinct
separation between the internal behaviour of the entities and their
interaction, represent a promising approach. However, due to the
openness of these systems, new critical aspects come into play, such
as the need to deal with malicious components or with a hostile
environment. Current research on network security issues (e.g.
secrecy, authentication, etc.) usually focuses on opening
cryptographic tunnels between fully trusted entities. For this to
work the structure of the system must be known beforehand.
Therefore, the proposed solutions in this area are not always
exploitable in this new scenario. The aim of the workshop is to
cover the gap between the security and the coordination
communities. More precisely, we intend to promote the exchange of
ideas, focus on common interests, gain in understanding/deepening of
central research questions, etc. Topics of interest include, but are
not limited to: Theoretical foundations, specification, analysis,
case-studies, applications for:
- authentication
coordination models
-
integrity
open-distributed systems
-
privacy
mobile ad-hoc networks
- confidentiality
agent-based infrastructures
- access control -in-
peer-to-peer systems
- denial of service
global computing
- service availability
context-aware computing
- safety aspects
component-based systems
- fault tolerance
ubiquitous computing
More information can be found at
cs.unibo.it/secco03
WISE 3/ WECS 5 Third World Conference on
Information Security Education and, Workshop on Education in
Computer Security, Naval Postgraduate School, Monterey California,
USA, June 26-28, 2003. [posted here 9/17/02]
IFIP Working Group 11.8 -Information Security Education and the
Workshop on Education in Computer Security invite you to contribute
to their activities by submitting papers for presentation at their
conference to be held at the Naval Postgraduate School in Monterey
California, USA. The conference aims to address interested
researchers and educators from universities, schools, industry or
government. The theme for the conference is Teaching the Role of
Information Assurance in Critical Infrastructure Protection.
Relevant topics include, but are not limited to the following:
- New Programs in Information Security and Privacy Education
- Training the Cyberwarrior
- Information Security Education in Non-Academic Contexts
- Computer Security and Infrastructure Protection
- Education of Citizens in Information Security
- Information Security Education in Schools
- Teaching Cyber Ethics
- Education in Computer Forensics and the Law
- Education in Electronic Commerce Security
- Education of Information Security Professionals
- Teaching Information Systems Auditing
- International Standards of Security Education
- Evaluation of Security Education
- Programs to Raise Information Security Awareness
- Holistic Approaches in Information Security Education
- Practical and Experimental approaches to Information Security
Education
- Information Security Distance Learning and Web-based teaching
The conference web site can be found at
cisr.nps.navy.mil/wise3/.
Special session on Web Services Security,
First International Conference on Web Services (ICWS'03), Las Vegas,
Nevada, USA, June 23-26, 2003. [posted here 12/15/02]
As is the case in many other applications, the information processed
in Web services might be commercially sensitive and it is similarly
important to protect this information against security threats such
as disclosure to unauthorized parties. This technical session mainly
focuses on different theoretical and technical approaches to handle
the security issues in Web services. More information can be found
on the conference web page at
tab.computer.org/tfec/icws03.
WISP 2003 Workshop on Issues in Security and Petri Nets,
Eindhoven (NL), June 23, 2003. [posted here 2/7/03]
The first international Workshop on Issues in Security and Petri
Nets (WISP) intends to promote research about theoretical
foundations of security analysis and design with Petri Nets as
system model. Hence, original papers as well as surveys on the use
of Petri Nets for security issues are particularly welcome. Also
original papers on security issues in other system models are
welcome, provided that they either present new results or offer a
new perspective to well-known problems. Suggested submission topics
include:
- comparison and classification of security models
- formal definition and verification of the various aspects of
security:
confidentiality, integrity, authentication and
availability
- tools and techniques for the formal analysis of cryptographic
protocols and their applications
- information flow security and related theories
- security issues in probabilistic and real-time models
- mobile code security
- applications to electronic commerce
- case studies
- surveys on security results in Petri Nets and related open
problems
- surveys on analysis techniques for Petri Nets that could be
used for security analysis
More information can be found on the conference web page at
www.iit.cnr.it/staff/fabio.martinelli/wisp-cfp.html.
PoDSy2003
Workshop on Principles of Dependable Systems (in conjunction with
The International Conference on Dependable Systems and Networks),
San Francisco, CA, USA, June 22,2003 (TBC). [posted here 1/19/02]
In this workshop we wish to bring together researchers and
practitioners from both the fault-tolerance and security communities
to discuss foundational topics (and related applied experiences) on
the similarities and differences between both areas. The main
research challenges in this context are to formulate consistent and
mutually understandable notions of the relevant dependable system
properties, to identify suitable models for studying these
properties, and to assess fundamental abstractions of systems which
are both fault-tolerant and secure. In this direction, papers are
solicited which address foundational issues around the "principles"
of dependable systems. Contributions of interest will address topics
related to, but not limited by, the following:
- Relationship between areas of fault-tolerance and security
- Relationship between fault-tolerance and security properties
- Metrics for fault-tolerance and security
- Specification, modeling and analysis of fault-tolerant and
secure systems
- Using fault-tolerance techniques to achieve security
- Using security techniques to achieve fault-tolerance
- Verification and validation of fault-tolerant and secure
systems
- Experiences with fault-tolerant and secure systems
More information can be found on the workshop web page at
http://lpdwww.epfl.ch/fgaertner/podsy2003/.
FCS'03
LICS Satellite Workshop on Foundations of Computer Security, Ottawa,
Canada, June 26-27, 2003. [posted here 1/3/03]
Computer security is an established field of Computer Science of
both theoretical and practical significance. In recent years, there
has been increasing interest in logic-based foundations for various
methods in computer security, including the formal specification,
analysis and design of cryptographic protocols and their
applications, the formal definition of various aspects of security
such as access control mechanisms, mobile code security and
denial-of-service attacks, and the modeling of information flow and
its application to confidentiality policies, system composition, and
covert channel analysis. The aim of this workshop is to provide a
forum for continued activity in this area, to bring computer
security researchers in contact with the LICS community, and to give
LICS attendees an opportunity to talk to experts in computer
security. We are interested both in new results in theories of
computer security and also in more exploratory presentations that
examine open questions and raise fundamental concerns about existing
theories. Possible topics include, but are not limited to:
Formal
specification
cryptographic protocols and applications
Foundations of verification
confidentiality and authentication
Logic-based
design integrity
and privacy
Information flow analysis
availability and denial of service
Security models
--for-- security policies
Language-based security
covert channels
Static
analysis
mobile code
Composition
issues intrusion
detection
Statistical methods malicious code
confinement
More information can be found at the workshop web page:
www.cs.stanford.edu/~iliano/fcs03/.
4th Annual IEEE Information Assurance
Workshop, United States Military Academy, West Point, New York, June
18-20, 2003. [posted here 12/15/02]
The workshop is designed to provide a forum for Information
Assurance researchers and practitioners to share their research and
experiences. Attendees hail from industry, government, and academia.
The focus of this workshop is on innovative, new technologies
designed to address important Information Assurance issues. Papers
will be divided into two broad categories. Approximately 2/3 of the
papers will focus on innovative new research in Information
Assurance. The remaining 1/3 of the papers will be recent experience
and lessons learned from Information Assurance practitioners. Areas
of particular interest at this workshop include, but are not limited
to:
- Innovative intrusion detection and response methodologies
- Information warfare
- Information Assurance education and professional development
- Secure software technologies
- Computer forensics
More details can be found at:
www.itoc.usma.edu/workshop/2003/.
IEEE Electro/Information Technology
Conference, June 5-6, 2003, Indianapolis, Indiana, USA. [posted
here 10/5/02]
Academic, industrial, and government researchers are invited to
submit papers reporting both theoretical and applied research in
topic areas broadly divided into four tracks: Information Technology
Systems and Applications, Communications, Digital Signal Processing,
and Professional Activities. Please visit the conference Web site at
www.cis-ieee.org/eit2003
for information on announcement, registration, and preliminary
program as they become available. The site also includes a Sample
Paper under Call For Papers.
SACMAT'03 18th ACM
Symposium on Access Control Models and Technologies, Como, Italy,
June 2-3, 2003. [posted here 9/27/02]
The mission of the symposium is to share novel access control
solutions that fulfill the needs of interesting applications and to
identify new directions for future research and development work.
SACMAT gives researchers and practitioners a unique opportunity to
share their perspectives with others interested in the various
aspects of access control. Areas of interest include:
- Access control within the context of emerging standards
- Access control models and extensions
- Access control for innovative applications
- Methodologies and tools for access control policy design
- Administration of access policies
- Authorization management
- Access control mechanisms, systems and tools
- Access control in distributed and mobile systems
- Safety analysis and enforcement
- Theoretical foundations for access control models
See the Web page at
www.acm.org/sigsac/sacmat/ for detailed calls for papers,
panels, tutorials and other useful information.
CISSE 2003
7th Colloquium for Information Systems Security Education,
Washington DC, June 1-5, 2003. [posted here 12/10/02]
This colloquium, the seventh in an ongoing annual series, will bring
together leading figures from academia, government, and industry to
address the national need for security and assurance of our
information and communications infrastructure. The colloquium
solicits papers from practitioners, students, educators, and
researchers. The papers should discuss course or lab development,
INFOSEC curricula, standards, best practices, existing or emerging
programs, trends, and future vision, as well as related issues. We
are especially interested in novel approaches to teaching
information security as well as what should be taught. This includes
the following general topics:
- Assessment of need (e.g. how many information security workers/
researchers/ faculty are needed?)
- Integrating information assurance topics in existing graduate
or undergraduate curricula
- Experiences with course or laboratory development
- Alignment of curriculum with existing information assurance
education standards
- Emerging programs or centers in information assurance
- Late breaking topics
- Best practices
- Vision for the future
We particularly encourage papers that discuss tools, demonstrations,
case studies, course modules, shareware, and worked examples that
participants (and others) can use to help educate people in computer
security. Papers reporting work in progress are also welcomed,
especially if enough information to evaluate the work will be
available at the time of the colloquium. The complete call for
papers can be found at
cisse.info/call_for_papers.htm
and the conference web site is at
www.ncisse.org.
WEIS2003
Workshop on Economics and Information Security, University of
Maryland, College Park, MD, USA, May 29-30, 2003. [posted here
2/15/03]
A fundamental concern in today's information environment is
information security. However, since information security requires
the use of scarce resources, an equally important concern is the
efficient allocation of funds to information security activities.
Thus, questions like the following are continually being asked: Do
we spend enough on protecting our computer systems? How should funds
that are being spent on information security be most efficiently
allocated among specific information security activities?
Recognition of the importance of research that integrates economics
and information security was highlighted at the Workshop on
Economics and Information Security held at UC- Berkeley, in May
2002. The success of that Workshop has lead to an annual event, the
second of which will be held at the University of Maryland at
College Park. If you would like to present a paper at the Workshop,
submit a detailed abstract (PDF format preferred) to Dr. Martin P.
Loeb, General Chair by e-mail at (mloeb@rhsmith.umd.edu) by March
15, 2003. Approximately 20 papers will be selected for presentation
and total workshop participants will be limited to 50. Notification
of acceptance for the program will be sent by April 6, 2003.
WWW2003
The Twelfth International World Wide Web Conference, Security &
Privacy Track, Budapest, Hungary, May 20-24, 2003 [posted here
7/17/02]
The Security and Privacy Track at WWW2003 is soliciting papers on
all computer scientific aspects of security and privacy as they
relate to the Web in general, or more specifically to Web standards.
("Security and Privacy" is a new track to the International WWW
Conference this year; last year this topic area was combined with
"E-Commerce" into a single track.) We invite papers describing both
theoretical and experimental research including (but not limited to)
the following topics:
- Active content security
- Anonymity, pseudonymity & identity management
- Data center security
- Digital rights management
- Digital signatures
- Intrusion detection for e-commerce
- Mobile code security
- Public key infrastructure
- Security in content distribution networks
- Trust management
- User interfaces for security and privacy
- Web server and caching denial of service protection
- Web services security
- XML security and privacy
More information may be found on the conference web page at
www.www2003.org/.
IRMA 2003
Information Resources Management Association International
Conference, Philadelphia, PA, USA, May 18-21, 2003 [posted here
7/29/02]
The theme of the conference is: Information Technology and
Organizations: Trends, Issues, Challenges and Solutions. The
conference is made up of 45 tracks and includes an Information
Security Management track. Papers may be full length or
research-in-progress. Panel, workshop, tutorial, and symposium
proposals are also welcomed. Further details on the conference and
individual tracks are available at
www.irma-international.org.
The 2003 IEEE Symposium on Security and
Privacy, Oakland, California, USA, May 11-14, 2003. [posted here
9/17/02]
Since 1980, the IEEE Symposium on Security and Privacy has been the
premier forum for the presentation of developments in computer
security and electronic privacy, and for bringing together
researchers and practitioners in the field. Previously unpublished
papers offering novel research contributions in any aspect of
computer security or electronic privacy are solicited for submission
to the 2003 symposium. Papers may represent advances in the theory,
design, implementation, analysis, or empirical evaluation of secure
systems, either for general use or for specific application domains.
Topics of interest include, but are not limited to, the following:
- Commercial and Industrial Security Electronic Privacy
- Mobile Code and Agent Security Distributed Systems Security
- Network Security Anonymity
- Data Integrity Access Control and Audit
- Information Flow Security Verification
- Viruses and Other Malicious Code Security Protocols
- Authentication Biometrics
- Smartcards Peer-to-Peer Security
- Intrusion Detection Database Security
- Language-Based Security Denial of Service
- Security of Mobile Ad-Hoc Networks
The full call for papers can be found at
www.research.att.com/~smb/oakland03-cfp.html. For any questions,
please contact the program chairs, at oakland-chairs03@research.att.com.
Workshop on Data Mining for Counter
Terrorism and Security, (held in conjunction with the Third SIAM
International Conference on Data Mining), San Francisco, CA, USA,
May 3, 2003. [posted here 10/15/02]
The purpose of this workshop is to discuss ways in which data mining
and machine learning can be used to analyze data from numerous
sources of high-complexity for the purpose of preventing future
terrorist activity. This is inherently a multidisciplinary activity,
drawing from areas such as intelligence, international relations,
and security methodology. From the data mining and machine-learning
world this activity draws from text mining, data fusion, data
visualization, data warehousing, and high scalability are necessary
for a successful endeavor. Papers in these areas with clear
application to the issues of counter terrorism are particularly
solicited. Topics of interest include:
- Methods to integrate heterogeneous data sources, such as text,
internet, video, audio, biometrics, and speech
- Scalable methods to warehouse disparate data sources
- Identifying trends in singular or group activities
- Pattern recognition for scene and person identification
- Data mining in the field of aviation security, port security,
bio-security
- Data mining on the web for terrorist trend detection.
More information can be found on the workshop web page at
http://ic.arc.nasa.gov/~ashok.
Second Annual PKI Research Workshop, NIST,
Gaithersburg MD, USA, April 28-29, 2003. [posted here 10/30/02]
This workshop among leading security researchers will explore the
issues relevant to this area of security management, and will seek
to foster a long-term research agenda for authentication and
authorization in populations large and small via public key
cryptography. We solicit papers, panel proposals, and participation.
The goals of this workshop are to cross-pollinate existing research
efforts, to identify the key remaining challenges in deploying
public key authentication and authorization, and to develop a
research agenda addressing those outstanding issues.
- What are the key areas in current PKI approaches that need
further work?
- For each area, what approaches appear most promising?
- How do the approaches in one area affect the methodologies in
other areas?
A complete list of topics of interest and the full call for papers
can be found at the workshop web site at
middleware.internet2.edu/pki03/.
ITCC
2003 International Conference on Information Technology: Coding
and Computing, Las Vegas, Nevada, April 28-30, 2003. [posted here
6/27/02]
The rapid growth in information science and technology in general
and the complexity and volume of multimedia data in particular have
introduced new challenges for the research community. Of particular
interest is the need for a concise representation, efficient
manipulation, and fast transmission of multimedia data. Applications
such as space science, tele-medicine, military, and robotics deal
with large volumes of data which need to be stored and processed in
real time. Topics of interest include:
- Digital Image, Video & Audio Processing -
Information Hiding & Video Streaming
- Document Image
Analysis - Data
Compression
- Authentication of Video and Audio Data -
Multimedia Computing
- Hybrid Source/Channel Coding
- Systems Interfacing and Integration
- Information
Databases -
E-commerce Compressed Data Processing
- Data Storage
Platforms - Optical
Data Transmission
- New Architectures for Multimedia Processing - Graphics
and Video Hardware
- Error Control
Codes - Video
and Audio Codec Design
- Enterprise
Architectures -
Enterprise-wide Information Management
- Pervasive Computing
More information can be found on the conference web page at
www.cs.clemson.edu/~srimani/itcc2003/cfp.html.
ICEIS'2003
5th International Conference on Enterprise Information System,
Angers, France, April 23-26, 2003. [posted here 9/17/02]
The purpose of the 5th International Conference on Enterprise
Information Systems (ICEIS) is to bring together researchers,
engineers and practitioners interested in the advances and business
applications of information systems. Four simultaneous tracks will
be held, covering different aspects of Enterprise Information
Systems Applications, including Enterprise Database Technology,
Systems Integration, Artificial Intelligence, Decision Support
Systems, Information Systems Analysis and Specification, Internet
Computing and Electronic Commerce. Human factors issues in the
development of these applications are also considered. ICEIS focuses
on real world applications; therefore authors should highlight the
benefits of Information Technology for industry and services. Ideas
on how to solve business problems, using IT, will arise from the
conference. Papers describing advanced prototypes, systems, tools
and techniques and general survey papers indicating future
directions are also encouraged. Both full research reports and
work-in-progress reports are welcome. More information can be found
on the conference web site at
www.iceis.org.
BITE2003 The First International Workshop on Business
Information Technology Ethics (in conjunction with ICEIS 2003,
www.iceis.org), Angers, France,
April 22, 2003. [posted here 10/24/02]
"Praxis versus Theory" would best describe the overall theme of this
workshop in IT ethics. Computer ethics is a fledgling discipline
that is top-heavy with practical knowledge but desperately in need
of a sound theoretical base that it can claim as its own. Can
original philosophical theories or novel adaptations of other
ethical paradigms better assist us in improving the lot of
professional practice in IT? Or must we always fall back on the
anachronistic greats of Western Philosophy to guide our moral way
through 21st century technologies? This workshop will serve as a
forum to gather researchers, practitioners, students and anyone with
an interest in the development of IT ethics as a means of improving
professional practice. Topics of interest include, but are not
limited to:
- The social and cultural effects of IT on business practice
- Security and computer misuse
- Privacy and workplace monitoring
- Cross-cultural issues in IT ethics
- Ethics in project management
- Professional etiquette, standards and codes in IT
- Ethics in electronic commerce
- Empirical studies in IT ethics
- Ethics of software patents
- Professional responsibility in IT
- Corporate governance and IT
- Theoretical issues in IT professional practice
- Innovative training methods in IT ethics for professionals
- Submissions on other allied issues are also welcome
More information can be found on the workshop web page at
www.iceis.org/workshops/bite/bite2003-cfp.html.
IWWST'03
First International Workshop in Wireless Security Technologies,
London, UK, April 15-16, 2003. [posted here 2/22/03]
Wireless Information Technology Research Centre in collaboration
with the British Computer Society, is organising the First
International Workshop in Wireless Security Technologies, IWWST '03.
The complete call for papers along with other conference information
can be found at http://iwwst.org.uk
CT-RSA 2003
Cryptographers' Track RSA Conference 2003, San Francisco, CA, USA,
April 13-17, 2003. [posted here 8/1/02]
Following the success of the two previous editions, the
Cryptographers' Track of RSA Conference 2003 (CT-RSA 2003) will be
run as an anonymously refereed conference with proceedings. Original
research papers pertaining to all aspects of cryptography as well as
tutorials or results presented in other conferences are solicited.
Submissions may present theory, techniques, applications and
practical experience on topics including, but not limited to: fast
implementations, secure electronic commerce, network security and
intrusion detection, formal security models, comparison and
assessment, tamper-resistance, certification and time-stamping,
cryptographic data formats and standards, encryption and signature
schemes, public key infrastructure, protocols, elliptic curve
cryptography, block cipher design, discrete logarithms and
factorization techniques, stream ciphers and Boolean functions,
lattice reduction and provable security. The program committee
invites tutorials and research contributions in the broad area of
applications and theory of cryptography. More information can be
found at the workshop web page at
reg2.lke.com/rs3/rsa2003/crypto.html.
IPCCC'2003
The International Performance, Computing, and Communications
Conference, Phoenix, Arizona, USA, April 9-11, 2003 [posted here
9/17/02]
We encourage submission of high-quality papers reporting original
work in both theoretical and experimental research that address the
recent advances in algorithms, architectures, protocols, wired and
wireless network infrastructure, embedded systems, and distributed
and mobile systems and applications. Topics of interest include,
but are not limited to, the following:
- Network
Security - WDM
Networks
- Power-aware Design and Computing - Wireless
Networks
- Grid
Computing -
Web Server Performance
- Survivable
Networks - Internet
Computing
- Performance Evaluation Methodologies - Mobile and
Networked Applications
- Embedded System Design and Integration -
High-Performance Computing
- Storage Systems (file systems, databases) - Mobile
and ad-hoc Networking
- Information
Assurance - Mobile and
Ubiquitous Systems
- Network Protocols and Performance
More information can be found on the conference web page at
www.ipccc.org.
CHI2003
ACM Workshop on Human-Computer Interaction and Security Systems,
Fort Lauderdale, Florida, USA April 5 or 6, 2003 (position papers
due January 17, 2003) [posted here 11/21/02]
The human factor is often described as the weakest part of a
security system and users are often described as the weakest link in
the security chain. This workshop will seek to understand the roles
and demands placed on users of security systems, and explore design
solutions that can assist in making security systems usable and
effective. In addition to examining end-users, this workshop will
also examine the issues faced by security system developers and
operators. Security is a large topic so there are many areas where
HCI is important. Three obvious areas of interest are authentication
(passwords, biometrics, etc.), security operations (intrusion
detection, vigilance, policies and practices, etc.), and developing
secure systems (developing for security, understanding users,
installation and operation support, etc.). We are interested in
receiving submissions on these topics, and suggestions of other
possible topic areas are also welcome. Position papers are due
January 17, 2003. The workshop will be held April 5 or 6, 2003 (to
be finalized), in Fort Lauderdale, Florida. The full CFP and other
information is available here:
www.iit.nrc.ca/~patricka/CHI2003/HCISEC/.
WITS'03
Workshop on Issues in the Theory of Security (co-located with
ETAPS'03), Warsaw, Poland, April 5-6, 2003. [posted here 11/21/02]
WITS is the official workshop organised by the IFIP WG 1.7 on
"Theoretical Foundations of Security Analysis and Design",
established to promote the investigation on the theoretical
foundations of security, discovering and promoting new areas of
application of theoretical techniques in computer security and
supporting the systematic use of formal techniques in the
development of security related applications. Extended abstracts of
work (accepted after selection and) presented at the Workshop are
collected and distributed to the participants. There will be no
formally published proceedings; however, selected papers will be
invited for submission to a special issue of the Journal of Computer
Security. Suggested submission topics include:
- formal definition and verification of the various aspects of
security:
confidentiality, privacy, integrity, authentication and
availability;
- new theoretically-based techniques for the formal analysis and
design of cryptographic
protocols and their manifold applications (e.g., electronic
commerce);
- information flow modeling and its application to the theory of
confidentiality policies,
composition of systems, and covert channel analysis;
- formal techniques for the analysis and verification of code
security, including mobile
code security;
- formal analysis and design for prevention of denial of service;
- security in real-time/probabilistic systems
- security in coordination languages
The official web page of the conference is at the url
www.dsi.unive.it/IFIPWG1_7/wits2003.html.
SPI 2003 Security
and Protection of Information, Brno, Czech Republic, March 28-30,
2003. [posted here 1/3/03]
The call for papers and a list of example topics may be found on the
conference web page at
www.vabo.cz/spi/defaulten.htm. Speakers desiring to submit
papers should e-mail an abstract of at least 250 words along with a
short CV/résumé of the speaker(s) to Jaroslav Dockal (jaroslav.dockal@vabo.cz)
by January 13th, 2003. More details can be found in the call for
papers.
Workshop on Privacy Enhancing Technologies
2003, Dresden, Germany, March 26-28, 2003. [posted here 7/17/02]
Privacy and anonymity are increasingly important in the online
world. Corporations and governments are starting to realize their
power to track users and their behavior, and restrict the ability to
publish or retrieve documents. Approaches to protecting individuals,
groups, and even companies and governments from such profiling and
censorship have included decentralization, encryption, and
distributed trust. The workshop seeks submissions from academia and
industry presenting novel research on all theoretical and practical
aspects of privacy technologies, as well as experimental studies of
fielded systems. We encourage submissions from other communities
such as law and business that present their perspectives on
technological issues. As in past years, we will publish proceedings
after the workshop. Suggested topics include but are not restricted
to:
- Efficient (technically or economically) realization of privacy
services
- Techniques for censorship resistance
- Anonymous communication systems (theory or practice)
- Anonymous publishing systems (theory or practice)
- Attacks on anonymity systems (eg traffic analysis)
- New concepts in anonymity systems
- Protocols that preserve anonymity/privacy
- Models for anonymity and unobservability
- Models for threats to privacy
- Novel relations of payment mechanisms and anonymity
- Privacy-preserving/protecting access control
- Privacy-enhanced data authentication/certification
- Profiling, data mining, and data protection technologies
- Reliability, robustness, and attack resistance in privacy
systems
- Providing/funding privacy infrastructures (eg volunteer vs
business)
- Pseudonyms, identity, linkability, and trust
- Privacy, anonymity, and peer-to-peer
- Usability issues and user interfaces for PETs
- Policy, law, and human rights -- anonymous systems in practice
- Incentive-compatible solutions to privacy protection
- Economics of privacy systems
- Fielded systems and techniques for enhancing privacy in existing
systems
More information can be found on the workshop web page at
www.petworkshop.org/.
The First International Workshop on
Information Assurance, Darmstadt, Germany, March 24, 2003. [posted
here 8/13/02]
The IEEE Task Force on Information Assurance is sponsoring a
workshop on information assurance in cooperation with the ACM SIGSAC
on research and experience in information assurance. The workshop
seeks submissions from academia and industry presenting novel
research on all theoretical and practical aspects of IA; possible
topics include, but are not limited to the following:
- Information Warfare and Operations
- Network Security
- Operating System Security
- Storage Security
- Intrusion Detection, Prediction, and Countermeasures
- Insider Attack Countermeasures
- Information Sharing in Coalition Settings
- Security Models
- Survivability and Resilient Systems
- Formal Methods for Security
- CCITSE Experience and Methodology
- IA Standardization Approaches
- Specification, Design, Development, and Deployment of IA
Mechanisms
Papers with a systems perspective are especially welcome. In
addition to the dissemination of new research, another goal of the
workshop is to bring together researchers and practitioners from
both governmental and civilian areas. More information on the
workshop can be found at
www.ieee-tfia.org/iwia2003/ .
SPC-2003 First International Conference on Security in
Pervasive Computing, Boppard, Germany, March 12-14, 2003. [posted
here 6/27/02]
The ongoing compression of computing facilities into small and
mobile devices like handhelds, portables or even wearable computers
will enhance an ubiquitous information processing. The basic
paradigm of such a pervasive computing is the combination of
strongly decentralized and distributed computing with the help of
diversified devices allowing for spontaneous connectivity via the
internet. The objective of this conference is to develop new
security concepts for complex application scenarios based on systems
like handhelds, phones, smartcards, and smart labels hand in hand
with the emerging technology of ubiquitous and pervasive computing.
Particular subjects are methods and technology concerning the
identification of risks, the definition of security policies, and
the development of security measures that are related to the
specific aspects of ubiquitous and pervasive computing like
mobility, communication, and secure hardware/software platforms.
More information can be found on the conference web page at
www.dfki.de/SPC2003.
NDSS'03 The 10th Annual Network and Distributed System Security
Symposium, San Diego, CA, USA, February 5-7, 2002. [posted here
7/17/02]
The symposium fosters information exchange among research scientists
and practitioners of network and distributed system security
services. The target audience includes those interested in practical
aspects of network and distributed system security, with a focus on
actual system design and implementation (rather than theory). A
major goal is to encourage and enable the Internet community to
apply, deploy, and advance the state of available security
technology. Topics of interest include:
- Integrating security in Internet protocols: routing, naming,
TCP/IP, multicast,
network management, and the Web.
- Intrusion avoidance, detection, and response: systems,
experiences and architectures.
- Attack-resistant protocols and services:
* Network perimeter controls: firewalls, packet filters,
application gateways
* Virtual private networks
* Public key infrastructure, key management, certification,
and revocation
* Secure electronic commerce: e.g., payment, barter, EDI,
notarization, time stamping,
endorsement, and licensing
* Supporting security mechanisms and APIs; audit trails;
accountability
* Implementation, deployment and management of network
security policies
* Intellectual property protection: protocols, schemas,
implementations, metering,
watermarking, digital rights management.
* Fundamental services on network and distributed systems:
authentication, data integrity,
confidentiality, authorization, non-repudiation, and
availability.
* Integrating security services with system and application
security facilities and protocols: e.g.,
message handling, file transport/access, directories,
time synchronization, data base
management, boot services, mobile computing
* Security for emerging technologies: sensor networks,
specialized test beds, wireless/mobile
(and ad hoc) networks, personal communication systems,
and large heterogeneous distributed systems.
* Special problems and case studies: e.g., interplay and
tradeoffs between security and efficiency,
usability, reliability and cost.
* Security for collaborative applications and services:
teleconferencing and video-conferencing,
group work, etc.
More information can be found on the workshop web page at
www.isoc.org/isoc/conferences/ndss/03/index.shtml.
Workshop on Security and Assurance in Ad
hoc Networks (in conjunction with SAINT2003), Orlando, Florida, USA,
January 28, 2003. [posted here 9/17/02]
This half day workshop aims at providing a forum for the discussion
of security and assurance issues related to ad hoc networks as
components of the Internet. Technical papers describing original
research are solicited. Areas of particular interest include, but
are not limited to:
- Security and fault tolerant issues in ad hoc networks
- Secure routing in ad hoc networks
- Applications of mobile agents and autonomous intelligent
systems
- Tradeoffs between efficiency and security in ad hoc networks
- Bounds on efficiency in ad hoc networks
- Security protocols for group applications in ad hoc networks
- Self configuration in ad hoc networks
- Location discovery and management
- Timing and synchronization in ad hoc networks
- Secure, distributed algorithms for ad hoc networks
Please consult the Program Co-Chairs Alec Yasinsac (yasinsac@cs.fsu.edu)
or Mike Burmester (burmester@cs.fsu.edu) if you are uncertain
whether your paper falls within the scope of the workshop. Workshop
information will be posted at
www.sait.fsu.edu/wsaan2003/.
SAINT2003 2003 Symposium on
the Internet and Applications, Orlando, Florida, USA, January 27-31,
2003. [posted here 3/15/02]
THEME: The Evolving Internet. The Symposium on Applications and the
Internet focuses on emerging and future Internet applications and
their enabling technologies. The symposium provides a forum for
researchers and practitioners from the academic, industrial, and
public sectors, to share their latest innovations on Internet
technologies and applications. Areas of particular interest include,
but are not limited to:
- Internet Agents
- Collaboration Technology: Groupware & telepresence and Internet
communities
- Internet Content Management Systems: XML and semi-structured
data, information fusion, web-based databases, and data mining.
- Internet Content Delivery: web caching, multimedia, adaptations,
QoS
- E-Business: infrastructure for e-services, brokering,
negotiation, B2B, Internet workflow, and virtual enterprise.
- Wireless and Mobile Internet: content adaptation, e-services,
mobile commerce
- Standards for Internet Applications: XML, SOAP, UDDI, WSDL, WSFL,
ebXML, Java, .NET, Sun One, others.
- GRID Computing
- Internet Appliances: smart phones, PDAs, sensor networks, smart
home, etc.
- Novel Internet Applications
- Internet Security
- Network and Protocol Architecture
- Internet Operation and Performance
Information for prospective authors, including paper format and
submission instructions can be found in the symposium web page at
www.saint2003.org.
HICSS-36 Secure and Survivable Software Systems (Part of the
Software Technology Track), Big Island, Hawaii, USA, January 6-9,
2003. [posted here 3/28/02]
The focus of this minitrack is security and survivability in large,
non-trivial, software systems, with an emphasis on the last phases
of the four stage survivability model consisting of Resistance,
Recognition, Recovery, and Adaptation. Papers on Resistance and
Recognition that address the need or capacity for safety critical
software systems to “fail-safe” and “fail-secure” are also
desired. Submissions will be sought from researchers in the area of
system survivability, software dependability, computer and network
security, fault-tolerance and intrusion tolerance, and economic or
statistical modeling of secure/survivable systems. Main minitrack
topics include but are not limited to:
- System or software survivability
- Safety critical failure modes
- Network or system intrusion tolerance
- Modeling malicious behavior or attacks
- Mathematical models for verification of vulnerability to
malicious acts
- Models for measurement, evaluation, or validation of
survivability
- Software fault tolerance
- Design for dependability and/or survivability
- PRA and hybrid fault models accounting for malicious acts and
events
More information can be found on the HICSS-36 conference web site is
at www.hicss.hawaii.edu/
and the miitrack web site at
www.cs.uidaho.edu/~krings/HICSS36/HICSS36-cfp.htm
PKC2003 The Sixth International Workshop on Practice and
Theory in Public Key Cryptography, Miami, Florida, USA, January 6-8,
2003. [posted here 6/24/02]
PKC is the main annual workshop focusing on research on all aspects
of public key cryptography. PKC 2003 will for the first time be an
IACR workshop. Topics of interest include:
- Certification and Time-stamping -
Computational Complexity Aspects
- Cryptanalysis
- Discrete Logarithm
- Electronic Cash/Payment -
Elliptic Curve Cryptography
- Encryption Schemes - Fast
Implementations
- Integer Factorization -
International Standards
- Lattice Reduction -
Provable Security
- Public Key Infrastructure -
Secure Electronic Commerce Signature Schemes
Further details are available at:
www.sait.fsu.edu/pkc2003.
