-
DIMACS Workshop on Security Analysis of Protocols, Piscataway, NJ,
USA, June 7-9, 2004. (submissions due ASAP, pre-register by May 20)
The analysis of cryptographic protocols is a fundamental and
challenging area of network security research. Traditionally, there
have been two main approaches, the logic approach aimed at developing
(automated) tools for the formal veri.cation of protocols and the
complexity theory approach that characterizes protocol security as a
set of computational tasks and proves protocol security via reduction
to the strength of the underlying cryptographic functions. Although
these two lines of work share a common goal, there has been little
commonality between them.
The goal of this workshop is to generally promote work on security
analysis of protocols and foster cooperative research combining the
logical and complexity-based approaches. The workshop will include
tutorials on the basics of each approach and will allow
representatives from both communities to talk about their current
work.
Topics
- - Analysis methods involving computational complexity
- - Game-theoretic approaches
- - Methods based on logic and symbolic computation
- - Probabilistic methods
- - Model checking and symbolic search
- - Formal proof systems
- - Decision procedures and lower bounds
- - Anything else that sounds like a great idea
Participation:
The workshop will be open for the public. If you'd like to give a
presentation please send a title and abstract to the organizers as
soon as possible. Also, we intend this to be a participatory and
interactive meeting so we hope you will be able to contribute to the
meeting even without giving an announced talk.
For more information, see:
http://dimacs.rutgers.edu/Workshops/Protocols
-
VANET2004 First ACM Workshop on Vehicular Ad Hoc Networks (held in
conjunction with ACM MobiCom 2004),
Loews Philadelphia Hotel, Philadelphia, PA, USA,
October 1, 2004. (submissions due 24 May 2004)
Creating high-performance, highly scalable, and secure VANET
technologies presents an extraordinary challenge to the wireless
research community. Yet, certain limitations commonly assumed in ad
hoc networks are mitigated in VANET. For example, VANET may marshal
relatively large computational resources. Ample and recharging power
sources can be assumed. Mobility patterns are constrained by road
paths and driving speed restrictions. VANET represents high
resource/performance wireless technology. As such, VANET can use
significantly different approaches than sensor networks. VANET
applications will include on-board active safety systems leveraging
vehicle-vehicle or roadside-vehicle networking. These systems may
assist drivers in avoiding collisions. Non-safety applications include
real-time traffic congestion and routing information, high-speed
tolling, mobile infotainment, and many others.
We invite papers from researchers on all aspects of vehicular ad hoc
networks, such as new applications, networking protocols, security
paradigms, network management technologies, power control, modulation,
coding, channel modeling, etc. The session will bring together
visionary researchers for an exciting exchange of ideas.
For more info, please see: http://www.path.berkeley.edu/vanet/
-
SecCo2004 2nd International Workshop on Security Issues in
Coordination Models, Languages and Systems, London, United
Kingdom. August 30, 2004. (submissions due 31 May 2004)
Coordination models, languages and middlewares, which advocate a
distinct separation between the internal behaviour of the entities and
their interaction, represent a promising approach. However, due to the
openness of these systems, new critical aspects come into play, such
as the need to deal with malicious components or with a hostile
environment. Current research on network security issues (eg. secrecy,
authentication, etc.) usually focuses on opening cryptographic
point-to-point tunnels. Therefore, the proposed solutions in this area
are not always exploitable to support the end-to-end secureinteraction
between entities whose availability or location is not known
beforehand.
Topics of interest include, but are not limited to:
Theoretical foundations, specification, analysis, case-studies,
applications for
authentication coordination models
integrity web service technology
privacy mobile ad-hoc networks
confidentiality agent-based infrastructures
access control -in- peer-to-peer systems
denial of service global computing
service availability context-aware computing
safety aspects component-based systems
fault tolerance ubiquitous/pervasive computing
For more information, please see: http://cs.unibo.it/secco04
-
PDCS 2004 International Workshop on Security in Parallel and
Distributed Systems (in conjunction with the 17th International
Conference on Parallel and Distributed Computing Systems), San
Francisco, CA, USA, September 15-17,2004. (submissions due May 31,
2004)
In recent years, interest has increased in the field of security of
parallel and distributed systems, which include the control
mechanisms, mobile code security, denial-of-service attacks, trust
management, modeling of information flow and its application to
confidentiality policies, system composition, and covert channel
analysis. We will focus our program on issues related to important
properties of system security, such as measurability, sustainability,
affordability, and usability in parallel and distributed systems.
Topics ofinterest include:
- . Distributed Access Control and Trust Management
- . Key Management and Authentication
- . Privacy and Anonymity
- . Benchmark and Security Analysis
- . Security for Peer to Peer systems and Grid Computing Systems
- . Secure Multicast and Broadcast
- . Secure multiparty and two-party computations
- . Computer and Network Forensics
- . Denial-of-service Attacks and Countermeasures
- . Secure E-Commerce/E-Business
- . Security Verification
- . Distributed Database Security
- . Digital Rights Management
- . Secure Mobile Agents and Mobile Code
- . Intrusion detection
- . Security in ad-hoc and sensor networks
- . World Wide Web Security
More information can be found at the conference web site at
http://securityworkshop.ece.iastate.edu
-
VLDB2004 Workshop "Secure Data Management in a Connected World", Royal
York Hotel, Toronto, Canada, August 30, 2004. (submissions due 31 May
2004)
Aim of the workshop is to bring together people from the security
research community and data management research community in order to
exchange ideas on the secure management of data in the context of
emerging networked services and applications. The workshop will
provide forum for discussing practical experiences and theoretical
research efforts that can help in solving these critical problems in
secure data management. Authors from both academia and industry are
invited to submit papers presenting novel research on the topics of
interest.
Topics of interest include (but are not limited to) the following:
- Data Hiding
- Secure Storage
- Secure Data Management in File Systems
- Digital Rights Management
- Data Encryption
- Search on Encrypted Data
- Metadata and Security
- XML Security
- Multimedia Security and Privacy
- Authorization and Access Control Techniques
- Security and Privacy Management
- Privacy Enhanced Data Management (indexing, access control)
- Private Information Retrieval
- User Profiling and Privacy
- Privacy Preserving Data Mining
- Statistical Database Security
- Security and Privacy Requirements for Ambient Applications
- Information Dissemination Control
- Protection of Personally Identifiable Information
For further info, please see
http://www.extra.research.philips.com/sdm-workshop/
- June 2004
-
CT-RSA '05 RSA Conference 2005, Cryptographers' Track, February 14-18,
2005, San Francisco, CA, USA. (submissions due 1 June 2004)
The RSA Conference is the largest, regularly staged
computer security event. The Cryptographers' Track (CT-RSA) is a
research conference within the RSA Conference. CT-RSA 2005 will be the
fifth year of the Cryptographers' Track, which has become an
established venue for presenting practical research results related to
cryptography and data security.
Original research papers pertaining to all aspects of cryptography as
well as tutorials are solicited. Submissions may present theory,
techniques, applications and practical experience on topics including,
but not limited to: fast implementations, secure electronic commerce,
network security and intrusion detection, formal security models,
comparison and assessment, tamper-resistance, certification and
time-stamping, cryptographic data formats and standards, encryption
and signature schemes, public-key infrastructure, protocols,
elliptic-curve cryptography, cryptographic algorithm design and
cryptanalysis, discrete logarithm and factorization techniques,
lattice reduction, and provable security.
More information can be found at
http://www.rsasecurity.com/rsalabs/cfp_ct_rsa05.html
-
ACSAC 20 The 20th Annual Computer Security Applications Conference,
Hilton Tucson El Conquistador, Tucson, AZ, USA, December 6-10,
2004. (submissions due 1 June 2004)
The 19th Annual Computer Security Applications Conference is an
internationally recognized conference that provides a forum for
experts in information system security to exchange practical ideas
about solving real problems. Papers and proposals that address the
application of technology, the implementation of systems, and lessons
learned will be given special consideration. The ACSAC Program
Committee is looking for papers, panels, forums, case studies
presentations, tutorials, workshops, and works in progress that
address practical solutions to problems related to protecting
commercial enterprises or government information infrastructures.
A list of topics of interest along with other conference information
can be found at www.acsac.org.
-
SCN'04 Fourth Conference on Security in Communication Networks, Amalfi,
Italy, September 8-10, 2004. (submissions due 7 June 2004)
The Fourth Conference on Security in Communication Networks (SCN '04)
will be held in Amalfi (Italy) on September 8-10 2004. SCN '04 aims at
bringing together researchers in the field of security in
communication networks to foster cooperation and exchange of
ideas. Original papers on all technical aspects of cryptology and
network security are solicited for submission to SCN04. Topics of
interest are (but not limited to):
Anonymity Implementations
Authentication Key Distribution
Block Ciphers Operating Systems Security
Complexity-based Cryptography Privacy
Cryptanalysis Protocols
Digital Signatures Public Key Encryption
Hash Functions Secret Sharing
Identification Survey and state of the art
For more information, please see http://www.dia.unisa.it/conferences/SCN04/
HICSS2005 Security and Survivability of Networked Systems (minitrack
at HICSS2005), Hawai'i, USA, January 3-6, 2005. (submissions due 15
June 2004)
Minitrack description:
Malicious attacks on computing systems and networks have grown
steadily over the last decade and have reached epidemic proportions.
Despite much progress in security research, the numbers of reported
vulnerabilities and incidents are increasing. We are fully embracing
computer and network technology in all aspects of our daily lives, and
even to control our critical infrastructures, where failures could
result in loss of life or have huge financial and environmental
consequences. We need to our increase research efforts in this arena.
This minitrack focuses on security and survivability in networked
computer systems. Of special interest are contributions that address
survival, tolerance, recovery or masking of malicious
attacks. Submissions will be sought from researchers in the area of
system survivability, fault-tolerance and intrusion tolerance,
software dependability, computer and network security, and economic or
statistical modeling of secure/survivable systems.
Topics include, but are not limited to:
- - System or software survivability
- - Safety critical failure modes
- - Network or system intrusion tolerance
- - Modeling malicious behavior or attacks
- - Survivability and security issues of mobile agent based systems
- - Survivability and security issues of ad-hoc networks
- - Mathematical models for verification of vulnerability to
malicious acts
- - Models for measurement/evaluation/validation of survivability
- - Software and hardware fault tolerance
- - Design for dependability and/or survivability
- - PRA and hybrid fault models accounting for malicious acts
For more information see:
http://www.cs.uidaho.edu/~krings/HICSS38.htm
-
SAPS'04 Workshop on Specification and Automated Processing of Security
Requirements, Linz, Austria, September 20-25, 2004. (submissions due
10 June 2004)
This workshop is being held as part of the 19th IEEE International
Conference on Automated Software Engineering. The exchange of
concepts, prototypes, research ideas, and other results which
contribute to the academic arena and also benefit business and
industrial communities, is of particular interest.
Original papers are solicited for submission to the workshop related
(but not limited) to the following topics of interest:
- - Security requirements specification and analysis
- - Formal semantics for security requirements
- - Integration of Security engineering into software
engineering processes
- - Automated tools supporting integrated security
engineering and software engineering processes
- - Security in programming languages
- - Automatic tools for secure software development
- - Automatic analysis/enforcement of security policies
- - Definition and analysis of security-related semantic
models
- - Tools for formal analysis of security properties
- - Specification, characterisation and integration of
security components and patterns
For more information, please see: http://www.lcc.uma.es/SAPS04
-
WISA 2004 The 5th International Workshop on Information Security
Applications, Ramada Plaza, Jeju Island, Korea, August 23-25,
2003. (submissions due 25 June 2004)
The 5th International Workshop on Information Security Applications
(WISA 2004) will be held in Jeju Island, Korea on August 23-25,
2004. It is sponsored by the Korea Institute of Information and
Cryptology (KIISC), Electronics & Telecommunications Research
Institute (ETRI), and Ministry of Information and Communication
(MIC). The focus of this workshop is on all technical and practical
aspects of cryptographic and non-cryptographic security applications.
The workshop will serve as a forum for new results from the academic
research community as well as from the industry.
The areas of interest include, but are not limited to:
. Internet & Wireless Security . Cyber Indication & Intrusion Detection
. E-Commerce Protocols . Smart Cards & Secure Hardware
. Access Control & Database Security . Mobile Security
. Biometrics & Human Interface . Privacy & Anonymity
. Network Security Protocols . Public Key Crypto Applications
. Security & Trust Management . Threats & Information Warfare
. Digital Rights Management . Virus Protection
. Secure Software & Systems . Ubiquitous Computing Security
. Information Hiding . Peer-to-Peer Security
More information can be found at http://dasan.sejong.ac.kr/~wisa04
-
SASN, ACM Workshop on Security of Ad Hoc and Sensor Networks,
Wyndham City Hotel, Washington, DC, October 25, 2004. (submissions due
2 July 2004)
This workshop seeks submissions from academia and industry presenting
novel research on all aspects of security for ad hoc and sensor
networks, as well as experimental studies of fielded systems.
Submission of papers based on work-in-progress is encouraged. Topics
of interest include, but are not limited to, the following as they
relate to wireless networks,mobile ad hoc networks, or sensor
networks:
- - Security under resource constraints, e.g., energy, bandwidth,
memory, and computation constraints
- - Performance and security tradeoffs
- - Secure roaming across administrative domains
- - Key management
- - Cryptographic protocols
- - Authentication and access control
- - Trust establishment, negotiation, and management
- - Intrusion detection and tolerance
- - Secure location services
- - Privacy and anonymity
- - Secure routing
- - Secure MAC protocols
- - Denial of service
- - Prevention of traffic analysis
For more info, see http://www.cs.gmu.edu/sasn
-
NORDSEC2004 9th Nordic Workshop on Secure IT Systems, Espoo, Finland,
November 4-5, 2004. (submissions due 2 August 2004)
The NORDSEC workshops started in 1996 with the aim of bringing
researchers and practitioners within computer security in the Nordic
countries. The theme of the workshop has been applied security,
i.e. all kinds of security issues that could encourage interchange and
cooperation between the research community and the industrial/consumer
community. Possible topics include, but are not limited to the
following:
- - Privacy and Privacy Enhancing Technologies
- - Wireless Communication Security
- - Inter/Intra/Extranet Security
- - Security Protocol Modeling and Analysis
- - E-and M-Business Security
- - New Firewall Technologies
- - Secure Infrastructures; TTP, PKI, Key Escrow/Recovery
- - Computer Crime and Information Warfare
- - Detecting Attacks, Intrusions and Computer Misuse
- - Smart Card Applications
- - Security Management and Audit
- - Security Evaluations and Measurements
- - Security in Commercial off-the-shelf Products, COTS
- - Operating System Security
- - Security Models
- - New Ideas and Paradigms for Security
- - Security Education and Training
- - Quality of Service or Software Engineering in Relation to Security
The workshop will consist of paper sessions, panel discussions and
invited talks. For a complete call for papers, see
http://www.tml.hut.fi/Nordsec2004/call_for_papers.html
-
FC'05 Ninth International Conference on Financial Cryptography and
Data Security, Roseau, The Commonwealth Of Dominica, February 28-March
3, 2005 (submissions due 10 September 2004)
Financial Cryptography and Data Security (FC'05) is the premier
international forum for research, advanced development, education,
exploration, and debate regarding security in the context of finance
and commerce. We have augmented our conference title and expanded our
scope to cover all aspects of securing transactions and systems. These
aspects include a range of technical areas such as: cryptography,
payment systems, secure transaction architectures, software systems
and tools, user and operator interfaces, fraud prevention, payment
systems, secure IT infrastructure, and analysis methodologies. Our
focus will also encompass legal, financial, business and policy
aspects. Material both on theoretical (fundamental) aspects of
securing systems and on secure applications and real-world deployments
will be considered.
Original papers and presentations on all aspects of financial and
commerce security are invited. Submissions must have a visible bearing
on financial and commerce security issues, but can be
interdisciplinary in nature and need not be exclusively concerned with
cryptography or security. Possible topics for submission to the
various sessions include, but are not limited to:
- - Anonymity and Privacy
- - Auctions
- - Audit and Auditability
- - Authentication and Identification, including Biometrics
- - Certification and Authorization
- - Commercial Cryptographic Applications
- - Commercial Transactions and Contracts
- - Digital Cash and Payment Systems
- - Digital Incentive and Loyalty Systems
- - Digital Rights Management
- - Financial Regulation and Reporting
- - Fraud Detection
- - Game Theoretic Approaches to Security
- - Infrastructure Design
- - Legal and Regulatory Issues
- - Microfinance and Micropayments
- - Monitoring, Management and Operations
- - Reputation Systems
- - RFID-Based and Contactless Payment Systems
- - Risk Assessment and Management
- - Secure Banking
- - Secure Financial Web Services
- - Securing Emerging Computational Paradigms
- - Security and Risk Perceptions and Judgments
- - Security Economics
- - Smart Cards and Secure Tokens
- - Trust Management
- - Trustability and Trustworthiness
- - Underground-Market Economics
- - Usability and Acceptance of Security Systems
- - User and Operator Interfaces
For more info, please see http://www.ifca.ai/fc05/
- November 2004
-
IWIA 2005 Third IEEE International Information Assurance Workshop,
Washington D.C., USA, March 31-April 1, 2005. (submissions due 8
November 2004)
The IEEE Task Force on Information Assurance is sponsoring a workshop
on information assurance in cooperation with the ACM SIGSAC on
research and experience in information assurance. The workshop seeks
submissions from academia, government, and industry presenting novel
research, applications and experience, and policy on all theoretical
and practical aspects of IA.
Possible topics include, but are not limited to the following:
- - Operating System IA & S
- - Storage IA & S
- - Network IA & S
- - IA Standardization Approaches
- - Information Sharing in Coalition Settings
- - Security Models
- - Survivability and Resilient Systems
- - Formal Methods and Software Engineering for IA
- - Survivability and Resilient Systems
- - Formal Methods and Software Engineering for IA
- - Proactive Approaches to IA
- - CCITSE Experience and Methodology
- - Intrusion Detection, Prediction, and Countermeasures
- - Insider Attack Countermeasures
- - Specification, Design, Development, and Deployment of IA Mechanisms
- - Policy Issues in Information Assurance
More information can be found on the workshop web page at
http://iwia.org/2005/