 |
|
Commentary and Opinion
Listing of academic positions available by
Cynthia Irvine
Staying in touch....
Changing your email address? Please send updates to cipher@ieee-security.org
Conference and Workshop Announcements
Cipher
calls-for-papers
and
calendar
new calls or announcements added since Cipher E74;
(the calls-for-papers and the calendar announcements may differ
slightly in content or time of update):
IFIP-CIP 2007 1st Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, Hanover, New Hampshire, USA, March 19-21, 2007. (Submissions due 15 November 2006)
The IFIP Working Group 11.10 on Critical Infrastructure Protection is an active international community of researchers, infrastructure operators and policy-makers dedicated to applying scientific principles, engineering techniques and public policy to address current and future problems in information infrastructure protection. Papers are solicited in all areas of critical infrastructure protection. Areas of special interest include, but are not limited to:
FIRST 2007 19th FIRST Global Computer Security Network conference, Seville, Spain, June 17-22, 2007. (Submissions due 15 November 2006)
Privacy is the genie in the bottle for all data-holding organizations once out, whether through crime or carelessness, private and personal information is out for ever, and has a power to do harm which is almost incalculable. In the wake of losses and thefts which have exposed millions of customers to fraud and identity theft, states in America and governments in many other countries are legislating or plan to legislate to compel corporate and other data-holders to report publicly all violations of digital privacy. The impact on reputation for those "named and shamed" may be catastrophic, and the risk to revenues and even to survival will be profound. New threats to privacy are emerging every day, and at the same time, tensions are rising between governments who want to harvest and store data about individual citizens and use it to oversee and steer behavior, and corporate who collect data from and about citizens who are also customers. Already, brands which have been exposed by the media for "shopping" customers or "blocking" behavior have suffered serious blows to their reputations. Understanding these complex issues and being adequately prepared in case of exposure will be crucial if organizations are to navigate successfully all the trials that digital privacy is posing. The FIRST program committee solicits original contributions on network security for refereed paper presentations, tutorials, invited talks, and panel discussions. Past topics have included creating and managing CSIRTs, computer vulnerability, threat detection, computer forensics, and case studies.
WWW-SPRE 2007 16th International World Wide Web Conference, Security, Privacy, Reliability and Ethics (SPRE) Track, Banff, Alberta, Canada, May 8-12, 2007. (Submissions due 20 November 2006)
The flexibility and richness of the Web architecture have come at the price of
increasing complexity and lack of a sound overall security architecture. The movement
toward Web-based services, and the increasing dependency on the Web, have also made
reliability a first-rate security concern. From malware and spyware, drive-by downloads,
typo squatting, denial of service attacks, to phishing and identity theft, a variety of
threats make the Web an increasingly hostile and dangerous environment.
By undermining user trust, these problems are hampering e-commerce and the
growth of online communities.
This track promotes the view that security, privacy, reliability, and sound
guiding ethics must be part of the texture of a successful World Wide Web. In addition to
devising practical tools and techniques, it is the duty of the research community to
promote and guide business adoption of security technology for the Web and to help inform
related legislation. We seek novel research (both theoretical and practical) in security,
privacy, reliability, and ethics as they relate to the Web,
including but not limited to the following areas:
ICDCS 2007 27th International Conference on Distributed Computing Systems, Toronto, Canada, June 25-29, 2007. (Submissions due 29 November 2006)
The conference provides a forum for engineers and scientists in academia, industry and government to present their latest research findings in any aspects of distributed and parallel computing. Topics of particular interest include, but are not limited to:
SADFE 2007 2nd International Workshop on Systematic Approaches to Digital Forensic Engineering, Seattle, Washington, USA, April 10-12, 2007. (Submissions due 30 November 2006)
SADFE promotes systematic approaches to cyber crime investigation, by furthering the advancement of digital forensic engineering as a disciplined practice. Unlike ad-hoc computer forensics, digital forensic engineering is characterized by the application of scientific and mathematical principles to the investigation and establishment of facts or evidence, either for use within a court of law or to aid understanding of cyber crimes or cyber-enabled crimes. Advancing digital forensics engineering requires the expertise of technologists, analysts, and legal experts to produce sound computer systems and sound forensic practices which will meet the needs of courtroom presentation as well as minimizing negative effects on the cyber-system's original purpose. This workshop brings together top digital forensic researchers, advanced tool/product builders, and expert law enforcement representatives from around the world for information exchange and R&D collaboration. Topics of interest include, but not limited to:
Digital Evidence Management: advanced digital evidence discovery, collection, and storage
NetCri 2007 1st International Workshop on Research Challenges in Next Generation Networks for First Responders and Critical Infrastructures, Held in conjunction with IEEE IPCCC 2007, New Orleans, Louisiana, USA, April 11-13, 2007. (Submissions due 30 November 2006)
As advances in pervasive computing, wireless communication and sensor networks continue, more opportunities are open to first responders and critical infrastructures to benefit from these technologies. Providing first responders with the best possible technology, infrastructure and services help save the lives of the general public and the first responders as well. One of the main challenges to the operations of first responders and critical infrastructures is to deploy a communication network that is dependable, secure, and rapidly deployable. In order to operate effectively, the deployed network supports services such as location determination, audio and video communication, and in site and remote sensing. Another key feature for first responders and critical infrastructures networks is to support interactions among multiple heterogeneous networks. This workshop provides a forum for researchers, industry, and government agencies to discuss the challenges facing the design, deployment and operational issues for next generation network support for first responders and critical infrastructure. The workshop will identify and define fundamental concepts and techniques, resolve conflicts between different approaches in the area, and provide a common ground for an advanced research and development agenda. Topics of interest include, but are not limited to:
WIA 2007 3rd International Workshop on Information Assurance, Held in conjunction with the 26th IEEE International Performance Computing and Communications Conference (IPCCC 2007), New Orleans, Louisiana, USA, April 11-13, 2007. (Submissions due 30 November 2006)
Information Assurance (IA) is defined as the operations undertaken to protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality and non-repudiation. Availability implies that networks and systems must be survivable and fault tolerant -- they should possess redundancies to operate under failures or security breaches. For example, networks should be designed with sufficient spare and working capacity, efficient traffic restoration protocols, alarms and network management. Security encompasses the other aspects of IA, namely integrity, access-control, authentication, confidentiality and non-repudiation as they apply to both networks and systems. The increasing reliance of business-to-business and business-to-consumer applications on networked information systems dramatically magnifies the consequence of damages resulting from even simple system faults and intrusions, making the task of assuring confidentiality, availability and integrity of information difficult. Although several piecemeal solutions address concerns related to the security and fault tolerance of various components of such networked information systems, there is a growing need to leverage the synergy between security and survivability to provide a higher level of information assurance in the face of faults and attacks. We seek papers that address theoretical, experimental, systems-related and work in-progress in the area of Information Assurance at the network and system levels. We expect to have three types of sessions - the first related to survivability and fault tolerance, the second related to security, and the third related to the interactions between security and survivability. Papers should describe original, previously unpublished work, not currently under review by another conference, workshop, or journal. Papers accepted for presentation will be published in the IPCCC conference proceedings. The workshop will also include invited papers. Topics of interest include, but are not limited to:
Policy 2007 8th IEEE International Workshop on Policies for Distributed Systems and Networks, Bologna, Italy, June 13-15, 2007. (Submissions due 10 December 2006)
Policy 2007 aims to bring together researchers and practitioners working on policy-based management across a wide range of application domains including networks, security and privacy, storage, and databases. This year, the workshop will have a special focus on the Semantic Web. The Semantic Web provides promising technologies for policy-based management both for the Web and other distributed systems such as the pervasive environments, grid computing, and multi-agent systems. Submitted papers will be evaluated for technical contribution, originality, and significance. Topics of interest include, but are not limited to the following:
Policy Models and Languages:
ACNS 2007 5th International Conference on Applied Cryptography and Network Security, Zhuhai, China, June 5-8, 2007. (Submissions due 14 December 2006)
ACNS'07, the 5th International Conference on Applied Cryptography and Network Security, brings together industry and academic researchers interested in the technical aspects of cryptology and the latest advances in the application of crypto systems. Original papers on all aspects of applied cryptography and network security are solicited for submission to ACNS '07. Topics of relevance include but are not limited to:
Elsevier Computer Communications Journal, Special Issue on Security on Wireless Ad Hoc and Sensor Networks 3rd Quarter of 2007. (Submission Due 15 December 2006)
Guest editors: Sghaier Guizani (University of Moncton, Canada), Hsiao-Hwa Chen (National Sun Yat-Sen University, Taiwan), Peter Mueller (IBM Zurich Research Laboratory, Switzerland)
The increase of wireless and mobile devices and the recent advancement in wireless and mobile ad hoc and sensor networks technologies/applications in a large variety of environments, such as homes, business places, emergency situations, disaster recoveries and people on the move is unprecedented. These activities over different network systems have brought security concerns on an unprecedented scale. Security is an important issue for wireless and mobile ad hoc and sensor networks (MANETs) especially for the security-sensitive applications such as in military, homeland security, financial institutions and many other areas. Such security threats take advantage of protocol weaknesses as well as operating systems' vulnerabilities to attack Internet applications. Theses attacks involve, for example, distributed denials of services, buffer overflows, viruses, and worms, where they cause an increasingly greater technical and economic damage.
With regard to such cyber security aspects, there is an increasing demand for measures to guarantee and fully attain the authentication, confidentiality, data integrity, privacy, access control, non repudiation, and availability of system services. This Special Issue will serve as a venue for both academia and industry individuals and groups working in this fast-growing research area to share their experiences and state-of-the-art work with the readers. The topics of interest include, but are not limited to:
GPC 2007 Workshop on Grid and Pervasive Computing Security, Held in conjunction with the 2007 International Conference on Multimedia and Ubiquitous Engineering (MUE 2007), Seoul, Korea, April 26-28, 2007. (Submissions due 15 December 2006)
Grid and Pervasive Computing (GPC) are emerging technologies that enable access to a pervasive flow of information, data and services anytime and anywhere. As the security is of paramount importance to the design and deployment of GPC, the benefits of GPC will only be fully realized if security aspects can be appropriately addressed. The goal of this symposium is to take the grid and pervasive security significantly forward through analyses of new security and privacy issues arising from the novel architecture of Grid and pervasive systems and to propose solutions to safely deploy services and appliances. To this end, we solicit original high quality submissions on topics in security in computational/data grids and pervasive computing:
SecSE 2007 1st International Workshop on Secure Software Engineering, Vienna, Austria, April 10-13, 2007. (Submissions due 17 December 2006)
In our modern society, software is an integral part of everyday life, and we expect and depend upon software systems to perform correctly. Software security is about ensuring that systems continue to function correctly also under malicious attack. As most systems now are web-enabled, the number of attackers with access to the system increases dramatically and so the threat scenario changes. The traditional approach to secure a system includes putting up defence mechanisms like IDS and firewalls, but this is no longer sufficient. We need to be able to build better, more robust and more secure systems. Even more importantly, however, we should strive to achieve these qualities in all software systems, not just the ones that need special protection. This workshop will focus on techniques, experiences and lessons learned for engineering secure software. Suggested topics include, but are not limited to:
IFIP-SEC 2007 22nd IFIP TC-11 International Information Security Conference, Theme: New approaches for Security, Privacy and Trust in Complex Environments, Sandton Convention Centre Sandton, South Africa, May 14-16, 2007. (Submissions due 12 January 2006)
Information is now the most important commodity in a global market. Individuals, businesses and governments are dependable on information embedded in secure, privacy aware and trustworthy IT infrastructures. Classical information security services such as authentication and authorisation urgently demand a re-design and improved implementation to ensure security, privacy and trust features in today's integrated and complex information rich environments. Papers offering research contributions focusing on security, privacy and trust are solicited for submission to the 22nd IFIP TC-11 International Information Security Conference. Papers may present theory, applications or practical experiences including, but not limited to:
ASC 2007 6th Annual Security Conference, Las Vegas, Nevada, USA, April 11-12, 2007. (Submissions due 15 January 2007)
With the development of more complex networking systems and the rapid transition to the e-world, information security has become a real concern for many individuals and organizations. Advanced safeguards are required to protect the information assets of not only large but also small and distributed enterprises. New approaches to information security management, such as policies and certifications, are now being required. The security of strategic corporate information has become the foremost concern of many organizations, and in order to assure this security, methods and techniques must be conceptualized for small enterprises both from a functional and technical viewpoint. Recommended topics (but not limited to) include:
USENIX-SECURITY 2007 16th USENIX Security Symposium, Boston, MA, USA, August 610, 2007. (Submissions due 1 February 2007)
The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in the security of computer systems and networks. All researchers are encouraged to submit papers covering novel and scientifically significant practical works in security or applied cryptography. Refereed paper submissions are solicited in all areas relating to systems and network security, including:
CSFW-20 20th IEEE Computer Security Foundations Workshop, Venice, Italy, July 6-8, 2007. (Submissions due 5 February 2007)
The IEEE Computer Security Foundations Workshop (CSFW) series brings together researchers in computer science to examine foundational issues in computer security. Over the past two decades, many seminal papers and techniques have been presented first at CSFW. New theoretical results in computer security are welcome. Also welcome are more exploratory presentations, which may examine open questions and raise fundamental concerns about existing theories. Panel proposals are welcome as well as papers. Possible topics include, but are not limited to:
DIMVA 2007 4th GI International Conference on Detection of Intrusions & Malware, and Vulnerability Assessment, Lucerne, Switzerland, July 12-13, 2007. (Submissions due 9 February 2007)
The annual DIMVA conference serves as a premier forum for advancing the state of the art in intrusion detection, malware detection, and vulnerability assessment. DIMVA particularly encourages papers that discuss the integration of intrusion, malware, and vulnerability detection in large-scale operational communication networks. DIMVA's scope includes, but is not restricted to the following areas:
Intrusion Detection
PAIRING 2007 1st International Conference on Pairing-based Cryptography, Tokyo, Japan, July 2-4, 2007. (Submissions due 15 February 2007)
Since the introduction of pairings in constructive cryptographic applications, an ever increasing number of protocols have appeared in the literature: identity-based encryption, short signature, and efficient broadcast encryption to mention but a few. An appropriate mix of theoretical foundations and practical considerations is essential to fully exploit the possibilities offered by pairings: number theory, cryptographic protocols, software and hardware implementations, new security applications, etc. Authors are invited to submit papers describing original research on all aspects of pairing-based cryptography, including, but not limited to the following topics:
Novel cryptographic protocols
PET 2007 7th workshop on Privacy Enhancing Technologies, Ottawa, Canada, June 20 - June 22, 2007. (Submissions due 23 February 2007)
Privacy and anonymity are increasingly important in the online world. Corporations, governments, and other organizations are realizing and exploiting their power to track users and their behavior. Approaches to protecting individuals, groups, but also companies and governments from profiling and censorship include decentralization, encryption, distributed trust, and automated policy disclosure. The 7th workshop on Privacy Enhancing Technologies addresses the design and realization of such privacy services for the Internet and other communication networks by bringing together anonymity and privacy experts from around the world to discuss recent advances and new perspectives. The workshop seeks submissions from academia and industry presenting novel research on all theoretical and practical aspects of privacy technologies, as well as experimental studies of fielded systems. We encourage submissions from other communities such as law and business that present their perspectives on technological issues. Suggested topics include but are not restricted to:
EURASIP Journal on Information Security, Special Issue on Signal Processing in the Encrypted Domain, 4th Quarter, 2007. (Submission Due 1 March 2007)
Guest editors: Alessandro Piva (University of Florence, Italy)
and Stefan Katzenbeisser (Philips Research Europe, The Netherlands)
Recent advances in digital signal processing enabled a number of new services in various application domains, ranging from enhanced multimedia content production and distribution to advanced healthcare systems for continuous health monitoring. At the heart of these services lies the ability to securely manipulate "valuable" digital signals in order to satisfy security requirements such as intellectual property management, authenticity, privacy, and access control. This special issue solicits papers exploring the application of signal processing to encrypted content, both from a theoretical and practical point of view. Topics of interest include, among others:
SOUPS 2007 Symposium On Usable Privacy and Security, Carnegie Mellon University, Pittsburgh, PA, USA, July 18-20, 2007. (Submissions due 2 March 2007)
The 2007 Symposium on Usable Privacy and Security (SOUPS) will bring together an interdisciplinary group of researchers and practitioners in human computer interaction, security, and privacy. The program will feature technical papers, a poster session, panels and invited talks, discussion sessions, and in-depth sessions (workshops and tutorials). We invite authors to submit original papers describing research or experience in all areas of usable privacy and security. Topics include, but are not limited to:
IWSEC 2007 2nd International Workshop on Security, Nara, Japan, October 29-31, 2007. (Submissions due 13 April 2007)
The complex structure of networks, middleware, agents, P2P applications and ubiquitous computing for commercial, personal, communal and public use, brought forth the advent of information society in the cyberspace. However the system poses new and diverse threats to the world. It is imperative for the security researchers to look into the issues from an interdisciplinary perspective. Papers may present theory, applications or practical experiences on topics including, but not limited to:
Security Journal of Universal Computer Science (JUCS), Special Issue on Cryptography in Computer System February 2008. (Submission Due 1 May 2007)
Guest editors: Liqun Chen (Hewlett-Packard Labs, UK), Ed Dawson (Queensland University of Technology, Australia), Xuejie Lai (Shanghai Jiao Tong University, China), Masahiro Mambo (Tsukuba University, Japan), Atsuko Miyaji (JAIST, Japan), Yi Mu (University of Wollongong, Australia), David Pointcheval (Ecole Normale Superieure, France), Bart Preneel (Katholieke Universiteit Leuven, Belgium), Nigel Smart (Bristol University, UK), Willy Susilo (University of Wollongong, Australia), Huaxiong Wang (Macquarie University, Australia), and Duncan Wong (City University of Hong Kong, China)
Cryptography has been playing an important role to ensure the security and reliability of modern computer systems. Since high speed and broad bandwidth have been becoming the keywords for modern computer systems, new cryptographic methods and tools must follow up in order to adapt to these new and emerging technologies. This Special Issue aims to provide a platform for security researchers to present their newly developed cryptographic technologies in computer systems. Areas of interest for this special journal issue include, but are not limited to, the following topics:
IEEE Computer Society's Technical Committee on Security and Privacy
| TC home page | TC Officers | |
| How to join the TC | TC publications available online | |
| TC Publications for sale | Cipher past issues archive | |
| IEEE Computer Society | Cipher Privacy Policy |