 |
|
Commentary and Opinion
Richard Austin's review of Security Engineering: A Guide to Building Dependable Distributed Systems (2ed) by Ross Anderson
NewsBits: Announcements and correspondence from readers (please contribute!)
Conference and Workshop Announcements
Cipher
calls-for-papers
and
calendar
(the calls-for-papers and the calendar announcements may differ
slightly in content or time of update):
CISS 2009 Communication and Information Systems Security Symposium, Held in conjunction with the IEEE International Conference on Communications (ICC 2009), Dresden, Germany, June 14-18, 2009. (Submissions due 17 September 2008)
With the advent of pervasive computer applications and due to the proliferation of heterogeneous wired and wireless computer and communication networks, security and privacy issues have become paramount. This Symposium will address all aspects of the modeling, design, implementation, deployment, and management of security algorithms, protocols, architectures, and systems. Furthermore, contributions devoted to the evaluation, optimization, or enhancement of security and privacy mechanisms for current technologies, as well as devising efficient security and privacy solutions for emerging technologies, are solicited. Topics of interest include, but are not limited to, the following:
PKC 2009 12th IACR International Workshop on Practice and Theory in Public Key Cryptography, Irvine, California, USA, March 18-20, 2009. (Submissions due 24 September 2008)
Original research papers on all technical aspects of public key cryptography are solicited for submission to PKC 2009, the 12-th International Workshop on Practice and Theory in Public Key Cryptography. PKC'09 proceedings be published in Sprinter-Verlag LNCS Series and will be available at the conference.
TrustCol 2008 3rd International Workshop on Trusted Collaboration, Held in conjunction with IEEE CollaborateCom, The Regal Sun Resort, Orlando, Florida, USA, November 13-16, 2008. (Submissions due 29 September 2008)
The ongoing, rapid developments in information systems technologies and networking have enabled significant opportunities for streamlining decision making processes and maximizing productivity through distributed collaborations that facilitate unprecedented levels of sharing of information and computational resources. Emerging collaborative environments need to provide efficient support for seamless integration of heterogeneous technologies such as mobile devices and infrastructures, web services, grid computing systems, online social networks, various operating environments, and diverse COTS products. Such heterogeneity introduces, however, significant security and privacy challenges for distributed collaborative applications. Balancing the competing goals of collaboration and security is difficult because interaction in collaborative systems is targeted towards making people, information, and resources available to all who need it whereas information security seeks to ensure the availability, confidentiality, and integrity of these elements while providing it only to those with proper trustworthiness. The key goal of this workshop is to foster active interactions among diverse researchers and practitioners, and generate added momentum towards research in finding viable solutions to the security and privacy challenges faced by the current and future collaborative systems and infrastructures. We solicit unpublished research papers that address theoretical issues and practical implementations/experiences related to security and privacy solutions for collaborative systems. Topics of interest include, but are not limited to:
PSAI 2009 2nd Workshop on Privacy and Security by means of Artificial Intelligence, Held in conjunction with ARES 2009, Fukoka, Japan, March 16-19, 2009. (Submissions due 30 September 2008)
In this workshop, we aim to convene researchers in the areas of Security, Data Privacy and Artificial Intelligence. We seek to collect the most recent advances in artificial intelligence techniques (i.e. neural networks, fuzzy systems, multi-agent systems, genetic algorithms, image analysis, clustering, etc), which are applied to the protection of privacy and security. Individual privacy protection is a hot topic and it must be addressed to guarantee the proper evolution of a modern society based on the Information and Communication Techniques (ICTs). However, security policies could invade individual privacy, especially after the appearance of the new forms of terrorism. These two concepts (i.e. security and privacy) are somehow opposite because, most of the times, security is achieved by means of privacy invasion. Statistical agencies and the like are collecting large amounts of personal information that has to be protected before its publication. Different forms of evolutionary computation and clustering have been proposed to tackle this problem. Moreover, the protection of critical infrastructures such as airports has invigorated the study of more efficient techniques for pattern recognition, image analysis, etc.
Wiley's Security and Communication Networks Journal, Special Issue on Security in Mobile Wireless Networks, 4th quarter of 2009. (Submission Due 30 September 2008)
Guest editors: Abderrahim Benslimane (University of Avignon, France), Chadi Assi (Concordia University, Montreal, Canada), Stamatios V. Kartalopoulos (University of Oklahoma, USA), and Fred Nen-Fu Huang (National Tsing Hua University, Taiwan)
Security has become a primary concern in order to provide protected communication in mobile networks. Unlike the wired networks, the unique characteristics of mobile networks pose a number of nontrivial challenges to security design, such as open peer-to-peer network architecture, shared wireless medium, stringent resource constraints, highly dynamic network topology and absence of a trusted infrastructure. Ubiquitous roaming impacts on a radio access system by requiring that it supports handover between neighbouring cells and different networks. Also, mobile networks are more exposed to interferences than wired networks. There are several components that contribute to this: adjacent channels, co-channels, Doppler shifts, multipath, and fading. This SI aims to identify and explore the different issues and challenges related to security aspects in mobile networks. What are the impacts (benefits or inconvenience) of mobility on security? What are the appropriate mobility models to have a good level of security? Are Classical IDS approaches appropriate for mobile environments? How can be managed security when Mobility pattern and/or behaviour prediction? The complete security solution should span both layers, and encompass all three security components of prevention, detection, and reaction. Topics of interest include, but are not limited to, the following as they relate to mobile networks:
EURASIP Journal on Wireless Communications and Networking, Special Issue on Wireless Physical Layer Security, April 1, 2009. (Submission Due 1 October 2008)
Guest editors: Mérouane Debbah (Supélec, France), Hesham El-Gamal (Ohio State University, USA), H. Vincent Poor (Princeton University, USA), and Shlomo Shamai (Technion, Israel)
Security is a critical issue in multiuser wireless networks in which secure transmissions are becoming increasingly difficult to obtain in highly mobile and distributed environments. In his seminal works of the late 1940s, Shannon formalized the concepts of capacity (as a transmission efficiency measure) and equivocation (as a measure of secrecy). Together with Wyner's fundamental formulation of the wiretap channel in the 1970s, this work laid the groundwork for the area of wireless physical area security. Interest in this area has exploded in recent years, motivated by the rise of wireless networking in general and by the increasing interest in large mobile networks with light infrastructure, which are extremely difficult to secure by traditional methods.
The objective of this special issue (whose preparation is carried out under the auspices of the EC Network of Excellence in Wireless Communications NEWCOM++) is to gather recent advances in the area of wireless physical layer security from the theoretical, such as the analysis of the secrecy capacity of various channel models, to more practical interests such as the development of codes and other communication schemes that can provide security in real networks. Suitable topics for this special issue dedicated to physical layer security include but are not limited to:
IFIP-DF 2009 5th Annual IFIP WG 11.9 International Conference on Digital Forensics, Orlando, Florida, USA, January 25-28, 2009. (Submissions due 15 October 2008)
The IFIP Working Group 11.9 on Digital Forensics (www.ifip119.org) is an active international community of scientists, engineers and practitioners dedicated to advancing the state of the art of research and practice in the emerging field of digital forensics. The Fifth Annual IFIP WG 11.9 International Conference on Digital Forensics will provide a forum for presenting original, unpublished research results and innovative ideas related to the extraction, analysis and preservation of all forms of electronic evidence. Keynote presentations, revised papers and details of panel discussions will be published as an edited volume - the fifth in the series entitled Research Advances in Digital Forensics (Springer) in the summer of 2009. Technical papers are solicited in all areas related to the theory and practice of digital forensics. Areas of special interest include, but are not limited to:
NSP 2008 1st International Workshop on Network Security and Privacy, Held in conjunction with the IEEE IPCCC 2008, Austin, Texas, USA, December 7-9, 2008. (Submissions due 15 October 2008)
This workshop provides a forum for academia, industry, and government agencies to discuss the challenges involved in network security and privacy. The workshop will identify and define new network security vulnerabilities, fundamental privacy issues and potential solutions. Contributions of all types including case studies and research, addressing the main focus or one of following non-exclusive list of topics are equally welcome:
FC 2009 13th International Conference on Financial Cryptography and Data Security, Accra Beach, Barbados, February 23-26, 2009. (Submissions due 17 October 2008)
At its 13th year edition, Financial Cryptography and Data Security (FC'09) is a well established and major international forum for research, advanced development, education, exploration, and debate regarding security in the context of finance and commerce. Original papers, surveys and presentations on all aspects of financial and commerce security are invited. Submissions must have a strong and visible bearing on financial and commerce security issues, but can be interdisciplinary in nature and need not be exclusively concerned with cryptography or security. Possible topics for submission to the various sessions include, but are not limited to:
ALICS 2008 Workshop on Applications of Logic in Computer Security, Held in conjunction with the 15th International Conference on Logic for Programming, Artificial Intelligence and Reasoning (LPAR 2008), Doha, Qatar, November 22, 2008. (Submissions due 18 October 2008)
ALICS is intended to be an informal workshop devoted to the applications of logic in computer security. This workshop is intended for presentation and discussion of work in progress and the discussion of emerging and foundational ideas. We are interested in all aspects of the application of logic to computer security. Applications of interest include security policy, access control, security protocols, information flow, but we are also interested in new and as yet untried applications of logic to different areas of computer security. We are also interested in discussion papers that raise fundamental questions and/or suggest new lines of research in this area. Work that has already appeared or is under consideration by other venues is welcome.
SecSE 2009 3rd Workshop on Secure Software Engineering, Held in conjunction with conjunction with ARES 2009, Fukuoka, Japan, March 16-19, 2009. (Submissions due 30 October 2008)
In our modern society, software is an integral part of everyday life, and we expect and depend upon software systems to perform correctly. Software security is about ensuring that systems continue to function correctly also under malicious attack. As most systems now are web-enabled, the number of attackers with access to the system increases dramatically and thus the threat scenario changes. The traditional approach to secure a system includes putting up defence mechanisms like IDS and firewalls, but such measures are no longer sufficient by themselves. We need to be able to build better, more robust and more secure systems. Even more importantly, however, we should strive to achieve these qualities in all software systems, not just the ones that need special protection. This workshop will focus on techniques, experiences and lessons learned for engineering secure and dependable software. Suggested topics include, but are not limited to:
Trust 2009 2nd International Conference on Trusted Computing, St. Hugh's College, University of Oxford, UK, April 6-8, 2009. (Submissions due 2 November 2008)
Building on the success of Trust 2008 (held in Villach, Austria, in March 2008), this conference focuses on trusted and trustworthy computing, both from the technical and social perspectives. The conference itself will have two main strands, one devoted to technical aspects and one devoted to the socio-economic aspects of trusted computing. The conference solicits original papers on any aspect of the design and application of trusted computing. Topics of interest include, but are not limited to:
SP 2009 30th IEEE Symposium on Security and Privacy, Oakland/Berkeley, California, USA, May 17-20, 2009. (Submissions due 10 November 2008)
Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for computer security research, presenting the latest developments and bringing together researchers and practitioners. We solicit previously unpublished papers offering novel research contributions in any aspect of computer security or privacy. S&P is interested in all aspects of computer security and privacy. Papers may present advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems. Papers without a clear application to security or privacy will be considered out of scope and may be rejected without full review. Topics of interest include, but are not limited to:
IDtrust 2009 8th Symposium on Identity and Trust on the Internet, Gaithersburg, Maryland, USA, April 14-16, 2009. (Submissions due 17 November 2008)
IDtrust is devoted to research and deployment experience related to making good security decisions based on identity information, especially when public key cryptography is used and the human elements of usability are considered. The success of any business strategy depends on having the right people gain access to the right information at the right time. This implies that an IT infrastructure has - among other things - an authorization framework in place that can respond to dynamic security conditions and regulatory requirements quickly, flexibly and securely. What are the authorization strategies that will succeed in the next decade? What technologies exist to address complex requirements today? What research is academia and industry pursuing to solve the problems likely to show up in the next few years? We solicit technical papers and panel proposals from researchers, systems architects, vendor engineers, and users. Suggested topics include but are not limited to:
ISPEC 2009 5th Information Security Practice and Experience Conference, Xi'an, China, April 13-15, 2009. (Submissions due 20 November 2008)
As applications of information security technologies become pervasive, issues pertaining to their deployment and operation are becoming increasingly important. ISPEC is an annual conference that brings together researchers and practitioners to provide a confluence of new information security technologies, their applications and their integration with IT systems in various vertical sectors. Topics of interest include, but are not limited to:
IFIP-CIP 2009 Annual IFIP WG 11.10 International Conference on Critical Infrastructure Protection, Hanover, New Hampshire, USA, March 22-25, 2009. (Submissions due 31 December 2008)
The IFIP Working Group 11.10 on Critical Infrastructure Protection is an active international community of researchers, infrastructure operators and policy-makers dedicated to applying scientific principles, engineering techniques and public policy to address current and future problems in information infrastructure protection. Papers are solicited in all areas of critical infrastructure protection. Areas of interest include, but are not limited to:
Listing of academic positions available by
Cynthia Irvine
Staying in touch....
Changing your email address? Please send updates to cipher@ieee-security.org
IEEE Computer Society's Technical Committee on Security and Privacy
| TC home page | TC Officers | |
| How to join the TC | TC publications available online | |
| TC Publications for sale | Cipher past issues archive | |
| IEEE Computer Society | Cipher Privacy Policy |