Dear Readers,
The IEEE Security and Privacy Symposium was held recently, and it was a time to reflect on the growth of security research field. The symposium had 66 papers packed into 3 days, a poster session, and a full day of workshops. There were nearly 600 registrations for the main symposium. There are now 3 separate conferences under the same sponsorship: the European Security and Privacy Symposium, the SecDev conference, and the Computer Security Foundations symposium.
The program committees are generally disposed towards increasing the number of papers, and this means that the format of Security and Privacy will have to change. At the business meeting there was strong support for dual track, and next year there may be some experimentation to help settle on a stable format for outyears.
The program had a greater breadth of topics than in previous years. Some, perhaps most, of the non-traditional topics had interesting presentations, and many of the traditional topics elicited little perceptible interest from the audience. This phenomenon was a bit jarring, especially when juxtaposed against the rumblings of complaints about the review process. The review committee does a huge amount of work in considering the deluge of submissions, but perhaps not all papers get consideration from appropriate experts. The all-important acceptance rate may increase, but that in itself does not guarantee that the conference's paper quality goals are met.
The conference had, for the first time, a published code of conduct, based on the IEEE code of conduct. The conference organizers seemed committed to making the venue a confortable society for all attendees.
One of the five minute talks took direct aim at the lack of gender and racial diversity of the symposium, something that has changed little over its history.
Next year will be the 40th meeting of the symposium (NB: this is not the same as the 40th anniversary). Some commemoration of the milestone may occur.
My eyes are fully open to my awful situation -
I shall go at once to Microsoft and make them an oration.
I shall tell them I've deleted my corrupted hard drive data,
And I don't care twobits-half-a-byte for any damaged SATA.
Now I do not want to perish by the word or by the sector,
But a martyr may indulge in a little pardonable lecture,
And a word or two of complement my ECC would tatter,
But my data dies tomorrow, so it really doesn't matter!
(so sorry G&S!)