Tag Archive: policies

Jan 20

Secrypt 2015

CALL FOR PAPERS

International Conference on Security and Cryptography
SECRYPT website: http://www.secrypt.icete.org/

July 20 – 22, 2015
Colmar, Alsace, France

Sponsored by: INSTICC
INSTICC is Member of: WfMC, OMG and FIPA
Logistics Partner: SCITEVENTS

IMPORTANT DATES:
Regular Paper Submission: March 3, 2015
Authors Notification (regular papers): Mayl 18, 2015
Final Regular Paper Submission and Registration: May 26, 2015

You are cordially invited to submit a paper to the SECRYPT 2015 Conference, to be held in Colmar, Alsace, France. The deadline for paper submission is scheduled for March 3, 2015.

SECRYPT is an annual international conference covering research in information and communication security. The 12th International Conference on Security and Cryptography (SECRYPT 2015) will be held in Colmar, France on 20-22 July 2015.
The conference seeks submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of data protection, privacy, security, and cryptography.

Papers describing the application of security technology, the implementation of systems, and lessons learned are also encouraged. Papers describing new methods or technologies, advanced prototypes, systems, tools and techniques and general survey papers indicating future directions are also encouraged.

SECRYPT is interested in promoting high quality research as it can be confirmed by last year acceptance rates, where from 139 submissions, 21% of which were orally presented and 22% presented as posters.

We would like to highlight the presence of the following keynote speakers:
– Anthony C. Boucouvalas, University of Peloponnese, Greece
– Eleni Karatza, Aristotle University of Thessaloniki, Greece
– Andrew Moore, University of Cambridge, United Kingdom

Submitted papers will be subject to a double-blind review process. All accepted papers will be published in the conference proceedings, under an ISBN reference, on paper and on CD-ROM support.
It is planned to publish a short list of revised and extended versions of presented papers with Springer in a CCIS Series book (final approval pending).

The proceedings will be submitted for indexation by Thomson Reuters Conference Proceedings Citation Index (ISI), INSPEC, DBLP, EI (Elsevier Index) and Scopus.
All papers presented at the conference venue will be available at the SCITEPRESS Digital Library (http://www.scitepress.org/DigitalLibrary/). SCITEPRESS is a member of CrossRef (http://www.crossref.org/).

Best paper awards will be distributed during the conference closing session. Please check the website for further information (http://www.secrypt.icete.org/BestPaperAward.aspx).

Workshops, Special sessions, Tutorials as well as Demonstrations dedicated to other technical/scientific topics are also envisaged: companies interested in presenting their products/methodologies or researchers interested in holding a tutorial are invited to contact the conference secretariat. Workshop chairs and Special Session chairs will benefit from logistics support and other types of support, including secretariat and financial support, to facilitate the development of a valid idea.

SECRYPT is part of ICETE, the 12th International Joint Conference on e-Business and Telecommunications. Registration to SECRYPT allows free access to all other ICETE conferences.

ICETE 2015 will be held in conjunction with ICINCO 2015, ICSOFT 2015, SIMULTECH 2015 and DATA 2015. Registration to ICETE allows free access to the ICINCO, ICSOFT, SIMULTECH and DATA conferences as a non-speaker.

ICETE CONFERENCE CO-CHAIRS
Mohammad S. Obaidat, Monmouth University, United States
Pascal Lorenz, University of Haute Alsace, France

PROGRAM CHAIR:
Pierangela Samarati, Universita degli Studi di Milano, Italy

PROGRAM COMMITTEE:
Please check the program committee members at http://www.secrypt.icete.org/ProgramCommittee.aspx

CONFERENCE TOPICS:

– Access Control
– Applied Cryptography
– Biometrics Security and Privacy
– Critical Infrastructure Protection
– Data Integrity
– Data Protection
– Database Security and Privacy
– Digital Forensics
– Digital Rights Management
– Ethical and Legal Implications of Security and Privacy
– Formal Methods for Security
– Human Factors and Human Behavior Recognition Techniques
– Identification, Authentication and Non-repudiation
– Identity Management
– Information Hiding
– Information Systems Auditing
– Insider Threats and Countermeasures
– Intellectual Property Protection
– Intrusion Detection & Prevention
– Management of Computing Security
– Network Security
– Organizational Security Policies
– Peer-to-Peer Security
– Personal Data Protection for Information Systems
– Privacy
– Privacy Enhancing Technologies
– Reliability and Dependability
– Risk Assessment
– Secure Software Development Methodologies
– Security and Privacy for Big Data
– Security and privacy in Complex Systems
– Security and Privacy in Crowdsourcing
– Security and Privacy in IT Outsourcing
– Security and Privacy in Location-based Services
– Security and Privacy in Mobile Systems
– Security and Privacy in Pervasive/Ubiquitous Computing
– Security and Privacy in Smart Grids
– Security and Privacy in Social Networks
– Security and Privacy in the Cloud
– Security and Privacy in Web Services
– Security and Privacy Policies
– Security Area Control
– Security Deployment
– Security Engineering
– Security in Distributed Systems
– Security Information Systems Architecture
– Security Management
– Security Metrics and Measurement
– Security Protocols
– Security requirements
– Security Verification and Validation
– Sensor and Mobile Ad Hoc Network Security
– Service and Systems Design and QoS Network Security
– Software Security
– Trust management and Reputation Systems
– Ubiquitous Computing Security
– Wireless Network Security

Jul 08

Top 10 Secure Coding Practices – Secure Coding – CERT Secure Coding Standards

Top 10 Secure Coding Practices

Validate input. Validate input from all untrusted data sources. Proper input validation can eliminate the vast majority of software vulnerabilities. Be suspicious of most external data sources, including command line arguments, network interfaces, environmental variables, and user controlled files [Seacord 05].

Heed compiler warnings. Compile code using the highest warning level available for your compiler and eliminate warnings by modifying the code [C MSC00-A, C++ MSC00-A]. Use static and dynamic analysis tools to detect and eliminate additional security flaws.

Architect and design for security policies. Create a software architecture and design your software to implement and enforce security policies. For example, if your system requires different privileges at different times, consider dividing the system into distinct intercommunicating subsystems, each with an appropriate privilege set.

Keep it simple. Keep the design as simple and small as possible [Saltzer 74, Saltzer 75]. Complex designs increase the likelihood that errors will be made in their implementation, configuration, and use. Additionally, the effort required to achieve an appropriate level of assurance increases dramatically as security mechanisms become more complex.

Default deny. Base access decisions on permission rather than exclusion. This means that, by default, access is denied and the protection scheme identifies conditions under which access is permitted [Saltzer 74, Saltzer 75].

Adhere to the principle of least privilege. Every process should execute with the the least set of privileges necessary to complete the job. Any elevated permission should be held for a minimum time. This approach reduces the opportunities an attacker has to execute arbitrary code with elevated privileges [Saltzer 74, Saltzer 75].

Sanitize data sent to other systems. Sanitize all data passed to complex subsystems [C STR02-A] such as command shells, relational databases, and commercial off-the-shelf (COTS) components. Attackers may be able to invoke unused functionality in these components through the use of SQL, command, or other injection attacks. This is not necessarily an input validation problem because the complex subsystem being invoked does not understand the context in which the call is made. Because the calling process understands the context, it is responsible for sanitizing the data before invoking the subsystem.

Practice defense in depth. Manage risk with multiple defensive strategies, so that if one layer of defense turns out to be inadequate, another layer of defense can prevent a security flaw from becoming an exploitable vulnerability and/or limit the consequences of a successful exploit. For example, combining secure programming techniques with secure runtime environments should reduce the likelihood that vulnerabilities remaining in the code at deployment time can be exploited in the operational environment [Seacord 05].

Use effective quality assurance techniques. Good quality assurance techniques can be effective in identifying and eliminating vulnerabilities. Fuzz testing, penetration testing, and source code audits should all be incorporated as part of an effective quality assurance program. Independent security reviews can lead to more secure systems. External reviewers bring an independent perspective; for example, in identifying and correcting invalid assumptions [Seacord 05].

Adopt a secure coding standard. Develop and/or apply a secure coding standard for your target development language and platform.

Bonus Secure Coding Practices

Define security requirements. Identify and document security requirements early in the development life cycle and make sure that subsequent development artifacts are evaluated for compliance with those requirements. When security requirements are not defined, the security of the resulting system cannot be effectively evaluated.

Model threats. Use threat modeling to anticipate the threats to which the software will be subjected. Threat modeling involves identifying key assets, decomposing the application, identifying and categorizing the threats to each asset or component, rating the threats based on a risk ranking, and then developing threat mitigation strategies that are implemented in designs, code, and test cases [Swiderski 04].

 

via Top 10 Secure Coding Practices – Secure Coding – CERT Secure Coding Standards.

Jul 12

Windows Security Downloads

Publisher: Malwarebytes
Version: 0.9.2.1200 | Platform: Windows | Category: Security Utilities | Total Downloads: 2,429 | Downloads last week: 1,238
Added on July 01, 2013
Malwarebytes Anti-Exploit BETA, formerly known as ExploitShield by ZeroVulnerabilityLabs, is a security program that protects you from zero-day exploits that target browser and application vulnerabilities. This program is meant to run alongside your traditional anti-virus or anti-malware products and provides extra protection against software and Windows vulnerabilities that are discovered, but do not have a patch available to fix them.

HitmanPro Logo
Publisher: SurfRight
Version: 3.7 | Platform: Windows | Category: Anti-Virus | Total Downloads: 64,437 | Downloads last week: 4,939
Added on April 03, 2013
HitmanPro is an anti-virus program that describes itself as a second opinion scanner that should be used in conjunction with another anti-virus program that you may already have installed.  If malware slips past your anti-virus software, HitmanPro will then step in to detect it.  Though SurfRite bills themselves as a second opinion scanner that does not mean that you cannot use the program as your primary anti-virus product. This is because its scanning technology not only incorporates its own virus definitions but also has the ability to scan files on your computer with the definitions of 5 other anti-virus vendors.

Shortcut Cleaner Logo
Publisher: BleepingComputer
Version: 1.2.3.0 | Platform: Windows | Category: Security Utilities | Total Downloads: 26,566 | Downloads last week: 2,778
Added on June 11, 2013
Shortcut Cleaner is a utility that will scan your computer for Windows shortcuts that have been hijacked by unwanted or malicious software.  When Shortcut Cleaner finds bad shortcuts, it will automatically clean them so that they do not open unwanted programs.

Malwarebytes Anti-Rootkit Logo
Publisher: Malwarebytes
Version: 1.01.0.1021 | Platform: Windows | Category: Rootkit Scanner | Total Downloads: 90,574 | Downloads last week: 2,361
Added on March 21, 2013
Malwarebytes Anti-Rootkit is a free program that can be used to search for and remove rootkits from your computer.  When started, Malwarebytes Anti-Rootkit will scan your computer and allow you to remove any rootkits that it finds.

Junkware Removal Tool Logo
Publisher: thisisu
Platform: Windows | Category: Security Utilities | Total Downloads: 133,715 | Downloads last week: 9,822
Added on December 14, 2012
Junkware Removal Tool is a security utility that searches for and removes common adware, toolbars, and potentially unwanted programs (PUPs) from your computer.  A common tactics among freeware publishers is to offer their products for free, but bundle them with PUPs in order to earn revenue.  This tool will help you remove these types of programs.

AdwCleaner Logo
Publisher: Xplode
Platform: Windows | Category: Security Utilities | Total Downloads: 1,516,212 | Downloads last week: 88,061
Added on July 11, 2013
AdwCleaner is a program that searches for and deletes Adware, Toolbars, Potentially Unwanted Programs (PUP), and browser Hijackers from your computer.  By using AdwCleaner you can easily remove many of these types of programs for a better user experience on your computer and while browsing the web.

SecurityCheck Logo
Publisher: screen317
Platform: Windows | Category: Security Utilities | Total Downloads: 13,139 | Downloads last week: 419
Added on January 16, 2013
SecurityCheck is a program that searches for installed and running security programs on a user’s program. After it is finished, SecurityCheck will then display a log file that contains information about the security programs found on your computer and the status of security services such as Windows Firewall.

RogueKiller Logo
Publisher: Tigzy
Platform: Windows | Category: Security Utilities | Total Downloads: 122,826 | Downloads last week: 6,088
Added on October 01, 2012
RogueKiller is a security tool that can be used to terminate and remove malicious processes and programs from your computer.  RogueKiller has the ability to remove infections such as ZeroAccess, TDSS, rogue anti-spyware programs, and Ransomwares.

SUPERAntiSpyware Logo
Publisher: SUPERAntiSpyware
Platform: Windows | Category: Anti-Spyware | Total Downloads: 30,704 | Downloads last week: 815
Added on September 27, 2012
SUPERAntiSpyware is a free anti-spyware program that offers excellent detections and quick removal of common infections. As malware is constantly evolving and new variants are released, there is not one particular security program that will be able to protect you from all threats.  Therefore it is important to have a variety of programs in your security toolbox that you can use to scan your computer for malware and aid you in their removal.  SUPERAntiSpyware is definitely one of the programs that you want to have at your disposal.

Secunia PSI Logo
Publisher: Secunia
Version: 3.0 | Platform: Windows | Category: Monitoring Software | Total Downloads: 17,859 | Downloads last week: 309
Added on August 07, 2012
Secunia PSI is a tool that can be used to monitor your installed applications for new updates.  When started, Secunia PSI will scan your computer for applications and install any updates that are available for them. This allows your computer to remain secure from possible vulnerabilities in your installed programs.
Publisher: Emsisoft
Platform: Windows | Category: Security Utilities | Total Downloads: 11,833 | Downloads last week: 178
Added on August 24, 2012
BlitzBlank is an advanced system administration tool that allows you to disable drivers, delete files, folders, Windows Registry keys and values that are in-use or locked by malware. BlitzBlank also includes the ability to create scripts for removing multiple files, folders, and Registry information at once in order to avoid malware recreating the files and locking them again. This tool should only be used by advanced system administrators and IT professionals due to its ability to delete almost any file or folder.

Emsisoft Emergency Kit Logo
Publisher: Emsisoft
Platform: Windows | Category: Anti-Virus | Total Downloads: 115,794 | Downloads last week: 718
Added on January 27, 2013
Emsisoft Emergency Kit is a collection of standalone security programs and scanners that can be run from a USB key, bootable CD/DVD, or from within Windows Safe Mode without having to download and install a full security product.  This program is very useful for infections, such as Ransomware,  that cannot be removed while the infections are active or while logged into Windows.

OTL Logo

OTL

Publisher: OldTimer
Platform: Windows | Category: Security Utilities | Total Downloads: 30,667 | Downloads last week: 625
Added on July 24, 2012
OTL, or OldTimer ListIt, is a tool that is used to diagnose a computer for a possible malware presence and to provide system diagnostics information that can by someone working on a computer.  When run, OTL will scan your computer for a variety of information and then generate a report with a tremendous amount of information about your computer’s hardware, programs, files, and running environment.

HijackThis Logo
Publisher: Trend Micro
Version: 2.0.4 | Platform: Windows | Category: Security Utilities | Total Downloads: 112,015 | Downloads last week: 1,991
Added on August 24, 2012
HijackThis is a program that can be used to quickly spot home page hijackers and startup programs that you do not want to start automatically. This program is a not anti-virus program, but rather a enumerator that lists programs that are starting up automatically on your computer as well as other configuration information that is commonly hijacked.

Hosts-perm.bat Logo
Publisher: BleepingComputer
Platform: Windows | Category: Security Utilities | Total Downloads: 12,752 | Downloads last week: 227
Added on June 02, 2012
Hosts-perm.bat is a batch file that will reset the permissions for the Windows HOSTS file.  In the event that you attempt to delete or modify the HOSTS file and receive a message stating that you do not have permission, you can use the Hosts-perm.bat to reset the permissions so that you can properly access it.

ListParts Logo
Publisher: Farbar
Platform: Windows | Category: Security Utilities | Total Downloads: 13,638 | Downloads last week: 206
Added on June 13, 2012
ListParts is a small utility that will create a log that contains a listing of all the hard drive partitions on your computer, which can then be posted on the forum that you are receiving help.  This tool is useful for diagnosing rootkit infections that create additional hidden partitions on your computer.

VT Hash Check Logo
Publisher: Andrew Lambert
Version: 1.3 | Platform: Windows | Category: Security Utilities | Total Downloads: 3,365 | Downloads last week: 45
Added on May 09, 2013
VT Hash check adds a context menu item for all files allowing you to quickly search VirusTotal.com for matching files and their corresponding malware reports.

GrantPerms Logo
Publisher: Farbar
Platform: Windows | Category: Security Utilities | Total Downloads: 13,037 | Downloads last week: 234
Added on May 30, 2012
GrantPerms is a small portable tool that can be used to check permissions or unlock multiple files and folders. It is useful in cases where malware locks security files and system files and prevent them from running even after the malware is removed.

MiniToolBox Logo
Publisher: Farbar
Platform: Windows | Category: Security Utilities | Total Downloads: 59,263 | Downloads last week: 1,331
Added on June 26, 2012
MiniToolBox detects Internet connection issues due to broken or hijacked LSP, proxy settings, and problems with network adapters. It can also be used to detecte search redirections and router hijackings.

Farbar Recovery Scan Tool Logo
Publisher: Farbar
Platform: Windows | Category: Security Utilities | Total Downloads: 143,221 | Downloads last week: 4,139
Added on April 22, 2013
Farbar Recovery Scan Tool, or FRST, is a portable application designed to run on Windows XP, Windows Vista, Windows 7 and Windows 8 in normal or safe mode to diagnose malware issues.
Farbar Service Scanner Logo
Publisher: Farbar
Platform: Windows | Category: Security Utilities | Total Downloads: 85,921 | Downloads last week: 1,770
Added on July 02, 2013
Farbar Service Scanner allows you to diagnose network connectivity issues due to corrupted or missing Windows services.

ComboFix Logo
Publisher: sUBs
Version: 13.7.11.3 | Platform: Windows | Category: Anti-Virus | Total Downloads: 10,507,380 | Downloads last week: 155,855
Added on January 29, 2013
ComboFix is a program, created by sUBs, that scans your computer for known malware, and when found, attempts to clean these infections automatically. In addition to being able to remove a large amount of the most common and current malware, ComboFix also displays a report that can be used by trained helpers to remove malware that is not automatically removed by the program.

Vba32 AntiRootkit Logo
Publisher: VirusBlockAda
Platform: Windows | Category: Rootkit Scanner | Total Downloads: 11,231 | Downloads last week: 162
Added on May 21, 2012
Vba32 AntiRootkit is an advanced Rootkit scanner from VirusBlockAda.  This free scanner will search for kernel-mode rootkits, suspicious autoruns, and hidden processes.  VBA AntiRootkit is an advanced tool as it does not perform an automatic scan and removal.  Instead it displays any possible issues, which you will then have to decide how to act upon.

McAfee Labs Rootkit Remover Logo
Publisher: McAfee Labs
Platform: Windows | Category: Rootkit Scanner | Total Downloads: 9,051 | Downloads last week: 165
Added on May 21, 2012
McAfee Labs Rootkit Remover is a free stand-alone product that scans your computer for Rootkits and attempts to remove them.  This version of Rootkit Remover is limited as it only detected and removes the ZeroAccess and TDSS family of rootkits.

Panda Anti-Rootkit Logo
Publisher: Panda Security
Platform: Windows | Category: Rootkit Scanner | Total Downloads: 8,489 | Downloads last week: 152
Added on May 20, 2012
Panda Anti-Rootkit is a free rootkit scanner from Panda Security. This program will scan your computer for Rootkits and attempt to remove them.

Sophos Virus Removal Tool Logo
Publisher: Sophos
Platform: Windows | Category: Anti-Virus | Total Downloads: 12,383 | Downloads last week: 194
Added on May 20, 2012
The Sophos Virus Removal Tool is a stand-alone program that allows you to perform a quick scan of your computer for computer viruses.  If any infections are found it will attempt to remove them for free. As this program only scans your computer and remove any infections it finds, it can be used even if you have another anti-virus product installed.

Trend Micro RootkitBuster Logo
Publisher: Trend Micro
Platform: Windows | Category: Rootkit Scanner | Total Downloads: 16,200 | Downloads last week: 289
Added on June 03, 2013
Trend Micro RootkitBuster is a program that will scan your computer for Rootkits.  This scanner will scan for rootkits that are using the latest technology including Master Boot Record (MBR) infections.

RootRepeal Logo
Publisher: ad13
Platform: Windows | Category: Rootkit Scanner | Total Downloads: 7,693 | Downloads last week: 123
Added on May 19, 2012
RootRepeal is a rootkit scanner thatRootRepeal is a rootkit scanner that scans for kernel-mode drivers, whether they are hidden, or if the driver file is hidden on disk.  It also has the ability to look for hidden files, hidden process, SSDT hooks, hidden services, and stealth objects.

RootkitRevealer Logo
Publisher: Microsoft
Platform: Windows | Category: Rootkit Scanner | Total Downloads: 7,116 | Downloads last week: 111
Added on May 19, 2012
RootkitRevealer is a rootkit scanner from Microsoft Sysinternals.  This program will search for user-mode or kernel-mode rootkits and list any API discrepancies that are found.

FixExec Logo
Publisher: BleepingComputer
Platform: Windows | Category: Security Utilities | Total Downloads: 125,414 | Downloads last week: 801
Added on August 24, 2012
FixExec is a program that is designed to fix executable file associations for the .bat, .exe, and .com file extensions. If the program detects any of these associations are missing, changed, or hijacked, the settings will be set back to the original Windows defaults. When file associations for batch, executable, or COM files are changed it could cause your executables to no longer start. If you are looking for FixNCR.reg, this file replaces FixNCR with greater functionality.
RKill Logo
Publisher: BleepingComputer
Version: 2.5.4.0 | Platform: Windows | Category: Security Utilities | Total Downloads: 1,961,881 | Downloads last week: 37,963
Added on June 03, 2013
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes so that your normal security software can then run and clean your computer of infections. When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies that stop us from using certain tools. When finished it will display a log file that shows the processes that were terminated while the program was running.

Unhide Logo
Publisher: BleepingComputer
Version: 2.0.0.0 | Platform: Windows | Category: Security Utilities | Total Downloads: 343,891 | Downloads last week: 1,568
Added on November 24, 2012
Unhide is a program that reverts back the changes made to your files and Windows Registry by the rogue.FakeHDD family of rogue anti-spyware program. This family of malware pretends to be a hard disk repair and system optimization program for Windows. In reality, though, these programs are computer infections that deliberately hide your files and change certain settings in the Windows Registry to make it appear that you have lost data on your hard drive. It will then prompt you to purchase the program to restore the data.

Defogger Logo
Publisher: jpshortstuff
Platform: Windows | Category: Security Utilities | Total Downloads: 20,737 | Downloads last week: 244
Added on May 17, 2012

If you have a CD or DVD emulation software installed, it may make it harder to get accurate scan results when you scan your computer with a anti-rootkit scanner. Due to this it is wise to first disable these emulation programs before scanning your computer so that the scan results are more accurate.


Malwarebytes Anti-Malware Logo
Publisher: Malwarebytes
Version: 1.75.0.1300 | Platform: Windows | Category: Anti-Spyware | Total Downloads: 1,718,986 | Downloads last week: 28,996
Added on April 10, 2013
Malwarebytes is a light-weight anti-malware program that is excellent at removing the latest detections.  This program is recommended as a support product for your normal anti-virus program.

TDSSKiller Logo
Publisher: Kaspersky Lab
Platform: Windows | Category: Rootkit Scanner | Total Downloads: 715,665 | Downloads last week: 20,728
Added on August 24, 2012
TDSSKiller is a utility created by Kaspersky Labs that is designed to remove the TDSS rootkit. This rootkit is know under other names such as Rootkit.Win32.TDSS, Tidserv, TDSServ, and Alureon. TDSSKiller will also attempt to remove other rootkits such as the ZeroAccess or ZeroAccess rootkit if it is detected.

GMER Logo
Publisher: GMER
Version: 2.1 | Platform: Windows | Category: Rootkit Scanner | Total Downloads: 22,389 | Downloads last week: 333
Added on April 19, 2013
GMER is a anti-rootkit scanner that searchs your computer for Rootkits on your computer and then allows you to attempt to remove them.

aswMBR Logo
Publisher: AVAST Software
Platform: Windows | Category: Rootkit Scanner | Total Downloads: 50,931 | Downloads last week: 840
Added on August 24, 2012
aswMBR is a anti-rootkit scanner that searchs your computer for Rootkits that infect the Master Boot Record, or MBR, of your computer. This includes the TDL4/3, MBRoot (Sinowal), and Whistler rootkits. For this program to properly work it must first download the Avast virus definitions, so you will need an active Internet connection before using it.

 

Windows Security Downloads.

May 06

Who Has Your Back? 2013 | Electronic Frontier Foundation

When you use the Internet, you entrust your conversations, thoughts, experiences, locations, photos, and more to companies like Google, AT&T and Facebook. But what do these companies do when the government demands your private information? Do they stand with you? Do they let you know what’s going on?

In this annual report, the Electronic Frontier Foundation examined the policies of major Internet companies — including ISPs, email providers, cloud storage providers, location-based services, blogging platforms, and social networking sites — to assess whether they publicly commit to standing with users when the government seeks access to user data. The purpose of this report is to incentivize companies to be transparent about how data flows to the government and encourage them to take a stand for user privacy whenever it is possible to do so.

We compiled the information in this report by examining each company’s published terms of service, privacy policy, transparency report, and guidelines for law enforcement requests, if any. We also considered the company’s public record of fighting for user privacy in the courts and whether it is a member of the Digital Due Process coalition, which encourages Congress to improve outdated communications law. Finally, we contacted each company to explain our findings and gave them an opportunity to provide evidence of improved policies and practices. These categories are not the only ways that a company can stand up for users, of course, but they are important and publicly verifiable. In addition, not every company has faced a decision about whether to stand up for users in the courts, but we wanted to particularly commend those companies who have done so when given with the opportunity.

 

Who Has Your Back? 2013 | Electronic Frontier Foundation.

Feb 05

Security and Privacy in Healthcare IT Special track in The 26th International Symposium on Computer-Based Medical System

Dear all, the paper submission deadline of CBMS 2013 was extended
along with its special tracks. Therefore the new deadline for paper
submission of SPH2013 (a special track of the CBMS 2013) was also
extended to February 21st.

Security and Privacy in Healthcare IT Special track in
The 26th International Symposium on Computer-Based Medical System;
June 20-22, Porto, Portugal.

Paper submission February 21, 2013 at:
https://www.easychair.org/conferences/?conf=cbms2013

Notification of acceptance March 31, 2013

Camera-ready and registration April 24, 2013

Special track website: http://www.dcc.fc.up.pt/sph.cbms2013/
Email: sph.cbms2013@dcc.fc.up.pt
http://cbms2013.med.up.pt/

Call for papers:

We are currently witnessing a rapidly moving transition trend towards
electronic healthcare information systems. They have already proved
to be essential tools in order to improve the management and quality
of healthcare services. More recently, these systems have also
started to promote great results on the improvement of patients’
health by enabling the creation of much more flexible, efficient and
interoperable means by which practitioners and even patients can have
access and manage healthcare data. However very complex technical
challenges resulting from strict but necessary highly regulated
environments, threats to patient safety, privacy, and security must
be tackled and solved before we can safely have valuable and
sensitive patients’ data being securely managed and used in much more
flexible and potentially useful ways. Towards this end it is thus
imperative to develop innovative methods and policies that ensure the
secure acquisition and management of healthcare data, at the same
time promoting its interoperability, its’ sharing, and its integrity
and confidentiality in highly effective and secure ways.

This special track focuses on original unpublished research on
innovative methods, policies and concerns that can constitute the
right building blocks for a new generation of electronic healthcare
information systems that are at the same time more efficient,
empowering and secure. So, it is expected novel articles about
privacy, security, accountability and auditing for the healthcare
sector. This special track also pretends to encourage the research
dissemination to the stakeholders involved in healthcare information
technologies, promoting the discussion on issues, challenges and
solutions that are currently being developed all around the world.

Topics of interest include, but are not limited to:

* Access control and consent management models;
* Authentication and identification concepts;
* Security and privacy concerns in healthcare;
* Biometrics in healthcare;
* Health data protection;
* Policy and Legal aspects of regulating privacy of health data;
* Healthcare in cloud computing;
* Mobile devices and their use in healthcare information systems;
* Patient empowerment;
* Personal health records;
* Usability and human factors;

The most relevant articles will be invited to submit an extended
version on the Journal of Health, Policy and Technology published by
Elsevier.

Each contribution must be prepared following the IEEE two-column
format, and should not exceed the length of six Letter-sized pages;
the authors may use LaTeX or Microsoft Word templates when preparing
their drafts. The papers should be submitted electronically before
the paper submission deadline using the EasyChair online submission
system. Papers must be submitted in PDF format, with fonts embedded.

All submissions will be peer-reviewed by at least two reviewers. The
SPH2013 program committee will be responsible for the final decision
about acceptance of articles submitted. All accepted papers will be
included in the conference proceedings, and will be published by the
IEEE. At least one author must pay the registration fee for each
accepted paper. Please refer to the IEEE IPR guidelines concerning
copyright. Authors of accepted papers must include a completed IEEE
Copyright Form with the submission of their final camera-ready paper.

– – – – – – – – — Track Chairs —

* Manuel Eduardo Correia,
Faculty of Sciences of University of Porto (FCUP)

* Luis Filipe Antunes,
Faculty of Sciences of University of Porto (FCUP)

* Ana Margarida Ferreira,
SnT research centre of University of Luxembourg

* Cátia Santos Pereira,
Faculty of Medicine of University of Porto (FMUP)

* Alexandre Barbosa Augusto,
Faculty of Sciences of University of Porto (FCUP)

– – – – – – – – — Program Committee —

Alexander Hörbst,
The Health & Life Sciences University,
Austria.

Andreas Pashalidis,
Katholieke Universiteit Leuven,
Belgium.

Carla Simone,
Fac. di scienze mat. fis. e naturali, University of
Milano-Bicocca,
Italy.

Carlos Ribeiro,
Instituto Superior Técnico, Universidade Técnica de Lisboa,
Portugal.

David Chadwick,
School of Computing, University of Kent,
United Kingdom.

Elske Ammenwerth,
University for Health Sciences, Medical Informatics and
Technology,
Austria.

Francesco Pinciroli,
Dipartimento di Bioingegneria, Politecnico di Milano,
Italy.

Frédéric Cuppens,
Dépt. Réseaux et Services Multimédias, l’ENST-Bretagne,
France.

Gabriele Lenzini,
SnT research centre of University of Luxembourg,
Luxembourg.

Gansen Zhao,
Sun Yat-sen University,
China.

Gianluigi Me,
Computer Engineering Faculty, Università di Roma,
Italy.

Guillermo Navarro-Arribas,
Universitat Autònoma de Barcelona,
Spain.

Henrique Santos,
Universidade do Minho,
Portugal.

Isaac Agudo,
Computer Science Department, University of Malaga,
Spain.

Jonathan Fistein,
Member of the British Computer Society,
United Kingdom.

John Mantas
University of Athens,
Greece

Kambiz Ghazinour,
University of Ottawa,
Canada.

Lenka Lhotská,
Faculty of Electrical Eng., Czech Technical University,
Czech Republic.

Maria João Campos,
SPMS,
Portugal

Maria Hägglund,
Karolinska Institutet Health Informatics Centre,
Sweden.

Miria Koshy,
Warwick Business School,
United Kingdom.

Olivier Markowitch,
Computer Sciences Department of the Université
Libre de Bruxelles,
Belgium.

Panagiotis Bamidis,
Medical School, Aristotle University of Thessaloniki,
Greece.

Peter Pharow,
Fraunhofer IDMT,
Germany.

Pierangela Samarati,
Dpt. of Computer Science, Università degli Studi di Milano,
Italy.

Sergi Robles,
Universitat Autònoma de Barcelona,
Spain.

Simão Melo de Sousa,
Dep. de Informática, Universidade da Beira Interior,
Portugal.

Steven Furnell,
Faculty of Science and Technology, Plymouth University,
United Kingdom.

Vivian Vimarlund,
Dept. of Computer and Inf. Science, Linköping University,
Sweden.

Jan 31

The 2013 International Conference on Security and Management – SAM’13

CALL FOR PAPERS

Paper Submission Deadline: March 18, 2013

The 2013 International Conference on Security and Management
SAM’13

July 22-25, 2013, Las Vegas, USA

http://sam.udmercy.edu/sam13/

You are invited to submit a full paper for consideration. All accepted
papers will be published in printed conference books/proceedings (ISBN)
and will also be made available online. The proceedings will be indexed
in science citation databases that track citation frequency/data for
each paper. In addition, like prior years, extended versions of selected
papers (about 35%) will appear in journals and edited research books
(publishers include: Springer, Elsevier, BMC, and others). SAM’13
is composed of a number of tracks, including: tutorials, sessions,
workshops, posters, and panel discussions. The conference will be held
July 22-25, 2013, Las Vegas, USA.

SCOPE: Topics of interest include, but are not limited to, the following:

O Network Security
-Security Algorithms
-Mobile Network Security
-Security in CDN (Contents Distribution Networks)
-Virtual Private Network (VPN)
-Tracing Techniques in Internet
-Active Networks
-Security in Grid
-Web Monitoring
-Network Security Engineering
-Transport-Level Security
-Wireless Network Security
-IP Security
-Electronic Mail security

O Cryptographic Technologies
-Security Protocols
-Key Management Techniques
-Cryptographic Technologies
-Applications of Block and Stream Ciphers
-Applications of Public Key Cryptology
-Message Authentication and Hash Functions
-Anonymity
-Digital Signature Schemes
-Secret Sharing
-Cryptanalysis

O Security Management
-Surveillance Technologies
-Security Policies
-Security for Protocol Management
-Location Management
-QoS Management
-Resource Management
-Channel Management
-Mobility Management
-Digital Contents Copyright Protection
-System Security Management
-Network Security Management
-Management in Network Equipment
-Storage Area Networks (SAN) Management
-Information Security Management
-Government Security Policy
-Web Penetration Testing
-Security Operations
-Vulnerabilities Management

O Security Education
-Computer Security Education
-Network Security Education
-Cyber Security Education
-Cyber Security Body of Knowledge
-Information Assurance Education

O Information Assurance
-Mission Assurance
-Risk Assessment and Risk Management
-Continuity of Operations and Business Impact Analysis
-Cyber Security Compliance
-Security Auditing
-Security-Savvy Software Development
-Disaster Recovery
-Business Continuity Analysis
-Access Control
-Secure Use of Software
-Secure Performance

O Biometrics and Forensics
-Novel Biometric Methods
-Forensics
-Biological Security Technologies
-Face Recognition Systems
-Signature Recognition Systems
-Cyber Forensics
-Forensic Analysis
-Biometric Technologies for Security
-Feature Extraction and Matching Algorithms

O Hardware Security
-Embedded Systems Security
-Cryptographic Processors and Co-Processors
-Security Architectures
-True and Pseudorandom Number Generators
-Side Channel Attacks
-Fault Attacks
-Hardware Tamper Resistance
-Smart Card Processors
-Secure Storage Devices

O Security Applications
-Security in E-Commerce and M-Commerce
-Secure OS
-Watermarking
-High-Tech Systems at Airports
-Emerging Technologies and Applications
-Cloud Computing Security
-Database Security
-Data Mining Security
-Cyber Security Automation

O Computer Security
-Firewall Systems
-Hacking Techniques and Related Issues
-Intrusion Detection System (IDS)
-Honeypot
-Virus Issues (Detection, Prevention …)
-Trusted Computing
-Alert Correlation
-Attack Graphs
-Incident Responding
-Malware Analysis
-Incident Responding

IMPORTANT DATES:

January 31, 2013: Workshop / Session Proposals
March 18, 2013: Submission of full papers (about 7 pages)
April 18, 2013: Notification of acceptance (+/- two days)
May 5, 2013: Final papers + Copyright + Registration
July 22-25, 2013: The 2013 International Conference on Security
and Management (SAM’13)

CO-SPONSORS:

Currently being prepared – The Academic Sponsors of the last offering of
FECS (2012) included research labs and centers affiliated with:
Minnesota Supercomputing Institute, USA; Argonne National Laboratory,
Illinois, USA; George Mason University, Virginia, USA; Harvard University,
Cambridge, Massachusetts, USA; Center for Cyber Defense, NCAT, North
Carolina, USA; Center for Advanced Studies in Identity Sciences (CASIS:
NC A&T, Carnegie Mellon, Clemson, UNC Wilmington), USA; Massachusetts
Institute of Technology (MIT), Cambridge, Massachusetts, USA; Texas A&M
University, USA; UMIT, Institute of Bioinformatics and Translational
Research, Austria; University of Iowa, USA; Russian Academy of Sciences,
Moscow, Russia; NDSU-CIIT Green Computing and Communications Laboratory,
USA; Medical Image HPC and Informatics Lab, Iowa, USA; and others.
Sponsors At-Large included (corporate, associations, organizations):
Intel Corporation; Super Micro Computer, Inc., California, USA; Altera
Corporation; The International Council on Medical and Care Compunetics;
International Society of Intelligent Biological Medicine; US Chapter of
World Academy of Science; High Performance Computing for Nanotechnology;
Luna Innovations; World Academy of Biomedical Sciences and Technologies;
Manx Telecom; Computer Science Research, Education, and Applications
Press; HoIP Telecom; Hodges Health; Leading Knowledge; OMG; Science
Publications and others.

SUBMISSION OF REGULAR PAPERS:

Prospective authors are invited to submit their papers by uploading them
to the evaluation web site at:
https://www.easychair.org/account/signin.cgi?conf=sam13
( OR http://world-comp.org ).
Submissions must be uploaded by March 18, 2013 and must be in either
MS doc or pdf formats (about 7 pages including all figures, tables,
and references – single space, font size of 10 to 12). All reasonable
typesetting formats are acceptable (later, the authors of accepted
papers will be asked to follow a particular typesetting format to
prepare their final papers for publication.) Papers must not have been
previously published or currently submitted for publication elsewhere.
The first page of the paper should include: title of the paper, name,
affiliation, postal address, and email address for each author. The
first page should also identify the name of the Contact Author and a
maximum of 5 topical keywords that would best represent the content
of the paper. The track title must also be stated on the first page of the
paper as well as a 100 to 150-word abstract. The length of the final/
Camera-Ready papers (if accepted) will be limited to 7
(two-column IEEE style) pages.

Each paper will be peer-reviewed by two experts in the field for
originality, significance, clarity, impact, and soundness. In cases of
contradictory recommendations, a member of the conference program
committee would be charged to make the final decision (accept/reject);
often, this would involve seeking help from additional referees.
Papers whose authors include a member of the conference program
committee will be evaluated using the double-blinded review process.
(Essay/philosophical papers will not be refereed but may be considered
for discussion/panels).

The proceedings will be published in printed conference books (ISBN) and
will also be made available online. The proceedings will be indexed in
science citation databases that track citation frequency/data for each
published paper. Science citation databases include: Inspec / IET / The
Institute for Engineering & Technology; The French National Center for
Scientific Research, CNRS, INIST databases, PASCAL (accessable from
INIST, Datastar, Dialog, EBSCO, OVID, Questel.Orbit, Qwam, and STN
International); P3P8PCTD70148 and others. Though, there is no guarantee
that the proceedings will also be included in SCI EI Compendex/Elsevier
indexings; in the past, the proceedings were included in these databases.
Therefore, we will also be sending the proceedings for indexing
procedures to SCI EI Compendex/Elsevier. The printed proceedings/books
will be available for distribution on site at the conference.

SUBMISSION OF POSTER PAPERS:

Poster papers can be 2 pages long. Authors are to follow the same
instructions that appear above (see, SUBMISSION OF REGULAR PAPERS) except
for the submission is limited to 2 pages. On the first page, the author
should state that “This paper is being submitted as a poster”. Poster
papers (if accepted) will be published if and only the author of the
accepted paper wishes to do so. please email your poster papers to the
poster co-chairs: Hanen Idoudi ( Hanen.Idoudi@ensi.rnu.tn ), or
Esmiralda Moradian ( moradian@kth.se ).

PROPOSAL FOR ORGANIZING WORKSHOPS/SESSIONS:

Each conference is composed of a number of tracks. A track can be a
session, a workshop, or a symposium. A session will have at least 6
papers; a workshop at least 12 papers; and a symposium at least 18
papers. Track chairs will be responsible for all aspects of their
tracks, including: soliciting papers, reviewing, selecting, …
The names of track chairs will appear as Associate Editors in the
conference proceedings and on the cover of the printed books (and
indexed in science databases as such).

Proposals to organize tracks (sessions, workshops, or symposiums) should
include the following information: name and address (+ email) of proposer,
his/her biography, title of track, a 100-word description of the topic of
the track, the name of the conference the track is submitted for
consideration (ie, SAM), and a short description on how the track
will be advertised (in most cases, track proposers solicit papers from
colleagues and researchers whose work is known to the track proposer).
E-mail your track proposal to the Workshops/Sessions co-chairs:
Flaminia Luccio ( luccio@unive.it ) or Sergey Morozov
( morozose@udmercy.edu ). We would like to receive the track proposals
as soon as possible but by no later than January 31, 2013.

MEMBERS OF STEERING COMMITTEE:

Currently being finalized. The members of the Steering Committee of The
2012 Congress that FECS was (and will be) part of included: Dr. Selim
Aissi, (formerly: Chief Strategist – Security, Intel Corporation, USA)
Senior Business Leader & Chief Architect, Visa Corporation, USA; Prof.
Babak Akhgar, PhD, FBCS, CITP, Professor of Informatics, Sheffield
Hallam University, Sheffield, UK; Prof. Hamid R. Arabnia, Professor of
Computer Science, Elected Fellow of ISIBM, Editor-in-Chief of Journal
of Supercomputing (Springer), University of Georgia, USA; Prof. Kevin
Daimi, Professor of Computer Science, Director of Computer Science and
Software Engineering Programs, Department of Mathematics, Computer
Science and Software Engineering, University of Detroit Mercy, Detroit,
Michigan, USA; Prof. Gerry Vernon Dozier, Professor of Computer Science,
Chair of Department of Computer Science and Director of Center for
Advanced Studies in Identity Sciences, Center for Cyber Defense, North
Carolina A&T State University, North Carolina, USA; Dr. Michael R.
Grimaila, Associate Professor, Air Force Institute of Technology,
Systems Engineering, Fellow of ISSA, CISM, CISSP, IAM/IEM, Editorial
Board of ISSA Journal, Air Force Center of Cyberspace Research, Advisor
to the Prince of Wales Fellows & Prince Edward Fellows at MIT and
Harvard Universities and PC member of NATO Cooperative Cyber Defence
Centre of Excellence (CCD COE); Prof. Kun Chang Lee, Professor of MIS
and WCU Professor of Creativity Science, Business School and Department
of Interaction Science, Sungkyunkwan University, Seoul, South Korea;
Prof., Dr., Dr.h. Victor Malyshkin, Head of Supercomputer Software
Department (SSD), Institute of Computational Mathematics and
Mathematical Geophysics, Russian Academy of Sciences, Russia;
Prof. George Markowsky, Professor and Chair of Computer Science,
Associate Director of School of Computing and Information Science,
Chair of International Advisory Board of IEEE IDAACS and Director 2013
Northeast Collegiate Cyber Defense Competition, Chair Bangor Foreign
Policy Forum, Cooperating Professor of Mathematics & Statistics
Department UMaine, Cooperating Professor of School of Policy &
International Affairs UMaine, University of Maine, Orono, Maine, USA;
Prof. Andy Marsh, Director of HoIP, Director of HoIP Telecom, UK,
Secretary-General of WABT, Vice- president of ICET, Visiting Professor,
University of Westminster, UK; Prof. James J. (Jong Hyuk) Park,
Professor of Computer Science and Engineering, Seoul National
University of Science and Technology (SeoulTech), Korea, President of
KITCS, Presidentof FTRA, Editor-in-Chiefs of HCIS, JoC and IJITCC
Journals; Ashu M. G. Solo (Publicity Chair), Fellow of British
Computer Society, Principal R&D Engineer, Maverick Technologies
America; Prof. Sang C. Suh, Head and Professor of Computer Science,
Vice President, of Society for Design and Process Science (SDPS),
Director of Intelligent Cyberspace Engineering Lab (ICEL), Texas A&M
University, Com., Texas, USA; Prof. Layne T. Watson, IEEE Fellow,
NIA Fellow, ISIBM Fellow, Fellow of The National Institute of
Aerospace, Virginia Polytechnic Institute & State University,
Virginia, USA

The 2013 Program Committee for SAM conference is currently being
compiled. Many who have already joined the committees are renowned
leaders, scholars, researchers, scientists and practitioners of the
highest ranks; many are directors of research labs., fellows of
various societies, heads/chairs of departments, program directors of
research funding agencies, as well as deans and provosts.

Program Committee members are expected to have established a strong and
documented research track record. Those interested in joining the
Program Committee should email daimikj@udmercy.edu
the following information for consideration/evaluation: Name,
affiliation and position, complete mailing address, email address,
a one-page biography that includes research expertise, and details of
two recent papers on security.

GENERAL INFORMATION:

SAM is an international conference that serves researchers, scholars,
professionals, students, and academicians who are looking to both foster
working relationships and gain access to the latest research results.
It is being held jointly (same location and dates) with a number of
other research conferences; namely, The 2013 World Congress in Computer
Science, Computer Engineering, and Applied Computing (WORLDCOMP). The
Congress is the largest annual gathering of researchers in computer
science, computer engineering and applied computing. We anticipate to
have 2,100 or more attendees from over 85 countries.

The 2013 Congress will be composed of research presentations, keynote
lectures, invited presentations, tutorials, panel discussions, and
poster presentations. In recent past, keynote/tutorial/panel speakers
have included: Prof. David A. Patterson (pioneer, architecture, U. of
California, Berkeley), Dr. K. Eric Drexler (known as Father of
Nanotechnology), Prof. John H. Holland (known as Father of Genetic
Algorithms; U. of Michigan), Prof. Ian Foster (known as Father of Grid
Computing; U. of Chicago & ANL), Prof. Ruzena Bajcsy (pioneer, VR, U.
of California, Berkeley), Prof. Barry Vercoe (Founding member of MIT
Media Lab, MIT), Dr. Jim Gettys (known as X-man, developer of X Window
System, xhost; OLPC), Prof. John Koza (known as Father of Genetic
Programming, Stanford U.), Prof. Brian D. Athey (NIH Program Director,
U. of Michigan), Prof. Viktor K. Prasanna (pioneer, U. of Southern
California), Dr. Jose L. Munoz (NSF Program Director and Consultant),
Prof. Jun Liu (pioneer, Broad Institute of MIT & Harvard U.),
Prof. Lotfi A. Zadeh (Father of Fuzzy Logic), Dr. Firouz Naderi (Head,
NASA Mars Exploration Program/2000-2005 and Associate Director, Project
Formulation & Strategy, Jet Propulsion Lab, CalTech/NASA; Director,
NASA’s JPL Solar System Exploration), Prof. David Lorge Parnas (Fellow
of IEEE, ACM, RSC, CAE, GI; Dr.h.c.: ETH Zurich, Prof. Emeritus,
McMaster U. and U. of Limerick), Prof. Eugene H. Spafford (Executive
Director, CERIAS and Professor, Purdue University), Dr. Sandeep
Chatterjee (Vice President & Chief Technology Officer, SourceTrace
Systems, Inc.), Prof. Haym Hirsh (Rutgers University, New Jersey, USA
and former director of Division of Information and Intelligent Systems,
National Science Foundation, USA), Dr. Flavio Villanustre (Vice-
President, HPCC Systems), and many other distinguished speakers. To
get a feeling about the Congress’s atmosphere, see the 2012 delegates
photos available at: http://infinitydempsey.smugmug.com/WorldComp

An important mission of the Congress is “Providing a unique platform for
a diverse community of constituents composed of scholars, researchers,
developers, educators, and practitioners. The Congress makes concerted
effort to reach out to participants affiliated with diverse entities
(such as: universities, institutions, corporations, government agencies,
and research centers/labs) from all over the world. The Congress also
attempts to connect participants from institutions that have teaching as
their main mission with those who are affiliated with institutions that
have research as their main mission. The Congress uses a quota system to
achieve its institution and geography diversity objectives.”

One main goal of the Congress is to assemble a spectrum of affiliated
research conferences, workshops, and symposiums into a coordinated
research meeting held in a common place at a common time. This model
facilitates communication among researchers in different fields of
computer science, computer engineering, and applied computing. The
Congress also encourages multi-disciplinary and inter-disciplinary
research initiatives; ie, facilitating increased opportunities for
cross-fertilization across sub-disciplines.

MEASURABLE SCIENTIFIC IMPACT OF CONGRESS:

As of December 2012, papers published in the Congress proceedings have
received over 27,000 citations (includes about 2,000 self-citations).
Citation data obtained from http://academic.research.microsoft.com/ .

CONTACT:

Inquiries should be sent to: daimikj@udmercy.edu

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

Jan 30

10th International Conference on Security and Cryptography (SECRYPT 2013)

10th International Conference on Security and Cryptography (SECRYPT 2013)
Reykjavik, Iceland, July 29-31, 2013
http://secrypt.icete.org

In Cooperation with: ACM SIGSAC
Co-organized by: RU – Reykjavik University
Sponsored by: INSTICC
INSTICC is Member of: WfMC

************************************************************************

Dear ,

SECRYPT is an annual international conference covering research in information and communication security. The 10th International Conference on Security and Cryptography (SECRYPT 2013) will be held in Reykjavik, Iceland. The conference seeks submissions from academia, industry, and government presenting novel research on all theoretical and practical aspects of data protection, privacy, security, and cryptography. Papers describing the application of security technology, the implementation of systems, and lessons learned are also encouraged. The conference topics include, but are not limited to:

TOPICS OF INTEREST
. Access Control
. Applied Cryptography
. Biometrics Security and Privacy
. Critical Infrastructure Protection
. Data Integrity
. Data Protection
. Database Security and Privacy
. Digital Forensics
. Digital Rights Management
. Ethical and Legal Implications of Security and Privacy
. Formal Methods for Security
. Human Factors and Human Behavior Recognition Techniques
. Identification, Authentication and Non-repudiation
. Identity Management
. Information Hiding
. Information Systems Auditing
. Insider Threats and Countermeasures
. Intellectual Property Protection
. Intrusion Detection & Prevention
. Management of Computing Security
. Network Security
. Organizational Security Policies
. Peer-to-Peer Security
. Personal Data Protection for Information Systems
. Privacy
. Privacy Enhancing Technologies
. Reliability and Dependability
. Risk Assessment, etc

SECRYPT is interested in promoting high quality research as it can be confirmed by last year acceptance rates, where from 170 submissions, 12% were accepted as full papers. Additionally, 14% were presented as short papers and 11% as posters.

PAPER SUBMISSIONS
Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings.
All submissions should be appropriately anonymized (i.e., papers should not contain author names or affiliations, or obvious citations).
Submissions are to be made through the submission web site at www.insticc.org/Primoris.

Two categories of papers can be submitted:
– Full Paper: A regular paper presents a work where the research is completed or almost finished.
– Position Paper: A position paper presents results that are preliminary or that simply require few pages to describe.
A position paper may be a short report and discussion of ideas, facts, situations, methods, procedures or results of scientific research (bibliographic, experimental, theoretical, or other) focused on one of the conference topics.

We would like to highlight the presence of the following keynote speakers:
– Laurence T. Yang, St Francis Xavier University, Canada
– Pascal Lorenz, University of Haute Alsace, France

Submitted papers must be formatted according to the SECRYPT format (apart for blinding authors), which is described at www.secrypt.icete.org/GuidelinesTemplates.aspx.
Submitted papers will be subject to a double-blind review process.

All accepted papers will be published in the conference proceedings, under an ISBN reference, on paper and on CD-ROM support.
A short list of presented papers will be selected so that revised and extended versions of these papers will be published by Springer-Verlag in a CCIS Series book.

The proceedings will be submitted for indexation by Thomson Reuters Conference Proceedings Citation Index (ISI), INSPEC, DBLP and EI (Elsevier Index).
All papers presented at the conference venue will be available at the SCITEPRESS Digital Library (www.scitepress.org/DigitalLibrary). SCITEPRESS is member of CrossRef (www.crossref.org).
Authors of accepted papers must guarantee that their papers will be presented at the conference.

IMPORTANT DATES
Full Paper submission: February 28, 2013
Authors Notification: May 6, 2013
Camera Ready Submission and Authors Registration: May 20, 2013

ICETE CONFERENCE CHAIR
Mohammad S. Obaidat, Monmouth University, U.S.A.

PROGRAM CHAIR
Pierangela Samarati, Universita’ degli Studi di Milano, Italy

PROGRAM COMMITTEE
tba

This call for papers and additional information about the conference can be found at www.secrypt.icete.org

For any questions, please contact the program chair:
secrypt2013@unimi.it

Jan 22

11th International Conference on Applied Cryptography and Network Security (ACNS 2013)

11th International Conference on
Applied Cryptography and Network Security (ACNS 2013)
Banff, Alberta, Canada
June 25 – 28, 2013
http://acns2013.cpsc.ucalgary.ca

Paper submission due: February 1, 2013
**********************************************************************

The 11th International Conference on Applied Cryptography and Network
Security (ACNS 2013) will be held in Banff, Alberta, Canada. The
conference seeks submissions from academia, industry, and government
presenting novel research on all aspects of applied cryptography as
well as network security and privacy. Submissions in emerging areas of
security including cloud security, secure infrastructure for big data
are highly encouraged. Papers describing novel paradigms, original
directions, or non-traditional perspectives are also encouraged. The
conference has two tracks: a research track and an industry track.
The industrial track will consist of presentations and tutorial
sessions, without formal proceedings. Submissions for either track
may focus on new visions, industrial challenges, case studies or
experimental reports related to implementation or deployment of
real-world systems or policies. Tutorials can cover current techniques
or best practices in applying cryptography to computer and information
systems. Topics of interest include, but are not limited to:

– Access control
– Applied cryptography
– Automated  protocols analysis
– Biometric security and privacy
– Complex systems security
– Critical infrastructure protection
– Cryptographic primitives and protocols
– Data protection
– Database and system security
– Digital rights management
– Email and web security
– Identity management
– Intellectual property protection
– Internet fraud
– Intrusion detection and prevention
– Key management
– Malware
– Network security protocols
– Privacy, anonymity, and untraceability
– Privacy-enhancing technology
– Protection for the future Internet
– Secure mobile agents and mobile code
– Security and privacy in cloud and grid systems
– Security and privacy in smart grids
– Security and privacy in wireless networks
– Security and privacy metrics
– Security in distributed systems
– Security in e-commerce
– Security in P2P systems
– Security in pervasive/ubiquitous computing
– Trust management
– Usability and security

SUBMISSION INSTRUCTIONS
Submitted papers must not substantially overlap with papers that
have already been published, or are simultaneously submitted to
a journal or a conference with proceedings. All submissions should
be appropriately anonymized (i.e., papers should not contain author
names or affiliations, or obvious citations). Submissions should be
at most 18 pages for research track and at most 8 pages for industry
track, including the bibliography and well-marked appendices, and
should follow Springer’s LNCS style. Submissions are to be made
through the submission web page at http://acns2013.cpsc.ucalgary.ca/.
Only pdf files will be accepted. Submissions not meeting these
guidelines risk rejection without consideration of their merits.
Papers must be received by the deadline of February 1, 2013 (11:59
Pacific Time). Authors should indicate whether their submission
should be considered for the best student paper award; any paper
co-authored by at least a full time student is eligible for this
award. At least one author of a accepted paper must attend the
conference. Papers accepted for the research track will be
published in proceedings published by Springer’s LNCS and
available at the conference. Extended versions of selected best
papers will be invited for a special issue in the Journal of
Computer Security.

IMPORTANT DATES
Submissions Due:     February 1, 2013
Author Notification: April 10, 2013
Camera Ready Due:    April 24, 2013

PROGRAM CHAIRS
Rei Safavi-Naini     (University of Calgary, Canada)
Michael E. Locasto   (University of Calgary, Canada)

GENERAL CHAIRS
Michael Jacobson     (University of Calgary, Canada)
Payman Mohassel      (University of Calgary, Canada)

PUBLICITY CHAIR
Mahabir Jhanwar      (University of Calgary, Canada)

PROGRAM COMMITTEE
Bill Aiello         (University of British Columbia, Canada)
Giuseppe Ateniese    (Sapienza-U. of Rome, Italy & Johns Hopkins U., USA)
Kevin R. B. Butler   (University of Oregon, USA)
Srdjan Capkun        (ETH Zurich, Switzerland)
Alvaro A. Cárdenas   (University of Texas at Dallas, USA)
Chen-Mou Cheng       (National Taiwan University, Taiwan)
Sherman S. M. Chow   (Chinese University of Hong Kong, Hong Kong)
Ed Dawson            (Queensland University of Technology, Australia)
Roberto Di Pietro    (Università Roma Tre, Italy)
José M. Fernandez    (École Polytechnique de Montréal, Canada)
Sara Foresti         (Università degli Studi di Milano, Italy)
Guang Gong           (University of Waterloo, Canada)
Stefanos Gritzalis   (University of the Aegean, Greece)
Guofei Gu            (Texas A&M University, USA)
Angelos D. Keromytis (Columbia University, USA)
Evangelos Kranakis   (Carleton University, Canada)
Ralf Kusters         (Universität Trier, Germany)
Xuejia Lai           (Shanghai Jiao Tong University, China)
Cédric Lauradoux     (INRIA, France)
Ninghui Li           (Purdue University, USA)
Yingjiu Li           (Singapore Management University, Singapore)
Mark Manulis         (University of Surrey, UK)
Kaisa Nyberg         (Aalto University, Finland)
Massimiliano Pala    (Penango/OpenCA, USA)
Bart Preneel         (KU Leuven, Belgium)
Christian Rechberger (DTU, Denmark)
Ahmad-Reza Sadeghi   (Technische Universitãt Darmstadt, Germany)
Pierangela Samarati  (Università degli Studi di Milano, Italy)
Radu Sion            (Stony Brook University, USA)
Anil Somayaji        (Carleton University, Canada)
Abhinav Srivastava   (AT&T Research, USA)
Jessica Staddon      (Google, USA)
Willy Susilo         (University of Wollongong, Australia)
Gene Tsudik          (UC Irvine, USA)
Duncan S. Wong       (City University of Hong Kong, Hong Kong)
Jianying Zhou        (I2R, Singapore)

This call for papers and additional information about the
conference can be found at http://acns2013.cpsc.ucalgary.ca

The history and statistics of ACNS can be found at ACNS Home
— http://icsd.i2r.a-star.edu.sg/staff/jianying/acns_home/

ACNS forum at LinkedIn —
http://www.linkedin.com/groups/ACNS-Applied-Cryptography-Network-Security-4290836

**********************************************************************

Jan 05

Security and Privacy in Healthcare IT – 26th International Symposium on Computer-Based Medical System

Security and Privacy in Healthcare IT Special track in
The 26th International Symposium on Computer-Based Medical System;
June 20-22, Porto, Portugal.
Paper submission January 31, 2013
Notification of acceptance March 10, 2013
Camera-ready and registration April 10, 2013

http://www.dcc.fc.up.pt/sph.cbms2013/
sph.cbms2013@dcc.fc.up.pt

http://cbms2013.med.up.pt/
Call for papers:

We are currently witnessing a rapidly moving transition trend towards
electronic healthcare information systems. They have already proved
to be essential tools in order to improve the management and quality
of healthcare services. More recently, these systems have also
started to promote great results on the improvement of patients’
health by enabling the creation of much more flexible, efficient and
interoperable means by which practitioners and even patients can have
access and manage healthcare data. However very complex technical
challenges resulting from strict but necessary highly regulated
environments, threats to patient safety, privacy, and security must
be tackled and solved before we can safely have valuable and
sensitive patients’ data being securely managed and used in much more
flexible and potentially useful ways. Towards this end it is thus
imperative to develop innovative methods and policies that ensure the
secure acquisition and management of healthcare data, at the same
time promoting its interoperability, its’ sharing, and its integrity
and confidentiality in highly effective and secure ways.

This special track focuses on original unpublished research on
innovative methods, policies and concerns that can constitute the
right building blocks for a new generation of electronic healthcare
information systems that are at the same time more efficient,
empowering and secure. So, it is expected novel articles about
privacy, security, accountability and auditing for the healthcare
sector. This special track also pretends to encourage the research
dissemination to the stakeholders involved in healthcare information
technologies, promoting the discussion on issues, challenges and
solutions that are currently being developed all around the world.

Topics of interest include, but are not limited to:

* Access control and consent management models;
* Authentication and identification concepts;
* Security and privacy concerns in healthcare;
* Biometrics in healtcare;
* Health data protection;
* Policy and Legal aspects of regulating privacy of health data;
* Healthcare in cloud computing;
* Mobile devices and their use in healthcare information systems;
* Patient empowerment;
* Personal health records;
* Usability and human factors;

The most relevant articles will be invited to submit an extended
version on the Journal of Health, Policy and Technology published by
Elsevier.

Each contribution must be prepared following the IEEE two-column
format, and should not exceed the length of six Letter-sized pages;
the authors may use LaTeX or Microsoft Word templates when preparing
their drafts. The papers should be submitted electronically before
the paper submission deadline using the EasyChair online submission
system. Papers must be submitted in PDF format, with fonts embedded.

All submissions will be peer-reviewed by at least two reviewers. The
SPH2013 program committee will be responsible for the final decision
about acceptance of articles submitted. All accepted papers will be
included in the conference proceedings, and will be published by the
IEEE. At least one author must pay the registration fee for each
accepted paper. Please refer to the IEEE IPR guidelines concerning
copyright. Authors of accepted papers must include a completed IEEE
Copyright Form with the submission of their final camera-ready paper.

— Track Chairs —

* Manuel Eduardo Correia,
Faculty of Sciences of University of Porto (FCUP)

* Luis Filipe Antunes,
Faculty of Sciences of University of Porto (FCUP)

* Ana Margarida Ferreira,
SnT research centre of University of Luxembourg

* Cátia Santos Pereira,
Faculty of Medicine of University of Porto (FMUP)

* Alexandre Barbosa Augusto,
Faculty of Sciences of University of Porto (FCUP)
— Program Committee —

Alexander Hörbst,
The Health & Life Sciences University,
Austria.

Andreas Pashalidis,
Katholieke Universiteit Leuven,
Belgium.

Carla Simone,
Fac. di scienze mat. fis. e naturali, University of
Milano-Bicocca,
Italy.

Carlos Ribeiro,
Instituto Superior Técnico, Universidade Técnica de Lisboa,
Portugal.

David Chadwick,
School of Computing, University of Kent,
United Kingdom.

Elske Ammenwerth,
University for Health Sciences, Medical Informatics and
Technology,
Austria.

Francesco Pinciroli,
Dipartimento di Bioingegneria, Politecnico di Milano,
Italy.

Frédéric Cuppens,
Dépt. Réseaux et Services Multimédias, l’ENST-Bretagne,
France.

Gabriele Lenzini,
SnT research centre of University of Luxembourg,
Luxembourg.

Gansen Zhao,
Sun Yat-sen University,
China.

Gianluigi Me,
Computer Engineering Faculty, Università di Roma,
Italy.

Guillermo Navarro-Arribas,
Universitat Autònoma de Barcelona,
Spain.

Henrique Santos,
Universidade do Minho,
Portugal.

Isaac Agudo,
Computer Science Department, University of Malaga,
Spain.

Jonathan Fistein,
Member of the British Computer Society,
United Kingdom.

Kambiz Ghazinour,
University of Ottawa,
Canada.

Lenka Lhotská,
Faculty of Electrical Eng., Czech Technical University,
Czech Republic.

Maria João Campos,
SPMS,
Portugal

Maria Hägglund,
Karolinska Institutet Health Informatics Centre,
Sweden.

Miria Koshy,
Warwick Business School,
United Kingdom.

Olivier Markowitch,
Computer Sciences Department of the Université
Libre de Bruxelles,
Belgium.

Panagiotis Bamidis,
Medical School, Aristotle University of Thessaloniki,
Greece.

Peter Pharow,
Fraunhofer IDMT,
Germany.

Pierangela Samarati,
Dpt. of Computer Science, Università degli Studi di Milano,
Italy.

Sergi Robles,
Universitat Autònoma de Barcelona,
Spain.

Simão Melo de Sousa,
Dep. de Informática, Universidade da Beira Interior,
Portugal.

Steven Furnell,
Faculty of Science and Technology, Plymouth University,
United Kingdom.

Vivian Vimarlund,
Dept. of Computer and Inf. Science, Linköping University,
Sweden.

Aug 28

Terms of Service; Didn’t Read

ToS;DR aims at creating a transparent and peer-reviewed process to rate and analyse Terms of Service and Privacy Policies in order to create a rating from Class A to Class E.

via Terms of Service; Didn’t Read.

Older posts «