Tag: policies

Aug 14

Book CFC 2012 : Call for Chapters: Organizational, Legal, and Technological Dimensions of Information System Administration

 

Book CFC 2012 : Call for Chapters: Organizational, Legal, and Technological Dimensions of Information System Administration

Link: http://www.igi-global.com/publish/call-for-papers/call-details/763
When N/A
Where N/A
Submission Deadline Aug 31, 2012
Notification Due Oct 15, 2012
Final Version Due Nov 30, 2012
Categories    system administration   security   legal issues

Call For Papers

Introduction
A large quantity of digital information is being created every moment by individual and corporate consumers of IT. This information is increasingly being recognized as a key economic resource and as one of the firm’s most important assets, just as much as capital infrastructure and people. Managing the digital information at the right time and place is essential for the survival of a company.

However, the complexity of information management is huge, particularly in large organizations. The data explosion continues to drive the demand for increased storage capacity and a parallel need to secure that information. Companies are facing increased security threats from both within the organization and externally. A company’s data is one of its most valuable assets an organization needs to implement a thorough security plan, taking all aspects of securing the data into account. Currently, all organizations have a system administrator, which is part of the organization’s policy. The administrator’s role is mainly developed in the dark to avoid data leaks, safeguard the integrity of databases, etc.; but when there is a failure, a breach of competition rules, a violation of confidentiality, the responsibility relies in the administrator.

Objective of the Book
The mission of the book is to discuss the main issues, challenges, opportunities and solutions related to the role and responsibility of the system’s administrator. Therefore, we intend to discuss the mission and challenges of a system’s administration in the 21st century, the importance of proper information security policy, the drivers and barriers to address a completely safe and reliable ICT system, and the organizational and legal implications of system administration. Furthermore, we expect to present some practical solutions that would make it possible to implement a reliable system administration policy.

Target Audience
This book is expected to be a support to disciplines (post-graduate studies) of Management, Enterprise Information Systems, Information Systems Management and Management Information Systems in general. It intends, also, to serve as guidance for top managers and information technologies (IT) professionals (system developers and IT specialists).

Recommended topics include, but are not limited to, the following:
Role and responsibilities of the system’s administrator
Importance of a proper information security policy
Drivers and barriers to address a completely safe and reliable ICT system
Critical success factors for its adoption by SME
Network security policies and best practices
Threats and countermeasures for information system security
Legal and regulatory frameworks
Organizational and legal implications
Compared studies of regulations
Surveys and case studies

Submission Procedure
Researchers and practitioners are invited to submit on or before August 30, 2012, a 2-3 page chapter proposal clearly explaining the mission and concerns of his or her proposed chapter. Authors of accepted proposals will be notified by October 15, 2012 about the status of their proposals and sent chapter guidelines. Full chapters are expected to be submitted by November 30, 2012. All submitted chapters will be reviewed on a double-blind review basis. Contributors may also be requested to serve as reviewers for this project.

Publisher
This book is scheduled to be published by IGI Global (formerly Idea Group Inc.), publisher of the “Information Science Reference” (formerly Idea Group Reference), “Medical Information Science Reference,” “Business Science Reference,” and “Engineering Science Reference” imprints. For additional information regarding the publisher, please visit www.igi-global.com. This publication is anticipated to be released in 2013.

Important Dates
August 30, 2012: 1st Proposal Submission Deadline
October 15, 2012: Notification of Acceptance
November 30, 2012:Full Chapter Submission
January 30, 2013: Review Results Returned
March 30, 2013: Final Chapter Submission
May 15, 2013: Final Deadline

Inquiries and submissions can be forwarded electronically (Word document):

Prof. Dr. Fernando Almeida
ISPGaya, School of Technology and Science
Av. dos Descobrimentos, 333 • 4400-103 Santa Marinha – Vila Nova de Gaia
Tel.: +351 223 745 730/1 • Fax: +351 220 134 479
E-mail: portelalmd@gmail.com

Book CFC 2012 : Call for Chapters: Organizational, Legal, and Technological Dimensions of Information System Administration.

Aug 14

WiSec 2013 : The Sixth ACM Conference on Security and Privacy in Wireless and Mobile Networks

 

WiSec 2013 : The Sixth ACM Conference on Security and Privacy in Wireless and Mobile Networks

Link: http://www.crysys.hu/recent-news/229-wisec-2013.html
When Apr 17, 2013 – Apr 19, 2013
Where Budapest, Hungary
Submission Deadline Oct 29, 2012
Notification Due Jan 20, 2013
Final Version Due Feb 15, 2013
Categories    wireless   security   communications   networks

Call For Papers

* ACM approval pending

*** PRELIMINARY CALL FOR PAPERS ***

IMPORTANT DATES

Submission Deadline: Oct 29
Notification Date: Jan 20
Camera-Ready Deadline: Feb 15

BROADENED SCOPE

WiSec has been broadening its scope and seeks to present high quality
research papers exploring security and privacy aspects of wireless
communications, mobile networks, and their applications. Beyond the
traditional Wisec staples of physical, link, and network layer security, we
also welcome papers focusing on the security and privacy of mobile software
platforms and the increasingly diverse range of mobile or wireless
applications. The conference welcomes both theoretical as well as systems
contributions.

Topics of interest include, but are not limited to:
* Mobile malware and platform security
* Security & Privacy for Smart Devices (e.g., Smartphones)
* Wireless and mobile privacy and anonymity
* Secure localization and location privacy
* Cellular network fraud and security
* Jamming attacks and defenses
* Key extraction, agreement, or distribution in wireless and mobile
settings
* Theoretical foundations, cryptographic primitives, and formal
methods for wireless security and privacy
* NFC and smart payment applications
* Security and privacy for mobile sensing systems
* Wireless or mobile security and privacy in health, automotive,
avionics, or smart grid applications

The proceedings of ACM WiSec will be published by the ACM (pending
approval).

FULL AND SHORT PAPERS: Full paper submissions to WiSec 2013 can be up to 10
pages in the ACM conference style excluding the bibliography and well marked
appendices, and up to 12 pages in total. WiSec also encourages the
submission of short papers with a length of up to 6 pages, which describe
mature work of a more succinct nature. All papers must be thoroughly
anonymized for double-blind reviewing. Detailed submission instructions
will appear on the conference website
(http://www.sigsac.org/wisec/WiSec2013/SubInstructions.php).

DOUBLE SUBMISSIONS: It is a policy of the ACM
(http://www.acm.org/publications/policies/RightsResponsibilities) to
disallow double submissions, where the same (or substantially similar)
paper is concurrently submitted to multiple conferences/journals. Any
double submissions detected will be immediately rejected from all
conferences/journals involved.

ORGANIZERS

General Chair
Levente Buttyan, Budapest University of Technology and Economics, Hungary

Technical Program Chairs
Ahmad-Reza Sadeghi, Technische Universität Darmstadt, Germany
Marco Gruteser, Rutgers University, USA

Steering committee
N. Asokan, NRC, Finland
Levente Buttyan, BME, Hungary
Claude Castelluccia, INRIA, France
Jean-Pierre Hubaux, EPFL, Switzerland
Douglas Maughan, DHS, USA
Adrian Perrig, CMU, USA
Gene Tsudik, UCI, USA (chair)
Dirk Westhoff, HAW, Germany

WiSec 2013 : The Sixth ACM Conference on Security and Privacy in Wireless and Mobile Networks.

Jul 04

International Symposium on Engineering Secure Software and Systems (ESSoS)

Call For Papers

International Symposium on Engineering Secure Software and Systems (ESSoS)

http://distrinet.cs.kuleuven.be/events/essos/2013/

February 27 – March 1, 2013, Paris, France

In cooperation with (pending): ACM SIGSAC and SIGSOFT and IEEE CS (TCSE).

CONTEXT AND MOTIVATION

Trustworthy, secure software is a core ingredient of the modern world.
Hostile, networked environments, like the Internet, can allow
vulnerabilities in software to be exploited from anywhere.  To address this,
high-quality security building blocks (e.g., cryptographic components) are
necessary, but insufficient. Indeed, the construction of secure software is
challenging because of the complexity of modern applications, the growing
sophistication of security requirements, the multitude of available software
technologies and the progress of attack vectors.
Clearly, a strong need exists for engineering techniques that scale well and
that demonstrably improve the software’s security properties.

GOAL AND SETUP

The goal of this symposium, which will be the fifth in the series, is to
bring together researchers and practitioners to advance the states of the
art and practice in secure software engineering. Being one of the few
conference-level events dedicated to this topic, it explicitly aims to
bridge the software engineering and security engineering communities, and
promote cross-fertilization. The symposium will feature two days of
technical program, and is also open to proposals for both tutorials and
workshops. In addition to academic papers, the symposium encourages
submission of high-quality, informative experience papers about successes
and failures in security software engineering and the lessons learned.
Furthermore, the symposium also accepts short idea papers that crisply
describe a promising direction, approach, or insight.

TOPICS

The Symposium seeks submissions on subjects related to its goals. This
includes a diversity of topics including (but not limited to):

– scalable techniques for threat modeling and analysis of vulnerabilities
– specification and management of security requirements and policies
– security architecture and design for software and systems
– model checking for security
– specification formalisms for security artifacts
– verification techniques for security properties
– systematic support for security best practices
– security testing
– security assurance cases
– programming paradigms, models and DLS’s for security
– program rewriting techniques
– processes for the development of secure software and systems
– security-oriented software reconfiguration and evolution
– security measurement
– automated development
– trade-off between security and other non-functional requirements (in
particular
economic considerations)
– support for assurance, certification and accreditation
– empirical secure software engineering

SUBMISSION AND FORMAT

The proceedings of the symposium are published by Springer-Verlag (pending)
in the Lecture Notes in Computer Science Series
(http://www.springer.com/lncs).
Submissions should follow the formatting instructions of Springer LNCS.
Submitted papers must present original, non-published work of high quality.

For selected papers, there will be an invitation to submit extended versions
to a special issue in the International Journal of Information Security.

Two types of papers will be accepted:

Full papers (max 14 pages without bibliography/appendices) – May describe
original technical research with a solid foundation, such as formal analysis
or experimental results, with acceptance determined mostly based on novelty
and validation. Or, may describe case studies applying existing techniques
or analysis methods in industrial settings, with acceptance determined
mostly by the general applicability of techniques and the completeness of
the technical presentation details.

Idea papers (max 8 pages with bibliography) – May crisply describe a novel
idea that is both feasible and interesting, where the idea may range from a
variant of an existing technique all the way to a vision for the future of
security technology.
Idea papers allow authors to introduce ideas to the field and get feedback,
while allowing for later publication of complete, fully-developed results.
Submissions will be judged primarily on novelty, excitement, and exposition,
but feasibility is required, and acceptance will be unlikely without some
basic, principled validation (e.g., extrapolation from limited experiments
or simple formal analysis). In the proceedings, idea papers will clearly
identified by means of the “Idea” tag in the title.

Proposals for both tutorials and workshops are welcome. Further guidelines
will appear on the website of the symposium.

IMPORTANT DATES

Paper submission:             September 30, 2012
Author notification:           November 22, 2012
Camera-ready:                  December 13, 2012

PROGRAM COMMITTEE

PC Co-Chairs

Jan Jürjens, TU Dortmund and Fraunhofer ISST
Ben Livshits, Microsoft Research

PC
Davide Balzarotti, EURECOM, France
Ruth Breu, University of Innsbruck, Austria
Cristian Cadar, Imperial College, UK
Julian Dolby, IBM Research, US
Matt Fredrikson, University of Wisconsin, US
Dieter Gollmann, TU Hamburg-Harburg, Germany
Maritta Heisel, U. Duisburg Essen, Germany
Peter Herrmann, NTNU, Trondheim, Norway
Thorsten Holz, U. Ruhr Bochum, Germany
Sergio Maffeis, Imperial College, UK
Heiko Mantel, TU Darmstadt, Germany
Anders Møller, Aarhus University, Denmark
Haris Mouratidis, University of East London, UK
Zachary Peterson, Naval Postgraduate School, US
Frank Piessens, KU Leuven, Belgium
Erik Poll, RU Nijmegen, NL
Alexander Pretschner, TU Munich, Germany
Wolfgang Reif, University of Augsburg, Germany
Jianying Zhou, Institute for Infocomm Research, Singapore
Mohammad Zulkernine, Queens University, Canada

Jun 11

CALL FOR PAPERS: IEEE-AESS Conference in Europe about Space and Satellite Communications : Security and Privacy Special Track

=================================
CALL FOR PAPERS
Security and Privacy Special Track
IEEE-AESS Conference in Europe about Space and Satellite Communications (ESTEL)
Rome, Italy, October 2-5, 2012
http://estel-sec.dti.unimi.it/
=================================
The special track on Security and Privacy of the ESTEL Conference aims at providing a
forum for discussing security and privacy issues that need to be investigated for
providing advanced services, architectures, and technologies for space and satellite
applications.  In this context, it is of utmost importance to ensure proper protection to
such complex systems, or systems-of-systems, to ensure security, privacy, and availability
of the infrastructure as well as of resources and information it provides and
manages. These aspects concern both the specific satellite application and infrastructure
as well as the base stations and land data servers and communications that serve them,
touching then the different areas with ICT.  The problem is far from trivial, due to the
criticality and the social impact of the applications and services relying on this global
infrastructure, as well as the complexity given by the co-existence and co-operation of,
possibly heterogeneous, component systems. Topics of interest include, but are not limited
to:
– Access Control
– Applied Cryptography for Space Applications
– Authentication
– Biometrics Security and Privacy
– Critical Infrastructure Protection
– Data Integrity
– Data Protection
– Database Security and Privacy
– Digital Forensics
– Digital Rights Management
– Ethical and Legal Implications of Security and Privacy
– Formal Methods for Security
– Homeland Security
– Human Factors and Human Behaviour Recognition Techniques
– Identification, Authentication and Non-repudiation
– Identity Management
– Information Hiding
– Information Systems Auditing
– Insider Threats and Countermeasures
– Intellectual Property Protection
– Intrusion Detection & Prevention
– Management of Computing Security
– Organizational Security Policies
– Peer-to-Peer Security
– Privacy
– Privacy Enhancing Technologies
– Reliability and Dependability
– Risk Assessment
– Satellite-based Disaster Recovery
– Satellite Network Security
– Secure Cloud Computing
– Secure Software Development Methodologies
– Security Protocols
– Security and Privacy in Mobile Systems
– Security and Privacy in Complex Systems
– Security and Privacy in IT Outsourcing
– Security and Privacy in Location-based Services
– Security and Privacy in Pervasive/Ubiquitous Computing
– Security and Privacy in Satellite Surveillance
– Security and Privacy in Web Services
– Security and Privacy Policies
– Security Area Control
– Security Deployment
– Security Engineering
– Security for Grid Computing
– Security in Distributed Systems
– Security Information Systems Architecture and Design and Security Patterns
– Security in e-Healthcare
– Security Issues of Satellite Communications
– Security Management
– Security Metrics and Measurement
– Security Requirements (Threats, Vulnerabilities, Risk, Formal Methods, etc.)
– Security Verification and Validation
– Sensor and Mobile Ad Hoc Network Security
– Service and Systems Design and QoS Network Security
– Software Security
– Trust Management and Reputation Systems
– Ubiquitous Computing Security
– Wireless Network Security
SUBMISSION INSTRUCTIONS
Submitted papers must not substantially overlap papers that have been published or that are
simultaneously submitted to a journal or a conference with proceedings. Submitted papers
must be formatted according to the IEEE Conference proceedings format, available at
http://www.ieee.org/publications_standards/publications/authors/authors_journals.html.
Submissions should be at most 6 pages. Submissions are to be made to the submission
web site at https://www.easychair.org/conferences/?conf=estelsec2012. Only pdf files will be
accepted. Submissions not meeting these guidelines risk rejection without consideration of their
merits. Papers must be received by the deadline of July 20, 2012 (11:59 p.m. American Samoa time).
All accepted papers will be published in the conference proceedings. Authors of accepted papers
must guarantee that their papers will be presented at the conference. A one-day registration
option will be made available to special session attendees.
IMPORTANT DATES
Paper submission due: July 20, 2012 (11:59 p.m. American Samoa time)
Notification to authors: August 25, 2012
Camera ready due: September 5, 2012
SPECIAL TRACK PROGRAM CHAIR
Pierangela Samarati
Universita’ degli Studi di Milano, Italy
PROGRAM COMMITTEE
tba
This call for papers and additional information about the conference
can be found at http://estel-sec.dti.unimi.it/

May 31

8th International Workshop on Security and Trust Management (STM 2012)

CALL FOR PAPERS
8th International Workshop on Security and Trust Management (STM 2012)
in conjunction with ESORICS 2012
Pisa, Italy – September 13-14, 2012

STM (Security and Trust Management) is a working group of ERCIM
(European Research Consortium in Informatics and Mathematics). STM
2012 is the eighth workshop in this series and will be held in Pisa,
Italy, in conjunction with the 17th European Symposium on Research in
Computer Security (ESORICS 2012).  The workshop seeks submissions from
academia, industry, and government presenting novel research on all
theoretical and practical aspects of security and trust in ICTs.
Topics of interest include, but are not limited to:

– Access control
– Anonymity
– Applied cryptography
– Authentication
– Complex systems security
– Data and application security
– Data protection
– Data/system integrity
– Digital right management
– Economics of security and privacy
– E-services
– Formal methods for security and trust
– Identity management
– Legal and ethical issues
– Networked systems security
– Operating systems security
– Privacy
– Security and trust metrics
– Security and trust policies
– Security and trust management architectures
– Security and trust in cloud environments
– Security and trust in grid computing
– Security and trust in pervasive computing
– Security and trust in social networks
– Social implications of security and trust
– Trust assessment and negotiation
– Trust in mobile code
– Trust models
– Trust management policies
– Trust and reputation systems
– Trusted platforms
– Trustworthy systems and user devices
– Web services security

SUBMISSION INSTRUCTIONS
Submitted papers must not substantially overlap papers that have been
published or that are simultaneously submitted to a journal or a
conference with proceedings. All submissions should be appropriately
anonymized (i.e., papers should not contain author names or affiliations,
or obvious citations). Submissions should be at most 16 pages, including
the bibliography and well-marked appendices, and should follow the LNCS
style. Submissions are to be made to the submission web site at
https://www.easychair.org/account/signin.cgi?conf=stm2012. Only pdf files
will be accepted. Submissions not meeting these guidelines risk rejection
without consideration of their merits. Papers must be received by the
deadline of June 16, 2012 (11:59 p.m. American Samoa time).  Authors
of accepted papers must guarantee that their papers will be presented
at the workshop. Pre-proceedings will be made available at the
workshop.  As for previous STM events, it is planned to have
post-proceedings published by Springer in the Lecture Notes
in Computer Science (LNCS) series.

IMPORTANT DATES
Paper submission due: June 16, 2012
Notification to authors: July 15, 2012
Camera ready due: August 1, 2012

GENERAL CHAIR
Marinella Petrocchi
CNR, Italy

PROGRAM CHAIRS
Audun Josang
University of Oslo, Norway

Pierangela Samarati
Universita’ degli Studi di Milano, Italy

PUBLICITY CHAIR
Giovanni Livraga
Universita’ degli Studi di Milano, Italy

PROGRAM COMMITTEE
Rafael Accorsi, University of Freiburg, Germany
Rose-Mharie Åhlfeldt, University of Skövde, Sweden
Alessandro Armando, Universita’ degli Studi di Genova, Italy
Gilles Barthe, IMDEA Software, Spain
Jason Crampton, Royal Holloway University of London, UK
Naranker Dulay, Imperial College London, UK
Mathias Ekstedt, KTH Royal Institute of Technology, Sweden
Carmen Fernández-Gago, University of Málaga, Spain
Sara Foresti, Universita’ degli Studi di Milano, Italy
Jochen Haller, SAP Research, Germany
Michael Huth, Imperial College London, UK
Sushil Jajodia, George Mason University, USA
Christian Jensen, Technical University of Denmark, Denmark
Henrik Johnsson, Blekinge Institute of Technology, Sweden
Lalana Kagal, MIT, USA
Guenter Karjoth, IBM Research, Switzerland
Stewart Kowalski, Stokholm University, Sweden
Giovanni Livraga, Universita’ degli Studi di Milano, Italy
Javier Lopez, University of Malaga, Spain
Fabio Martinelli, CNR, Italy
Sjouke Mauw, University of Luxembourg, Luxembourg
Catherine Meadows, US Naval Research Laboratory, USA
Stig Mjølsnes, Norwegian University of Science and Technology, Norway
Simin Nadjm-Tehrani, Linköpings University, Sweden
Masakatsu Nishigaki, Shizuoka University, Japan
Marina Papatriantafilou, Chalmers University of Technology, Sweden
Guenter Pernul, University of Regensburg, Germany
Walter Quattrociocchi, CNR, Italy
Silvio Ranise, Fondazione Bruno Kessler, Italy
Ketil Stolen, University of Oslo, Norway
Vipin Swarup, The MITRE Corporation, USA
Sotirios Terzis, University of Strathclyde, UK
Mahesh Tripunitara, University of Waterloo, Canada

Conference web page http://stm2012.dti.unimi.it
PC chairs email: stm2012@unimi.it

May 31

9th European PKI Workshop: Research and Applications (EuroPKI 2012)

CALL FOR PAPERS
9th European PKI Workshop: Research and Applications (EuroPKI 2012)
in conjunction with ESORICS 2012
Pisa, Italy – September 13-14, 2012

The 9th European PKI Workshop: Research and Applications (EuroPKI
2012) will be held in Pisa, Italy.  The workshop seeks submissions
from academia, industry, and government presenting novel research on
all aspects of Public Key Services, Applications, and
Infrastructures. Topics of interest include, but are not limited to:

– Anonymity
– Architecture and modeling
– Attribute-based access control
– Authentication
– Authorization and delegation
– Certificates management
– Cross certification
– Directories
– eCommerce/eGovernment
– Fault-tolerance and reliability
– Federations
– Group signatures
– ID-based schemes
– Identity management
– Implementations
– Interoperability
– Key management
– Legal issues
– Long-time archiving
– Mobile PKI
– Multi-signatures
– PKI in the Cloud
– Policies and regulations
– Privacy
– Privilege management
– Protocols
– Repositories
– Risk attacks
– Scalability and performance
– Security of PKI systems
– Standards
– Timestamping
– Trust management
– Trusted computing
– Ubiquitous scenarios
– Web services security

SUBMISSION INSTRUCTIONS
Submitted papers must not substantially overlap with papers that have
been published or that have been simultaneously submitted to a journal
or a conference with proceedings. All submissions should be
appropriately anonymized (i.e., papers should not contain author names
or affiliations, or obvious citations). Submissions should be at most
16 pages, including the bibliography and well-marked appendices, and
should follow the LNCS style. Submissions are to be made to the
submission web site at easychair.org. Only pdf files will be
accepted. Submissions not meeting these guidelines risk rejection
without consideration of their merits. Papers must be received by the
deadline of June 16, 2012 (11:59 p.m. American Samoa time).  Authors
of accepted papers must guarantee that their papers will be presented
at the workshop. Pre-proceedings will be made available at the
workshop. As for all previous EuroPKI events, it is planned to have
post-proceedings published by Springer in the Lecture Notes in
Computer Science (LNCS) series.

IMPORTANT DATES
Paper submission due: June 16, 2012
Notification to authors: July 15, 2012
Camera ready due: August 1, 2012

ESORICS GENERAL CHAIR
Fabio Martinelli
CNR, Italy

PROGRAM CHAIRS
Sabrina De Capitani di Vimercati
Universita’ degli Studi di Milano, Italy

Chris Mitchell
Royal Holloway, University of London, UK

PUBLICITY CHAIR
Giovanni Livraga
Universita’ degli Studi di Milano, Italy

PROGRAM COMMITTEE
Lejla Batina, Radboud University Nijmegen, The Netherlands
David Chadwick, University of Kent, UK
Sherman S. M. Chow, University of Waterloo, Canada
Paolo D’Arco, University of Salerno, Italy
Bao Feng, Institute for Infocomm Research, Singapore
Eduardo Fernandez-Medina, Universidad de Castilla la Mancha, Spain
Simone Fischer-Huebner, Karlstad University, Sweden
Sara Foresti, Universita’ degli Studi di Milano, Italy
Steven Furnell, Plymouth University, UK
Peter Gutmann, University of Auckland, New Zealand
Ravi Jhawar, Universita’ degli Studi di Milano, Italy
Sokratis Katsikas, University of Piraeus, Greece
Dogan Kesdogan, University of Siegen, Germany
Elisavet Konstantinou, University of the Aegean, Greece
Costas Lambrinoudakis, University of Piraeus, Greece
Herbert Leitold, A-SIT, Austria
Javier Lopez, University of Malaga, Spain
Fabio Martinelli, CNR, Italy
Catherine Meadows, NRL, USA
Stig Mjolsnes, NTNU, Norway
Yi Mu, University of Wollongong, Australia
Svetla Nikova, Katholieke Universiteit Leuven, Belgium
Rolf Oppliger, eSECURITY Technologies, Switzerland
Massimiliano Pala, Polytechnic Institute, USA
Stefano Paraboschi, Universita’ degli Studi di Bergamo, Italy
Andreas Pashalidis, K.U.Leuven, Belgium
Olivier Pereira, Universite Catholique de Louvain, Belgium
Gunther Pernul, Universitat Regensburg, Germany
Sasa Radomirovic, University of Luxembourg,  Luxembourg
Pierangela Samarati, Universita’ degli Studi di Milano, Italy
Sean Smith, Dartmouth College, USA

CONFERENCE WEB PAGE: http://europki2012.dti.unimi.it
PC CHAIRS EMAIL: europki2012@unimi.it

May 29

8th International Workshop on Security and Trust Management (STM 2012)

CALL FOR PAPERS
8th International Workshop on Security and Trust Management (STM 2012)
in conjunction with ESORICS 2012
Pisa, Italy – September 13-14, 2012

STM (Security and Trust Management) is a working group of ERCIM
(European Research Consortium in Informatics and Mathematics). STM
2012 is the eighth workshop in this series and will be held in Pisa,
Italy, in conjunction with the 17th European Symposium on Research in
Computer Security (ESORICS 2012).  The workshop seeks submissions from
academia, industry, and government presenting novel research on all
theoretical and practical aspects of security and trust in ICTs.
Topics of interest include, but are not limited to:

– Access control
– Anonymity
– Applied cryptography
– Authentication
– Complex systems security
– Data and application security
– Data protection
– Data/system integrity
– Digital right management
– Economics of security and privacy
– E-services
– Formal methods for security and trust
– Identity management
– Legal and ethical issues
– Networked systems security
– Operating systems security
– Privacy
– Security and trust metrics
– Security and trust policies
– Security and trust management architectures
– Security and trust in cloud environments
– Security and trust in grid computing
– Security and trust in pervasive computing
– Security and trust in social networks
– Social implications of security and trust
– Trust assessment and negotiation
– Trust in mobile code
– Trust models
– Trust management policies
– Trust and reputation systems
– Trusted platforms
– Trustworthy systems and user devices
– Web services security

SUBMISSION INSTRUCTIONS
Submitted papers must not substantially overlap papers that have been
published or that are simultaneously submitted to a journal or a
conference with proceedings. All submissions should be appropriately
anonymized (i.e., papers should not contain author names or affiliations,
or obvious citations). Submissions should be at most 16 pages, including
the bibliography and well-marked appendices, and should follow the LNCS
style. Submissions are to be made to the submission web site at
https://www.easychair.org/account/signin.cgi?conf=stm2012. Only pdf files
will be accepted. Submissions not meeting these guidelines risk rejection
without consideration of their merits. Papers must be received by the
deadline of June 16, 2012 (11:59 p.m. American Samoa time).  Authors
of accepted papers must guarantee that their papers will be presented
at the workshop. Pre-proceedings will be made available at the
workshop.  As for previous STM events, it is planned to have
post-proceedings published by Springer in the Lecture Notes
in Computer Science (LNCS) series.

IMPORTANT DATES
Paper submission due: June 16, 2012
Notification to authors: July 15, 2012
Camera ready due: August 1, 2012

GENERAL CHAIR
Marinella Petrocchi
CNR, Italy

PROGRAM CHAIRS
Audun Josang
University of Oslo, Norway

Pierangela Samarati
Universita’ degli Studi di Milano, Italy

PUBLICITY CHAIR
Giovanni Livraga
Universita’ degli Studi di Milano, Italy

PROGRAM COMMITTEE
Rafael Accorsi, University of Freiburg, Germany
Rose-Mharie Åhlfeldt, University of Skövde, Sweden
Alessandro Armando, Universita’ degli Studi di Genova, Italy
Gilles Barthe, IMDEA Software, Spain
Jason Crampton, Royal Holloway University of London, UK
Naranker Dulay, Imperial College London, UK
Mathias Ekstedt, KTH Royal Institute of Technology, Sweden
Carmen Fernández-Gago, University of Málaga, Spain
Sara Foresti, Universita’ degli Studi di Milano, Italy
Jochen Haller, SAP Research, Germany
Michael Huth, Imperial College London, UK
Sushil Jajodia, George Mason University, USA
Christian Jensen, Technical University of Denmark, Denmark
Henrik Johnsson, Blekinge Institute of Technology, Sweden
Lalana Kagal, MIT, USA
Guenter Karjoth, IBM Research, Switzerland
Stewart Kowalski, Stokholm University, Sweden
Giovanni Livraga, Universita’ degli Studi di Milano, Italy
Javier Lopez, University of Malaga, Spain
Fabio Martinelli, CNR, Italy
Sjouke Mauw, University of Luxembourg, Luxembourg
Catherine Meadows, US Naval Research Laboratory, USA
Stig Mjølsnes, Norwegian University of Science and Technology, Norway
Simin Nadjm-Tehrani, Linköpings University, Sweden
Masakatsu Nishigaki, Shizuoka University, Japan
Marina Papatriantafilou, Chalmers University of Technology, Sweden
Guenter Pernul, University of Regensburg, Germany
Walter Quattrociocchi, CNR, Italy
Silvio Ranise, Fondazione Bruno Kessler, Italy
Ketil Stolen, University of Oslo, Norway
Vipin Swarup, The MITRE Corporation, USA
Sotirios Terzis, University of Strathclyde, UK
Mahesh Tripunitara, University of Waterloo, Canada

Conference web page http://stm2012.dti.unimi.it
PC chairs email: stm2012@unimi.it

May 15

PriSecCSN 2012 : The 2012 International Symposium on Privacy and Security in Cloud and Social Networks

When Nov 1, 2012 – Nov 3, 2012
Where Xiangtan, China
Submission Deadline Jun 25, 2012

The objective of this symposium is to invite authors to submit original manuscripts that demonstrate and explore current advances in all aspects of security and privacy in cloud computing environments. The symposium solicits novel papers on a broad range of topics, including but not limited to:

Security and privacy in Big Data management
Application of modern cryptography in cloud and social networks
Emerging threats in cloud-based services
Multi-tenancy related security/privacy issues
Secure virtualisation mechanisms
Vulnerabilities in cloud infrastructure
Vulnerabilities in MapReduce
Security modelling and threats in cloud computing
Security/privacy in hybrid cloud
Auditing in cloud computing
Access control in cloud computing
Secure Job deployment and scheduling
Secure resource allocation and indexing
User authentication in cloud services
Practical privacy and integrity mechanisms for data outsourcing
Foundations of cloud-centric threat models
Information hiding
Trust and policy management in cloud
Secure identity management mechanisms
Security/privacy/trust issues in SaaS/PaaS/IaaS
Business and security risk models
Cost and usability models related security issues in clouds
Security for emerging cloud programming models
Remote data integrity protection
Securing distributed data storage in the cloud
Data-centric security and data classification
Security and privacy in mobile cloud
Intrusion detection/prevention
Malware propagation in social networks
Information leakage via social networks
Social currency mechanisms – potential and risks
Privacy management in social networks – access controls, permissions
Identity theft in social networks
Collaborative detection of distributed network attacks
Peer-to-peer based security mechanisms
Trust and reputation in social networks
Socially inspired network security architectures
Socially aware network security protocols
Security configuration based on social contexts groups (social-firewall, authentication protocols, etc.)
Configuring security protocol parameters based on social information
Privacy-preserving methods for data access and data mining
Domain Security
Privacy Requirements Engineering
Private Information Retrieval
Privacy and Security in Personal Health Records
Online Social Footprints
Secure Multi-party Computation
Privacy Mechanisms in Services
Pseudonymity and Anonymity Modelling
Software Security Engineering
Integrity Verification
Trust Development in Collaboration Teams
Usable Privacy Design
Privacy Aware Access Control Model
Multi-Faceted Privacy Preservation
Access Control and RBAC Policies

via PriSecCSN 2012 : The 2012 International Symposium on Privacy and Security in Cloud and Social Networks.

May 14

International Symposium on Engineering Secure Software and Systems (ESSoS)

Call For Papers

International Symposium on Engineering Secure Software and Systems (ESSoS)

http://distrinet.cs.kuleuven.be/events/essos/2013/

February 27 – March 1, 2013, Paris, France

In cooperation with (pending): ACM SIGSAC and SIGSOFT and IEEE CS (TCSE).

CONTEXT AND MOTIVATION

Trustworthy, secure software is a core ingredient of the modern world. Hostile, networked environments, like the Internet, can allow vulnerabilities in software to be exploited from anywhere.  To address this, high-quality security
building blocks (e.g., cryptographic components) are necessary, but insufficient. Indeed, the construction of secure software is challenging because of the complexity of modern applications, the growing sophistication of security requirements, the multitude of available software technologies and the progress of attack vectors. Clearly, a strong need exists for engineering techniques that scale well and that demonstrably improve the software’s security properties.

GOAL AND SETUP

The goal of this symposium, which will be the fifth in the series, is to bring together researchers and practitioners to advance the states of the art and practice in secure software engineering. Being one of the few conference-level events dedicated to this topic, it explicitly aims to bridge the software engineering and security  engineering communities, and promote cross-fertilization. The symposium will feature two days of technical program, and is also open to proposals for both  tutorials and workshops. In addition to academic papers, the symposium  encourages submission of high-quality, informative experience papers about  successes and failures in security software engineering and the lessons learned. Furthermore, the symposium also accepts short idea papers that crisply describe  a promising direction, approach, or insight.

TOPICS

The Symposium seeks submissions on subjects related to its goals. This includes a diversity of topics including (but not limited to):

– scalable techniques for threat modeling and analysis of vulnerabilities
– specification and management of security requirements and policies
– security architecture and design for software and systems
– model checking for security
– specification formalisms for security artifacts
– verification techniques for security properties
– systematic support for security best practices
– security testing
– security assurance cases
– programming paradigms, models and DLS’s for security
– program rewriting techniques
– processes for the development of secure software and systems
– security-oriented software reconfiguration and evolution
– security measurement
– automated development
– trade-off between security and other non-functional requirements (in particular economic considerations)
– support for assurance, certification and accreditation
– empirical secure software engineering

SUBMISSION AND FORMAT

The proceedings of the symposium are published by Springer-Verlag (pending) in  the Lecture Notes in Computer Science Series (http://www.springer.com/lncs).

Submissions should follow the formatting instructions of Springer LNCS. Submitted papers must present original, non-published work of high quality.

For selected papers, there will be an invitation to submit extended versions to a special issue in the International Journal of Information Security.

Two types of papers will be accepted:

Full papers (max 14 pages without bibliography/appendices) – May describe original technical research with a solid foundation, such as formal analysis or experimental results, with acceptance determined mostly based on novelty and validation. Or, may describe case studies applying existing techniques or analysis methods in industrial settings, with acceptance determined mostly by the general applicability of techniques and the completeness of the technical presentation details.

Idea papers (max 8 pages with bibliography) – May crisply describe a novel idea that is both feasible and interesting, where the idea may range from a variant of an existing technique all the way to a vision for the future of security technology. Idea papers allow authors to introduce ideas to the field and get feedback, while allowing for later publication of complete, fully-developed results.

 

Submissions will be judged primarily on novelty, excitement, and exposition, but feasibility is required, and acceptance will be unlikely without some basic, principled validation (e.g., extrapolation from limited experiments or simple formal analysis). In the proceedings, idea papers will clearly identified by means of the “Idea” tag in the title.

Proposals for both tutorials and workshops are welcome. Further guidelines will appear on the website of the symposium.

IMPORTANT DATES

Paper submission:             September 30, 2012
Author notification:           November 22, 2012
Camera-ready:                  December 13, 2012

PROGRAM COMMITTEE

PC Co-Chairs

Jan Jürjens, TU Dortmund and Fraunhofer ISST
Ben Livshits, Microsoft Research

PC
Davide Balzarotti, EURECOM, France
Ruth Breu, University of Innsbruck, Austria
Cristian Cadar, Imperial College, UK
Julian Dolby, IBM Research, US
Matt Fredrikson, University of Wisconsin, US
Dieter Gollmann, TU Hamburg-Harburg, Germany
Maritta Heisel, U. Duisburg Essen, Germany
Peter Herrmann, NTNU, Trondheim, Norway
Thorsten Holz, U. Ruhr Bochum, Germany
Sergio Maffeis, Imperial College, UK
Heiko Mantel, TU Darmstadt, Germany
Anders Møller, Aarhus University, Denmark
Haris Mouratidis, University of East London, UK
Zachary Peterson, Naval Postgraduate School, US
Frank Piessens, KU Leuven, Belgium
Erik Poll, RU Nijmegen, NL
Alexander Pretschner, TU Munich, Germany
Wolfgang Reif, University of Augsburg, Germany
Jianying Zhou, Institute for Infocomm Research, Singapore
Mohammad Zulkernine, Queens University, Canada

May 14

Journal of Information Security

You are cordially invited to submit a manuscript to the Journal of Information Security (JIS, ISSN:2153-1242), published by Scientific Research Publishing (SCIRP).It is an international peer-reviewed open access journal devoted to publication of original contributions in relevant areas of information security.

 

Being an open access journal we offer the following advantages:

  • Researchers around the world have full access to all the published articles
  • Widest dissemination of your published work ensuring greater visibility
  • Free downloads of the published articles without any subscription fee

 

The journal of JIS has a distinguished editorial board ensuring that it maintains high scientific standards with a broad international coverage. To view a list of the journal’s editors please visitwww.scirp.org/journal/jis.

Aims & Scope of the journal include:

  • Access Control
  • Anti-Virus and Anti-Worms
  • Authentication and Authorization
  • Biometric Security
  • Cryptography
  • Data and System Integrity
  • Database Security
  • Distributed Systems Security
  • Electronic Commerce Security
  • Fraud Control
  • Grid Security
  • Information Hiding and Watermarking
  • Information Privacy
  • Information Security Engineering
  • Intellectual Property Protection
  • Intrusion Detection
  • Key Management and Key Recovery
  • Language-based Security
  • Network Security
  • Operating System Security
  • Risk Evaluation and Security Certification
  • Security for Mobile Computing
  • Security Models
  • Security Protocols
  • Security and Privacy for Social Computing
  • Security Evaluation
  • Signature and Key Agreement Protocol
  • Software Security
  • System Security
  • Trusted Computing and Trustworthy Computing Technology

Please read over the journal’s Author Guidelines for more information on the journal’s policies and the submission process. Once a manuscript has been accepted for publication, it will undergo language copyediting, typesetting, and reference validation in order to ensure the highest quality of publication quality.

Please do not hesitate to contact me if you have any questions about the journal.

Best regards,

Prof. Gyungho Lee
Editor in Chief
eic.jis@scirp.org

JIS Editorial Office
Scientific Research Publishing