Secureware 2008

From semanticweb.org

The SECURWARE 2008 (International Conference on Emerging Security Information Systems and Technologies) is an event covering related topics on theory and practice on security, cryptography, secure protocols, trust, privacy, confidentiality, vulnerability, intrusion detection and other areas related to low enforcement, security data mining, malware models, etc.

Security, defined for ensuring protected communication among terminals and user applications across public and private networks, is the core for guaranteeing confidentiality, privacy, and data protection. Security affects business and individuals, raises the business risk, and requires a corporate and individual culture. In the open business space offered by Internet, it is a need to improve defences against hackers, disgruntled employees, and commercial rivals. There is a required balance between the effort and resources spent on security versus security achievements. Some vulnerability can be addressed using the rule of 80:20, meaning 80% of the vulnerabilities can be addressed for 20% of the costs. Other technical aspects are related to the communication speed versus complex and time consuming cryptography/security mechanisms and protocols.

Digital Ecosystem is defined as an open decentralized information infrastructure where different networked agents, such as enterprises (especially SMEs), intermediate actors, public bodies and end users, cooperate and compete enabling the creation of new complex structures. In digital ecosystems, the actors, their products and services can be seen as different organisms and species that are able to evolve and adapt dynamically to changing market conditions.

Digital Ecosystems lie at the intersection between different disciplines and fields: industry, business, social sciences, biology, and cutting edge ICT and its application driven research. They are supported by several underlying technologies such as semantic web and ontology-based knowledge sharing, self-organizing intelligent agents, peer-to-peer overlay networks, web services-based information platforms, and recommender systems.

To enable safe digital ecosystem functioning, security and trust mechanisms become essential components across all the technological layers. The aim is to bring together multidisciplinary research that ranges from technical aspects to socio-economic models.

As a multi-track event, SECURWARE 2008 will serve as a forum for researchers from the academia and the industry, professionals, standard developers, policy makers and practitioners to exchange ideas. The topics could be on techniques and applications, best practices, awareness and experiences as well as future trends and needs (both in research and practices) related to all aspects of information security, security systems and technologies.

SECURWARE 2008 has the following tracks:

ARCH: Security frameworks, architectures and protocols SECMAN: Security management SECTECH: Security technologies SYSSEC: System security INFOSEC: Information security MALWA: Malware and Anti-malware ANTIFO: Anti-forensics PRODAM: Profiling data mining SECHOME: Smart home security SECDYN: Security and privacy in dynamic environments ECOSEC: Ecosystem security and trust CRYPTO: Cryptography

We welcome technical papers presenting research and practical results, position papers addressing the pros and cons of specific proposals, such as those being discussed in the standard fora or in industry consortia, survey papers addressing the key problems and solutions on any of the above topics short papers on work in progress, and panel proposals.

The topics suggested by the conference can be discussed in term of concepts, state of the art, standards, implementations, running experiments and applications. Authors are invited to submit complete unpublished papers, which are not under review in any other conference or journal in the following, but not limited topic areas. Industrial presentations are not subject to these constraints. Tutorials on specific related topics and panels on challenging areas are encouraged.

Topics of interest include, but are not limited to, the following tracks:

ARCH: Security frameworks, architectures and protocols

Formal aspects of security Security analysis methodologies Security verification Security protocols Security architectures and formalisms Security and design vulnerability Security and privacy protection Performance and security Secure group communication/multicast Software design security Middleware security Security for nomadic code Intrusion detection systems Static analysis for software security Security modeling

SECMAN: Security management

Identity management Security law enforcement PKI PKI Key management Incident response planning Intrusion detection and event correlation Firewalls Trust management Software security assurance

SECTECH: Security technologies

Secure protocols Applied cryptography Smart cards Biometrics Digital rights management Electronic surveillance Database security

SYSSEC: System security

Internet security Security in wireless Sensor/cellular network security Ad hoc network security Security in peer-to-peer networks Security in wireless multimedia systems Security in different networks (mesh, personal, local, metropolitan, GSM, Bluetooth, WiMax, IEEE 802.x, etc.) Security of emergency services

INFOSEC: Information security

Information hiding Anonymity Authentication Data Integrity Security data mining Data confidentiality and integrity Information flow protection Trustworthy networks: authentication, privacy and security models Secure service discovery Secure location-based service Information survivability

MALWA: Malware and Anti-malware

Threat taxonomies and modeling Security threats Threats propagation Anti-malware technologies Engineering anti-malware Anti-virus, anti-spyware, anti-phishing Malware propagation models Profiling security information Vulnerability analysis and countermeasures Denial of service attacks Measurements and metrics Testing samples and techniques Quarantine/reuse decisions Anti-malware tool performance Anti-malware tool suites Open-source anti-malware Host-based anti-malware On-line anti-malware scanning

ANTIFO: Anti-forensics

Advanced anti-forensics mechanisms Smart anti-forensics e-discovery industry and anti-forensics Overwriting data and metadata Data hiding approaches Detecting forensics analysis Anti-forensics tools Unix-, Windows-, and Linux anti-forensics techniques Open source anti-forensics tools Network anti-forensics tools

PRODAM: Profiling data mining

User and traffic profiling Data mining and visualization Profile mining and knowledge discovery Mining lifecycle for profile collections Profile warehouse construction Profile portfolio and profile discovery Profiling game users and game traffic Profiling transactions Simpson'd paradox Real-time profiling mechanisms Patterns for information profiling Profiling engines Profiling metrics Forensics Profiling applications (banks, on-line shopping, etc.) Data mining-based user profile prediction

SECHOME: Smart home security

Fundamentals for SHS Privacy and protection for SHS Identify and location management in SHS Authentication and authorization in SHS Access control and security policies in SHS Trust and reputation management Security context-based interfaces for SHS SHS for accessibility and elderly/disabled people Real-time challenges for SHS in eHealth environments Architectures and systems for SHS Network technologies and protocols for SHS Ubiquitous/pervasive platform and middleware for SHS Services and applications for SHS SHS on campuses and hotels SHS for mission critical laboratories Content protection and digital rights management for SHS Intelligent devices, sensor network/RFID for SHS Intrusion detection and computer forensics for SHS SHS and Homeland security Personal data privacy and protection in SHS Emerging standards and technologies for SHS Commercial and industrial for SHS Case studies, prototypes and experience

SECDYN: Security and privacy in dynamic environments

Fundamentals on highly dynamic environments Privacy and predefined access control dilemma Privacy police, provisions and obligations Dependability in dynamic environments Protection of digital documents in dynamic environments, On-line activities in high dynamic systems Law enforcement in high dynamic systems Personalization Privacy and transparency Distributed usage control Privacy compliance

ECOSEC: Ecosystem security and trust

Secure and trusted service compositions in peer-to-peer networks Secure data management in collaborative peer-to-peer networks Security and reputation models for self-adaptive overlay networks Identity and trust management in dynamic, self-organizing environments Social institutional-based trust models for self-evolving communities

CRYPTO: Cryptography

Foundations of cryptography Applied cryptography Cryptanalysis Signatures schemes and trust models Cryptographic algorithms Electronic payment systems High-performance encryption methods Group-oriented cryptography Identity-based cryptography Anonymous authentication Cryptography for multi-user environments Cryptography and secure localization systems Attacks on cryptosystems

INSTRUCTION FOR THE AUTHORS

The SECURWARE 2008 Proceedings will be published by IEEE Computer Society Press and on-line via IEEE XPlore Digital Library. IEEE will index the papers with major indexes.

Important deadlines:

Submission deadline April 5, 2008 Notification May 15, 2008 Registration and camera ready June 1, 2008

Only .pdf or .doc files will be accepted for paper submission. All received papers will be acknowledged via the EDAS system.

Final author manuscripts will be 8.5" x 11" (two columns IEEE format), not exceeding 6 pages; max 4 extra pages allowed at additional cost. The formatting instructions can be found on the Instructions page. Helpful information for paper formatting can be found on the IEEE Authors Tools.

Once you receive the notification of paper acceptance, you will be provided by the IEEE CS Press an online author kit with all the steps an author needs to follow to submit the final version. The author kits URL will be included in the letter of acceptance.

Technical marketing/business/positioning presentations

The conference initiates a series of business, technical marketing, and positioning presentations on the same topics. Speakers must submit a 10-12 slide deck presentations with substantial notes accompanying the slides, in the .ppt format (.pdf-ed). The slide deck will be published in the conference’s CD collection, together with the regular papers. Please send your presentations to petre@iaria.org.

Tutorials

Tutorials provide overviews of current high interest topics. Proposals can be for half or full day tutorials. Please send your proposals to petre@iaria.org

Panel proposals:

The organizers encourage scientists and industry leaders to organize dedicated panels dealing with controversial and challenging topics and paradigms. Panel moderators are asked to identify their guests and manage that their appropriate talk supports timely reach our deadlines. Moderators must specifically submit an official proposal, indicating their background, panelist names, their affiliation, the topic of the panel, as well as short biographies.

For more information, petre@iaria.org

Workshop proposals

We welcome workshop proposals on issues complementary to the topics of this conference. Your requests should be forwarded to petre@iaria.org.