Forwarded from: Frederick Sheldon <sheldon (at) ieee.org>
CALL FOR PAPERS
CSIIRW-08
http://www.ioc.ornl.gov/csiirw
Fourth Cyber Security and Information Intelligence Research Workshop
Oak Ridge National Laboratory, Oak Ridge, TN, May 12-14, 2008
Sponsored by Federal Business Council, Inc.
In cooperation with ACM and EUROSIS
___________________________________________________
IMPORTANT DATES in 2008:
Mar 03 Extended to Mar 17: abstracts (up to 3 pgs) submitted
Mar 17 Extended to Mar 24: author notification (visitation req URL)
Apr 03 Foreign National visitation request (HARD deadline)
May 09 Subm of slides (10 pgs 2 slides/pg) & revised abstracts
Jun 15 Subm of full papers (optional) to HICSS CSIIR Minitrack
Prelim CSIIRM CFP available at www.ioc.ornl.gov/csiirm
Jun 16 Publication CSIIR Workshop Proceedings in ACM Digital Library
Extended abstracts and presentations
___________________________________________________
SYNOPSIS:
As our dependence on the cyber infrastructure grows ever larger, more
complex and more distributed, the systems that compose it become more
prone to failures and/or exploitation. Intelligence is information
valued for its currency and relevance rather than its detail or
accuracy. Information explosion describes the pervasive abundance of
(public/private) information and the effects of such. Gathering,
analyzing, and making use of information constitutes a business- /
sociopolitical- / military-intelligence gathering activity and
ultimately poses significant advantages and liabilities to the
survivability of "our" society. The combination of increased
vulnerability, increased stakes and increased threats make cyber
security and information intelligence (CSII) one of the most important
emerging challenges in the evolution of modern cyberspace
"mechanization."
___________________________________________________
IMPORTANT GOALS:
The aim of this workshop is to discuss (and publish) novel theoretical
and empirical research focused on (the many) different aspects of
software security/dependability, because as we know, the heart of the
cyber infrastructure is software. The scope of the workshop covers a
wide range of methodologies, techniques, and tools (i.e., applications)
to (1) assure, measure, estimate and predict software
security/dependability and (2) analyze and evaluate the impact of such
applications on software security/dependability.
We encourage researchers and practitioners from a wide swath of
professional areas (not only the programmers, designers, testers, and
methodologists but also the users and risk managers) to participate so
that we can better understand the needs (requirements), stakes and the
context of the ever evolving cyber world; where software forms the core
and security/dependability are crucial properties that must be built-in
or baked on and maintained. Secure systems must be dependable and
dependable systems fail if they are not secure. We look to software
engineering to help provide us the products and methods to accomplish
these goals.
___________________________________________________
NON-EXCLUSIVE TOPICS
We aim to challenge, establish and debate a far-reaching agenda that
broadly and comprehensively outlines a strategy for cyber security and
information intelligence that is founded on sound principles and
technologies, including and not limited to:
+ Better precision in understanding existing and emerging
vulnerabilities and threats.
+ Advances in insider threat detection, deterrence, mitigation and
elimination.
+ Game-changing ventures, innovations and conundrums (e.g., quantum
comp., QKD, phishing, malware market, botnet/DOS)
+ Assuring security, survivability and dependability of our critical
infrastructures.
+ Assuring the availability of time-critical scalably secure systems,
information provenance and security with privacy.
+ Observable/ measurable/ certifiable security claims, rather than
hypothesized causes.
+ Methods that enable us to specify security requirements, formulate
security claims, and certify security properties.
+ Assurance against known and unknown (though perhaps pre-modeled)
threats.
+ Mission fulfillment, whether or not security violations have taken
place (rather than chasing all violations indiscriminately).
___________________________________________________
KEYNOTE SPEAKERS:
+ Dick Kemmerer, Security Group, UC Santa Barbara
+ Michael Franz, Secure Systems and Software Laboratory, UC Irvine
+ Ravi Iyer, Director Coordinated Science Laboratory, UIUC
+ Jeff Voas, Director of System Assurance, SAIC
+ Brian Witten, Director of Government Research, Symantec
+ Mike McDuffie VP, Patrick Arnold CTO, Pub. Sector Serv., Microsoft
+ Keynote Panel From Application to Network Security Engineering:
Theory and Practice
___________________________________________________
SUBMISSION INSTRUCTIONS:
Participants are invited to submit extended abstracts of no more than
three pages (single-spaced) on or before Mar. 3rd to SheldonFT@private
Read the full instructions here:
http://www.ioc.ornl.gov/csiirw/08/CSIIRW-08.htm
___________________________________________________
ORGANZATION:
General Chair:
+ Frederick T. Sheldon, Computational Sciences and Engineering Div.
Oak Ridge National Laboratory
Program Co-Chairs:
+ Ali Mili, College of Computing Science
New Jersey Institute of Technology
+ Axel Krings, Computer Science Department
University of Idaho
___________________________________________________
Subscribe to InfoSec News
http://www.infosecnews.org/mailman/listinfo/isn
Comments