SECURWARE 2010, The Fourth International Conference on Emerging Security Information Systems and Technologies, is an event covering related topics on theory and practice on security, cryptography, secure protocols, trust, privacy, confidentiality, vulnerability, intrusion detection and other areas related to low enforcement, security data mining, malware models, etc.

Security, defined for ensuring protected communication among terminals and user applications across public and private networks, is the core for guaranteeing confidentiality, privacy, and data protection. Security affects business and individuals, raises the business risk, and requires a corporate and individual culture. In the open business space offered by Internet, it is a need to improve defences against hackers, disgruntled employees, and commercial rivals. There is a required balance between the effort and resources spent on security versus security achievements. Some vulnerability can be addressed using the rule of 80:20, meaning 80% of the vulnerabilities can be addressed for 20% of the costs. Other technical aspects are related to the communication speed versus complex and time consuming cryptography/security mechanisms and protocols.

Digital Ecosystem is defined as an open decentralized information infrastructure where different networked agents, such as enterprises (especially SMEs), intermediate actors, public bodies and end users, cooperate and compete enabling the creation of new complex structures. In digital ecosystems, the actors, their products and services can be seen as different organisms and species that are able to evolve and adapt dynamically to changing market conditions.

Digital Ecosystems lie at the intersection between different disciplines and fields: industry, business, social sciences, biology, and cutting edge ICT and its application driven research. They are supported by several underlying technologies such as semantic web and ontology-based knowledge sharing, self-organizing intelligent agents, peer-to-peer overlay networks, web services-based information platforms, and recommender systems.

To enable safe digital ecosystem functioning, security and trust mechanisms become essential components across all the technological layers. The aim is to bring together multidisciplinary research that ranges from technical aspects to socio-economic models.

As a multi-track event, SECURWARE 2010 will serve as a forum for researchers from the academia and the industry, professionals, standard developers, policy makers and practitioners to exchange ideas. The topics could be on techniques and applications, best practices, awareness and experiences as well as future trends and needs (both in research and practices) related to all aspects of information security, security systems and technologies.

SECURWARE 2010 has the following tracks:

ARCH: Security frameworks, architectures and protocols
SECMAN: Security management
SECTECH: Security technologies
SYSSEC: System security
INFOSEC: Information security
MALWA: Malware and Anti-malware
ANTIFO: Anti-forensics
PRODAM: Profiling data mining
SECHOME: Smart home security
SECDYN: Security and privacy in dynamic environments
ECOSEC: Ecosystem security and trust
CRYPTO: Cryptography
CYBER-Threat:

We welcome technical papers presenting research and practical results, position papers addressing the pros and cons of specific proposals, such as those being discussed in the standard fora or in industry consortia, survey papers addressing the key problems and solutions on any of the above topics short papers on work in progress, and panel proposals.

The topics suggested by the conference can be discussed in term of concepts, state of the art, research, standards, implementations, running experiments, applications, and industrial case studies. Authors are invited to submit complete unpublished papers, which are not under review in any other conference or journal in the following, but not limited to, topic areas. All tracks are open to both research and industry contributions.

ARCH: Security frameworks, architectures and protocols

Formal aspects of security
Security analysis methodologies
Security verification
Security protocols
Security architectures and formalisms
Security and design vulnerability
Security and privacy protection
Performance and security
Secure group communication/multicast
Software design security
Middleware security
Security for nomadic code
Intrusion detection systems
Static analysis for software security
Security modeling

SECMAN: Security management

Identity management
Security law enforcement
PKI
PKI Key management
Incident response planning
Intrusion detection and event correlation
Firewalls
Trust management
Software security assurance

SECTECH: Security technologies

Secure protocols
Applied cryptography
Smart cards
Biometrics
Digital rights management
Electronic surveillance
Database security

SYSSEC: System security

Internet security
Security in wireless
Sensor/cellular network security
Ad hoc network security
Security in peer-to-peer networks
Security in wireless multimedia systems
Security in different networks (mesh, personal, local, metropolitan, GSM, Bluetooth, WiMax, IEEE 802.x, etc.)
Security of emergency services

INFOSEC: Information security

Information hiding
Anonymity
Authentication
Data Integrity
Security data mining
Data confidentiality and integrity
Information flow protection
Trustworthy networks: authentication, privacy and security models
Secure service discovery
Secure location-based service
Information survivability

MALWA: Malware and Anti-malware

Threat taxonomies and modeling
Security threats
Threats propagation
Anti-malware technologies
Engineering anti-malware
Anti-virus, anti-spyware, anti-phishing
Malware propagation models
Profiling security information
Vulnerability analysis and countermeasures
Denial of service attacks
Measurements and metrics
Testing samples and techniques
Quarantine/reuse decisions
Anti-malware tool performance
Anti-malware tool suites
Open-source anti-malware
Host-based anti-malware
On-line anti-malware scanning

Messaging, viruses, spyware

Advanced misuse detection techniques /machine learning, natural language processing, challenge-response, etc./
Message filtering, blocking, authentication
Digital signatures
Generalized spamming /over email, Internet telephony, instant messaging, mobile phone, phishing, etc. /
Spam compression and recognition
Learning misuse patterns
Payment schemes
Economics of generalized spam
Tracking abuse tactics and patterns
Protecting legitimate use patterns
Methods for testing protection robustness
Costs and benefits of messaging use and misuse
Standards for messaging and misuse reporting
Legal aspects /identity theft, privacy, freedom of speech, etc./

ANTIFO: Anti-forensics

Advanced anti-forensics mechanisms
Smart anti-forensics
e-discovery industry and anti-forensics
Overwriting data and metadata
Data hiding approaches
Detecting forensics analysis
Anti-forensics tools
Unix-, Windows-, and Linux anti-forensics techniques
Open source anti-forensics tools
Network anti-forensics tools

PRODAM: Profiling data mining

User and traffic profiling
Data mining and visualization
Profile mining and knowledge discovery
Mining lifecycle for profile collections
Profile warehouse construction
Profile portfolio and profile discovery
Profiling game users and game traffic
Profiling transactions
Simpson'd paradox
Real-time profiling mechanisms
Patterns for information profiling
Profiling engines
Profiling metrics
Forensics
Profiling applications (banks, on-line shopping, etc.)
Data mining-based user profile prediction

SECHOME: Smart home security

Fundamentals for SHS
Privacy and protection for SHS
Identify and location management in SHS
Authentication and authorization in SHS
Access control and security policies in SHS
Trust and reputation management
Security context-based interfaces for SHS
SHS for accessibility and elderly/disabled people
Real-time challenges for SHS in eHealth environments
Architectures and systems for SHS
Network technologies and protocols for SHS
Ubiquitous/pervasive platform and middleware for SHS
Services and applications for SHS
SHS on campuses and hotels
SHS for mission critical laboratories
Content protection and digital rights management for SHS
Intelligent devices, sensor network/RFID for SHS
Intrusion detection and computer forensics for SHS
SHS and Homeland security
Personal data privacy and protection in SHS
Emerging standards and technologies for SHS
Commercial and industrial for SHS
Case studies, prototypes and experience

SECDYN: Security and privacy in dynamic environments

Fundamentals on highly dynamic environments
Privacy and predefined access control dilemma
Privacy police, provisions and obligations
Dependability in dynamic environments
Protection of digital documents in dynamic environments,
On-line activities in high dynamic systems
Law enforcement in high dynamic systems
Personalization
Privacy and transparency
Distributed usage control
Privacy compliance
Secure ambient intelligence
Secure embedded microprocessor architectures
Secure compilation techniques

ECOSEC: Ecosystem security and trust

Secure and trusted service compositions in peer-to-peer networks
Secure data management in collaborative peer-to-peer networks
Security and reputation models for self-adaptive overlay networks
Identity and trust management in dynamic, self-organizing environments
Social institutional-based trust models for self-evolving communities

CRYPTO: Cryptography

Foundations of cryptography
Applied cryptography
Cryptanalysis
Signatures schemes and trust models
Cryptographic algorithms
Electronic payment systems
High-performance encryption methods
Group-oriented cryptography
Identity-based cryptography
Anonymous authentication
Cryptography for multi-user environments
Cryptography and secure localization systems
Attacks on cryptosystems

CYBER-Threat

e-Crime
Epidemiological models for warware and cyber-crime propagation
Record and retrieval of cyber-crimes
Cyber-crime prevention
Cyber-crime vulnerabilities
Cyber-counterattack at source
Distributed cyber-attacks
Orchestrated cyber-attacks
Recursion attacks
Cyber-storm attacks
Cyber-pranks, hoaxes
Phishing/Pharming and anti-phishing
Cyber-terrorism
Online cyber-crime reporting
Accuracy and security of cyber-reports
Fighting cyber-crimes
Cyber-crime laws

INSTRUCTION FOR THE AUTHORS

Authors of selected papers will be invited to submit extended versions to one of the IARIA Journals.

Important deadlines:
Submission (full paper) February 20, 2010
Notification March 25, 2010
Registration April 15, 2010
Camera ready April 20, 2010

Only .pdf or .doc files will be accepted for paper submission. All received papers will be acknowledged via an automated system.

Final author manuscripts will be 8.5" x 11", not exceeding 6 pages; max 4 extra pages allowed at additional cost. The formatting instructions can be found on the Instructions page. Helpful information for paper formatting can be found on the here.

Your paper should also comply with the additional editorial rules.

Once you receive the notification of paper acceptance, you will be provided by the publisher an online author kit with all the steps an author needs to follow to submit the final version. The author kits URL will be included in the letter of acceptance.

Poster Forum

Posters are welcome. Please submit the contributions following the instructions for the regular submissions using the "Submit a Paper" button and selecting the contribution type as poster. Submissions are expected to be 6-8 slide deck. Posters will not be published in the Proceedings. One poster with all the slides together should be used for discussions. Presenters will be allocated a space where they can display the slides and discuss in an informal manner. The poster slide decks will be posted on the IARIA site.

For more details, see the Poster Forum explanation page.

Work in Progress

Work-in-progress contributions are welcome. Please submit the contributions following the instructions for the regular submissions using the "Submit a Paper" button and selecting the contribution type as work in progress. Authors should submit a four-page (maximum) text manuscript in IEEE double-column format including the authors' names, affiliations, email contacts. Contributors must follow the conference deadlines, describing early research and novel skeleton ideas in the areas of the conference topics. The work will be published in the conference proceedings.

For more details, see the Work in Progress explanation page

Technical marketing/business/positioning presentations

The conference initiates a series of business, technical marketing, and positioning presentations on the same topics. Speakers must submit a 10-12 slide deck presentations with substantial notes accompanying the slides, in the .ppt format (.pdf-ed). The slide deck will not be published in the conference’s CD Proceedings. Presentations' slide decks will be posted on the IARIA's site. Please send your presentations to petre@iaria.org.

Tutorials

Tutorials provide overviews of current high interest topics. Proposals should be for three hour tutorials. Proposals must contain the title, the summary of the content, and the biography of the presenter(s). The tutorials' slide decks will be posted on the IARIA's site. Please send your proposals to petre@iaria.org

Panel proposals:

The organizers encourage scientists and industry leaders to organize dedicated panels dealing with controversial and challenging topics and paradigms. Panel moderators are asked to identify their guests and manage that their appropriate talk supports timely reach our deadlines. Moderators must specifically submit an official proposal, indicating their background, panelist names, their affiliation, the topic of the panel, as well as short biographies. The panel's slide deck will be posted on the IARIA's site.

For more information, petre@iaria.org

Workshop proposals

We welcome workshop proposals on issues complementary to the topics of this conference. Your requests should be forwarded to petre@iaria.org.