posted by system || 4426 views || tracked by 3 users: [display]

SAFECONFIG 2010 : 2nd ACM Workshop on Assurable and Usable Security Configuration

FacebookTwitterLinkedInGoogle

Link: http://hci.sis.uncc.edu/safeconfig
 
When Oct 4, 2010 - Oct 4, 2010
Where Chicago, IL, USA
Submission Deadline Jun 28, 2010
Notification Due Aug 6, 2010
Final Version Due Aug 16, 2010
Categories    security
 

Call For Papers

SAFECONFIG 2010
http://hci.sis.uncc.edu/safeconfig/

CALL FOR PAPERS

2nd ACM Workshop on Assurable & Usable Security Configuration (SafeConfig)
October 4, 2010

Collocated with ACM CCS 2010

A typical enterprise network might have hundreds of security appliances such as firewalls, IPSec gateways, IDS/IPS, authentication servers, authorization/RBAC servers and crypto systems. An enterprise network may also have other non-security devices such as routers, name servers, protocol gateways, etc. These must be logically integrated into a security architecture satisfying security goals at and across multiple networks. Logical integration is accomplished by consistently setting thousands of configuration variables and rules on the devices. The configuration must be constantly adapted to optimize protection and block prospective attacks. The configuration must be tuned to balance security with usability. These challenges are compounded by the deployment of mobile devices and ad hoc networks. The resulting security configuration complexity places a heavy burden on both regular users and experienced administrators and dramatically reduces overall network assurability and usability. For example, a December 2008 report from Center for Strategic and International Studies "Securing Cyberspace for the 44th Presidency" states that "inappropriate or incorrect security configurations ... were responsible for 80% of Air Force vulnerabilities" and a May 2008 report from Juniper Networks "What is Behind Network Downtime?" states that "human factors ... [are] responsible for 50 to 80 percent of network device outages." This workshop will bring together academic as well as industry researchers to exchange experiences, discuss challenges and propose solutions for offering assurable and usable security. This workshop will consist of presentations and panel discussions on the following topics:

Topics but are not limited to
- Integrating network and host configuration
- Automated forensics and mitigation
- Usability issues in security management
- Metrics for measuring assurability and usability: Usable security often involves trade offs between security or privacy and usability/utility
- Abstract models and languages for configuration specification
- Configuration refinement and enforcement
- Formal semantics of security policies
- Configuration testing, debugging and evaluation
- Representation of belief, trust, and risk in security policies
- Configuration/misconfiguration visualization
- Configuration reasoning and conflict analysis
- Risk adaptive configuration systems
- Context-aware security configuration for pervasive and mobile computing
- Configuration accountability
- Automated signature and patch management
- Automated alarm management
- Protecting the privacy and integrity of security configuration
- Optimizing security, flexibility and performance
- Measurable metric of flexibility and usability
- Design for flexibility and manageability ? clean slate approach
- Configuration management vs. least-privilege
- Configuration management and delegation issues in name resolution
- Configuration and policy issue in inter-domain routing
- Configuration management issues in virtualized environments
- Configuration Management case studies or user studies

Papers must present original work and must be written in English. We require that the authors use the ACM format for papers, using one of the ACM SIG Proceeding Templates, http://www.acm.org/sigs/pubs/proceed/template.html. We solicit two types of papers, regular papers and position papers. The length of the regular papers in the proceedings format should not exceed 8 US letter pages, excluding well-marked appendices. Committee members are not required to read the appendices, so papers must be intelligible without them. Position papers may not exceed 4 pages. Papers are to be submitted electronically as a single PDF file. Further submission details will be available on-line. The accepted papers will be published in the workshop proceedings and the ACM Digital Library in accordance with ACM copyright policy. Authors of accepted papers must guarantee that their papers will be presented at the conference. Submission instructions will be available at http://hci.sis.uncc.edu/safeconfig/ .

Important Dates:
Abstract Registration: June 7 (optional)
Submission: June 28
Notification: August 6
Camera Ready: August 16

Organizing Committee

Steering Committee:
Ehab Al-Shaer, UNC Charlotte
Jorge Lobo, IBM Watson
Sanjai Narain, Telcordia

General Chair:
Tony Sager, National Security Agency

TPC Co-Chairs:
Gail-Joon Ahn, Arizona State University
Krishna Kant, Intel/NSF
Heather Richter Lipford, UNC Charlotte

Technical Program Committee:
Elisa Bertino, Purdue University
Konstantin Beznosov, University of British Columbia
Lorrie Cranor, Carnegie Mellon University
Dipankar Dasgupta, Univ. of Memphis
Trent Jaeger, Pennsylvania State University
Chin-Tser Huang, University of South Carolina
John Karat, IBM T.J. Watson Research Center
George Kesidis, Pennsylvania State University
Kyung-Hee Lee, Samsung Advanced Institute of Technology
Hong Li, Intel Corporation
Ninghui Li, Purdue University
Alex Liu, Michigan State University
Emil Lupu, Imperial College
Roy Maxion, Carnegie Mellon University
Xinming Ou, Kansas State University
Sanjay Rao, Purdue University
Indrajit Ray, Colorado State University
Mohamed Shehab, UNC Charlotte
Subhabrata Sen, AT&T Labs
Rajesh Talpade, Telcordia
Sreedhar Vugranam, IBM T.J. Watson Research Center
Jeff Yan, Newcastle University

Related Resources

ACM Transactions on Sensor Networks 2020   Special Issue on Computational Intelligence in the Internet of Things
IEEE COINS 2020   Internet of Things IoT | Artificial Intelligence | Machine Learning | Big Data | Blockchain | Edge & Cloud Computing | Security | Embedded Systems | Circuit and Systems | WSN | 5G
ACM--NLPIR--Ei Compendex and Scopus 2020   ACM--2020 4th International Conference on Natural Language Processing and Information Retrieval (NLPIR 2020)--Scopus, Ei Compendex
AVC 2020   Advances in Vision Computing: An International Journal
LION 2020   Learning and Intelligent Optimization
PST 2020   18th Annual International Conference on Privacy, Security, and Trust (PST2020)
CSW 2021   2021 International Workshop on Cyber Security (CSW 2021)
ICSIE--ACM, Ei Compendex, Scopus 2020   2020 9th International Conference on Software and Information Engineering (ICSIE 2020)--ACM, Ei Compendex, Scopus
BIoT 2020   International Conference on Blockchain and Internet of Things
CANS 2020   Cryptology and Network Security