SAFECONFIG 2010 - 2nd ACM Workshop on Assurable & Usable Security Configuration (SafeConfig)
View: 1336
Website http://hci.sis.uncc.edu/safeconfig/ |
Edit Freely
Category SAFECONFIG 2010
Deadline: June 28, 2010 | Date: October 04, 2010
Venue/Country: Chicago, U.S.A
Updated: 2010-06-12 10:18:25 (GMT+9)
Call For Papers - CFP
2nd ACM Workshop on Assurable & Usable Security Configuration (SafeConfig)October 4, 2010 [ Collocated with ACM CCS 2010 ]A typical enterprise network might have hundreds of security appliances suchas firewalls, IPSec gateways, IDS/IPS, authentication servers,authorization/RBAC servers and crypto systems. An enterprise network mayalso have other non-security devices such as routers, name servers, protocolgateways, etc. These must be logically integrated into a securityarchitecture satisfying security goals at and across multiple networks.Logical integration is accomplished by consistently setting thousands ofconfiguration variables and rules on the devices. The configuration must beconstantly adapted to optimize protection and block prospective attacks. Theconfiguration must be tuned to balance security with usability. Thesechallenges are compounded by the deployment of mobile devices and ad hocnetworks. The resulting security configuration complexity places a heavyburden on both regular users and experienced administrators and dramaticallyreduces overall network assurability and usability. For example, a December2008 report from Center for Strategic and International Studies "SecuringCyberspace for the 44th Presidency" states that "inappropriate or incorrectsecurity configurations ... were responsible for 80% of Air Forcevulnerabilities" and a May 2008 report from Juniper Networks "What is BehindNetwork Downtime?" states that "human factors ... [are] responsible for 50to 80 percent of network device outages." This workshop will bring togetheracademic as well as industry researchers to exchange experiences, discusschallenges and propose solutions for offering assurable and usable security.This workshop will consist of presentations and panel discussions on thefollowing topics:Topics but are not limited to- Integrating network and host configuration- Automated forensics and mitigation- Usability issues in security management- Metrics for measuring assurability and usability: Usable securityoften involves trade offs between security or privacy and usability/utility- Abstract models and languages for configuration specification- Configuration refinement and enforcement- Formal semantics of security policies- Configuration testing, debugging and evaluation- Representation of belief, trust, and risk in security policies- Configuration/misconfiguration visualization- Configuration reasoning and conflict analysis- Risk adaptive configuration systems- Context-aware security configuration for pervasive and mobile computing- Configuration accountability- Automated signature and patch management- Automated alarm management- Protecting the privacy and integrity of security configuration- Optimizing security, flexibility and performance- Measurable metric of flexibility and usability- Design for flexibility and manageability ? clean slate approach- Configuration management vs. least-privilege- Configuration management and delegation issues in name resolution- Configuration and policy issue in inter-domain routing- Configuration management issues in virtualized environments- Configuration Management case studies or user studiesPapers must present original work and must be written in English. We requirethat the authors use the ACM format for papers, using one of the ACM SIGProceeding Templates, http://www.acm.org/sigs/pubs/proceed/template.html.We solicit two types of papers, regular papers and position papers. Thelength of the regular papers in the proceedings format should not exceed 8US letter pages, excluding well-marked appendices. Committee members are notrequired to read the appendices, so papers must be intelligible withoutthem. Position papers may not exceed 4 pages. Papers are to be submittedelectronically as a single PDF file. Further submission details will beavailable on-line. The accepted papers will be published in the workshopproceedings and the ACM Digital Library in accordance with ACM copyrightpolicy. Authors of accepted papers must guarantee that their papers will bepresented at the conference. Submission instructions will be available athttp://hci.sis.uncc.edu/safeconfig/ .Important Dates:Abstract Registration: June 7 (optional)Submission: June 28Notification: August 6Camera Ready: August 16Organizing CommitteeSteering Committee:Ehab Al-Shaer, UNC CharlotteJorge Lobo, IBM WatsonSanjai Narain, TelcordiaGeneral Chair:Tony Sager, National Security AgencyTPC Co-Chairs:Gail-Joon Ahn, Arizona State UniversityKrishna Kant, Intel/NSFHeather Richter Lipford, UNC CharlotteTechnical Program Committee:Elisa Bertino, Purdue UniversityKonstantin Beznosov, University of British ColumbiaLorrie Cranor, Carnegie Mellon UniversityDipankar Dasgupta, Univ. of MemphisTrent Jaeger, Pennsylvania State UniversityChin-Tser Huang, University of South CarolinaJohn Karat, IBM T.J. Watson Research CenterGeorge Kesidis, Pennsylvania State UniversityKyung-Hee Lee, Samsung Advanced Institute of TechnologyHong Li, Intel CorporationNinghui Li, Purdue UniversityAlex Liu, Michigan State UniversityEmil Lupu, Imperial CollegeRoy Maxion, Carnegie Mellon UniversityXinming Ou, Kansas State UniversitySanjay Rao, Purdue UniversityIndrajit Ray, Colorado State UniversityMohamed Shehab, UNC CharlotteSubhabrata Sen, AT&T LabsRajesh Talpade, TelcordiaSreedhar Vugranam, IBM T.J. Watson Research CenterJeff Yan, Newcastle University
Keywords: Accepted papers list. Acceptance Rate. EI Compendex. Engineering Index. ISTP index. ISI index. Impact Factor.
Disclaimer: ourGlocal is an open academical resource system, which anyone can edit or update. Usually, journal information updated by us, journal managers or others. So the information is old or wrong now. Specially, impact factor is changing every year. Even it was correct when updated, it may have been changed now. So please go to Thomson Reuters to confirm latest value about Journal impact factor.