CSAW 2008

_________________________________________________________________________

The First ACM Computer Security Architecture Workshop

http://www.rites.uic.edu/csaw

________________________________________________________________________

A workshop held in conjunction with the

ACM Conference on Computers and Communications

October 31, 2008 * George Mason University * Fairfax, Virginia, USA

________________________________________________________________________

The Computer Security Architecture Workshop (CSAW)--pronounced see-saw---solicits papers on security architectures, their interfaces, implementations, and implications.

Architectures, whether system or application, are composed of abstractions (interfaces) and their implementations. Security Architectures are architectures which enable implementations that are resilient to an appropriate and broad-based spectrum of threats. An evaluation of a Security Architecture requires understanding these threats; the tradeoffs between different system goals, including between security and non-security goals; the long-term appropriateness of its interfaces; and the implementations it allows. The best interfaces are those that capture the most important issues, enable different implementations, and are flexible enough to adapt (or be adapted) to different threats.

Two well-known issues are particularly important: First, complexity is a source of security holes. Second, security is a matter of the weakest link. Because of the need to balance off complexity versus protections, these tradeoffs are often controversial. Other tradeoffs include performance, usability, and flexibility. This workshop focuses on understanding the new ideas that will compose the next generation of Security Architectures.

The design and evaluation of Security Architectures is of fundamental importance to security. And yet, many of our fundamental architectures were created when security was less appreciated and less well understood. Since it is notoriously difficult to add security after the fact, our systems are far too susceptible to attack. Moreover, architectures, because they are broad based, are difficult to understand and this is a specialized workshop in which Security Architecture experts will gather. As far as we know, this workshop is unique in its focus on Security Architectures.

The workshop topics include, but are not limited to:

Authorization Authentication Network security Distributed systems Operating systems Privacy Applications and security frameworks Specialized applications such as voting systems Hardware/software co-design for security Analysis of architectures System composability (properties, pitfalls, analysis & reasoning Assurance techniques Case studies Usability issues

_________________________________________________________________________

Submission instructions

Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings. Submissions should be at most 6 pages in doublecolumn ACM format, excluding the bibliography and well-marked appendices. Please include page numbers on all submissions to make it easier for reviewers to provide helpful comments. Committee members are not required to read appendices, so the paper should be intelligible without them. Final proceedings versions will be 10 pages in double-column ACM format; although authors will have the option of buying a limited number of additional pages. Submissions are not anonymized. For further details see \url{http://www.rites.uic.edu/csaw}.

_________________________________________________________________________

Important dates

Paper submissions due:	      20 June 2008 Notification to the authors:  3rd week of July Camera ready papers due:      10 August 2008 Poster/Lightning submission:  12 September 2008 Workshop date:                31 October 2008

_________________________________________________________________________

Organization

General Chair: Vijay Atluri, Rutgers University

Organizers: Daniel J. Bernstein, Trent Jaeger, Angelos Keromytis, Ravi Sandhu, and Jon A. Solworth

Program Chair: Trent Jaeger, Penn State University

Program Committee

Daniel J. Bernstein,UIC Vinod Ganapathy, Rutgers Tal Garfinkel, Stanford Jonathon Giffin, Georgia Tech Sam King, UIUC Peter G. Neumann, SRI Reiner Sailer, IBM Research Ravi Sandhu, UTSA Umesh Shankar, Google Sean Smith, Dartmouth Jon A. Solworth, UIC Patrick Traynor, Penn State Wietse Venema, IBM Research This CfP was obtained from WikiCFP