5th International Conference on Network and System Security (NSS 2011) September 6-8, 2011, Milan, Italy

5th International Conference on Network and System Security (NSS 2011)
September 6-8, 2011, Milan, Italy
http://anss.org.au/nss2011/

While the attack systems have become more easy-to-use, sophisticated, and powerful, interest has greatly increased in the field of building more effective, intelligent, adaptive, active and high performance defense systems which are distributed and networked. The conference will cover research on all theoretical and practical aspects related to network and system security, such as authentication, access control, availability, integrity, privacy, confidentiality, dependability and sustainability of computer networks and systems. The aim of this conference is to provide a leading edge forum to foster interaction between researchers and developers with the network and system security communities, and to give attendees an opportunity to interact with experts in academia, industry, and governments.

NSS 2011 is the next event in a series of highly successful events of Network and System Security. Previous editions were held in: Melbourne, Australia, (2010); Gold Coast, Australia, (2009); Shanghai, China (2008); and Dalian, China (2007).

Accepted papers will be published in the conference proceedings and in the IEEE digital library. Outstanding papers will be invited for possible publication in high quality international journals.

NSS 2011 is technically co-sponsored by IEEE Systems Council.

FIRST INTERNATIONAL WORKSHOP ON SECURING SERVICES ON THE CLOUD (IWSSC 2011)

Held in conjunction with the 5th International Conference on Network and

System Security (NSS 2011)

September 6-8, 2011, Milan, Italy - http://sesar.dti.unimi.it/iwssc2011



IWSSC 2011 BACKGROUND AND GOALS

The ongoing merge between Service-Oriented Architectures (SOAs) and

the Cloud computation paradigm provides a new environment fostering

the integration of services located within company boundaries with

those on the Cloud. An increasing number of organizations implement

their business processes and applications via runtime composition of

services made available on the Cloud by external suppliers. This

scenario is changing the traditional view of security introducing

new service security risks and threats, and requires re-thinking of

current development, testing, and verification methodologies.

IWSSC 2011 aims to address the security issues related to the

deployment of services on the Cloud, along with evaluating their

impact on traditional security solutions for software and network

systems.



The workshop seeks submissions from academia and industry presenting

novel research on all theoretical and practical aspects of security

of services implemented on the Cloud, as well as experimental studies

in Cloud infrastructures, the implementation of services, and lessons

learned. Topics of interest include, but are not limited to:



* Security in Cloud services

* Software verification in critical services

* Static code analysis of software services

* Test-based verification of services

* Authentication and access control on the Cloud

* Challenges in moving critical systems to the Cloud

* Cybercrime and cyberterrorism on the Cloud

* Communication confidentiality and integrity

* Data security and privacy on the Cloud

* Formal methods for the Cloud

* Homeland security

* Information assurance and trust management

* Intrusion detection on the Cloud

* Model-based validation of services

* Orchestration and choreography

* RESTful service security

* SOAP security

* Security certification of services

* Security metrics on the Cloud

* Security models and architectures

* Security patterns for the Cloud

* Security protocols on the Cloud

The 3rd International Workshop on Cyberspace Safety and Security (CSS 2011)
Milan, Italy, September 6-8, 2011
in conjunction with the 5th International Conference of Network and System Security (NSS 2011)
http://anss.org.au/css2011

A large fraction of the population in the world now spends a great deal of time in cyberspace. Cyberspace has become a critical infrastructure that is embedded in almost all other critical infrastructures and enables every movement of human society. It is thus very much in the public interest to have a safe and secure cyberspace.

In the past several years, there has been large number of attacks in cyberspace, such as attacks on the Internet, attacks on embedded/real-time computing and control systems, and attacks on dedicated computing facilities. Many research efforts have been made to achieve cyberspace safety and security, such as blocking and limiting the impact of compromise, enabling accountability, promoting deployment of defense systems, and deterring potential attackers and penalizing attackers.

In this context, we focus our program on Cyberspace Safety and Security, such as authentication, access control, availability, integrity, privacy, confidentiality, dependability and sustainability issues of cyberspace. The aim of this workshop is to provide a leading edge forum to foster interaction between researchers and developers with the cyberspace safety and security communities, and to give attendees an opportunity to network with experts in this area.

Previously CSS has been held in Sydney, Australia (2008) and Chengdu, China (2009).

Submitted papers must not substantially overlap with papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings. Papers must be clearly presented in English, must not exceed 6 pages, including tables, figures, references and appendixes, in IEEE proceedings 8.5" x 11" Two-Column Format with Portable Document Format (.pdf). Papers will be selected based on their originality, timeliness, significance, relevance, and clarity of presentation. Submission of a paper should be regarded as a commitment that, should the paper be accepted, at least one of the authors will register and attend the conference to present the work. IEEE templates that will be used for preparing the final version of the papers. The templates are available here: http://www.ieee.org/conferences_events/conferences/publishing/templates.html Accepted papers will be published by IEEE and included in the IEEE digital library. Selected best papers will be published in international journals.

Topics include but not limited to:

Access Control and Trust Management
Active Defense Techniques and Systems
Attack Containment
Attack Recovery
Benchmark, Analysis and Evaluation of Cybersecurity
Digital Rights Management
Distributed Intrusion Detection/Prevention Systems
Denial-of-Service Attacks and Countermeasures
Identity Management and Authentication
Implementation, Deployment and Management of Cybersecurity
Intelligent Defense Systems
Internet and Network Forensics
Risk Assessment in Cybersecurity
Secure Design and Testing
Secure Network Architectures
Security for Large-scale Systems and Critical Infrastructures
Security for P2P systems and Grid Systems
Security for Ad-Hoc and Sensor Networks
Security in Web Services
Security in Pervasive and Embedded Systems
Security Theory and Tools
Spam Detection and Prevention
Social and Legal Issues in Cybersecurity
Software and System Assurance
Viruses, Worms, and Other Malicious Code

1st Workshop on Socio-Technical Aspects in Security and Trust
6-8 September 2011, Milan, Italy
http://stast.uni.lu/
Co-located with
5th International Conference on Network and System Security (NSS)

Motivation

Due to the huge yet increasing number of people carrying out sensitive Internet transactions, security threats hardly ever reduce to sheer technical threats at present. Rather, they are socio-technical, as they come from adversaries who combine social engineering practices with technical skills to circumvent the defenses of information systems, often by exploiting the users' ill-understanding of security mechanisms, of poorly designed user interfaces, and of unusable security policies. Humans obviously cannot be treated as machines, as they take actions that may seem irrational although they are perfectly justifiable from a cognitive and a social perspective. Computer security hence appears to acquire more and more the facets of an interdisciplinary science with roots in both interpretive and positivist research traditions.

Goals

The workshop intends to foster an interdisciplinary discussion on how to model and analyse the socio-technical aspects of modern security systems and on how to protect such systems from socio-technical threats and attacks. It aims to stimulate an active exchange of ideas and experiences from different communities of researchers in order to identify weaknesses potentially emerging from poor usability designs and policies, from social engineering, and from deficiencies hidden in flawed interfaces and implementations. It will bring together experts in computer security and in cognitive, social, and behavioral sciences; it will collect the state of the art, identify open and emerging problems, and propose future research directions.

Duration

STAST2001 is a one day workshop.