The second European Conference on Information Warfare and Security (ECIW) is an opportunity for academics, practitioners and consultants from Europe and elsewhere who are involved in the study, management, development and implementation of systems and concepts to combat information warfare or to improve information systems security to come together and exchange ideas. The conference in July 2003 is seeking qualitative, experience-based and quantitative papers as well as case studies and reports of work in progress from academics, information systems practitioners, consultants and government departments. Topics may include, but are not limited to, e-Intelligence/counter-intelligence, Perception management, Information warfare theory, Electro-magnetic pulse weapons, Information, computer and network security, Cryptography, Physical security, Security policy, Information warfare policy, Information warfare techniques, Hacking, Infra-structure warfare, National security policy, Corporate defence mechanisms, Security for small to medium enterprises, Cyber Terrorism, Ethical, Political and Social Issues relating to Information Warfare, Information warfare and security education, Legal issues concerned with information warfare and e-Crime, Cyber-terrorism. In addition to multiple streams of papers, the conference committee are inviting proposals for workshops and tutorials on topics related to Information Warfare and research methods applicable to this field. More information can be found on the conference web page at www.mcil.co.uk/conf-management.htm

This workshop series brings together researchers in computer science to examine foundational issues in computer security. We are interested both in new results in theories of computer security and also in more exploratory presentations that examine open questions and raise fundamental concerns about existing theories. Both papers and panel proposals are welcome. Possible topics include, but are not limited to:

1. Access control
2. Authentication
3. Data and system integrity
4. Database security
5. Network security
6. Distributed systems security
7. Anonymity
8. Intrusion detection
9. Security for mobile computing
10. Security protocols
11. Security models
12. Decidability issues
13. Privacy
14. Executable content
15. Formal methods for security
16. Information flow
17. Language-based security

Original papers pertaining to all aspects of computer systems and information security are solicited for submission to the Eighth Australasian Conference on Information Security and Privacy (ACISP 2003). Papers may present theory, techniques, applications and practical experiences on a variety of topics including:

1. Cryptology
2. Authentication and authorization
3. Access control
4. Network security
5. Smart cards
6. Risk assessment
7. Copyright protection
8. Mobile agents security
9. Software protection and viruses
10. Security protocols
11. Distributed system security
12. Database security
13. Mobile communications security
14. Secure operating systems
15. Security management
16. Secure commercial applications
17. Key management and auditing
18. Secure electronic commerce
19. Security architectures and models
20. Evaluation and certification
21. Privacy and policy issues
22. Computer forensics
23. Intrusion detection

We are soliciting research contributions on the design, specification, implementation, application and theory of secure distributed computing. We welcome submissions on any topic in the intersection of security and distributed computing, including but not limited to:

1. Secure multiparty and two-party computations
2. Secret sharing and verifiable secret sharing
3. Resiliency to corruptions: distributed, forward and proactive security
4. Security, privacy and anonymity in the Internet and in mobile communication systems
5. Secure/security protocols and distributed algorithms
6. Secure multicast and broadcast
7. Denial of service (clogging) and its prevention
8. Non-repudiation, certification and time stamping protocols
9. Distribution of intellectual property and its (copyright) protection
10. Secure distributed marketplaces, auctions, and gambling
11. Cryptographic protocols, including: authentication, key management, etc.
12. Secure electronic commerce, banking and payment protocols
13. Security for Peer to Peer computing
14. Secure bandwidth reservation and QOS
15. Distributed access control and trust management
16. Secure mobile agents and mobile code
17. Security for Storage Area Networks

The USENIX Security Symposium brings together researchers, practitioners, system administrators, system programmers, and others interested in the latest advances in security of computer systems. Refereed paper submissions are being solicited in all areas relating to systems and network security, including:

1. Adaptive security and system management
2. Analysis of malicious code
3. Analysis of network and security protocols
4. Applications of cryptographic techniques
5. Attacks against networks and machines
6. Automated tools for source code analysis
7. Authentication and authorization of users, systems, and applications
8. Denial-of-service attacks
9. File and file system security
10. Firewall technologies
11. Intrusion detection
12. Privacy preserving (and compromising) systems
13. Public key infrastructure
14. Rights management and copyright protection
15. Security in heterogeneous and large-scale environments
16. Security of agents and mobile code
17. Security of Internet voting systems
18. Techniques for developing secure systems
19. World Wide Web security

The conference provides a forum for presenting original unpublished research results, practical experiences, and innovative ideas in data and applications security. Papers and panel proposals are solicited. Topics of interest include but is not limited to:

1. Critical Infrastructure Protection
2. Cyber Terrorism
3. Information Warfare
4. Intrusion Protection
5. Damage assessment and repair
6. Database Forensics
7. PTN security
8. Electronic Commerce Security

ECC 2003 is the seventh in a series of annual workshops dedicated to the study of elliptic curve cryptography and related areas. The main themes of ECC 2003 will be:

1. The discrete logarithm
2. Efficient parameter generation and point counting
3. Provably secure cryptographic protocols
4. Efficient software and hardware implementation
5. Side-channel attacks
6. Deployment of elliptic curve cryptography

For eleven years the New Security Paradigms Workshop has provided a stimulating and highly interactive forum for innovative approaches to computer security. In order to preserve the small, focused nature of the workshop, participation is limited to authors of accepted papers and conference organizers. NSPW is highly interactive in nature. Authors are encouraged to present ideas that might be considered risky in some other forum. All participants are charged with providing feedback in a constructive manner. The resulting brainstorming environment has proven to be an excellent medium for furthering the development of these ideas. The proceedings, which are published after the workshop, have consistently benefited from the inclusion of workshop feedback. Because we expect new paradigms, we accept wide-ranging topics in information security. Papers that present a significant shift in thinking about difficult security issues or builds on a previous shift are welcomed. Our program committee particularly looks for new paradigms, innovative approaches to older problems, early thinking on new topics, and controversial issues that might not make it into other conferences but deserve to have their try at shaking and breaking the mold. More information can be found on the conference web page at www.nspw.org.

The areas of interest include, but are not limited to:

1. Internet Security
2. Cyber Indication and Intrusion Detection
3. E-Commerce and Financial Cryptosystems
4. Access Control and Database Security
5. Mobile Security
6. Applied Cryptography
7. Public Key Cryptography / Key Management
8. Threats and Information Warfare
9. Virus Protection
10. Smart Cards and Secure Hardware
11. Network Security, VPNs and Firewalls
12. Biometrics and Human Interfaces
13. Privacy and Anonymity
14. Security Management
15. Digital Rights Management
16. Secure Software, Systems and Applications

The purpose of this workshop is twofold: First, all issues of digital business, focusing on trust and privacy problems will be discussed. In particular, we are interested in papers that deal with trust and privacy, confidence and security, reliability and consistency, fairness and legality, and other issues critical for the success of future digital business. Second, the workshop should be a forum for the exchange of results and ongoing work performed in R&D projects, either on a national or international level. We invite papers, work-in-progress reports, industrial experiences describing advances in all areas of digital business applications, including, but not limited to:

1. Privacy & confidentiality management
2. Trust architectures and underlying infrastructures
3. Electronic cash, wallets and pay-per-view systems
4. Businesses models with security requirements
5. Enterprise management and consumer protection
6. Trust and privacy issues in mobile environments
7. Global security architectures and infrastructures
8. Protocols and transactional models
9. Trustful management and negotiation
10. Public administration, governmental services
11. Anonymous or pseudonymous access to Web services
12. Reliability and security of content and data
13. Intellectual property rights, watermarking and fingerprinting
14. Common practice, legal and regulatory issues
15. Trust issues in E-Services, E-Voting and E-Polling
16. PKI, biometrics, smart cards
17. Intrusion detection and information filtering

In spite of the efforts from Information Security researchers, there are still a considerable number of unsolved problems that may benefit from the application of Artificial Intelligence techniques. The increasing awareness in solving such problems has resulted in a concerted effort of Artificial Intelligence and Information Security researchers. Therefore, AI techniques like agents, evolutionary computation, neural networks, cellular automata, classic and fuzzy logic and machine learning may play an important role in specific problems concerning Information Security. We particularly encourage the discussion of the following topics:

1. Semantic analysis of cryptologic protocols
2. Security of mobile agents
3. Security through agents
4. Representation and use of trust induced by PKIs
5. Optimisation heuristics in cryptanalysis
6. Machine Learning techniques in cryptanalysis
7. AI techniques in cryptology
8. Any other work addressing information security problems by means of AI techniques

The RAID International Symposium series is intended to further advances in intrusion detection by promoting the exchange of ideas in a broad range of topics. Paper submission and panel proposals are invited on the following types of topics:

1. Assessing, measuring, and classifying intrusion-detection systems
2. IDS cooperation and integration
3. IDS interoperability standards and standardization
4. IDSs in high-performance and real-time environments
5. Vulnerabilities and attacks
6. Innovative Approaches
7. Practical Considerations

The focus of this workshop is on all aspects of cryptographic hardware and security in embedded systems. The workshop will be a forum of new results from the research community as well as from the industry. Of special interest are contributions that describe new methods for efficient hardware implementations and high-speed software for embedded systems, e.g., smart cards, microprocessors, DSPs, etc. We hope that the workshop will help to fill the gap between the cryptography research community and the application areas of cryptography. Consequently, we encourage submissions from academia, industry, and other organizations. All submitted papers will be reviewed. The topics of CHES 2002 include but are not limited to:

1. Computer architectures for public-key and secret-key cryptosystems
2. Efficient algorithms for embedded processors
3. Reconfigurable computing in cryptography
4. Cryptographic processors and co-processors
5. Cryptography in wireless applications (mobile phone, LANs, etc.)
6. Security in pay-TV systems
7. Smart card attacks and architectures
8. Tamper resistance on the chip and board level
9. True and pseudo random number generators
10. Special-purpose hardware for cryptanalysis
11. Embedded security
12. Device identification

Due to the increased interconnection between plant-floor systems and enterprise-level computer systems up to and including public networks like the Internet, and based on Internet protocols (HTTP/TCP/IP), IT security issues and concerns have also reached the domains of automation IT systems and automation communication networks. IT security needs, constraints, and mechanisms for automation systems are in various ways different from those of the office computing environment, which creates the necessity, but also the opportunity, for novel approaches. For this special session papers are solicited which are concerned with:

1. Specific security needs of automation systems, e.g. with respect to security objectives, usage scenarios, system topologies/architectures or operating environment
2. Specific security mechanisms, devices, processes, protocols and architectures for automation systems
3. IT security audits for automation devices and systems

Original papers are solicited for submission to ISC 2003. ISC aims to bring together individuals involved in multiple disciplines of information security to foster exchange of ideas. Topics of interest include, but are not limited to:

1. Access Control
2. Applied Cryptography
3. Cryptographic Protocols
4. Digital Rights Management
5. E-Commerce Protocols
6. Formal Aspects of Security
7. Information Hiding
8. Intrusion Detection
9. Key Management
10. Legal and Regulatory Issues
11. Mobile Code & Agent Security
12. Network & Wireless Security
13. Software Security
14. Security Analysis Methodologies
15. Trust Management

CMS 2003 is the seventh working conference on Communications and Multimedia Security since 1995. State-of-the-art issues as well as practical experiences and new trends in these areas are the topics of interest of the conference:

1. applied cryptography
2. biometry
3. multimedia security
4. digital signature and digital watermarking
5. infrastructure protection
6. network and communication security
7. security policies
8. security of e-commerce

Information and communication security is a challenging topic at the best of times. This conference series brings together researchers and scholars to examine important issues in this area. Original papers on all aspects of information and communications security are solicited for submission to ICICS2003. Areas of interests include but not limited to: Access control, Anonymity, Authentication and Authorization, Biometric Security, Data and System Integrity, Database Security, Distributed Systems Security, Electronic Commerce Security, Fraud Control, Information Hiding and Watermarking, Intellectual Property Protection, Intrusion detection, Key Management and Key Recovery, Language-based Security, Operating System Security, Network Security, Risk Evaluation and Security Certification, Security for Mobile Computing, Security Models, Security Protocols, Virus and Worms. More information can be found on the conference web page at www.cstnet.net.cn/icics2003/.

Papers offering novel research contributions in any aspect of computer security are solicited for submission to the Eighth European Symposium on Research in Computer Security (ESORICS 2003). Organized in a series of European countries, ESORICS is confirmed as the European research event in computer security. The symposium started in 1990 and has been held on alternate years in different European countries and attracts an international audience from both the academic and industrial communities. From 2002 it will be held yearly. The Symposium has established itself as one of the premiere, international gatherings on Information Assurance. Papers may present theory, technique, applications, or practical experience on topics including:

1. access control
2. accountability
3. anonymity
4. applied cryptography
5. authentication
6. covert channels
7. cryptographic protocols
8. cybercrime
9. data integrity
10. denial of service attacks
11. dependability
12. firewalls
13. formal methods in security
14. inference control
15. information flow control
16. information warfare
17. intellectual property protection
18. intrusion detection
19. intrusion tolerance
20. language-based security
21. network security
22. non-interference
23. privacy-enhancing technology
24. pseudonymity
25. security as quality of service
26. secure electronic commerce
27. security administration
28. security evaluation
29. security management
30. security models
31. security metrics
32. security requirements engineering
33. security verification
34. smartcards
35. steganography
36. subliminal channels
37. survivability
38. system security
39. transaction management
40. trustworthy user devices

The NORDSEC workshops started in 1996 with the aim of bringing together researchers and practitioners within computer security in the Nordic countries. The theme of the workshops have been applied security, i.e., all kinds of security issues that could encourage interchange and cooperation between the research community and the industrial/consumer community. Possible topics include, but are not limited to the following:

1. Privacy and Privacy Enhancing Technologies
2. Wireless Communication Security
3. Inter/Intra/Extranet Security
4. Security Protocol Modelling and Analysis
5. E-and M-Business Security
6. New Firewall Technologies
7. Secure Infrastructures; TTP, PKI, Key Escrow/Recovery
8. Computer Crime and Information Warfare
9. Detecting Attacks, Intrusions and Computer Misuse
10. Smart Card Applications
11. Security Management and Audit
12. Security Evaluations and Measurements
13. Security in Commercial off-the-shelf Products, COTS
14. Operating System Security
15. Security Models
16. New Ideas and Paradigms for Security
17. Security Education and Training
18. Quality of Service or Software Engineering in Relation to Security

The first MiAn International Conference on Applied Cryptography and Network Security (ACNS’03) will be held in Kunming, China on October 16-19, 2003, organized by MiAn (ONETS) Pte Ltd and in cooperation with the local government. Original paper on all aspects of applied cryptography and network security are solicited for submission to the conference. Areas of interests include but not restricted to: Biometric Security Applications, Cryptographic and Anti-cryptographic Analysis, Cryptographic Applications, Data Recovery and Coding, Differential Power Attacks, Efficient Implementation, Firewall and Intrusion Detection, GPRS and CDMA Security, Identification and Entity Authentication, Key Management Techniques, Network Protocol and Analysis, PKI/PMI and Bridge CA, Secure e-commerce and e-government, Security Management and Strategy, Smart Card Security, Verification and Testing of Secure Systems, Virus and Worms, VPN and SVN, WLAN and Bluetooth Security. More information can be found at the conference web page at www.onets.com.cn/dhe.htm.

Papers offering novel research contributions in any aspect of computer security are solicited. The primary focus is on high-quality original unpublished research, case studies, and implementation experiences. Papers should have practical relevance to the construction, evaluation, application, or operation of secure systems. Theoretical papers must make convincing argument for the practical significance of the results. Theory must be justified by compelling examples illustrating its application. The primary criterion for appropriateness for CCS is demonstrated practical relevance. CCS can therefore reject perfectly good papers that are appropriate for theory-oriented conferences. Topics of interest include:

1. access control
2. security for mobile code
3. cryptographic protocols
4. key management
5. information warfare
6. authentication
7. applied cryptography
8. e-business/ e-commerce
9. privacy and anonymity
10. secure networking
11. accounting and audit
12. data/ system integrity
13. intrusion detection
14. security management
15. security verification
16. database and system security
17. smart-cards and secure PDAs
18. inference/ controlled disclosure
19. intellectual property protection
20. commercial and industry security

Ad hoc and sensor networks are expected to become an integral part of the future computing landscape. However, these networks introduce new security challenges due to their dynamic topology, severe resource constraints, and absence of a trusted infrastructure. This workshop seeks submissions from academia and industry presenting novel research on all aspects of security for ad hoc and sensor networks, as well as experimental studies of fielded systems. Submission of papers based on work-in-progress is encouraged. Topics of interest include, but are not limited to, the following as they relate to wireless networks, mobile ad hoc networks, or sensor networks:

1. Security under resource constraints, e.g., energy, bandwidth, memory, and computation constraints
2. Performance and security tradeoffs
3. Secure roaming across administrative domains
4. Key management
5. Authentication and access control
6. Trust establishment, negotiation, and management
7. Intrusion detection and tolerance
8. Secure location services
9. Privacy and anonymity
10. Secure routing
11. Secure MAC protocols
12. Denial of service
13. Prevention of traffic analysis

This workshop is the second in the series and will focus on the theme of adaptive defence of information and computing networks. The aim is to stimulate novel approaches to securing the information infrastructure. In particular the workshop will consider long-term developments and research issues relating to the defence of information networks. The driving scientific motivation for this workshop is to further our understanding of adaptive and self-organising mechanisms that can be applied to the development of resilient and robust information networks. In particular it will provide a forum for commercial and academic researchers to exchange concepts and issues within this domain. Following a highly successful first event, this workshop will be based on two specific sub-themes. These are:

1. Bio-inspired Defence Systems
2. Adaptive Security Mechanisms

1. Design of self-healing networks
2. Optimization versus robustness
3. Machine learning and defence strategies
4. Dynamic stability in large-scale networks
5. Self & non-self recognition, Immunology models

The inaugural symposium on Communications Security solicits submissions of new results in all security topics for wireless, mobile, ad hoc, peer-to-peer, or landline communication networks. Please see the complete call posted at www.globecom2003.com/CFP1.html (under GLOBECOM 2003 Symposia Titles).

The 19th Annual Computer Security Applications Conference is an internationally recognized conference that provides a forum for experts in information system security to exchange practical ideas about solving real problems. Papers and proposals that address the application of technology, the implementation of systems, and lessons learned will be given special consideration. The ACSAC Program Committee is looking for papers, panels, forums, case studies presentations, tutorials, workshops, and works in progress that address practical solutions to problems related to protecting commercial enterprises or government information infrastructures. A list of topics of interest along with other conference information can be found at www.acsac.org .

This minitrack focuses on security and survivability in large, non-trivial, networked computer systems. Of special interest are contributions that address survival, tolerance, recovery or masking of malicious attacks. Submissions will be sought from researchers in the area of system survivability, software dependability, computer and network security, fault-tolerance and intrusion tolerance, and economic or statistical modeling of secure/survivable systems. Topics include, but are not limited to:

1. System or software survivability
2. Safety critical failure modes
3. Network or system intrusion tolerance
4. Modeling malicious behavior or attacks
5. Mathematical models for verification of vulnerability to malicious acts
6. Models for measurement, evaluation, or validation of survivability
7. Software and hardware fault tolerance
8. Design for dependability and/or survivability
9. PRA and hybrid fault models accounting for malicious acts and events

Original papers and presentations on all aspects of financial-data security and secure digital commerce are solicited for submission to the Eighth Annual Conference on Financial Cryptography (FC '04). FC '04 will bring together researchers and practitioners in the financial, legal, cryptologic, and data-security fields to foster cooperation and exchange of ideas. In addition to novel scientific research as in previous years, the program for FC ‘04 will include sessions on digital finance and economics and on secure financial systems and digital-cash architectures. For the systems and finance sessions, submissions must have a visible bearing on financial-security issues, but need not be exclusively concerned with cryptography or security. A complete list of topics along with instructions for submitting a paper can be found on the conference web page at www.ifca.ai/fc04.

Papers presenting original research on theoretical and foundational aspects of cryptography are sought. The Theory of Cryptography deals with the paradigms, approaches and techniques used to conceptualize, define and provide solutions to natural cryptographic problems. Consequently, research in this area includes:

1. The study of known paradigms (resp. approaches and techniques), directed towards a better understanding and utilization of the latter.
2. Discovery of new paradigms (resp. approaches and techniques) that overcome inherent or seemingly inherent limitations of the existing paradigms.
3. Formulation of new cryptographic problems and treating them using known or new paradigms (resp. approaches and techniques).

For the last few years the International Workshop on Practice and Theory in Public Key Cryptography PKC is the main annual workshop focusing on research on all aspects of public key cryptography. The first workshop was organized in 1998 in Japan. Other PKCs have taken place in Australia, France, Japan, South Korea and USA. PKC has attracted papers from famous international authors in the area. Submissions in all areas related to applications and theory in public key cryptography are welcome, including but not limited to the following areas:

1. Theory of public key cryptography
2. Design of new public key cryptosystems
3. Analysis of public key cryptosystems
4. Efficient implementation of public key cryptographic algorithms
5. Applications of public key cryptography and PKI