[ISN] Call for Papers: World Congress on Internet Security (WorldCIS-2013)

Forwarded from: Paul Kelly

Apologies for cross-postings. Please send it to interested colleagues and students. Thanks! CALL FOR PAPERS ******************************************************** World Congress on Internet Security (WorldCIS-2013) Technically Co-Sponsored by IEEE Tokyo Section August 5-7, 2013 Venue: Tokyo University of Information Sciences, Japan www.worldcis.org ******************************************************** The World Congress on Internet Security (WorldCIS-2013) is Technically Co-Sponsored by IEEE Tokyo Section. The WorldCIS-2013 is an international forum dedicated to the advancement of the theory and practical implementation of security on the Internet and Computer Networks. The inability to properly secure the Internet, computer networks, protecting the Internet against emerging threats and vulnerabilities, and sustaining privacy and trust has been a key focus of research. The WorldCIS aims to provide a highly professional and comparative academic research forum that promotes collaborative excellence between academia and industry. The objectives of the WorldCIS are to bridge the knowledge gap between academia and industry, promote research esteem and and to fostering discussions on information technologies, information systems and globa security applications. The WorldCIS-2013 invites speakers and researchers to submit papers that encompass conceptual analysis, design implementation and performance evaluation. Original papers are invited on recent advances in Internet, Computer Communications and Networking Security. The topics in WorldCIS-2013 include but are not confined to the following areas: *Internet Security *Security, trust and privacy *Self-organizing networks *Sensor nets and embedded systems *Service overlays *Switches and switching *Topology characterization and inference *Traffic measurement and analysis *Traffic engineering and control *Trust and Data Security *Virtual and overlay networks *Web services and performance *Wireless mesh networks and protocols *Ad hoc mobile networks Security *Addressing and location management *Broadband access technologies *Blended Internet Security Methods *Biometrics *Boundary Issues of Internet Security *Capacity planning *Cellular and broadband wireless nets *Congestion control *Content distribution *Cryptography *Cross layer design and optimization *Cyber-physical computing/networking *Geographic information systems *Privacy Protection and Forensic in Ubi-com *Quality of Service Issues *Regulations *Secured Database Systems *Security in Data Mining *Security and Access Control *Semantic Web and Ontology *Data management for U-commerce *Software Architectures *Defence Systems *Delay/disruption tolerant networks *End Users *Enabling technologies for the Internet *Implementation and experimental testbeds *Future Internet Design and Applications *Middleware support for networking *Mobility models and systems *Multicast and anycast *Multimedia protocols and networking *Network applications and services *Network architectures Network control *Network management *Network simulation and emulation *Novel network architectures *Network and Protocol Architectures *Peer-to-peer communications *Performance evaluation *Power control and management *Pricing and billing *Protocols and Standards *Resource allocation and management *RFID *Optical networks *Routing protocols *Scheduling and buffer management *Virtual Reality IMPORTANT DATES: Full Paper Submission Date: Extended May 15, 2013 Extended Abstract (Work in Progress) Submission Date: Extended May 31, 2013 Proposal for Workshops and Tutorials: Extended May 15, 2013 Notification of Workshop and Tutorial Acceptance: Extended May 31, 2013 Proposal for Industrial Presentation: February 25, 2013 Notification of Extended Abstract Acceptance/Rejection: Extended June 15, 2013 Notification of Industrial Presentation Acceptance: March 05, 2013 Notification of Paper Acceptance/Rejection: Extended June 05, 2013 Camera Ready Extended Abstract Due: Extended June 30, 2013 Camera Ready Paper Due: Extended till June 30, 2013 Early Registration Deadline: January 01 to June 20, 2013 Late Registration Deadline (Authors only): June 21 to July 15, 2013 Late Registration Deadline (Participants only): June 21 to August 5, 2013 Conference Dates: August 5-7, 2013 For further details, please visit conference website www.worldcis.org ______________________________________________ Attend #HITB2013AMS April 8th – 11th in Amsterdam. Featuring over 42 international speakers and keynotes by Bob Lord and Edward Schwartz http://conference.hitb.org




Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Report thumping Army for mobile cyber security efforts yanked off DoD website

https://www.networkworld.com/news/2013/040313-army-cybersecurity-268371.html By Ellen Messmer Network World April 03, 2013 A report from the Inspector General of the U.S Department of Defense that’s critical of the way the Army has handled mobile-device security has been inexplicably yanked from the IG DoD public website but can still be found in the Google caching system. The IG DoD report No. DODIG-2013-060, entitled “Improvements Needed With Tracking and Configuring Army Commercial Mobile Devices,” dated March 26, flatly states the Army’s chief information officer “did not implement an effective cybersecurity program for commercial mobile devices.” The Inspector General of the DoD is the independent oversight division in the DoD that investigates whether the DoD is operating effectively and efficiently. The report was apparently removed from the IG DoD website after a handful of news organizations wrote about it, but so far the IG DoD hasn’t responded to questions about the report’s sudden disappearance. The report is highly critical of the way the Army in terms of weakness in its cybersecurity program as pertains to commercial mobile devices, aiming the brunt of its criticism at the Army CIO. […] ______________________________________________ Attend #HITB2013AMS April 8th – 11th in Amsterdam. Featuring over 42 international speakers and keynotes by Bob Lord and Edward Schwartz http://conference.hitb.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Questioning FISMA Reform Without a New Law

http://www.bankinfosecurity.com/blogs/questioning-fisma-reform-without-new-law-p-1445 By Bruce Brody Bank Info Security April 4, 2013 A recent article concerning how to reform the Federal Information Security Management Act without enacting new legislation caught my attention. In my take on that article [see 6 Ways to Reform FISMA without New Law], two former Office of Management and Budget officials contend that agency inspectors general should adopt an enhanced risk management framework, after which the National Institute of Standards and Technology would reorient its volumes of guidelines to center on the unknowable threat, which would then drive a more threat-informed risk management framework in each agency. That, in turn, would compel the IGs to prioritize their annual findings against the agency’s risk profile, upon which the chief information officers would incorporate the IGs findings into the agency’s strategic plan. Is this a move that mirrors the best practices of the security programs at the Fortune 500 companies? It’s not even close. This approach disregards the inadequacies of the FISMA legislation and adds naively considered processes to the mountain of processes that clog the agencies’ security arteries. Simply stated, FISMA is flawed, and FISMA must be reformed. To assert otherwise is to not fully appreciate the degree to which FISMA missed the mark on information security and risk management. And continuing to paper it over is not an approach; it’s a never ending tragedy. […] ______________________________________________ Attend #HITB2013AMS April 8th – 11th in Amsterdam. Featuring over 42 international speakers and keynotes by Bob Lord and Edward Schwartz http://conference.hitb.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail

[ISN] Possible security disasters loom with rollout of new top-level domains

http://arstechnica.com/security/2013/04/possible-security-disasters-loom-with-rollout-of-new-top-level-domains/ By Dan Goodin Ars Technica Apr 4 2013 Plans to populate the Internet with dozens of new top-level domains in the next year could give criminals an easy way to bypass encryption protections safeguarding corporate e-mail servers and company intranets, officials from PayPal and a group of certificate authorities are warning. The introduction of Internet addresses with suffixes such as “.corp”, “.bank”, and “.ads” are particularly alarming to these officials because many large and medium-sized businesses use those strings to name machines inside their networks. If the names become available as top-level domains to route traffic over the Internet, private digital certificates that previously worked only over internal networks could potentially be used as a sort of skeleton key that would unlock communications for huge numbers of public addresses. A secure sockets layer certificate used by employees to access a company intranet designated as “.corp”, for instance, might be able to spoof a public credential for the website McDonands.corp or Ford.corp. Employee laptops that are used at an Internet cafe or other location outside of a corporate network might also be tricked into divulging private information. “If the appropriate service endpoints are available, these clients will next begin to dump confidential data and potentially pull incorrect information and apply damaging state changes,” PayPal Information Risk Management officials Brad Hill and Bill Smith wrote in recently published letter to Fadi Chehade and Stephen D. Crocker, the chief executive and chairman respectively of the Internet Corporation for Assigned Names and Numbers (ICANN). “The potential for malicious abuse is extraordinary, the incidental damage will be large even in the absence of malicious intent, and such services will become immediate targets of attack as they inadvertently collect high-value credentials and private data from potentially millions of systems.” […] ______________________________________________ Attend #HITB2013AMS April 8th – 11th in Amsterdam. Featuring over 42 international speakers and keynotes by Bob Lord and Edward Schwartz http://conference.hitb.org


Facebooktwittergoogle_plusredditpinterestlinkedinmail