Secure Software Architecture, Design, Implementation and Assurance CALL FOR PAPERS
Fortieth Annual Hawai’i International Conference on System Sciences January 3 - 6, 2007 (Wednesday-Saturday) Hilton Waikoloa Village Resort and Spa on the Big Island 425 Waikoloa Beach Drive Waikoloa, Hawaii 96738 Tel: 1-808-886-1234 Fax: 1-808-886-2900 www.hiltonwaikoloavillage.com HICSS conferences are devoted to advances in the information, computer, and system sciences, and encompass developments in both theory and practice. Papers may be theoretical, conceptual, tutorial or descriptive in nature. Submissions undergo a double-blind peer referee process and those selected for presentation will be published in the Conference Proceedings. Additional detail may be found on HICSS primary web site: http://www.hicss.hawaii.edu Mirror site http://www.is.cityu.edu.hk/hicss/ SCOPE The Secure Software Architecture, Design, Implementation and Assurance minitrack focuses on the research and automation required to develop secure software systems that do not compromise other system properties such as performance or reliability. Current security engineering methods are demonstrably inadequate, as software vulnerabilities are currently being discovered at the rate of over 4,000 per year. These vulnerabilities are caused by software designs and implementations that do not adequately protect systems and by development practices that do not focus sufficiently on eliminating implementation defects that result in security flaws. An opportunity exists for systematic improvement that can lead to secure software architectures, designs, and implementations. The following topics are appropriate topics for research papers: • Static analysis tools and techniques for detecting security flaws and software vulnerabilities in source or binary code • Dynamic analysis tools for detecting security flaws and software vulnerabilities in source or binary code • Model checking tools for detecting security flaws and software vulnerabilities in software systems • Software architectures and designs for securing against denial-of-service attacks and other software exploits • Coding practices for improved security and secure library implementations • Computational security engineering • Other tools and techniques for reducing or eliminating vulnerabilities during development and maintenance CO-CHAIRS Sven Dietrich CERT [EMAIL PROTECTED] Daniel Plakosh CERT/CC [EMAIL PROTECTED] Robert C. Seacord CERT/CC [EMAIL PROTECTED] PROGRAM COMMITTEE Julia Allen SEI/CMU Hal Burch CERT/CC Brian Chess Fortify Software Bob Fleck Secure Software Michael Howard Microsoft Derek M. Jones Knowledge Software Ltd Alan Krassowski Symantec Fred Long University of Wales, Aberystwyth Tom Longstaff CERT Robert Martin MITRE Leon Moonen Delft University of Technology James W. Moore MITRE Samuel Redwine James Madison University David Riley University of Wisconsin - La Crosse John Steven Cigital Carol Woody CERT IMPORTANT DEADLINES Abstracts Authors are encouraged to contact Minitrack Chairs for guidance and indication of appropriate content. Manuscripts are not accepted based on abstracts. Full manuscripts must be submitted by June 15. June 15 Authors submit full manuscripts to the Peer Review System, following Author Instructions found on the HICSS web site (www.hicss.hawaii.edu). All manuscripts will be submitted in double column publication format and limited to 10 pages including diagrams and references. Since manuscripts will undergo a double-blind review, author names and affiliations must not be included on the original manuscript. This information will be collected later through the system. August 15 Acceptance notices are sent to Authors via the Peer Review System. September 15 Authors submit Final Version of accepted papers following submission instructions on the Peer Review System web site. At least one author of each paper must register by this date with specific plans to attend the conference to present the paper. Early Registration fee applies. (General Registration fee applies Sept 16-Dec 15.) December 1 Deadline to guarantee your hotel room reservation at conference rate. December 15 Deadline to receive conference registration refund. Late registration fee applies. SUBMISSION INSTRUCTIONS • HICSS manuscripts must contain original material not previously published, nor currently submitted elsewhere. • HICSS will conduct double-blind reviews of each submitted manuscript. • Consult the conference website (www.hicss.hawaii.edu) for the listing and description of Minitracks for HICSS-40. • Contact the Minitrack Chair(s) by email for guidance and verification of appropriate content. (Optional but strongly encouraged) • Manuscripts may not be submitted to more than one Minitrack Chair. (One will be summarily rejected.) If unsure which Minitrack is appropriate, submit abstract to the Track Chair for guidance. • Submit full manuscript according to detailed instructions found on the Peer Review System website. CONFERENCE TRACKS Collaboration Systems Co-chairs: Robert O. Briggs [EMAIL PROTECTED] Jay Nunamaker [EMAIL PROTECTED] Decision Technologies and Service Sciences Chair: Dan Dolk [EMAIL PROTECTED] Digital Media: Content and Communication Chair: Michael Shepherd [EMAIL PROTECTED] E-Government Chair: H. Jochen Scholl [EMAIL PROTECTED] Electric Power Systems Chair: Robert Thomas [EMAIL PROTECTED] Information Technology in Health Care Chair: William Chismar [EMAIL PROTECTED] Internet & the Digital Economy Co-chairs: David King [EMAIL PROTECTED] Alan Dennis [EMAIL PROTECTED] Knowledge Management Systems Co-chairs: Murray Jennex [EMAIL PROTECTED] Dave Croasdell [EMAIL PROTECTED] Organizational Systems & Technology Chair: Hugh Watson [EMAIL PROTECTED] Software Technology Co-chairs: Chair: Gul Agha [EMAIL PROTECTED] Rick Kazman [EMAIL PROTECTED] CONFERENCE ADMINISTRATION Ralph Sprague, Conference Chair [EMAIL PROTECTED] Sandra Laney, Conference Administrator [EMAIL PROTECTED] Eileen Robichaud, Track Administrator [EMAIL PROTECTED] -- Robert C. Seacord Senior Vulnerability Analyst CERT/CC Work: 412-268-7608 FAX: 412-268-6989 _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php