At 8:17 AM -0800 on 11/4/99, [EMAIL PROTECTED] wrote: > Date: Fri, 22 Oct 1999 15:51:57 -0400 > From: "Jeffrey M. Voas" <[EMAIL PROTECTED]> > Subject: Call for papers, Malicious Information Technology > > Co-Authored: > > Software Assessment: Reliability, Safety, and Testability (Wiley, 1995) > http://www.rstcorp.com/books/sa > > Software Fault Injection: Inoculating Programs Against Errors > (Wiley, 1998) http://www.rstcorp.com/books/sfi > > Videos: > > Developing Software for Safety Critical Systems > (IEEE, 1998) http://www.rstcorp.com/videos/safety_critical.html > > Software Testing: Building Infrastructure, Due Dilligence, and OO > Software > (IEEE, 1999) http://www.rstcorp.com/videos/software_testing.html > > IEEE Software > Call for Articles & Reviewers > Malicious Information Technology: The Software vs. The People > Publication: Sept./Oct. 2000 > > Software was intended to improve the quality of human life by doing > tasks more quickly, reliably, and efficiently. But today, a "software > vs. people" showdown appears eminent. Software is increasingly > becoming a threat to people, organizations, and nations. For example, > the spread of the Melissa virus illustrates the ease with which > systems can be penetrated and the ubiquity of the consequences; the > Melissa virus caused many companies to shut down their EMail systems > for days or even weeks. The origin of these threats stems from a > variety of problems. One problem is negligent development practices > that lead to defective software. Security vulnerabilities that occur > as a result of negligent development practices (e.g., commercial Web > browsers allowing unauthorized individuals to access confidential > data) are likely to be discovered by rogue individuals with malicious > intentions. Other security vulnerabilities are deliberately > programmed into software (e.g., logic bombs, Trojan Horses, and Easter > eggs). Regardless of the reason why information systems are > vulnerable, the end result can be disastrous and widespread. > > Because of the increased danger that malicious software now poses, we > seek original articles on the following specific issues: > > + Intrusion detection > + Information survivability > + Federal critical infrastructure protection plans > + Federal laws prohibiting encryption exports vs. US corporations > + State-of-the-practice in security testing > + The Internet's "hacker underground" > + Corporate information insurance > + Penalties for those convicted of creating viruses > + Case studies in information security and survivability > > Submissions due: 1 April 2000 > > Guest Editors: > > Nancy Mead Jeffrey Voas > Carnie Mellon University Reliable Software Technologies > [EMAIL PROTECTED] [EMAIL PROTECTED] > > Authors: Submit one electronic copy in RTF interchange or MS-Word > format and one PostScript or PDF version to the magazine assistant at > [EMAIL PROTECTED] Articles must not exceed 5,400 words including > tables and figures, which count for 200 words each. For detailed > author guidelines, see www.computer.org/software/edguide.htm. > Reviewers: Please e-mail your contact information and areas of > interest to a guest editor. > > Jeffrey M. Voas, Co-Founder, Reliable Software Technologies, Suite 400, > 21351 Ridgetop Circle, Dulles, VA 20166 USA, [EMAIL PROTECTED], > Phone: 703.404.9293, Fax: 703.404.9295 ----------------- Robert A. Hettinga <mailto: [EMAIL PROTECTED]> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'