Pages: pp. 80-82
Some security practitioners believe that the only way to know how to protect a system against attack is to know how attacks really work. Such practitioners advocate teaching about attacks when building security expertise, carrying out attacks as part of testing, and thinking and writing creatively about attacks. Others feel that discussing, publishing, and teaching attacks is irresponsible.
The July/August special issue of IEEE Security and Privacy is devoted to the idea of attacking systems in order to better understand how to defend against them. Suitable topics include exploiting software; using worms, viruses, and malicious code as attack vectors; attacking modern extensible systems such as Java and .NET; and ethical hacking, red-teaming, and penetration testing.
Submissions are due 4 April. The complete call is available at www.computer.org/security/cfp.htm.
Conventional wisdom holds that security and usability are two antagonistic goals in system design. A classic example is passwords: systems without passwords are thought to be usable, but not very secure, while systems with long passwords that must be frequently changed are thought to be secure, but not very usable.
An alternative view holds that the expanded use of computers by the general public has turned the traditional tradeoff of security-for-usability on its head: Unless designers create systems that are both secure and usable, they will build systems that are neither. Systems that are secure but not usable may fail to gain market acceptance, while systems that are usable but not secure may be hacked and rendered useless.
The September/October issue of IEEE Security and Privacy will be devoted to security and usability. Suitable topics include techniques for increasing security and usability, metrics for quantifying user interfaces, user studies involving security and security-related topics, and visualization tools for security and privacy.
Submissions are due 3 May. The complete call is available at www.computer.org/security/cfp.htm.
The Call and Calendar section lists conferences, symposia, and workshops that the IEEE Computer Society sponsors or cooperates in presenting. Complete instructions for submitting conference or call listings are available at www.computer.org/conferences/submission.htm.
A more complete listing of upcoming computer-related conferences is available at www.computer.org/conferences/.
Computer seeks articles for a special issue on Internet data centers, to appear in November 2004. Guest editors are Krishna Kant from Intel and Prasant Mohapatra from the University of California, Davis.
Internet data centers form the backbone of most Internet-based services, including e-commerce, IP-based telecom services, hosting services, and the like. As the reach of the Internet widens and more business-critical services are offered, the demands on IDCs grow along multiple dimensions, including responsiveness, service differentiation, security, and availability. Many other forces are likely to affect how the data centers of the future are designed, provisioned, and operated.
Computer's special issue will focus on research issues in identifying and implementing new strategies for optimizing IDCs: application services, protocol enhancements, performance evaluations, provisions for adequate security, protection and isolation, and ensuring an adequate quality of service. Computer invites high-quality papers from academia and industry that highlight various problems and solutions and provide a vision for future work in this area.
Topics of particular interest include system architecture and converged data centers; symmetric multiprocessors versus clustered systems; scalability, reliability, and fault tolerance; performance evaluation and workload characterization; operations, control, and autonomic management; power management issues; exploitation of new hardware/software technologies; and issues of security, protection, and isolation.
Send inquiries to the guest editors at email@example.com and firstname.lastname@example.org.
ISWC 2004, the eighth annual IEEE International Symposium on Wearable Computers, will feature a student wearable computing design contest. Teams will select a problem from a predetermined list, then design and present a solution or prototype in a poster session at the symposium in November.
A committee of researchers and industry experts from the wearable computing community has solicited real-world problems from business, government, and industry. The contest goal is to increase industry involvement in the development and application of wearable computers. Winning teams will receive a trophy and a certificate for individual members. Other prizes may be added as the contest date approaches.
ISWC 2004 brings together researchers, product vendors, fashion designers, textile manufacturers, and others interested in wearable computing. Visit the ISWC 2004 Web site at www.cc.gatech.edu/ccg/iswc04/ for more information on the symposium and the student design contest. ISWC 2004 takes place from 31 October through 3 November in Washington, D.C.