4th International Workshop on Secure Information Systems

4th International Workshop on Secure Information Systems - SIS 2009
Warsaw, Poland, 18th September, 2009
co-located with
25th National Symposium of Telecommunications and Computer Networks
[workshop is cancelled]

SIS website: http://secgroup.pl/sis2009

Call for papers

The SIS workshop is envisioned as a forum to promote the exchange of ideas and results addressing complex security issues that arise in modern information systems. We aim at bringing together a community of security researchers and practitioners working in such divers areas as networking security, antivirus protection, intrusion detection, cryptography, security protocols, and others.

We would like to promote an integrated view at the security of information systems. As information systems evolve, becoming more complex and ubiquitous, issues relating to security, privacy and dependability become more critical. At the same time, the global and distributed character of modern computing - typically involving interconnected heterogeneous execution environments - introduces many new and challenging engineering and scientific problems. Providing protection against increasingly sophisticated attacks requires strengthening the interaction between different security communities, e.g. antivirus and networking.

New technologies lead to the emergence of new threats and attack strategies, involving smart mobile devices, peer-to-peer networks, instant messaging, VoIP, mesh networks or even networked consumer devices, such as house appliances or cars. Furthermore, the increasing openness of the communications infrastructure results in novel threats and can jeopardize critical enterprise and public infrastructure, such as industrial automation and process control systems. Not only it is estimated that half of all Web applications and Internet storefronts still contain some security vulnerabilities, but secure commerce applications are also exposed to increasingly elaborate attacks, including spyware, phishing and other social engineering methods. In order to develop a secure system, security has to be considered in all phases of the lifecycle and adequately addressed in all layers of the system. At the same time, good engineering has to take into account both scientific and economic aspects of every solution: the cost of security has to be carefully measured against its benefits - in particular the expected cost of mitigated risks.

Most companies and individuals treat security measures in information system as a necessary, but often uncomfortable, overhead. The increasing penetration of computing in all domains of everyday life means that security of critical business systems is often managed and maintained by personnel who are not knowledgeable in the field. This highlights the importance of usability and ease of configuration of security mechanism and protocols.

Access control
Adaptive security
Cryptography
Copyright protection
Cyberforensics
Honeypots
Information hiding
Intrusion detection
Network security
Privacy
Secure commerce
Security exploits
Security policies
Security protocols
Security services
Security evaluation and prediction
Software protection
Trusted computing
Threat modeling
Usability and security
Viruses and worms
Zero-configuration security mechanisms

Chairs

Krzysztof Szczypiorski, Warsaw University of Technology, Poland
Konrad Wrona, NATO C3 Agency, Netherlands
Wojciech Mazurczyk, Warsaw University of Technology, Poland

Authors are invited to prepare papers of no more than ten (10) pages in style presented on: http://www.kstit.pl/uploads/file/Format_referatu.pdf including results, figures, and references.

Submission page: http://www.easychair.org/conferences/?conf=sis2009

The papers will be published on CD available at the workshop. The extended versions of high-quality papers selected from the workshop will be published in a special issue of Telecommunication Systems: Modelling, Analysis, Design and Management by Springer-Verlag GmbH (indexed by ISI Master Journal List).