[Tccc] IEEE SafeConfig Symposium (Abstract registration in 3 days)

Xie, Geoffrey (Geoff) (CIV) xieatnps.edu
Sat Aug 11 18:02:19 EDT 2012



 
SafeConfig 2012
 -- IEEE 5th Symposium on Configuration Analytics & Automation  

Octobers 3-4, 2012

Baltimore, Maryland, USA

http://www.safeconfig.org


CALL FOR PAPERS

Configuration is a key component that determines the security, performance and 
reliability of networked systems and services. A typical enterprise network 
contains thousands of network and security appliances such as firewalls, IPSec 
gateways, IDS/IPS, authentication servers, proxies, load balancers, QoS 
routers, virtual overlays, mobility managers, etc. and all these devices must 
be configured uniformly considering their functional and logical 
inter-dependency in order to enforce global policies and requirements. ISP 
operators face a similar challenge in their configuration of routing policy. As 
the current technology moves toward smart cyber infrastructure and open 
configurable platforms (e.g., OpenFlow and virtual cloud computing), the need 
for configuration analytics and automation significantly increases. Automated 
and provable synthesis, refinement, validation and tuning of configurations 
parameters such as policy rules, variables or interfaces are required for 
supporting assurable, secure and sustainable networked services.

Configuration complexity places a heavy burden on both regular users and 
experienced administrators and dramatically reduces overall network 
assurability and usability. For example, a December 2008 report from the Center 
for Strategic and International Studies, Securing Cyberspace for the 44th 
Presidency, states that inappropriate or incorrect security configurations 
were responsible for 80% of Air Force vulnerabilities and a May 2008 report 
from Juniper Networks, Inc., What is Behind Network Downtime? states that 
human factors [are] responsible for 50 to 80 percent of network device 
outages.
This symposium offers a unique opportunity by bringing together researchers 
form academia, industry as well as government agencies to discuss these 
challenges, exchange experiences, and propose joint plans for promoting 
research and development in this area. The two-day program will include invited 
talks, technical presentation of peer-reviewed papers, poster/demo sessions, 
and joint panels on research collaboration, funding and technology transfer 
opportunities. Specifically, we solicit the submission of original unpublished 
ideas in 8-page long papers, 4-page short papers, 2-pages posters and demos on 
one of the following or related domains/topics. Selected accepted papers will 
be invited for submission as book chapters. Anonymous submissions are allowed.

TOPICS INCLUDE BUT ARE NOT LIMITED TO:

Application-specific Configuration Analysis:
 Enterprise Networking for Clouds and Data Centers.
 Cyber-Physical Systems and Intelligent Infrastructure (e.g., Smart Grid, 
remote medical systems, transportation, building etc)
 Mission-critical Networking (sensor-actuator, and ad hoc networks)
 Overlay and Virtual and Mobile Systems
 Server, VM, storage network and database configuration management

Science of Configuration:
 Abstract models and languages for configuration specification
 Formal semantics of security policies
 Configuration composition and integration 
 Autonomic and self-configuration (auto-tune and auto-defense)
 Integration of sensor information and policy configuration
 Theory of defense-of-depth 
 Configuration for sustainability
 Configuration as a game
 Configuration synthesis, remediation and planning 
 Smart Configuration
 Configuration accountability
 Configuration provenance
 Declarative and virtual configuration

Analytics:
 Techniques: formal methods, statistical, interactive visualization, 
reasoning, etc 
 Methodology: multi-level, multi-abstraction, hierarchical etc.
 Integrated Analytics for security, reliability and QoS assurance.
 Analytics under uncertainty
 Security analytics using heterogeneous sensors
 Automated verification of system configuration and integration
 Configuration Metrics
 Integrated network and host configuration
 Configuration testing, forensics, debugging and evaluation
 Analytics of cyber attacks and terrorism
 Misconfiguration (forensics) root cause analysis
 Tools and case studies
 DNS, DNS-SEC, inter, intra-domain and QoS routers configuration management 
 Wireless, sensor and MANET configuration management
 RBAC configuration management

Automation and Optimization:
 Configuration refinement and enforcement
 Health-inspired and 0-configuraiton
 Risk-aware and Context-aware adaptation
 Machine-based configuration synthesis and enforcement
 Moving target defense and polymorphic networks
 Configuration Economics: balancing goals and constraints
 Continuous monitoring
 Usability issues in security management
 Automated signature and patch management
 Automated alarm management
 Configuration management in name resolution, inter-domain routing, and 
virtualized environments
 Survivable complex adaptive system

Open Interfaces, Standardization and Management:
 SCAP-based solutions (Security Content Automation Protocol)
 Configuration sharing (for cloud, agencies, companies)
 Configuration provenance Usability: human factors and cognitive science
 Abstraction and frameworks: evolutionary and clean slate approaches
 Protecting the privacy and integrity of security configuration
 Configuration Management case studies or user studies


SUBMISSION GUIDELINES:

 EDAS Paper/Abstract submission link for SafeConfig 2012 is:
  http://www.edas.info/newPaper.php?c=12925

 If you are new to EDAS, please visit this page:
  http://edas.info/doc/authors.html

Papers must present original work and must be written in English. We require 
that the authors use the IEEE format for papers, using one of the IEEE 
Proceeding Templates. We solicit two types of papers, regular papers and 
position papers. The length of the regular papers in the proceedings format 
should not exceed 8 US letter pages, excluding well-marked appendices. 
Committee members are not required to read the appendices, so papers must be 
intelligible without them. Short papers may not exceed 4 pages. All papers are 
to be submitted electronically as a single PDF file. Authors of accepted papers 
must guarantee that their papers will be presented at the conference.

IMPORTANT DATES:

Abstract Registration: August 15, 2012
Submission: August 20, 2012

Review Notification: September 10, 2012
Camera Ready: September 20, 2012
Conference Dates: October 3-4, 2012

ORGANIZING COMMITTEE

General Chairs:
    John Banghart (NIST)
    Ehab Al-Shaer (UNC Charlotte)

Program Chairs:
    Geoffrey Xie (Naval Postgraduate School)
    Simon Ou (Kansas State Univ.)

_______________________________________________
IEEE Communications Society Tech. Committee on Computer Communications
(TCCC) - for discussions on computer networking and communication.
Tccc at lists.cs.columbia.edu
https://lists.cs.columbia.edu/cucslists/listinfo/tccc 




More information about the TCCC mailing list