[Tccc] IEEE SafeConfig Symposium (Abstract registration in 3 days)
Xie, Geoffrey (Geoff) (CIV)
xieatnps.edu
Sat Aug 11 18:02:19 EDT 2012
SafeConfig 2012
-- IEEE 5th Symposium on Configuration Analytics & Automation
Octobers 3-4, 2012
Baltimore, Maryland, USA
http://www.safeconfig.org
CALL FOR PAPERS
Configuration is a key component that determines the security, performance and
reliability of networked systems and services. A typical enterprise network
contains thousands of network and security appliances such as firewalls, IPSec
gateways, IDS/IPS, authentication servers, proxies, load balancers, QoS
routers, virtual overlays, mobility managers, etc. and all these devices must
be configured uniformly considering their functional and logical
inter-dependency in order to enforce global policies and requirements. ISP
operators face a similar challenge in their configuration of routing policy. As
the current technology moves toward smart cyber infrastructure and open
configurable platforms (e.g., OpenFlow and virtual cloud computing), the need
for configuration analytics and automation significantly increases. Automated
and provable synthesis, refinement, validation and tuning of configurations
parameters such as policy rules, variables or interfaces are required for
supporting assurable, secure and sustainable networked services.
Configuration complexity places a heavy burden on both regular users and
experienced administrators and dramatically reduces overall network
assurability and usability. For example, a December 2008 report from the Center
for Strategic and International Studies, Securing Cyberspace for the 44th
Presidency, states that inappropriate or incorrect security configurations
were responsible for 80% of Air Force vulnerabilities and a May 2008 report
from Juniper Networks, Inc., What is Behind Network Downtime? states that
human factors [are] responsible for 50 to 80 percent of network device
outages.
This symposium offers a unique opportunity by bringing together researchers
form academia, industry as well as government agencies to discuss these
challenges, exchange experiences, and propose joint plans for promoting
research and development in this area. The two-day program will include invited
talks, technical presentation of peer-reviewed papers, poster/demo sessions,
and joint panels on research collaboration, funding and technology transfer
opportunities. Specifically, we solicit the submission of original unpublished
ideas in 8-page long papers, 4-page short papers, 2-pages posters and demos on
one of the following or related domains/topics. Selected accepted papers will
be invited for submission as book chapters. Anonymous submissions are allowed.
TOPICS INCLUDE BUT ARE NOT LIMITED TO:
Application-specific Configuration Analysis:
Enterprise Networking for Clouds and Data Centers.
Cyber-Physical Systems and Intelligent Infrastructure (e.g., Smart Grid,
remote medical systems, transportation, building etc)
Mission-critical Networking (sensor-actuator, and ad hoc networks)
Overlay and Virtual and Mobile Systems
Server, VM, storage network and database configuration management
Science of Configuration:
Abstract models and languages for configuration specification
Formal semantics of security policies
Configuration composition and integration
Autonomic and self-configuration (auto-tune and auto-defense)
Integration of sensor information and policy configuration
Theory of defense-of-depth
Configuration for sustainability
Configuration as a game
Configuration synthesis, remediation and planning
Smart Configuration
Configuration accountability
Configuration provenance
Declarative and virtual configuration
Analytics:
Techniques: formal methods, statistical, interactive visualization,
reasoning, etc
Methodology: multi-level, multi-abstraction, hierarchical etc.
Integrated Analytics for security, reliability and QoS assurance.
Analytics under uncertainty
Security analytics using heterogeneous sensors
Automated verification of system configuration and integration
Configuration Metrics
Integrated network and host configuration
Configuration testing, forensics, debugging and evaluation
Analytics of cyber attacks and terrorism
Misconfiguration (forensics) root cause analysis
Tools and case studies
DNS, DNS-SEC, inter, intra-domain and QoS routers configuration management
Wireless, sensor and MANET configuration management
RBAC configuration management
Automation and Optimization:
Configuration refinement and enforcement
Health-inspired and 0-configuraiton
Risk-aware and Context-aware adaptation
Machine-based configuration synthesis and enforcement
Moving target defense and polymorphic networks
Configuration Economics: balancing goals and constraints
Continuous monitoring
Usability issues in security management
Automated signature and patch management
Automated alarm management
Configuration management in name resolution, inter-domain routing, and
virtualized environments
Survivable complex adaptive system
Open Interfaces, Standardization and Management:
SCAP-based solutions (Security Content Automation Protocol)
Configuration sharing (for cloud, agencies, companies)
Configuration provenance Usability: human factors and cognitive science
Abstraction and frameworks: evolutionary and clean slate approaches
Protecting the privacy and integrity of security configuration
Configuration Management case studies or user studies
SUBMISSION GUIDELINES:
EDAS Paper/Abstract submission link for SafeConfig 2012 is:
http://www.edas.info/newPaper.php?c=12925
If you are new to EDAS, please visit this page:
http://edas.info/doc/authors.html
Papers must present original work and must be written in English. We require
that the authors use the IEEE format for papers, using one of the IEEE
Proceeding Templates. We solicit two types of papers, regular papers and
position papers. The length of the regular papers in the proceedings format
should not exceed 8 US letter pages, excluding well-marked appendices.
Committee members are not required to read the appendices, so papers must be
intelligible without them. Short papers may not exceed 4 pages. All papers are
to be submitted electronically as a single PDF file. Authors of accepted papers
must guarantee that their papers will be presented at the conference.
IMPORTANT DATES:
Abstract Registration: August 15, 2012
Submission: August 20, 2012
Review Notification: September 10, 2012
Camera Ready: September 20, 2012
Conference Dates: October 3-4, 2012
ORGANIZING COMMITTEE
General Chairs:
John Banghart (NIST)
Ehab Al-Shaer (UNC Charlotte)
Program Chairs:
Geoffrey Xie (Naval Postgraduate School)
Simon Ou (Kansas State Univ.)
_______________________________________________
IEEE Communications Society Tech. Committee on Computer Communications
(TCCC) - for discussions on computer networking and communication.
Tccc at lists.cs.columbia.edu
https://lists.cs.columbia.edu/cucslists/listinfo/tccc
More information about the TCCC
mailing list