International Multiconference
on Computer Science and Information Technology

October 15-17, 2007, Wisla, Poland

2nd International Workshop on Secure Information Systems (SIS'07)

Wisla, Poland, October 15-17, 2007

The SIS workshop is envisioned as a forum to promote the exchange of ideas and results addressing complex security issues that arise in modern information systems. We aim at bringing together a community of security researchers and practitioners working in such divers areas as networking security, antivirus protection, intrusion detection, cryptography, security protocols, and others. We would like to promote an integrated view at the security of information systems.
As information systems evolve, becoming more complex and ubiquitous, issues relating to security, privacy and dependability become more critical. At the same time, the global and distributed character of modern computing – typically involving interconnected heterogeneous execution environments – introduces many new and challenging engineering and scientific problems. Providing protection against increasingly sophisticated attacks requires strengthening the interaction between different security communities, e.g. antivirus and networking. New technologies lead to the emergence of new threats and attack strategies, involving smart mobile devices, peer-to-peer networks, instant messaging, VoIP, mesh networks or even networked consumer devices, such as house appliances or cars. Furthermore, the increasing openness of the communications infrastructure results in novel threats and can jeopardize critical enterprise and public infrastructure, such as industrial automation and process control systems. Not only it is estimated that half of all Web applications and Internet storefronts still contain some security vulnerabilities, but secure commerce applications are also exposed to increasingly elaborate attacks, including spyware, phishing and other social engineering methods.
In order to develop a secure system, security has to be considered in all phases of the lifecycle and adequately addressed in all layers of the system. At the same time, good engineering has to take into account both scientific and economic aspects of every solution: the cost of security has to be carefully measured against its benefits – in particular the expected cost of mitigated risks. Most companies and individuals treat security measures in information system as a necessary, but often uncomfortable, overhead. The increasing penetration of computing in all domains of everyday life means that security of critical business systems is often managed and maintained by personnel who are not knowledgeable in the field. This highlights the importance of usability and ease of configuration of security mechanism and protocols.
Covered topics include (but are not limited to):

  • Access control
  • Adaptive security
  • Cryptography
  • Copyright protection
  • Cyberforensics
  • Honeypots
  • Intrusion detection
  • Network security
  • Privacy
  • Secure commerce
  • Security exploits
  • Security policies
  • Security protocols
  • Security services
  • Security evaluation and prediction
  • Software protection
  • Trusted computing
  • Threat modeling
  • Usability and security
  • Viruses and worms
  • Zero-configuration security mechanisms

Papers Submission

  • Papers will be refereed and accepted on the basis of their scientific merit and relevance to the workshop.
  • Accepted and presented papers will be included in the Conference Proceedings and published on a CD (ISSN 1896-7094)
  • Extended versions of selected papers will be published in a technical journal (to be announced).
  • Authors should submit draft papers (as Postscript, PDF of MSWord file).
  • The total length of a paper should not exceed 10 pages (LNCS style). LNCS style templates are available here.
Extended version of selected papers accepted for the SIS'2006 Workshop have been invited to be published in a Special Issue of the Journal of Information Assurance and Security.