2nd
International Workshop on Secure Information Systems
(SIS'07)
Wisla,
Poland, October 15-17, 2007
The
SIS workshop is envisioned as a forum to promote
the exchange of ideas and results addressing
complex security issues that arise in modern
information systems. We aim at bringing together
a community of security researchers and
practitioners working in such divers areas as
networking security, antivirus protection, intrusion
detection, cryptography, security protocols, and
others. We would like to promote an integrated view
at the security of information systems.
As
information systems evolve, becoming more complex and
ubiquitous, issues relating to security, privacy and
dependability become more critical. At the same
time, the global and distributed character
of modern computing – typically
involving interconnected heterogeneous execution
environments – introduces many new and
challenging engineering and scientific problems.
Providing protection against increasingly sophisticated
attacks requires strengthening the interaction between
different security communities, e.g. antivirus and
networking. New technologies lead to the emergence
of new threats and attack strategies, involving
smart mobile devices, peer-to-peer networks, instant
messaging, VoIP, mesh networks or even networked
consumer devices, such as house appliances or cars.
Furthermore, the increasing openness of the
communications infrastructure results in novel
threats and can jeopardize critical enterprise and
public infrastructure, such as industrial automation and
process control systems. Not only it is estimated that
half of all Web applications and Internet
storefronts still contain some security vulnerabilities,
but secure commerce applications are also exposed to
increasingly elaborate attacks, including spyware,
phishing and other social engineering methods.
In
order to develop a secure system, security has to
be considered in all phases of the lifecycle
and adequately addressed in all layers of the
system. At the same time, good engineering has to
take into account both scientific and economic aspects
of every solution: the cost of security has to
be carefully measured against its benefits
– in particular the expected cost
of mitigated risks. Most companies and individuals
treat security measures in information system as
a necessary, but often uncomfortable, overhead. The
increasing penetration of computing in all
domains of everyday life means that security
of critical business systems is often managed and
maintained by personnel who are not knowledgeable
in the field. This highlights the importance
of usability and ease of configuration
of security mechanism and protocols.
Covered topics include (but are not
limited to):
Papers Submission
- Papers
will be refereed and accepted on the basis of their
scientific merit and relevance to the workshop.
- Accepted
and presented papers
will be included in the Conference Proceedings and
published on a CD (ISSN 1896-7094).
- Extended
versions of selected papers will be published in a
technical journal (to be announced).
- Authors
should submit draft papers (as Postscript, PDF of
MSWord file).
- The
total length of a paper should not exceed 10 pages
(LNCS style). LNCS style templates are available
here.
Extended
version of selected papers accepted for the SIS'2006 Workshop have been
invited to be published in a Special Issue of the
Journal
of Information Assurance and Security.