Share Your Research, Maximize Your Social Impacts
Main Menu
Searching By
PARTNERS
SafeConfig 2011 - SafeConfig 2011: 4th Symposium on Configuration Analytics and Automation
Topics/Call fo Papers
SafeConfig 2011: 4th Symposium on Configuration Analytics and Automation
Arlington, VA, USA
October 31 - November 1, 2011
www.safeconfig.org/2011
Sponsors: NIST (Technical Co-Sponsorship from IEEE and ACM is pending)
Important Dates:
Abstract Registration: August 29, 2011
Submission: Deadline. September 19, 2011
Camera Ready: October 17, 2011
Conference Dates: October 31 - November 1, 2011
Configuration is a key component that determines the security, performance
and reliability of networked systems and services. A typical enterprise
network contains thousands of network and security appliances such as
firewalls, IPSec gateways, IDS/IPS, authentication servers, authorization,
proxies, load balancer, QoS routers, virtual overlays, mobility managers
etc, that must be configured uniformly considering their functional and
logical inter-dependency in order to enforce global polices and
requirements. As the current technology moves toward "smart" cyber
infrastructure and open configurable platforms (e.g., OpenFlow and virtual
cloud computing), the need for configuration analytics and automation
significantly increases. The automated and provable synthesis, refinement,
validation and tuning of configurations parameters such as polices, rules,
variables or interfaces are required for supporting assurable, secure and
sustainable networked services.
Configuration complexity places a heavy burden on both regular users and
experienced administrators and dramatically reduces overall network
assurability and usability. For example, a December 2008 report from Center
for Strategic and International Studies "Securing Cyberspace for the 44th
Presidency" states that "inappropriate or incorrect security configurations
were responsible for 80% of Air Force vulnerabilities" and a May 2008 report
from Juniper Networks "What is Behind Network Downtime?" states that "human
factors [are] responsible for 50 to 80 percent of network device outages".
This symposium offers a unique opportunity by bringing together researchers
form academic, industry as well as government agencies to discuss these
challenges, exchange experiences, and propose joint plans for promoting
research and development in this area. SafeConfig Symposium program will
include invited talks, technical presentation of peer-reviewed papers,
poster/demo sessions, and joint panels on research collaboration, funding
and technology transfer opportunities. SafeConfig Symposium solicit the
submission of original unpublished ideas in 8-page long papers, 4-page short
papers, 2-pages posters and demos on one of the following or related
domains/topics. Selected accepted papers will be invited for submission as
book chapters.
Topics (but are not limited to)
Application-specific Configuration Analysis: . Enterprise Networking for
Clouds and Data Centers. . Cyber-Physical Systems and Intelligent
Infrastructure (e.g., Smart Grid, remote medical systems, transportation,
building etc) . Mission-critical Networking (sensor-actuator, and ad hoc
networks) . Overly and Virtual and Mobile Systems
Science of Configuration: . Abstract models and languages for configuration
specification . Formal semantics of security policies . Configuration
composition and integration . Autonomic and self-configuration (auto-tune
and auto-defense) . Integration of sensor information and policy
configuration . Theory of defense-of-depth . Configuration for
sustainability . Configuration as a game . Configuration synthesis,
remediation and planning . Smart Configuration . Configuration
accountability . Configuration provenance . Declarative and virtual
configuration
Analytics: . Techniques: formal methods, statistical, interactive
visualization, reasoning, etc . Methodology: multi-level, multi-abstraction,
hierarchical etc. . Integrated Analytics for security, reliability and QoS
assurance. . Analytics under uncertainty . Security analytics using
heterogeneous sensors . Automated verification of system configuration and
integration . Configuration Metrics . Integrated network and host
configuration . Configuration testing, forensics, debugging and evaluation .
Analytics of cyber attacks and terrorism . Misconfiguration (forensics) root
cause analysis . Tools and case studies . DNS, DNS-SEC, inter, intra-domain
and QoS routers configuration management . Wireless, sensor and MANET
configuration management . Servers, VMs, storage network and database
configuration management . RBAC configuration management
Automation and Optimization: . Configuration refinement and enforcement .
Health-inspired and 0-configuraiton . Risk-aware and Context-aware
adaptation . Machine-based configuration synthesis and enforcement . Moving
target defense and polymorphic networks . Configuration Economics: balancing
goals and constraints . Continuous monitoring . Usability issues in security
management . Automated signature and patch management . Automated alarm
management . Configuration management in name resolution, inter-domain
routing, and virtualized environments . Survivable complex adaptive system
Open Interfaces, standardization and management: . SCAP-based solutions
(Security Content Automation Protocol) . Configuration sharing (for cloud,
agencies, companies) . Configuration provenance . Usability: human factors
and cognitive science . Abstraction and frameworks: evolutionary and clean
slate approaches . Protecting the privacy and integrity of security
configuration . Configuration Management case studies or user studies
Submission Guidelines
Papers must present original work and must be written in English. We require
that the authors use the IEEE format for papers, using one of the IEEE
Proceeding Templates. We solicit two types of papers, regular papers and
position papers. The length of the regular papers in the proceedings format
should not exceed 8 US letter pages, excluding well-marked appendices.
Committee members are not required to read the appendices, so papers must be
intelligible without them. Short papers may not exceed 4 pages. Papers are
to be submitted electronically as a single PDF file at www.edas.info.
Authors of accepted papers must guarantee that their papers will be
presented at the conference.
TPC Co-Chairs:
Ehab Al-Shaer, UNC Charlotte
Tony Sager, National Security Agency
Harigovind V Ramasamy, IBM Research
General Chair:
John Banghart, National Institute of Standards and Technology (NIST)
Steering Committee:
Ehab Al-Shaer, UNC Charlotte
Krishna Kant, Intel / NSF
Sanjai Narain, Telcordia
Ehab Al-Shaer, PhD |
Professor and Director of Cyber Defense and Network Assurability (CyberDNA)
Research Center
UNC Charlotte | Dept. of Software and Information Systesm (Woodward
Building)
9201 University City Blvd. | Charlotte, NC 28223
Phone: 704-687-8663 | Fax: 704-687-6065
Arlington, VA, USA
October 31 - November 1, 2011
www.safeconfig.org/2011
Sponsors: NIST (Technical Co-Sponsorship from IEEE and ACM is pending)
Important Dates:
Abstract Registration: August 29, 2011
Submission: Deadline. September 19, 2011
Camera Ready: October 17, 2011
Conference Dates: October 31 - November 1, 2011
Configuration is a key component that determines the security, performance
and reliability of networked systems and services. A typical enterprise
network contains thousands of network and security appliances such as
firewalls, IPSec gateways, IDS/IPS, authentication servers, authorization,
proxies, load balancer, QoS routers, virtual overlays, mobility managers
etc, that must be configured uniformly considering their functional and
logical inter-dependency in order to enforce global polices and
requirements. As the current technology moves toward "smart" cyber
infrastructure and open configurable platforms (e.g., OpenFlow and virtual
cloud computing), the need for configuration analytics and automation
significantly increases. The automated and provable synthesis, refinement,
validation and tuning of configurations parameters such as polices, rules,
variables or interfaces are required for supporting assurable, secure and
sustainable networked services.
Configuration complexity places a heavy burden on both regular users and
experienced administrators and dramatically reduces overall network
assurability and usability. For example, a December 2008 report from Center
for Strategic and International Studies "Securing Cyberspace for the 44th
Presidency" states that "inappropriate or incorrect security configurations
were responsible for 80% of Air Force vulnerabilities" and a May 2008 report
from Juniper Networks "What is Behind Network Downtime?" states that "human
factors [are] responsible for 50 to 80 percent of network device outages".
This symposium offers a unique opportunity by bringing together researchers
form academic, industry as well as government agencies to discuss these
challenges, exchange experiences, and propose joint plans for promoting
research and development in this area. SafeConfig Symposium program will
include invited talks, technical presentation of peer-reviewed papers,
poster/demo sessions, and joint panels on research collaboration, funding
and technology transfer opportunities. SafeConfig Symposium solicit the
submission of original unpublished ideas in 8-page long papers, 4-page short
papers, 2-pages posters and demos on one of the following or related
domains/topics. Selected accepted papers will be invited for submission as
book chapters.
Topics (but are not limited to)
Application-specific Configuration Analysis: . Enterprise Networking for
Clouds and Data Centers. . Cyber-Physical Systems and Intelligent
Infrastructure (e.g., Smart Grid, remote medical systems, transportation,
building etc) . Mission-critical Networking (sensor-actuator, and ad hoc
networks) . Overly and Virtual and Mobile Systems
Science of Configuration: . Abstract models and languages for configuration
specification . Formal semantics of security policies . Configuration
composition and integration . Autonomic and self-configuration (auto-tune
and auto-defense) . Integration of sensor information and policy
configuration . Theory of defense-of-depth . Configuration for
sustainability . Configuration as a game . Configuration synthesis,
remediation and planning . Smart Configuration . Configuration
accountability . Configuration provenance . Declarative and virtual
configuration
Analytics: . Techniques: formal methods, statistical, interactive
visualization, reasoning, etc . Methodology: multi-level, multi-abstraction,
hierarchical etc. . Integrated Analytics for security, reliability and QoS
assurance. . Analytics under uncertainty . Security analytics using
heterogeneous sensors . Automated verification of system configuration and
integration . Configuration Metrics . Integrated network and host
configuration . Configuration testing, forensics, debugging and evaluation .
Analytics of cyber attacks and terrorism . Misconfiguration (forensics) root
cause analysis . Tools and case studies . DNS, DNS-SEC, inter, intra-domain
and QoS routers configuration management . Wireless, sensor and MANET
configuration management . Servers, VMs, storage network and database
configuration management . RBAC configuration management
Automation and Optimization: . Configuration refinement and enforcement .
Health-inspired and 0-configuraiton . Risk-aware and Context-aware
adaptation . Machine-based configuration synthesis and enforcement . Moving
target defense and polymorphic networks . Configuration Economics: balancing
goals and constraints . Continuous monitoring . Usability issues in security
management . Automated signature and patch management . Automated alarm
management . Configuration management in name resolution, inter-domain
routing, and virtualized environments . Survivable complex adaptive system
Open Interfaces, standardization and management: . SCAP-based solutions
(Security Content Automation Protocol) . Configuration sharing (for cloud,
agencies, companies) . Configuration provenance . Usability: human factors
and cognitive science . Abstraction and frameworks: evolutionary and clean
slate approaches . Protecting the privacy and integrity of security
configuration . Configuration Management case studies or user studies
Submission Guidelines
Papers must present original work and must be written in English. We require
that the authors use the IEEE format for papers, using one of the IEEE
Proceeding Templates. We solicit two types of papers, regular papers and
position papers. The length of the regular papers in the proceedings format
should not exceed 8 US letter pages, excluding well-marked appendices.
Committee members are not required to read the appendices, so papers must be
intelligible without them. Short papers may not exceed 4 pages. Papers are
to be submitted electronically as a single PDF file at www.edas.info.
Authors of accepted papers must guarantee that their papers will be
presented at the conference.
TPC Co-Chairs:
Ehab Al-Shaer, UNC Charlotte
Tony Sager, National Security Agency
Harigovind V Ramasamy, IBM Research
General Chair:
John Banghart, National Institute of Standards and Technology (NIST)
Steering Committee:
Ehab Al-Shaer, UNC Charlotte
Krishna Kant, Intel / NSF
Sanjai Narain, Telcordia
Ehab Al-Shaer, PhD |
Professor and Director of Cyber Defense and Network Assurability (CyberDNA)
Research Center
UNC Charlotte | Dept. of Software and Information Systesm (Woodward
Building)
9201 University City Blvd. | Charlotte, NC 28223
Phone: 704-687-8663 | Fax: 704-687-6065
Other CFPs
Last modified: 2011-09-07 06:38:38