[Infowarrior] - FW: Call for Participation: ACM QoP 2006

Richard Forno rforno at infowarrior.org
Wed Sep 13 15:42:28 EDT 2006 

                      CALL FOR PARTICIPATION

                           QoP 2006

               2nd Workshop on Quality of Protection
                  Security Measurements and Metrics

                 URL: http://dit.unitn.it/~qop/

             To be held in conjunction with CCS-2006
  (13th ACM Conference on Computer and Communication Security)

                       October 30, 2006

                      Alexandria, VA  USA
_____________________________________________________________

GENERAL DESCRIPTION

This year's QoP'06 (Quality of Protection Workshop - Security
Measurements and Metrics) workshop continues a roadmap towards the
establishment of scientific and technical methods for the quantitative
evaluation of a variety of security services, solutions and patterns.
The objective is to provide for Security Engineering the same set of
tools and techniques that are available in empirical Software
Engineering, Communication Engineering and other sister disciplines
and that mark the shift from arts to engineering.

The workshop called for original research results and industrial
experience reports on leading edge issues in security measurements and
metrics, including models, systems, applications, and theory. QoP'06
gives to academia and industry a unique opportunity to share their
perspectives with others interested in the various aspects of security
measurements and metrics.
______________________________________________________________

The preliminary Advance Program is below.

                         ADVANCE PROGRAM

Opening
-------
Fabio Massacci (chair)
Guenter Karjoth (chair)

INVITED TALK:
-------------

- Quality of Protection: Measuring the Unmeasurable?
John McHugh

SESSION 1: Software security metrics
------------------------------------

- Measuring the Attack Surfaces of Two FTP Daemons
Pratyusa K. Manadhata, Jeannette M. Wing, Mark A. Flynn and Miles A. McQueen

- Using model-based security assessment in component-oriented system
development. A case-based evaluation
Gyrd Braendeland and Ketil Stolen

- Contracting over the Quality aspect of Security in Software Product
Markets
Jari Raman

- Towards a measuring framework for security properties of software (Short)
Riccardo Scandariato, Bart De Win and Wouter Joosen

SESSION 2: Network security metrics
-----------------------------------

- Measuring Denial of Service
Jelena Mirkovic, Peter Reiher, Sonia Fahmy, Roshan Thomas, Alefiya
Hussain, Stephen Schwab and Calvin Ko

- A Weakest-Adversary Security Metric for Network Configuration Security
Analysis
Joseph Pamula, Paul Ammann, Sushil Jajodia and Vipin Swarup

- Framework for Malware Resistance Metrics
Hanno Langweg

- Modelling the Relative Strength of Security Protocols (short)
Ho Chung and Clifford Neuman

- Vulnerability Analysis For Evaluating Quality of Protection of
Security Policies (short)
Muhammad Abedin, Syeda Nessa, Ehab Al-Shaer and Latifur Khan

PANEL SESSION:
--------------

Is risk analysis a good system security metric?
O. Sami Saydjari (moderator)
Virgil D. Gligor
Deb Bodeau
Alessandro Acquisti
Roy Maxion

_______________________________________________________________


PC CHAIRS:

Fabio Massacci - Univ. di Trento (IT)
Guenter Karjoth - IBM Research (CH)

PROGRAM COMMITTEE:

Alessandro Acquisti - Carnegie Mellon University (USA)

Guenter Bitz - SAP (DE)

Yves Deswarte - LAAS-CNRS (FR)

Dieter Gollmann - TU Hamburg-Harburg (DE)

Virgil D. Gligor - University of Maryland (USA)

Judith N. Froscher - Naval Research Laboratory (USA)

Erland Jonsson - Chalmers University of Technology (SW)

Svein Johan Knapskog - The Norwegian University of Science and Technology
(NOR)

Helmut Kurth - ATSEC (DE)

Bev Littlewood - City University, London (UK)

Volkmar Lotz - SAP (DE)

Roy Maxion - Carnegie Mellon University (USA)

David M. Nicol - University of Illinois (USA)

Mario Piattini - University of Castilla-La Mancha (SP)

Anand R. Prasad - DoCoMo Communications Laboratories Europe (DE)

Tomas Sander - HP Labs (USA)

Shrivastava Santosh - University of Newcastle upon Tyne (UK)

Ketil Stolen - SINTEF (NO) & Univ. of Oslo (NO)

Vipin Swarup - The MITRE Corporation (USA)

Nicola Zannone - University of Trento (IT)

Marvin Zelkowitz - University of Maryland (USA)

___________________________________________________

REGISTRATION

Online registration is available on the CCS-2006 web page
(online registration for QoP Workshop will be added soon):
http://www.acm.org/sigs/sigsac/ccs/CCS2006/

More information about the Infowarrior mailing list