Next Page >>
database as a service
The DeepSec 2010 focuses heavily on mobile security. Any gadget that you
carry with you or that is used by roadwarriors comes under scrutiny.
This includes networked resources intended for the mobile audience and
modern nomads as well. On top of that we like to hear about the security
of next generation infrastructure - IPv6, cloud computing and services,
virtualization technologies, in short everything that should keep us
online and connected for the next decades. We want to get a glimpse into
the future based on the problems of today.
Please do not submit specific single exploits (which might be fixed by
The DeepSec 2010 focuses heavily on mobile security. Any gadget that you
carry with you or that is used by roadwarriors comes under scrutiny.
This includes networked resources intended for the mobile audience and
modern nomads as well. On top of that we like to hear about the security
of next generation infrastructure - IPv6, cloud computing and services,
virtualization technologies, in short everything that should keep us
online and connected for the next decades. We want to get a glimpse into
the future based on the problems of today.
Please do not submit specific single exploits (which might be fixed by
*2. **Virtualization*
* *
*3. **Cloud Computing*
* *
*4. **Browsers*
into major headaches for computer systems, networks and users alike.
Send us stories about single bits that can change our destiny. Failing that
we welcome less sneaky approaches, too.
- AJAX/Web2.0/JavaScript Security
- Cloud Computing
- Code Analysis
- Cryptographical Weaknesses
- Digital Espionage
- Digital Forensics
- eVoting
Call for Papers
Introduction
There is a change in the information systems development paradigm. The emergence of Web 2.0 technologies led to the extensive deployment and use of web-based applications and web services as a way to developed new and flexible information systems. Such systems are easy to develop, deploy and maintain and demonstrate impressive features for users, resulting in their current wide use.
As a result of this paradigm shift, the security requirements have also changed. These web-based information systems have different security requirements, when compared to traditional systems. Important security issues have been found and privacy concerns have also been raised recently. In addition, the emerging Cloud Computing paradigm promises even greater flexibility; however corresponding security and privacy issues still need to be examined. The security environment should involve not only the surrounding environment but also the application core.
This conference aims to bring together application security experts, researchers, educators and practitioners from the industry, academia and international communities such as OWASP, in order to discuss open problems and new solutions in application security. In the context of this track academic researchers will be able to combine interesting results with the experience of practitioners and software engineers.
Conference Topics
Suggested topics for papers submission include (but are not limited to):
• Secure application development
*2. **Virtualization*
* *
*3. **Cloud Computing*
* *
*4. **Browsers*
Date: October 13th - Conf Day 1
* Keynote 1: Chris Wysopal (CTO/Co-Founder, Veracode)
* Keynote 2: Paul Vixie (President, ISC)
Date: October 14th - Conf Day 2
* Special Keynote Panel Discussion - "The Future of Mobile Malware & Cloud Computing"
* Keynote Panelist 1: Mikko Hypponen (F-Secure)
* Keynote Panelist 2: Paul Ducklin (Sophos)
* Keynote Panelist 3: Andrey Nishikin (Kaspersky Lab)
* Keynote Panelist 4: Dr. Jose Nazario (Arbor Networks)
Stephan Chenette - Ultimate Script Deobfuscation: Browser Hooking versus simulation
Luiz "effffn" Eduardo - a 30,000 feet look at wi-fi, the freezing spot
Adam Cecchetti - Nunchaku: Attack, Defense, and a lot of arm flailing
Dan Griffin - Hacking SharePoint
Zane Lackey & Luis Miras - Mobile Phone Messaging Anti-Forensics
Dan Hubbard - P0wn the Cloud. The good, the bad, and the pugly of Cloud Computing
Tom Stracener - Advanced Cross-Site Scripting Scenarios, Filter Evasion and Browser Exploits
Thomas Ristenpart - Privacy-preserving Location Tracking of Lost or Stolen Devices: Cryptographic Techniques and Replacing Trusted Third Parties with DHTs
Dean Pierce - Seeds of Contempt
Zax - How did that Nigerian do that?! Artificial Intelligence and You
Send us stories about single bits that can change our destiny.
Failing that we welcome less sneaky approaches, too.
- AJAX/Web2.0/JavaScript Security
- Cloud Computing
- Code Analysis
- Cryptographical Weaknesses
- Digital Espionage
- Digital Forensics
- eVoting
Networks
Securing Windows/Linux Systems
Databases
Storage
Secure Programming/Development
Cloud Computing
Virtualization
Malware Analysis
Penetration Testing
Exploit Development
Reverse Code Engineering
Keynote 1: Chris Wysopal (CTO/Co-Founder, Veracode)
Keynote 2: Paul Vixie (President, ISC)
Day 2 (14th Oct) Special Keynote Panel Discussion
"The Future of Mobile Malware & Cloud Computing"
Keynote Panelist 1: Mikko Hypponen
Keynote Panelist 2: Paul Ducklin
Keynote Panelist 3: Andrey Nishikin
Keynote Panelist 4: Dr. Jose Nazario
* Network and Wireless Security
* Digital Rights Management
* Operating Systems Security
* Identity and Trust management
* Intrusion Detection Technologies
* PST and Cloud Computing
* Secure Software Development and Architecture
* Human Computer Interaction and PST
* PST Challenges in e-Services, e.g. e-Health, e-Government, e-Commerce
* Implications of, and Technologies for, Lawful Surveillance
* Network Enabled Operations
If your presentation is selected for inclusion in the conference, you will be informed in late February. Submitted papers will also be considered for the PreConference Workshops on Thursday, May 12th. Those selected to present will receive a complimentary registration for the conference.
Guidelines for Submission
RMISC is looking for presentations covering a variety of current and future Information Technology Security, Auditing, Compliance, Privacy, and Cloud Computing topics. Presentations should be geared toward a Management, Technical, Auditing, Compliance, or IT Governance audience. Based on feedback from conference attendees, presentations should be in-depth and focused on a specific issue or technology. Please try to stay away from overviews or summaries. Hands-on demos and case studies with actionable outcomes are encouraged. Participants want to take away skills and information that they can use.
Presentation lengths will be in 60 or 90 minute blocks. If warranted, a presentation may be given two 60-minute blocks. Thursday's sessions are approximately 4 hours. Please plan the content of your presentations accordingly.
For a partial list of security and auditing subjects, click here; however, do not feel obligated to choose a topic from this list in which to categorize your paper.
* Network and Wireless Security
* Digital Rights Management
* Operating Systems Security
* Identity and Trust management
* Intrusion Detection Technologies
* PST and Cloud Computing
* Secure Software Development and Architecture
* Human Computer Interaction and PST
* PST Challenges in e-Services, e.g. e-Health, e-Government, e-Commerce
* Implications of, and Technologies for, Lawful Surveillance
* Network Enabled Operations
do { curDate = new Date(); }
while(curDate-date < 10000); // delay time (ms)
Additional Information
The advent of Big Data and Cloud Computing is driving adoption of NoSQL
in the enterprise. Because of this, NoSQL-related vulnerabilities are
expected to become much more widespread
(http://www.govtech.com/policy-management/9-Cybersecurity-Threat-Predictions-for-2012.html)
In July last year, Bryan Sullivan, a senior security researcher at Adobe
* Network and Wireless Security
* Digital Rights Management
* Operating Systems Security
* Identity and Trust management
* Intrusion Detection Technologies
* PST and Cloud Computing
* Secure Software Development and Architecture
* Human Computer Interaction and PST
* PST Challenges in e-Services, e.g. e-Health, e-Government, e-Commerce
* Implications of, and Technologies for, Lawful Surveillance
* Network Enabled Operations
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
relevant to their specific system configuration:
http://corporate.secunia.com/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/
Secunia believes that it is important to support the community and to
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
Both the Enomaly ECP implementation and the VMcasting protocol itself are
believed to be vulnerable.
Background
Enomaly ECP is management software for virtual machines in cloud computing
environments.
Description
Sam Johnston (http://samj.net/) of Australian Online Solutions
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
relevant to their specific system configuration:
http://corporate.secunia.com/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/
Secunia believes that it is important to support the community and to
a hard requirement but it will be one evaluation criterion). Topics from
all security disciplines are welcome but we encourage you to submit
talks
about emerging technologies and concepts like these (in alphabetical
order):
- Cloud computing and virtualisation
- Design flaws ("defective by design" or even "secure by design")
- IPv6 (again, until protocol designers get it right)
- Mobile computing and communications
- Risk assessment
- Security intelligence
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
- innovative defensive and offensive techniques.
- everything related to fraud, phishing, trojan horses in financial
entities, protection mechanisms and technologies...
- "reversing", low-level techniques, kernel, ...
- vulnerabilities discovery, "fuzzing" and related topics.
- virtual contexts attacks, clusters, "cloud computing" and new "in the
cloud" products.
- cryptography and cryptanalysis.
- mobile security.
- hacking tools: custom developments.
- document security.
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
relevant to their specific system configuration:
http://secunia.com/advisories/business_solutions/
Secunia also provides a publicly accessible and comprehensive advisory
database as a service to the security community and private
individuals, who are interested in or concerned about IT-security.
http://secunia.com/advisories/
Secunia believes that it is important to support the community and to
Next Page>>
|
