The Computer Security Foundations Symposium (CSF) is an annual conference for researchers in computer security, to examine current theories of security, the formal models that provide a context for those theories, and techniques for verifying security. It was created in 1988 as a workshop of the IEEE Computer Society’s Technical Committee on Security and Privacy, in response to a 1986 essay by Don Good entitled “The Foundations of Computer Security — We Need Some.” The meeting became a “symposium” in 2007, along with a policy for open, increased attendance. Over the past two decades, many seminal papers and techniques have been presented first at CSF. This year’s edition will be held in Vienna, Austria on July 19 – 22, 2014 and is embedded in the Vienna Summer of Logic 2014.
New results in computer security are welcome. Possible topics include, but are not limited to:
- access control
- critical infrastructure security
- data and system integrity
- database security
- decidability and complexity
- distributed systems
- electronic voting
- executable content
- formal methods and verification
- game theory and decision theory
- hardware– based security
- humans and computer security
- information flow
- intrusion detection
- language-based security
- network security
- novel insights on attacks
- resource usage control
- security for mobile computing
- security models
- security protocols
- software security
- socio-technical security
- trust management
- usable security
- web security
We strongly encourage papers in three foundational areas of research not traditionally represented at CSF:
AI and Security (Chairs: Ariel Procaccia & Benjamin Rubinstein):
In recent years, a number of communities overlapping with AI — notably algorithmic economics and machine learning — have made significant forays into security & privacy. This session aims to collect theoretical viewpoints on security & privacy, particularly from researchers across diverse communities such as those identifying with AAAI/IJCAI, AAMAS, EC, WEIS, ICML, NIPS, COLT, STOC/FOCS, S&P, and CCS (including the AISEC workshop).
Papers in the following areas intersecting with information security are highly encouraged to submit to this special session: Economics: Game theory, mechanism design, market design, social choice; Learning: Online learning, robust statistics, adversarial machine learning, privacy-preserving technologies such as differential privacy.
Privacy (Chair: Vitaly Shmatikov):
CSF 2014 will include a special session on privacy foundations and invites submissions on definitions, models, and frameworks for communication and data privacy, principled analysis of deployed or proposed privacy protection mechanisms, and foundational aspects of practical privacy technologies. Submissions investigating connections between privacy law and policy and computer science are especially encouraged.
Usable Security (Chair: Lujo Bauer):
It has become accepted that any user-facing security technology or mechanism is unlikely to be secure if it is not usable. Hence, understanding, measuring, and designing for usability are foundational aspects of building secure systems. CSF 2014 encourages submission of papers that describe new results, quantitative or qualitative, in usability as it pertains to security and privacy. Particularly encouraged are papers that focus on foundational aspects of usability, as well as those whose results generalize beyond a specific environment or system.
These papers will be reviewed under the supervision of expert invited session chairs. They will be presented at the conference, and will appear in the CSF proceedings without any distinction from the other papers.
Challenges and Vision Papers
We particularly encourage challenge/vision papers, which may describe open questions and raise fundamental concerns about practical security. Challenges and/or vision papers should typically identify a real world security problem, argue why it raises foundational issues, explain why the currently available and relevant techniques are inadequate for addressing it, and identify foundational challenges that have to be addressed to solve the problem. These papers will be presented at the conference, and will appear in the CSF proceedings without any distinction from the other papers.
Proceedings, published by the IEEE Computer Society Press, will be available at the symposium, and selected papers will be invited for submission to the Journal of Computer Security.
- Alessandro Acquisti – Carnegie Mellon University
- Gilles Barthe – IMDEA Software Institute
- Frank Piessens – K.U. Leuven
- Deepak Garg – Max Planck Institute for Software Systems, Germany
There will be three workshops affiliated with CSF 2014:
- Analysis of Security APIs (ASA7)
- FCS-FCC: Joint Workshop on Foundations of Computer Security and Formal and Computational Cryptography
- STAST 2014, 4th Int. Workshop on Socio-Technical Aspects in Security and Trust