DBWorld Message

Program Analysis for Security and Safety Workshop Discussion
Nantes, France, July 3-4, 2006

Sponsored by IBM Research
Co-located with ECOOP 2006

Call for Papers With the advent of the Internet, software security
has become more important than ever. Unfortunately, still now,
the security of a software system is almost always an
afterthought. When security problems arise, understanding and
correcting them can be very challenging. On the one hand, the
program analysis research community has created numerous static
and dynamic analysis tools for performance optimization and bug
detection in object-oriented programs. On the other hand, the
security and privacy research community has been looking for
solutions to automatically detect security problems, privacy
violations, and access-control requirements of object-oriented
programs. The purpose of this workshop is to bring together
members of both these communities and to encourage program
analysis researchers to see the applicability of their work to
security and privacy?an area of research that still needs
exploration.

Topics of Interest
Analysis of cryptographic systems and implementations

Analysis of network and security protocols

Automatic detection of attacks against networks and machines

Automated tools for source- and compiled-code analysis

Authentication and authorization of users, systems, and applications

Bug finding

Detection of mutability, accessibility, and isolation policy violations

Identification of denial-of-service attacks

Input validation

Intrusion and anomaly detection

Language-based security

Operating system security

Privacy analysis

Security in heterogeneous and large-scale environments

Security in the presence of agents and mobile code

Security policy analysis

Static analysis for program verification

Static analysis techniques for soundness, precision, and scalability

Important Dates
Submission Deadline: Saturday, April 5, 2006

Author Notification: Monday, May 5, 2006

Camera-ready Copy: Monday, May 22, 2006

Submission Guidelines We welcome two types of papers:

Type 1: Technical Papers These papers, with mature technical
content, should not exceed 11 pages including references.

Type 2: Position, Exploratory, or Preliminary-work Papers These
papers may describe work in progress or new research ideas. They
should not exceed 5 pages including references.

Papers must be written in English. Please note that PASSWORD,
consistent with other scientific conferences and workshops,
accepts only original papers that have not been published and are
not under review for publication elsewhere.

E-mail the submission by the indicated deadline to the Program
Chairs following these instructions:

The subject of the e-mail should be PASSWORD Submission

The e-mail should contain the paper abstract not to exceed 150 words

Attach a PDF version of the paper, printable on both US Letter and A4 sized paper

Indicate whether the paper is of Type 1 (Technical Papers) or Type 2 (Position, Exploratory, or Preliminary-work Papers)

Indicate if any of the authors is a member of the Program Committee

Indicate which authors of the paper are currently full-time undergraduate or graduate university students

Publication of Papers Based on the number and quality of the
papers submitted, the Program Committee will consider some of the
articles for a special number of a journal.

Information for Attendees Registration of workshop participants
has to be done in two mandatory steps:

Contact the organizers of the workshop (in order to ensure that
the participant limit has not been exceeded) by sending them an
email with subject PASSWORD Attendance. Register on the ECOOP
2006 Web site either as a worskhop-only attendee or as a regular
attendee. The latter includes access to workshops and to the main
conference.

Program Organization Program Chairs
Francesco Logozzo, Ecole Normale Superieure, Paris, France

Marco Pistoia, IBM T. J. Watson Research Center, Hawthorne, New York, USA

Program Committee
Sabrina De Capitani Di Vimercati, University of Milan, Milan, Italy

Stephen J. Fink, IBM T. J. Watson Research Center, Hawthorne, New York, USA

Robert J. Flynn, Polytechnic University, Brooklyn, New York, USA

Charles Hymans, European Aeronautic Defence and Space Company, Paris, France

Trent Jaeger, Pennsylvania State University, University Park, Pennsylvania, USA

Francesco Logozzo, Ecole Normale Superieure, Paris, France

Nasir Memon, Polytechnic University, Brooklyn, New York, USA

Greg Morrisett, Harvard University, Cambridge, Massachusetts, USA

David A. Naumann, Stevens Institute of Technology, Hoboken, New Jersey, USA

Marco Pistoia, IBM T. J. Watson Research Center, Hawthorne, New York, USA

Jan Vitek, Purdue University, West Lafayette, Indiana, USA

Eran Yahav, IBM T. J. Watson Research Center, Hawthorne, New York, USA

Steve Zdancewic, University of Pennsylvania, Philadelphia, Pennsylvania, USA

Xiaolan Zhang, IBM T. J. Watson Research Center, Hawthorne, New York, USA

Roberto Zunino, University of Pisa, Pisa, Italy

IBM Research Best Paper Student Award The Security and Privacy and
the Programming Languages and Software Engineering departments at
the IBM T. J. Watson Research Center are jointly sponsoring the
IBM Research Best Paper Student Award. The purpose of this
recognition is to encourage talented students to submit papers
with high research contents. To qualify for this award, at least
one of the lead authors of the paper must be a full-time
undergraduate or graduate university student at the time the paper
is submitted. When submitting their papers, the authors must
explicitly specify the names of the authors who are full-time
undergraduate or graduate students at the time of the submission.
The Program Committee will decide which paper will receive the
award based on research quality and originality.