THE EIGHTH ANNUAL IFIP WORKING GROUP 11.3 WORKING CONFERENCE ON DATABASE SECURITY Bad Salzdetfurth, Germany, 23 - 26 August 1994 CALL FOR PAPERS Deadline for Submission: March 14, 1994 SCOPE ===== Papers are solicited for presentation and discussion at this Working Conference. Emphasis is placed on original results in database security research and development. Insightful discussion of security applications and their reception in real environments also will be considered. Treatments of security in health care systems are particularly welcome. A summary of suggested research questions as compiled by the IFIP WG 11.3 is summarized below. The purposes of this Working Conference are to present original results in database security research and development, to discuss in depth the current state of research and practice in database security, to enable participants to benefit from personal contact and expand their knowledge, to support the activities of the Working Group, and to disseminate the results of the discussion. Papers will be refereed by members of the Working Group and will be selected based on technical merit and their relationship to the aim and scope of the Working Group. The meeting will be organized to provide ample time for discussions, both formal and informal, of the papers presented and of the research questions. Meeting attendance will be limited to about forty participants. CONFERENCE SITE =============== The conference will be held at the Relexa Hotel in Bad Salzdetfurth, and has been planned to permit joined attendance with the 1994 IFIP World Computer Congress, which will be held in Hamburg during the period 29 August - 2 September. Bad Salzdetfurth situated in the forests 30 km north of the Harz mountain range, 45 km south of Hannover and 15 km south of Hildesheim, is a well known spa in Germany. Some of the famous sights are the cathedral of Hildesheim with its 1,000 year-old rose-tree, the church of St. Michael and the historic market square of Hildesheim with the Butchers' Guildhall which is said to be the world's finest half- timbered building. The church of St. Michael and the cathedral have been declared by the UNESCO to be part of the world's cultral heritage. INFORMATION FOR AUTHORS ======================= Authors are cordially invited to submit four copies of their contributions to one of the program co-chairs, Joachim Biskup (Africa, Asia, Europe) or Matthew Morgenstern (America, Australia), at the address below. Submissions should be received by March 14, 1994 and should not exceed 5,000 words. Complete details regarding the workshop will be sent to all participants along with acceptance/rejection letters by June 3, 1994. Final papers must be received in camera-ready form by July 15, 1994. Conference proceedings will be edited and published according to the IFIP publishing policy. IFIP WG 11.3: SUMMARY OF RESEARCH QUESTION LIST =============================================== 1. What are good techniques for describing the various factors involved in designing secure database systems, such as: * security and privacy policies or policy requirements, * threats to system security, * costs/benefits of meeting security and privacy requirements (or risks of not meeting them)? What relationships should exist between these descriptions and those already associated with database systems, such as queries, views, and schemas? 2. What are good methodologies for: * obtaining these descriptions * using them in developing secure database systems (including associated applications) * determining that the implemented systems are consistent with their descriptions/specifications? 3. What are the functionality, performance, and security interactions and tradeoffs of various technical features of database systems, such as the supported: * query facilities * data/object model * data types * concurrency/recovery facilities * inference/deduction capabilities or the organizations of components (architectures) of such systems, such as: * distributed systems * client/server architectures * layered/modular internal system architectures? 4. What information can be maintained or generated by a database system to assist in maintaining security or privacy, and what are good techniques for using such information, either at run-time or in subsequent analysis, to detect and discourage security violations? FOR FURTHER INFORMATION, CONTACT: ================================= PROGRAM CO-CHAIR PROGRAM CO-CHAIR Joachim Biskup Matthew Morgenstern Institut fuer Informatik Xerox Design Research Institute Universitaet Hildesheim Cornell University Samelsonplatz 1 5144 Upson Hall Postfach 10 13 63 Ithaca, NY 14853 D-31113 Hildesheim U. S. A. Germany +49(5121)883-731 (voice) +1(607)255-9899 (voice) +49(5121)883-732 (fax) +1(607)254-4742 (fax) biskup@informatik.uni morgenstern@cs.cornell.edu -hildesheim.de LOCAL ORGANIZATION IFIP WG11.3 CHAIR Jimmy Brueggemann Carl E. Landwehr Christian Eckert Naval Research Lab. Institut fuer Informatik Code 5542 Universitaet Hildesheim 4555 Overlook Ave., SW Samelsonplatz 1 Washington, DC 20375-5000 Postfach 10 13 63 U. S. A. D-31113 Hildesheim +1(202)767-3381 (voice) Germany +1(202)404-7942 (fax) +49(5121)883-733 (voice) landwehr@itd.nrl.navy.mil +49(5121)883-732 (fax) {jimmy,eckert}@informatik.uni -hildesheim.de