Call for papers, Malicious Information Technology

[Ken.Williams () EY COM (Ken Williams)]

Forwarded from Risks Digest 20.64

Respectfully,

Ken Williams

------------------------------

Date: Fri, 22 Oct 1999 15:51:57 -0400
From: "Jeffrey M. Voas" <jmvoas () rstcorp com>
Subject: Call for papers, Malicious Information Technology

Co-Authored:

Software Assessment: Reliability, Safety, and Testability (Wiley, 1995)
http://www.rstcorp.com/books/sa

Software Fault Injection: Inoculating Programs Against Errors
(Wiley, 1998)  http://www.rstcorp.com/books/sfi

Videos:

Developing Software for Safety Critical Systems
(IEEE, 1998) http://www.rstcorp.com/videos/safety_critical.html

Software Testing: Building Infrastructure, Due Dilligence, and OO
Software
(IEEE, 1999) http://www.rstcorp.com/videos/software_testing.html

IEEE Software
Call for Articles & Reviewers
Malicious Information Technology: The Software vs. The People
Publication: Sept./Oct. 2000

Software was intended to improve the quality of human life by doing
tasks more quickly, reliably, and efficiently. But today, a "software
vs. people" showdown appears eminent.  Software is increasingly
becoming a threat to people, organizations, and nations.  For example,
the spread of the Melissa virus illustrates the ease with which
systems can be penetrated and the ubiquity of the consequences; the
Melissa virus caused many companies to shut down their EMail systems
for days or even weeks.  The origin of these threats stems from a
variety of problems.  One problem is negligent development practices
that lead to defective software.  Security vulnerabilities that occur
as a result of negligent development practices (e.g., commercial Web
browsers allowing unauthorized individuals to access confidential
data) are likely to be discovered by rogue individuals with malicious
intentions.  Other security vulnerabilities are deliberately
programmed into software (e.g., logic bombs, Trojan Horses, and Easter
eggs).  Regardless of the reason why information systems are
vulnerable, the end result can be disastrous and widespread.

Because of the increased danger that malicious software now poses, we
seek original articles on the following specific issues:

  + Intrusion detection
  + Information survivability
  + Federal critical infrastructure protection plans
  + Federal laws prohibiting encryption exports vs. US corporations
  + State-of-the-practice in security testing
  + The Internet's "hacker underground"
  + Corporate information insurance
  + Penalties for those convicted of creating viruses
  + Case studies in information security and survivability

Submissions due: 1 April 2000

Guest Editors:

Nancy Mead                              Jeffrey Voas
Carnie Mellon University                Reliable Software Technologies
nrm () sei cmu edu                              jmvoas () rstcorp com

Authors: Submit one electronic copy in RTF interchange or MS-Word
format and one PostScript or PDF version to the magazine assistant at
software () computer org.  Articles must not exceed 5,400 words including
tables and figures, which count for 200 words each.  For detailed
author guidelines, see www.computer.org/software/edguide.htm.
Reviewers: Please e-mail your contact information and areas of
interest to a guest editor.

Jeffrey M. Voas, Co-Founder, Reliable Software Technologies, Suite 400,
21351 Ridgetop Circle, Dulles, VA  20166 USA, jmvoas () rstcorp com,
Phone: 703.404.9293, Fax: 703.404.9295

------------------------------

*******************************************************************************
Note:          The information contained in this message may be privileged and confidential and protected from 
disclosure.  If the reader of this message is not the intended recipient, or an employee or agent responsible for 
delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or 
copying of this communication is strictly prohibited. If you have received this communication in error, please notify 
us immediately by replying to the message and deleting it from your computer.  Thank you.  Ernst & Young LLP
*******************************************************************************