CALL FOR PAPERS
SPECIAL ISSUE of the Journal of Computer Languages, Systems and Structures published by Elsevier on Programming Language and Compiler Support for Secure and Reliable Computing
Submission deadline:
November 15, 2006
Guest Editors: Santosh
Pande (Georgia Institute of Technology) and David August (
Motivation
and Scope:
Security
and reliability are no longer mere guiding principles for
software
design but are in fact the driving principles used for the design.
Secure
and reliable by design serves as a binding contract between
the
software designers and end users which make systems
provably reliable and secure. Such a design also takes emphasis away
from
"platform reliability or security" and places it on the "usable"
notions
of the same tying these properties to the applications that rely
on
them. Since platforms could be used in almost innumerable
(potentially uncountable)
ways, platform based security or reliability is almost an impossible
property to achieve in a provable manner. Due to the attractiveness
of provability premise, application based security and reliability
is a more appealing idea.
Design
of application based security and reliability rests on advances in programming
languages for the
expression of security and reliability properties and compilers
for their implementation. Traditionally, languages and compilers
have been designed for addressing efficiencies of computation
(speed, code or power consumption etc.) but advances in expressing and
implementing a given contract for guaranteeing provable
properties are lacking. We do not understand the limits of current
abstractions
and the current techniques for their implementation as far as these provable
security and reliability properties are concerned. Thus, this
special issue invites articles that examine these important
aspects.
On the security side, aspects of confidentiality have been
addressed by crypto; however, integrity checking has not received
much attention. Integrity checking is a vital aspect for both
detecting tampering as well as a fault. Due to higher order of
program
and application semantics, such integrity checking mechanisms
need solutions at the language and compiler level. Finally, the
aspect
of recovery is assuming a very important role in both the
communities. Traditional
recovery mechanisms have relied on check-pointing the state
and using roll-back mechanisms to recover it. However, such
mechanisms
may not work under active tampering unless the security of
the saved states is guaranteed which may be unrealistic given
enormity
of state. Also, notions of recoverability
can go beyond mere values to the guarantees of certain properties
(for example, concept of a safe state in a safety critical application
rather than recovery of the last state). Thus, recoverability assumes a new
dimension. The
goal of this special issue is to attempt
to provide answers to some of these questions.
Topics of interest include (but are not limited to) the following:
· Expressing security/reliability properties through types, annotations, policy expressions and other programming language extensions
· Composable properties, inferencing, verification, domain dependent properties esp. useful in safety critical as well as high availability systems.
· Compile and run time monitoring for integrity checking, attack detection, tampering
· Intrusion analysis, logging, localization
· Recovery schemes for different attack and secure processor models
· Cost - efficiency tradeoffs between security/reliability guarantees and role of compiler optimizations
Papers that cover other topics relevant to the special issue are also encouraged.
Submissions: Papers should be at most 30 pages in double space format at 11 point font size on US Letter paper size (8.5 by 11 inches) with 1 inch margins. A submitted paper should not be under simultaneous review by a conference or another journal. Papers that build on past conference results should include at least 25% new material. A list of differences between the conference version and the journal submission should be included in a cover letter. Any papers that do not meet these guidelines will be returned without review.
All papers will be reviewed by external referees that are experts in the field. The papers will be judged on their novelty, importance, relevance to the special issue, and writing quality. Papers should be submitted through Elsevier's Author Gateway.
Important Dates: Submission deadline: November 15, 2006; Acceptance notification: March 1, 2007; Final version: April 15, 2007
Contact Information: Santosh Pande (santosh@cc.gatech.edu) and David August (august@cs.princeton.edu)