Forwarded from Risks Digest 20.64 Respectfully, Ken Williams ------------------------------ Date: Fri, 22 Oct 1999 15:51:57 -0400 From: "Jeffrey M. Voas" <jmvoasat_private> Subject: Call for papers, Malicious Information Technology Co-Authored: Software Assessment: Reliability, Safety, and Testability (Wiley, 1995) http://www.rstcorp.com/books/sa Software Fault Injection: Inoculating Programs Against Errors (Wiley, 1998) http://www.rstcorp.com/books/sfi Videos: Developing Software for Safety Critical Systems (IEEE, 1998) http://www.rstcorp.com/videos/safety_critical.html Software Testing: Building Infrastructure, Due Dilligence, and OO Software (IEEE, 1999) http://www.rstcorp.com/videos/software_testing.html IEEE Software Call for Articles & Reviewers Malicious Information Technology: The Software vs. The People Publication: Sept./Oct. 2000 Software was intended to improve the quality of human life by doing tasks more quickly, reliably, and efficiently. But today, a "software vs. people" showdown appears eminent. Software is increasingly becoming a threat to people, organizations, and nations. For example, the spread of the Melissa virus illustrates the ease with which systems can be penetrated and the ubiquity of the consequences; the Melissa virus caused many companies to shut down their EMail systems for days or even weeks. The origin of these threats stems from a variety of problems. One problem is negligent development practices that lead to defective software. Security vulnerabilities that occur as a result of negligent development practices (e.g., commercial Web browsers allowing unauthorized individuals to access confidential data) are likely to be discovered by rogue individuals with malicious intentions. Other security vulnerabilities are deliberately programmed into software (e.g., logic bombs, Trojan Horses, and Easter eggs). Regardless of the reason why information systems are vulnerable, the end result can be disastrous and widespread. Because of the increased danger that malicious software now poses, we seek original articles on the following specific issues: + Intrusion detection + Information survivability + Federal critical infrastructure protection plans + Federal laws prohibiting encryption exports vs. US corporations + State-of-the-practice in security testing + The Internet's "hacker underground" + Corporate information insurance + Penalties for those convicted of creating viruses + Case studies in information security and survivability Submissions due: 1 April 2000 Guest Editors: Nancy Mead Jeffrey Voas Carnie Mellon University Reliable Software Technologies nrmat_private jmvoasat_private Authors: Submit one electronic copy in RTF interchange or MS-Word format and one PostScript or PDF version to the magazine assistant at softwareat_private Articles must not exceed 5,400 words including tables and figures, which count for 200 words each. For detailed author guidelines, see www.computer.org/software/edguide.htm. Reviewers: Please e-mail your contact information and areas of interest to a guest editor. Jeffrey M. Voas, Co-Founder, Reliable Software Technologies, Suite 400, 21351 Ridgetop Circle, Dulles, VA 20166 USA, jmvoasat_private, Phone: 703.404.9293, Fax: 703.404.9295 ------------------------------ ******************************************************************************* Note: The information contained in this message may be privileged and confidential and protected from disclosure. If the reader of this message is not the intended recipient, or an employee or agent responsible for delivering this message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please notify us immediately by replying to the message and deleting it from your computer. Thank you. Ernst & Young LLP *******************************************************************************
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:09:49 PDT