The Security Track at the ACM Symposium on Applied Computing
Statistics and General Information about SAC 2005
Statistics and General Information about the Security Track @ SAC 2005.

The increasing importance of information security to society in the 21st century is widely acknowledged. This is reflected by the growing interest in the Security Track, which is now in its fourth edition. This year's success is in large part due to the efforts of the expanded Program Committee, composed of 18 leading researchers coming from Academia and Industry:

Originating from over 20 different countries, the 46 submissions were included in a blind review process that involved 34 reviewers (composed of PC members and their delegates) from 28 institutions. The reviewers did an outstanding job and the whole process generated nearly 150 reviews - each paper was reviewed by at least 3 reviewers. Based on the reviewers' reports and the general ACM SAC guidelines for evaluation of submissions, only 9 papers were accepted, a rate of approximately 20\%. Contents range from software birthmarking to elliptic-curve key establishment to privacy policies for clinical information.

The 2005 Security Track is divided into 2 sessions.

Session 1 - Cryptographic techniques and Protocols - is chaired by Bella.
Khurana et al propose a protocol to support security requirements, authentication, secrecy and integrity for e-mail list services. Myles and Collberg propose a software birthmarking technique that enjoys credibility and resilience to semantics-preserving transformations. It computes a set of unique opcode sequences for a set of modules. Anshul and Roy propose the use of zero-knowledge techniques for the authentication in wireless sensor networks. Strangio proposes a Diffie Hellman, elliptic-curve based key-agreement protocol.

Session 2 - Policies and Databases - is chaired by Ryan.
Sohr et al investigate formal specifications privacy policies for clinical records. Ungureanu proposes a framework to make the process of discovering and validating a chain of authorisation more efficient. Uppuluri et al. investigates vulnerabilities arising from the adversary exploiting atomicity assumptions in compound operations. They propose mechanisms to monitor the systems behaviour and detect potential exploitations of such vulnerabilities. Yang and Yu investigate the specification and enforcement of security policies across databases with differing policies. Zhang et al.  introduce an attribute based access control model, along with some decidability results.