3rd ACM Workshop on Assurable & Usable Security Configuration (SafeConfig)

October 4, 2010

Chicago, Illinois

Colocated with ACM CCS 2010

A typical enterprise network might have hundreds of security appliances such as firewalls, IPSec gateways, IDS/IPS, authentication servers, authorization/RBAC servers and crypto systems. An enterprise network may also have other non-security devices such as routers, name servers, protocol gateways, etc. These must be logically integrated into a security architecture satisfying security goals at and across multiple networks. Logical integration is accomplished by consistently setting thousands of configuration variables and rules on the devices. The configuration must be constantly adapted to optimize protection and block prospective attacks. The configuration must be tuned to balance security with usability. These challenges are compounded by the deployment of mobile devices and ad hoc networks. The resulting security configuration complexity places a heavy burden on both regular users and experienced administrators and dramatically reduces overall network assurability and usability. This workshop will bring together academic as well as industry researchers to exchange experiences, discuss challenges and propose solutions for offering assurable and usable security.

The first instance of this workshop was held by invitation only in August 2008, funded by the NSF to promote this important area of research. The next instance was held as a workshop in 2009 at CCS, with approximately 55 attendees from academia and industry. In 2010 we wish to build on this success and aim to attract a strong set of submissions and a diverse audience from both academia and industry.