May 9-12, 2004
The Claremont Resort
Berkeley/Oakland, California, USA

2004 IEEE Symposium on
Security and Privacy

sponsored by
IEEE Computer Society Technical Committee on Security and Privacy
in cooperation with
The International Association for Cryptologic Research (IACR)

Symposium Committee:
General Chair: Lee Badger (DARPA)
Vice Chair: Steve Tate (University of North Texas)
Program Co-Chairs: David A. Wagner (University of California at Berkeley, USA)
Michael Waidner (IBM Zurich Research Lab, Switzerland)

Since 1980, the IEEE Symposium on Security and Privacy has been the premier forum for presenting developments in computer security and electronic privacy, and for bringing together researchers and practitioners in the field.

Previously unpublished papers offering novel research contributions in any aspect of computer security or electronic privacy are solicited for submission to the 2004 symposium. Papers may represent advances in the theory, design, implementation, analysis, or empirical evaluation of secure systems, either for general use or for specific application domains. Topics of interest include, but are not limited to, the following:

Commercial and Industrial Security
Mobile Code and Agent Security
Network Security
Data Integrity
Information Flow
Viruses and Other Malicious Code
Secure Hardware and Smartcards
Intrusion Detection
Language-Based Security
Security of Mobile Ad-Hoc Networks
Electronic Privacy
Distributed Systems Security
Anonymity and Pseudonymity
Access Control and Audit
Security Verification
Security Protocols
Peer-to-Peer Security
Database Security
Denial of Service

Program Committee:

Tuomas Aura, Microsoft Research, UK
David Basin, ETH Zürich, Switzerland
Josh Benaloh, Microsoft Research, USA
Marc Dacier, Eurecom, France
HervÚ Debar, France TÚlÚcom R&D, France
CÚdric Fournet, Microsoft Research, UK
Virgil Gligor, University of Maryland, USA
Trent Jaeger, IBM Research, USA
Richard Kemmerer, University of California, Santa Barbara, USA
Markus Kuhn, University of Cambridge, UK
Heiko Mantel, DFKI, Germany
John McHugh, CERT, USA
John McLean, Naval Research Laboratory, USA
Catherine Meadows, Naval Research Laboratory, USA
John Mitchell, Stanford University, USA
Andrew Myers, Cornell University, USA
Vern Paxson, ICSI and LBNL, USA
Birgit Pfitzmann, IBM Research, Switzerland
Bart Preneel, Katholieke Universiteit Leuven, Belgium
Michael Reiter, Carnegie Mellon University, USA
Avi Rubin, Johns Hopkins University, USA
Pierangela Samarati, UniversitÓ degli Studi di Milano, Italy
Christoph Schuba, Sun Microsystems, USA
Jonathan Shapiro, Johns Hopkins University, USA
Michael Steiner, IBM Research, USA
Paul Syverson, Naval Research Laboratory, USA
Jonathan Trostle, Security Research Consultant, USA
Gene Tsudik, University of California, Irvine, USA
David Wagner, University of California, Berkeley, USA
Michael Waidner, IBM Research, Switzerland
Dan S. Wallach, Rice University, USA
Andreas Wespi, IBM Research, Switzerland
Avishai Wool, Tel Aviv University, Israel


Submitted papers must not substantially overlap papers that have been published or that are simultaneously submitted to a journal or a conference with proceedings. If there are any doubts on whether a paper counts as already published or not then the authors should contact the program chairs prior to submission. Papers should be in Portable Document Format (.pdf), at most 15 pages excluding the bibliography and well-marked appendices (using 11-point font, single column format, and reasonable margins on 8.5"x11" or A4 paper), and at most 25 pages total. We request the submissions be in US letter paper size (not A4) if at all possible. Authors are urged to follow the NSF "Fastlane" guidelines for document preparation (, and to pay special attention to unusual fonts.  Committee members are not required to read the appendices, so the paper should be intelligible without them. Papers should be submitted in a form suitable for anonymous review: remove author names and affiliations from the title page, and avoid explicit self-referencing in the text. Formatting and length requirements for the proceedings will be announced after acceptance notification.

Please submit papers via the Web; the submission address is
All deadlines are in CET (Central European Time), which is GMT+1, i.e., in Zurich local time.

For any questions, please contact the program chairs, at

Paper submissions due: November 5, 2003, 18:00:00 CET (GMT+1)

Acceptance notification: January 21, 2004

Final papers due: February 23, 2004

Submissions received after the submission deadline or failing to conform to the guidelines above risk rejection without consideration of their merits. Authors are responsible for obtaining appropriate clearances; authors of accepted papers will be asked to sign IEEE copyright release forms. Where possible all further communications to authors will be via email.


The conference may include panel sessions addressing topics of interest to the computer security community. Proposals for panels should be no longer than five pages in length and should include possible panelists and an indication of which of those panelists have confirmed participation. Please submit panel proposals by email to

Panel proposals due: November 5, 2003, 18:00:00 CET (GMT+1)

Acceptance notification: January 27, 2004

Where possible all further communications to authors will be via email.


A continuing feature of the symposium will be a session of 5-minute talks, where attendees can present preliminary research results or summaries of works published elsewhere. Poster presentations related to these talks are also possible. Abstracts for 5-minute talks should fit on one 8.5"x11" or A4 page, including the title and all author names and affiliations. Please submit abstracts by email to

5-minute abstracts due: March 15, 2004, 18:00:00 CET (GMT+1)

Acceptance notification: March 31, 2004

Where possible all further communications to authors will be via email.