SIGSAC Annual Report

July, 1995 - June, 1996
Submitted by: Ravi Sandhu

SIGSAC continues to forge ahead in establishing leadership in the Information and Systems Security community. This annual report outlines accomplishments of the past year and future plans.


SIGSAC's flagship conference, the ACM Conference on Computer and Communications Security, was created in 1993. It was held in November 1993 and November 1994 in Fairfax, Virginia. From its inception this conference established itself as among the very best research conferences in security.

The conference steering committee decided to hold the third conference in New Delhi, India on March 14-16, 1996. The decision to go to international locations, and particularly to Asia, involved some risk but the organizers were confident that the first two conferences had created a reputation which would continue to draw high quality submissions. The decision to go international was motivated by the increasingly global nature of the Information Technology industry. Asia is a rapidly emerging market in this arena and it was felt that an international society such as ACM should establish a presence in that region.

The third conference held in New Delhi, India continued to attract high quality papers. It was also successful in attendance. About half the attendees were from Europe and North America and about half from Asia. Due to the success of this effort it will no doubt go back to other Asian venues in future.

The fourth conference will be held in Zurich, Switzerland on April 2-4 1997. Thereafter the conference is expected to move around internationally. The conference organizers have recruited volunteers from North America, Europe, Asia and Australia to establish a base of active participants who can help organize the conference all over the planet.

In summary SIGSAC now has a well-recognized flagship conference which is international in participation and venue. This is a considerable accomplishment for SIGSAC, achieved in a matter of a few years.


In 1995 SIGSAC created the new ACM Workshop on Role-Based Access Control in collaboration with the National Institute of Standards and Technology (NIST). The first workshop was held at NIST in Gaithersburg, Maryland, November 30 - December 1, 1995. This series of workshops seeks to promote the use and standardization of RBAC. Interest in RBAC has grown dramatically in the past few years as the inadequacies of the classical discretionary and mandatory access control approaches become increasingly evident. Preliminary planning for the second workshop to be held in Spring 1997 has begun. SIGSAC's vision is to develop specialized workshops of this kind to provide technical leadership in addition to its flagship conference. The annual New Security Paradigms Workshop, started in 1992, is another specialized workshop sponsored by SIGSAC. The fourth workshop was held in La Jolla, California on August 22-25, 1995. The fifth workshop will be held at the UCLA Conference Center in Lake Arrowhead, California, September 16-19, 1996.


SIGSAC approved the creation of a new Workshop on Education in Computer Security in 1996. It was initially planned for May 1996, but due to technical problems it has been postponed. This workshop is important in establishing a presence for SIGSAC in the education arena.


In January 1996 SIGSAC commenced an initiative to create a new ACM Transactions on Information and System Security (TISSEC). An initial inquiry was forwarded to Mark Mandelbaum at ACM Headquarters by Ravi Sandhu (SIGSAC Chairman) to assess the interest of ACM in supporting this venture. This request was discussed by the ACM Publications Board at their February 1996 meeting. The feedback to Ravi Sandhu was favorable and it was recommended that SIGSAC prepare a formal proposal for a new transactions. The SIGSAC Executive Committee (Ravi Sandhu, Rowena Chester, Daniel Faigin and Cynthia Irvine) convened by electronic mail to create a SIGSAC Publications Committee to pursue this initiative on behalf of SIGSAC.

The SIGSAC Publications Committee consists of Ravi Sandhu (Chairman), Ravi Ganesan, Li Gong, Catherine Meadows, Cliff Neuman, and Jacques Stern. The SIGSAC Executive Committee unanimously approved the creation and membership of this committee. Members of the SIGSAC Publication Committee have all contributed significant leadership to SIGSAC Publications activities, in addition to being active researchers representing a variety of interests in the security arena. The SIGSAC Executive Committee unanimously endorsed the criteria for membership on the SIGSAC Publications Committee that members should have served as Program Chair of the SIGSAC-sponsored ACM Conference on Computer and Communications Security or be the current SIGSAC Newsletter editor. All individuals eligible for membership on the Publications Committee accepted the invitation to serve. A draft proposal is under review by the SIGSAC Publications Committee and will soon be forwarded to the ACM Publications Board after endorsement by the SIGSAC Executive Committee.


Cathy Meadows has done a superb job in publishing the SIGSAC Review in a timely manner.


SIGSAC continues to support the Computer Security Day.




In a matter of a few years SIGSAC has established itself as a technical leader in the Information and System Security arena. SIGSAC emerged from a period of relative dormancy under the leadership of Daniel Faigin (SIGSAC Chair, 1991-95). SIGSAC has a strong flagship conference (established 1993) and two specialized workshop series with others anticipated in future. SIGSAC has initiated creation of a new ACM Transactions on Information and System Security. In conclusion, SIGSAC is providing strong technical leadership to the community and is developing a cadre of volunteers from which future leadership will emerge.

Back to SIG Board Report Back to SIGSAC Page
To ACM Page