ACM logoHomeFeedbackJoinShopSearch
Special Interest Groups

SIGSAC Annual Report

July 1997 - June 1998
Submitted by: Ravi Sandhu, SIGSAC Chair

SIGSAC continues to forge ahead in establishing leadership in the Information and Systems Security community. This annual report outlines accomplishments of the past year and future plans.


SIGSAC took a major step this year in converting to a conference only SIG. These are challenging times for ACM, SIGSAC and other professional societies. Changes in information technology are forcing us to rethink the mission and services of professional societies. The reason for this proposed change was quite straightforward. SIGSAC sponsors an excellent suite of conferences which were founded in the 90's and have quickly established themselves as leading research conferences. SIGSAC has every reason to be proud of its strong conference suite. At the same time SIGSAC has had problems in recent times in producing a quality newsletter due to lack of submissions. SIGSAC leadership has also been responsible for creation of a new ACM Transactions on Information and System Security (TISSEC) whose first issue is currently in press (see for table of contents). With its strong conferences and association with TISSEC, SIGSAC has a major presence in the security community. As a conference only SIG it will be able to continue these activities and build upon them.

In terms of impact on members the main change will be that members will receive the ACM Conference on Computer and Communications Security as part of the subscription price, instead of the four newsletters. The CCS proceedings has established itself as a forum at which research in all computer security disciplines comes together in one place. Members of SIGSAC will receive a discount at all sponsored ACM SIGSAC conferences, workshops, and proceedings. The cost of membership will remain $18 per year for now.

As compensation for the two newsletters of the current fiscal year (ending June 30, 1998) that will not be produced, current members were given a copy of Proceedings of the 1997 ACM New Security Paradigms Workshop.


SIGSAC's flagship conference, the ACM Conference on Computer and Communications Security, was created in 1993. It was held in November 1993 and November 1994 in Fairfax, Virginia, in March 1996 in New Delhi, India and in April 1997 in Zurich, Switzerland. From its inception this conference has established itself as among the very best research conferences in security. This reputation continues to grow.

The conference is expected to move around internationally for which it has already established a track record. The conference organizers have recruited volunteers from North America, Europe, Asia and Australia to establish a base of active participants who can help organize the conference all over the planet. Current plans are to hold the conference in the November timeframe with target sites as San Francisco in 1998, Singapore in 1999 and Athens, Greece in 2000.

In summary SIGSAC now has a well-recognized flagship conference which is international in participation and venue. This is a considerable accomplishment for SIGSAC, achieved in a matter of a few years.

In 1995 SIGSAC created the new ACM Workshop on Role-Based Access Control in collaboration with the National Institute of Standards and Technology (NIST). The first workshop was held at NIST in Gaithersburg, Maryland, November 30 - December 1, 1995. This series of workshops seeks to promote the use and standardization of RBAC. Interest in RBAC has grown dramatically in the past few years as the inadequacies of the classical discretionary and mandatory access control approaches become increasingly evident. The second workshop was held in November 1997 in Fairfax, Virginia, and the third one will be held in October 1998 in Fairfax.

SIGSAC's vision is to develop specialized workshops of this kind to provide technical leadership in addition to its flagship conference.

The annual New Security Paradigms Workshop, started in 1992, is another specialized workshop sponsored by SIGSAC. The sixth workshop was held in September 1997 in Newcastle-upon-Tyne in the UK. This is the first time it went out of the US. The 1998 workshop will be held in Charlotsville, Virginia in September 1998.


SIGSAC has been instrumental in creating the new ACM Transactions on Information and System Security (TISSEC). TISSEC's first issue is in press. We anticipate close ties between TISSEC and SIGSAC in future.


SIGSAC continues to support the Computer Security Day.




A reinvigorated SIGSAC has established itself as a technical leader in the Information and System Security arena. It has been reorganized as a conference only SIG. SIGSAC emerged from a period of relative dormancy under the leadership of Daniel Faigin (SIGSAC Chair, 1991-95). SIGSAC has a strong flagship conference (established 1993) and two specialized workshop series with others anticipated in future. SIGSAC has been instrumental in creating a new ACM Transactions on Information and System Security. In conclusion, SIGSAC is providing strong technical leadership to the community and is developing a cadre of volunteers from which future leadership will emerge.

Back to SIG Board Report Back to SIGSAC Page

SIGSAC FY'98 Annual Report. Last Update: 9/11/98 by Rachael Barish

©1997 Association for Computing Machinery