The Computer Security Foundations Symposium (CSF) is an annual conference for researchers in computer security, to examine current theories of security, the formal models that provide a context for those theories, and techniques for verifying security. It was created in 1988 as a workshop of the IEEE Computer Society's Technical Committee on Security and Privacy, in response to a 1986 essay by Don Good entitled “The Foundations of Computer Security—We Need Some.” The meeting became a “symposium” in 2007, along with a policy for open, increased attendance. Over the past two decades, many seminal papers and techniques have been presented first at CSF. For more details on the history of the symposium, visit CSF's home.
The program includes papers, panels, and a poster session. Topics of interest include access control, information flow, covert channels, cryptographic protocols, database security, language-based security, authorization and trust, verification techniques, integrity and availability models, and broad discussions concerning the role of formal methods in computer security and the nature of foundational research in this area.
New results in security and privacy are welcome. We also encourage challenge/vision papers, which may describe open questions and raise fundamental concerns about security and privacy. Possible topics for all papers include, but are not limited to:
access control
accountability
anonymity
attack models
authentication
blockchains and smart contracts
cloud security
cryptography
data provenance
data and system integrity
database security
decidability and complexity
decision theory
distributed systems security
electronic voting
embedded systems security
forensics
formal methods and verification
hardware-based security
information flow control
intrusion detection
language-based security
mobile security
network security
privacy
security and privacy aspects of machine learning
security and privacy for the Internet of Things
security architecture
security metrics
security policies
security protocols
software security
socio-technical security
trust management
usable security
web security