Reflecting on 20 SEC conferences

The ever-increasing use of information technology in business and everyday life led to a raised awareness of security issues. The last three decades spawned a large amount of research literature on security. The belief that the future can only be realized if the past is well understood has motivated an investigation into the history of information security. This report therefore focuses on analyzing the work reported in the past 20 SEC conferences, the flagship conference series of the IFIP Technical Committee 11 (TC-11). The study indicates that the focus of papers increased over time and that the output of papers became more technical. Certain topics such as auditing and business continuity have largely disappeared as a topic. The study confirmed an expected increase in the prominence of papers dealing with network related research. Surprisingly, information security management showed no upward trend; instead a slight decrease could be seen. In contrast, crypto-like topics showed a strong growth. Finally the paper reflects on the significance of the observations made, specifically with respect to future research considerations by the TC-11 community. (C) 2006 Elsevier Ltd. All rights reserved.