From marcel.winandy at trust.rub.de Fri Jan 8 06:42:16 2010 From: marcel.winandy at trust.rub.de (Marcel Winandy) Date: 8 Jan 2010 12:42:16 +0100 Subject: [EIS] CFP: 3rd International Conference on Trust and Trustworthy Computing (Trust 2010) - Deadline Extended Message-ID: <201001081242.16840.marcel.winandy@trust.rub.de> ************************************************************************** Call for Papers Trust 2010 3rd International Conference on Trust and Trustworthy Computing June 21-23, 2010, Berlin, Germany http://www.trust2010.org ************************************************************************** Submission due: 9 February 2010 (Extended Deadline) ************************************************************************** Building on the success of Trust 2009 (held at Oxford, UK) and Trust 2008 (Villach, Austria), this conference focuses on trusted and trustworthy computing, both from the technical and social perspectives. The conference itself will have two main strands, one devoted to technical aspects and one devoted to the socio-economic aspects of trusted computing. The conference solicits original papers on any aspect (technical or social and economic) of the design, application and usage of trusted and trustworthy computing, which concerns a broad range of concepts including trustworthy infrastructures, services, hardware, software and protocols. Topics of interest include, but are not limited to: Technical Strand: ----------------- * Architecture and implementation technologies for trusted platforms and trustworthy infrastructures * Mobile trusted computing * Implementations of trusted computing (covering both hardware and software) * Applications of trusted computing * Trustworthy infrastructures and services for cloud computing * Attestation and possible variants (e.g., property-based attestation, runtime attestation) * Cryptographic aspects of trusted computing * Security hardware, i.e., hardware with cryptographic and security functions, physically unclonable functions (PUFs) * Establishing trust in embedded systems (e.g., sensor networks) * Hardware Trojans (detection, prevention) * Intrusion resilience in trusted computing * Virtualisation for trusted platforms * Security policy and management of trusted computing * Access control for trusted platforms * Privacy aspects of trusted computing * Verification of trusted computing architectures * End-user interactions with trusted platforms * Limitations of trusted computing Socio-economic Strand: ---------------------- * Usability and user perceptions of trustworthy systems and risks * Effects of trustworthy systems upon user, corporate, and governmental behavior * The adequacy of guarantees provided by trustworthy systems for systems critically dependent upon trust, such as elections and government oversight * The impact of trustworthy systems upon digital forensics, police investigations and court proceedings * Economic drivers for trustworthy systems * Group and organizational behavior within trustworthy systems * The impact of trustworthy systems upon user autonomy, social capital, and power relationships * Cross-cultural definitions of trustworthiness * Can systems be truly "trustworthy" without any capacity for moral reasoning? * Trustworthy systems and precursors of trust such as honesty, benevolence, value similarity, or competence * Trustworthiness, regret and forgiveness * Trustworthy systems as enhancements or constraints on government power * The role of independence from vested interests as a driver of trust * Game theoretical approaches to modeling or designing trustworthy systems * Experimental economics studies of trustworthiness * The interplay between privacy, privacy enhancing technologies and trustworthiness * Regulatory vs peer-produced trustworthiness, including reputation systems * Global governance initiatives to manage trust * Critiques of trustworthy systems General Chair: Ahmad-Reza Sadeghi, University of Bochum, Germany Program Chair (Technical Strand) Sean Smith, Dartmouth College, USA Program Chair (Socio-economic Strand) Alessandro Acquisti, Carnegie Mellon University, USA Program Committee (Technical Strand) N. Asokan, Nokia Research Center, Finland Sergey Bratus, Dartmouth College, USA Liqun Chen, HP Laboratories, UK David Grawrock, Intel, USA Cynthia Irvine, Naval Postgraduate School, USA Bernhard Kauer, Technische Universtat Dresden, Germany Michael LeMay, University of Illinois Urbana-Champaign, USA Michael Locasto, George Mason University, USA Andrew Martin, University of Oxford, UK Jon McCune, Carnegie Mellon University, USA Chris Mitchell, Royal Holloway University, UK David Naccache, ENS, France Dimitris Pendarakis, IBM Watson, USA Graeme Proudler, HP Laboratories, UK Anand Rajan, Intel, USA Scott Rotondo, Sun, USA Ahmad-Reza Sadeghi, University of Bochum, Germany Radu Sion, Stony Brook University, USA Christian Stueble, Sirrix, Germany G. Edward Suh, Cornell University, USA Leendert van Doorn, AMD, USA Claire Vishik, Intel, UK Program Committee (Socio-economic Strand) Andrew A. Adams, Reading University, UK Ian Brown, University of Oxford, UK Johann Cas, Austrian Academy of Science Lorrie Faith Cranor, Carnegie-Mellon University, USA Tamara Dinev, Florida Atlantic University, USA Peter Gutmann, University of Auckland, New Zealand Tristan Henderson, St Andrews University, UK Adam Joinson, Bath University, UK Eleni Kosta, Katholieke Universiteit Leuven, Belgium Meryem Marzouki, French National Scientific Research Center (CNRS) Tyler Moore, Harvard University, USA Deirdre Mulligan, UC Berkely, USA Anne-Marie Oostveen, Oxford University, UK Andrew Patrick, Carleton University, Canada Angela Sasse, University College London, UK Jonathan Zittrain, Harvard University, USA Important Dates: Submission due: 9 February 2010 (Extended Deadline) Notification: 10 March 2010 Camera ready: 24 March 2010 Conference: 21-23 June 2010 Paper Submission: http://www.trust2010.org/submission.html From tmoore at seas.harvard.edu Mon Jan 18 11:59:31 2010 From: tmoore at seas.harvard.edu (Tyler Moore) Date: Mon, 18 Jan 2010 11:59:31 -0500 Subject: [EIS] CfP: WEIS, June 7-8, 2010, Harvard - Submissions due Feb 22 Message-ID: 9th Workshop on the Economics of Information Security (WEIS) June 7-8, 2010 Harvard University, Cambridge, MA, USA CALL FOR PAPERS http://weis2010.econinfosec.org/cfp.html IMPORTANT DATES Submissions due: February 22, 2010 Notification of acceptance: April 2, 2010 Workshop: June 7-8, 2010 Information security continues to grow in importance, as threats proliferate, privacy erodes, and attackers find new sources of value. Yet the security of information systems depends on more than just technology. Good security requires an understanding of the incentives and tradeoffs inherent to the behavior of systems and organizations. As society?s dependence on information technology has deepened, policy makers, including the President of the United States, have taken notice. Now more than ever, careful research is needed to accurately characterize threats and countermeasures, in both the public and private sectors. The Workshop on the Economics of Information Security (WEIS) is the leading forum for interdisciplinary scholarship on information security, combining expertise from the fields of economics, social science, business, law, policy and computer science. Prior workshops have explored the role of incentives between attackers and defenders, identified market failures dogging Internet security, and assessed investments in cyber-defense. This workshop will build on past efforts using empirical and analytic tools to not only understand threats, but also strengthen security through novel evaluations of available solutions. How should information risk be modeled given the constraints of rare incidence and high interdependence? How do individuals? and organizations? perceptions of privacy and security color their decision making? How can we move towards a more secure information infrastructure and code base while accounting for the incentives of stakeholders? We encourage economists, computer scientists, business school researchers, legal scholars, security and privacy specialists, as well as industry experts to submit their research and attend the workshop. Suggested topics include (but are not limited to) empirical and theoretical studies of: - Optimal investment in information security - Online crime (including botnets, phishing and spam) - Models and analysis of online crime - Risk management and cyberinsurance - Security standards and regulation - Cybersecurity policy - Privacy, confidentiality and anonymity - Behavioral security and privacy - Security models and metrics - Psychology of risk and security - Vulnerability discovery, disclosure, and patching - Cyberwar strategy and game theory - Incentives for information sharing and cooperation We highlight two key areas of particular focus for this year?s workshop. First, we encourage submissions that consider the design and evaluation of policy solutions for improving information security. Second, given the importance of data-driven decision making, we encourage submissions with empirical components. A selection of papers accepted to this workshop will appear in an edited volume designed to help policy makers, managers, researchers and practitioners better understand the information security landscape. Papers should be submitted online by 23:59 PST on Monday, February 22, 2010, preferably in PDF format. Submitted manuscripts should represent significant and novel research contributions. Please note that WEIS has no formal formatting guidelines. Previous contributors spanned fields from economics and psychology to computer science and law, each with different norms and expectations about manuscript length and formatting. Advisable rules of thumb include: using past WEIS accepted papers as templates and adhering to your community's publication standards. WEIS is co-located with the 11th ACM Conference on Electronic Commerce, June 9-11, 2010. PROGRAM COMMITTEE Alessandro Acquisti, Carnegie Mellon University Ross Anderson, University of Cambridge Rainer B?hme, ICSI Berkeley Jean Camp, Indiana University Huseyin Cavusoglu, University of Texas at Dallas Nicolas Christin, Carnegie Mellon University Benjamin Edelman, Harvard Business School Allan Friedman, Harvard University (General Chair) Neil Gandal, Tel Aviv University Dan Geer, In-Q-Tel Lawrence Gordon, University of Maryland Jens Grossklags, Princeton University Thorsten Holz, Technical University of Vienna M. Eric Johnson, Dartmouth Tuck School of Business Martin Loeb, University of Maryland Tyler Moore, Harvard University (Program Chair) Andrew Odlyzko, University of Minnesota David Pym, HP Labs and University of Bath Brent Rowe, RTI Stuart Schechter, Microsoft Research Bruce Schneier, BT Counterpane Rick Sullivan, Federal Reserve Bank of Kansas City Latanya Sweeney, Carnegie Mellon University Rahul Telang, Carnegie Mellon University Catherine Tucker, MIT Michel van Eeten, Delft University of Technology Hal Varian, Google and UC Berkeley Jonathan Zittrain, Harvard Law School -------------- next part -------------- An HTML attachment was scrubbed... URL: From Stuart.Schechter at microsoft.com Mon Jan 18 20:07:31 2010 From: Stuart.Schechter at microsoft.com (Stuart Schechter) Date: Tue, 19 Jan 2010 01:07:31 +0000 Subject: [EIS] CFP: Symposium on Usable Privacy and Security Message-ID: <6ED874367060664AA11FA132F6DE0D641CF367A1@TK5EX14MBXC120.redmond.corp.microsoft.com> Because many of you are interested in the behavioral side of security/privacy economics, I'm posting the CFP for the Symposium on Usable Privacy and Security (SOUPS). You may notice that the program committee has a significant overlap with that of WEIS. -----Original Message----- CALL FOR PAPERS -- SOUPS 2010 Symposium On Usable Privacy and Security July 14-16, 2010 Microsoft, Redmond, WA USA http://cups.cs.cmu.edu/SOUPS/ The 2010 Symposium on Usable Privacy and Security (SOUPS) will bring together an interdisciplinary group of researchers and practitioners in human computer interaction, security, and privacy. The program will feature technical papers, a poster session, panels and invited talks, discussion sessions, and in-depth sessions (workshops and tutorials). Detailed information about technical paper submissions appears below. For information about other submissions please see the SOUPS web site http://cups.cs.cmu.edu/soups/2010/cfp.html. TECHNICAL PAPERS We invite authors to submit original papers describing research or experience in all areas of usable privacy and security. Topics include, but are not limited to: * innovative security or privacy functionality and design, * new applications of existing models or technology, * field studies of security or privacy technology, * usability evaluations of new or existing security or privacy features, * security testing of new or existing usability features, * longitudinal studies of deployed security or privacy features, * the impact of organizational policy or procurement decisions, and * lessons learned from the deployment and use of usable privacy and security features. All submissions must relate to both usability and either security or privacy. Papers on security or privacy applications that do not address usability or human factors will not be considered. Papers need to describe the purpose and goals of the work completed to date, cite related work, show how the work effectively integrates usability and security or privacy, and clearly indicate the innovative aspects of the work or lessons learned as well as the contribution of the work to the field. Submitted papers must not significantly overlap papers that have been published or that are simultaneously submitted to a peer-reviewed venue or publication. With the exception of publicly available prior work that is documented in your related work section, any overlap between your submitted paper and other work either under submission or previously published must be documented in a clearly-marked explanatory note at the front of the paper. State precisely how the two works differ in their goals, any use of shared experiments or data sources, and the unique contributions. If the other work is under submission elsewhere, the program committee may ask to review that work to evaluate the overlap. Please note that program committees frequently share information about papers under review and reviewers usually work on multiple conferences simultaneously. As technical reports are not peer reviewed they are exempt from this rule. You may also release pre-prints of your accepted work to the public at the time of your discretion. Accepted papers will appear in the ACM Digital Library as part of the ACM International Conference Proceedings Series. The technical papers committee will select an accepted paper to receive the SOUPS 2010 best paper award. New this year, authors have the option to attach to their paper supplemental appendices containing study materials (e.g. surveys) that would not otherwise fit within the body of the paper. These appendices may be included to assist reviewers who may have questions that fall outside the stated contribution of your paper, on which your work is to be evaluated. The body of your paper must still be self contained and provide sufficient detail to elucidate your study methodology and results, as reviewers are neither required nor expected to read supplemental appendices. Accepted papers will be published online with their supplemental appendices included. Papers must use the SOUPS formatting template (available for MS Word or LaTeX) and be up to 12 pages in length, exclusive of the bibliography and any supplemental appendices described above. Submissions must be no more than 20 pages including bibliography and appendices. If your supplemental materials exceed this page limit, you may upload a separate external appendix file with these materials. The external appendix file need not conform to the SOUPS formatting template. In that case, make sure you mention the external appendix in the body of your paper and describe its contents. For the body of your paper, brevity is appreciated, as evidenced by the fact that many papers in prior years have been well under this limit. All submissions must be in PDF format and should not be blinded. In addition, you must cut and paste an abstract of no more than 300 words onto the submission form. Submit your paper using the electronic submissions page for the SOUPS 2010 conference (http://cups.cs.cmu.edu/soups/2010/submit.html). A successful submission will display a web page confirming it, and a confirmation email is sent to the corresponding author. Please make sure you receive that confirmation email when you submit, and follow the directions in that email if you require any follow up. Technical paper submissions will close at 5 PM, US Pacific time, the evening of Friday, March 5. This is a hard deadline! Authors will be notified of technical paper acceptance by April 30, and camera ready final versions of technical papers are due June 12. Authors are encouraged to review: Common Pitfalls in Writing about Security and Privacy Human Subjects Experiments, and How to Avoid Them. https://cups.cs.cmu.edu/soups/2010/howtosoups.pdf General Chair: Lorrie Cranor, Carnegie Mellon University Discussion Session Chair: Heather Lipford, University of North Carolina at Charlotte Invited Talks and Panels Chair: Cynthia Kuo, Nokia Research Center Palo Alto / Carnegie Mellon Silicon Valley Local Activities Chair: Brian LaMacchia, Microsoft Research Posters Co-Chairs: Dirk Balfanz, Google Konstantin Beznosov, University of British Columbia Technical Papers Co-Chairs: Andrew Patrick, Carleton University Stuart Schechter, Microsoft Research Tutorials and Workshops Chair: Kirstie Hawkey, University of British Columbia Technical Papers Committee Ross Anderson, Cambridge Alessandro Acquisti, CMU Heinz College Steven Bellovin, Columbia University Robert Biddle, Carleton University Jose Brustoloni Bill Cheswick, AT&T Research Rachna Dhamija, Usable Security Systems Roger Dingledine, The Tor Project Serge Egelman, Brown University Carl Ellison, Microsoft Simson L. Garfinkel, Naval Postgraduate School Harry Hochheiser, University of Pittsburgh Markus Jakobsson, PARC Clare-Marie Karat, Karat Consulting Group Ponnurangam Kumaraguru (PK), IIIT Delhi, India Linda Little, Northumbria University, UK Andy Ozment, US Office of the Secretary of Defense Rob Reeder, Microsoft Karen Renaud, University of Glasgow Angela Sasse, University College London Diana Smetters, PARC Paul Van Oorschot, Carleton University Hao-Chi Wong, Intel Mary Ellen Zurko, IBM _______________________________________________ Soups-announce mailing list Soups-announce at CUPS.CS.CMU.EDU http://CUPS.CS.CMU.EDU/mailman/listinfo/soups-announce