[Privsec] Workshop: Economics of Information Security, Washington DC, October

Ralf Bendrath bendrath at zedat.fu-berlin.de
Wed May 10 18:26:57 BST 2006 

 From the internet governance list.

-------- Original Message --------

                      The Workshop on the Economics of
                   Securing the Information Infrastructure

                       http://wesii.econinfosec.org/

                            October 23-24, 2006
                               Washington, DC

                                  SECOND
                              CALL FOR PAPERS

Our information infrastructure suffers from decades-old vulnerabilities,
from the low-level algorithms that select communications routes to the
application-level services on which we are becoming increasingly
dependent. Are we investing enough to protect our infrastructure? How can
we best overcome the inevitable bootstrapping problems that impede efforts
to add security to this infrastructure? Who stands to benefit and who
stands to lose as security features are integrated into these basic
services? How can technology investment decisions best be
presented to policymakers?

We invite infrastructure providers, developers, social scientists,
computer scientists, legal scholars, security engineers, and especially
policymakers to help address these and other related questions. Authors of
accepted papers will have the opportunity to present their work to
government and corporate policymakers. We encourage collaborative
research from authors in multiple fields and multiple institutions.

Submissions Due: August 6, 2006 (11:59PM PST)

========================================================================
                             Suggested topics
                   (not intended to be comprehensive)
========================================================================

   The economics of deploying security into:
         The Domain Name System (DNS)   BGP & routing infrastructure
         Email & spam prevention        Programming languages
         Legacy code bases              User interfaces
         Operating systems              Code origin authentication

   Measuring the cost of adding security   Liability and legal issues
   Models of deployment penetration        Measuring/estimating damages
   Empirical studies of deployment         Establishing roots of trust
   Identity management infrastructure      Internet politics
   Securing open source code libraries     Antitrust Issues
   Adding security to/over existing APIs   Privacy Issues
   Data archival & warehousing infrastructure


========================================================================
                             Program Committee
========================================================================

   Alessandro Acquisti  Carnegie Mellon University
                        Heinz School of Public Policy & Management

   Ross Anderson        University of Cambridge

   Jean Camp            Indiana University

   Huseyin Cavusoglu    Tulane University

   Richard Clayton      University of Cambridge

   Steve Crocker        Shinkuro / DNSSEC Deployment Working Group

   Ben Edelman          Harvard University Department of Economics

   Allan Friedman       Harvard University
                        Kennedy School of Government

   Adam M. Golodner     Cisco Systems

   Larry Gordon         University of Maryland
                         Smith School of Business

   Yacov Haimes         University of Virginia

   Cathy Handley        U.S. Department of Commerce, National
                        Telecommunications & Information Administration

   Barry Horowitz       University of Virginia

   Richard Hovey        U.S. Federal Communications Commission (FCC)

   Jeff Hunker          Carnegie Mellon University
                        Heinz School of Public Policy & Management

   M. Eric Johnson      The Tuck School of Business at Dartmouth College

   Jeffrey M. Kopchik   U.S. Federal Deposit Insurance Corporation (FDIC)

                        Technology Supervision Branch

   Steve Lipner         Microsoft

   Marty Loeb           University of Maryland
                        Smith School of Business

   Doug Maughan         U.S. Department of Homeland Security (DHS)
                        Science and Technology Directorate

   Doug Montgomery      U.S. National Institute of Standards & Technology
                        Internetworking Technologies Group

   Milton Mueller       Syracuse University School of Information Studies

   Andrew Odlyzko       University of Minnesota

   Andy Ozment          MIT Lincoln Laboratory / University of Cambridge

   Shari Lawrence Pfleeger  RAND Corporation

   Stuart Schechter     MIT Lincoln Laboratory

   Bruce Schneier       Counterpane Internet Security

   Rahul Telang         Carnegie Mellon University
                        Heinz School of Public Policy & Management

   Andrew Wyckoff       Organisation for Economic Cooperation and
                        Development (OECD)

   Bill Yurcik          National Center for Supercomputing Applications
                        (NCSA)


========================================================================
                             Workshop Sponsors
========================================================================
     The Institute for Information Infrastructure Protection (I3P)
     The Workshop on the Economics of Information Security (WEIS)

========================================================================
                  Paper Formats and Submission Instructions
========================================================================

See the workshop web site at:

   http://wesii.econinfosec.org/

More information about the Privsec mailing list