From marcel.winandy at trust.rub.de Wed Feb 10 05:34:19 2010 From: marcel.winandy at trust.rub.de (Marcel Winandy) Date: 10 Feb 2010 11:34:19 +0100 Subject: [EIS] Final CFP: 3rd International Conference on Trust and Trustworthy Computing (Trust 2010) Message-ID: <201002101134.19752.marcel.winandy@trust.rub.de> ************************************************************************** Call for Papers Trust 2010 3rd International Conference on Trust and Trustworthy Computing June 21-23, 2010, Berlin, Germany http://www.trust2010.org ************************************************************************** Submission due: 24 February 2010 (Extended Deadline) ************************************************************************** Building on the success of Trust 2009 (held at Oxford, UK) and Trust 2008 (Villach, Austria), this conference focuses on trusted and trustworthy computing, both from the technical and social perspectives. The conference itself will have two main strands, one devoted to technical aspects and one devoted to the socio-economic aspects of trusted computing. The conference solicits original papers on any aspect (technical or social and economic) of the design, application and usage of trusted and trustworthy computing, which concerns a broad range of concepts including trustworthy infrastructures, services, hardware, software and protocols. Topics of interest include, but are not limited to: Technical Strand: ----------------- * Architecture and implementation technologies for trusted platforms and trustworthy infrastructures * Mobile trusted computing * Implementations of trusted computing (covering both hardware and software) * Applications of trusted computing * Trustworthy infrastructures and services for cloud computing * Attestation and possible variants (e.g., property-based attestation, runtime attestation) * Cryptographic aspects of trusted computing * Security hardware, i.e., hardware with cryptographic and security functions, physically unclonable functions (PUFs) * Establishing trust in embedded systems (e.g., sensor networks) * Hardware Trojans (detection, prevention) * Intrusion resilience in trusted computing * Virtualisation for trusted platforms * Security policy and management of trusted computing * Access control for trusted platforms * Privacy aspects of trusted computing * Verification of trusted computing architectures * End-user interactions with trusted platforms * Limitations of trusted computing Socio-economic Strand: ---------------------- * Usability and user perceptions of trustworthy systems and risks * Effects of trustworthy systems upon user, corporate, and governmental behavior * The adequacy of guarantees provided by trustworthy systems for systems critically dependent upon trust, such as elections and government oversight * The impact of trustworthy systems upon digital forensics, police investigations and court proceedings * Economic drivers for trustworthy systems * Group and organizational behavior within trustworthy systems * The impact of trustworthy systems upon user autonomy, social capital, and power relationships * Cross-cultural definitions of trustworthiness * Can systems be truly "trustworthy" without any capacity for moral reasoning? * Trustworthy systems and precursors of trust such as honesty, benevolence, value similarity, or competence * Trustworthiness, regret and forgiveness * Trustworthy systems as enhancements or constraints on government power * The role of independence from vested interests as a driver of trust * Game theoretical approaches to modeling or designing trustworthy systems * Experimental economics studies of trustworthiness * The interplay between privacy, privacy enhancing technologies and trustworthiness * Regulatory vs peer-produced trustworthiness, including reputation systems * Global governance initiatives to manage trust * Critiques of trustworthy systems General Chair: Ahmad-Reza Sadeghi, University of Bochum, Germany Program Chair (Technical Strand) Sean Smith, Dartmouth College, USA Program Chair (Socio-economic Strand) Alessandro Acquisti, Carnegie Mellon University, USA Program Committee (Technical Strand) N. Asokan, Nokia Research Center, Finland Sergey Bratus, Dartmouth College, USA Liqun Chen, HP Laboratories, UK David Grawrock, Intel, USA Cynthia Irvine, Naval Postgraduate School, USA Bernhard Kauer, Technische Universtat Dresden, Germany Michael LeMay, University of Illinois Urbana-Champaign, USA Michael Locasto, George Mason University, USA Andrew Martin, University of Oxford, UK Jon McCune, Carnegie Mellon University, USA Chris Mitchell, Royal Holloway University, UK David Naccache, ENS, France Dimitris Pendarakis, IBM Watson, USA Graeme Proudler, HP Laboratories, UK Anand Rajan, Intel, USA Scott Rotondo, Sun, USA Ahmad-Reza Sadeghi, University of Bochum, Germany Radu Sion, Stony Brook University, USA Christian Stueble, Sirrix, Germany G. Edward Suh, Cornell University, USA Leendert van Doorn, AMD, USA Claire Vishik, Intel, UK Program Committee (Socio-economic Strand) Andrew A. Adams, Reading University, UK Ian Brown, University of Oxford, UK Johann Cas, Austrian Academy of Science Lorrie Faith Cranor, Carnegie-Mellon University, USA Tamara Dinev, Florida Atlantic University, USA Peter Gutmann, University of Auckland, New Zealand Tristan Henderson, St Andrews University, UK Adam Joinson, Bath University, UK Eleni Kosta, Katholieke Universiteit Leuven, Belgium Meryem Marzouki, French National Scientific Research Center (CNRS) Tyler Moore, Harvard University, USA Deirdre Mulligan, UC Berkely, USA Anne-Marie Oostveen, Oxford University, UK Andrew Patrick, Carleton University, Canada Angela Sasse, University College London, UK Jonathan Zittrain, Harvard University, USA Important Dates: Submission due: 24 February 2010 (Extended Deadline) Notification: 22 March 2010 Camera ready: 5 April 2010 Conference: 21-23 June 2010 Paper Submission: http://www.trust2010.org/submission.html From tmoore at seas.harvard.edu Mon Feb 15 12:55:49 2010 From: tmoore at seas.harvard.edu (Tyler Moore) Date: Mon, 15 Feb 2010 12:55:49 -0500 Subject: [EIS] CfP: WEIS submissions due in one week Message-ID: 9th Workshop on the Economics of Information Security (WEIS) June 7-8, 2010 Harvard University, Cambridge, MA, USA FINAL CALL FOR PAPERS http://weis2010.econinfosec.org/cfp.html IMPORTANT DATES Submissions due: February 22, 2010 Notification of acceptance: April 2, 2010 Workshop: June 7-8, 2010 Information security continues to grow in importance, as threats proliferate, privacy erodes, and attackers find new sources of value. Yet the security of information systems depends on more than just technology. Good security requires an understanding of the incentives and tradeoffs inherent to the behavior of systems and organizations. As society?s dependence on information technology has deepened, policy makers, including the President of the United States, have taken notice. Now more than ever, careful research is needed to accurately characterize threats and countermeasures, in both the public and private sectors. The Workshop on the Economics of Information Security (WEIS) is the leading forum for interdisciplinary scholarship on information security, combining expertise from the fields of economics, social science, business, law, policy and computer science. Prior workshops have explored the role of incentives between attackers and defenders, identified market failures dogging Internet security, and assessed investments in cyber-defense. This workshop will build on past efforts using empirical and analytic tools to not only understand threats, but also strengthen security through novel evaluations of available solutions. How should information risk be modeled given the constraints of rare incidence and high interdependence? How do individuals? and organizations? perceptions of privacy and security color their decision making? How can we move towards a more secure information infrastructure and code base while accounting for the incentives of stakeholders? We encourage economists, computer scientists, business school researchers, legal scholars, security and privacy specialists, as well as industry experts to submit their research and attend the workshop. Suggested topics include (but are not limited to) empirical and theoretical studies of: - Optimal investment in information security - Online crime (including botnets, phishing and spam) - Models and analysis of online crime - Risk management and cyberinsurance - Security standards and regulation - Cybersecurity policy - Privacy, confidentiality and anonymity - Behavioral security and privacy - Security models and metrics - Psychology of risk and security - Vulnerability discovery, disclosure, and patching - Cyberwar strategy and game theory - Incentives for information sharing and cooperation We highlight two key areas of particular focus for this year?s workshop. First, we encourage submissions that consider the design and evaluation of policy solutions for improving information security. Second, given the importance of data-driven decision making, we encourage submissions with empirical components. A selection of papers accepted to this workshop will appear in an edited volume designed to help policy makers, managers, researchers and practitioners better understand the information security landscape. Papers should be submitted online by 23:59 PST on Monday, February 22, 2010, preferably in PDF format. Submitted manuscripts should represent significant and novel research contributions. Please note that WEIS has no formal formatting guidelines. Previous contributors spanned fields from economics and psychology to computer science and law, each with different norms and expectations about manuscript length and formatting. Advisable rules of thumb include: using past WEIS accepted papers as templates and adhering to your community's publication standards. WEIS is co-located with the 11th ACM Conference on Electronic Commerce, June 9-11, 2010. PROGRAM COMMITTEE Alessandro Acquisti, Carnegie Mellon University Ross Anderson, University of Cambridge Rainer B?hme, ICSI Berkeley Jean Camp, Indiana University Huseyin Cavusoglu, University of Texas at Dallas Nicolas Christin, Carnegie Mellon University Benjamin Edelman, Harvard Business School Allan Friedman, Harvard University (General Chair) Neil Gandal, Tel Aviv University Dan Geer, In-Q-Tel Lawrence Gordon, University of Maryland Jens Grossklags, Princeton University Thorsten Holz, Technical University of Vienna M. Eric Johnson, Dartmouth Tuck School of Business Martin Loeb, University of Maryland Tyler Moore, Harvard University (Program Chair) Andrew Odlyzko, University of Minnesota David Pym, HP Labs and University of Bath Brent Rowe, RTI International Stuart Schechter, Microsoft Research Bruce Schneier, BT Counterpane Rick Sullivan, Federal Reserve Bank of Kansas City Latanya Sweeney, Carnegie Mellon University Rahul Telang, Carnegie Mellon University Catherine Tucker, MIT Michel van Eeten, Delft University of Technology Hal Varian, Google and UC Berkeley Jonathan Zittrain, Harvard Law School -- Tyler Moore, Postdoctoral Fellow Center for Research on Computation and Society, Harvard University http://people.seas.harvard.edu/~tmoore/ From nicolasc at andrew.cmu.edu Mon Feb 15 17:58:57 2010 From: nicolasc at andrew.cmu.edu (Nicolas Christin) Date: Mon, 15 Feb 2010 17:58:57 -0500 Subject: [EIS] Carnegie Mellon INI position available Message-ID: Dear all: We have a faculty position available for specialists in security economics, which may be of interest to many on this list. Applications are open, for now, until February 22. Please let me know if you have any questions. (Note, however, that the documents need to be sent to a different address.) Best regards, Nicolas Carnegie Mellon University Information Networking Institute & CyLab - Call for Faculty Position available: The Information Networking Institute and Carnegie Mellon CyLab at Carnegie Mellon University are soliciting applications for an open joint faculty position in the area of information assurance, security and privacy. Of particular interest are candidates whose background is at the intersection of business, technology and policy. The position is based in Carnegie Mellon's main campus in Pittsburgh, PA. Responsibilities include teaching courses for the various Masters of Science INI offers (Information Networking; Information Security, Technology, and Management; Information Technology), as well as leading and participating in research projects related to initiatives of Carnegie Mellon CyLab. Candidates must demonstrate strong commitments in teaching, a strong research background, and a proven research track record evidenced by a publication history in information assurance. Preference will be given to candidates having a documented track record of interdisciplinary research experience, in particular in the areas of information assurance, security economics, policy, and/or finance. A Ph.D. in Information Systems, Computer Science, Electrical Engineering, or closely related field is required. Information Networking Institute: http://www.ini.cmu.edu CyLab: http://www.cylab.cmu.edu Address for submission of documents (vitae, research and teaching statement, three reference letters): Dena Haritos Tsamitis Director, Information Networking Institute; Director of CyLab Education, Training and Outreach 4616 Henry Street Pittsburgh, Pennsylvania 15213 or by email at: dena at cmu.edu From Stuart.Schechter at microsoft.com Fri Feb 19 11:23:32 2010 From: Stuart.Schechter at microsoft.com (Stuart Schechter) Date: Fri, 19 Feb 2010 16:23:32 +0000 Subject: [EIS] Assistant/Associate Faculty Position in Cyber Security Message-ID: <6ED874367060664AA11FA132F6DE0D641DA14B79@TK5EX14MBXC111.redmond.corp.microsoft.com> Here's a second job opening that may be attractive to security economics researchers (there was another a few days ago). While job openings of interest to security economics researchers are not yet numerous enough that we actually have to start worrying about the ten-posts-per-year threshold that I promised for this list, too many job postings would be a great problem for our community to have. --Stuart -----Original Message----- From: Kevin Fu [mailto:kevinfu at cs.umass.edu] Announcement of an Assistant/Associate Professor Position in Cyber Security Isenberg School of Management, University of Massachusetts Amherst Department of Finance and Operations Management The Finance and Operations Management Department in the Isenberg School of Management at the University of Massachusetts Amherst invites applications for a tenure-track position at the senior Assistant or Associate Professor rank to start in September 2010. The department has a thriving undergraduate program in Operations Management (with a focus on both operations and systems), contributes to the MBA program, and also coordinates the PhD track in Management Science of the doctoral program in Business Administration. Candidates are required to have a PhD in a technology-related discipline, such as management science, operations management, operations research, information systems, or technology management. This position is focused on the area of cyber security, and candidates must show evidence of research and teaching in areas such as e-commerce, information security, information privacy, IT infrastructure, and/or RFID and applications to supply chains, etc. Candidates should show documented evidence of quality teaching at both undergraduate and graduate levels, as well as evidence of PhD student involvement. Further, candidates should show evidence of publishing in the premier outlets of their respective disciplines, such as Management Science, Operations Research, Production and Operations Management, Management Information Systems Quarterly, and/or Information Systems Research, and illustrate an active ongoing research stream targeted at such outlets. Candidates with leadership experience related to interdisciplinary research efforts and significant roles interacting with university and corporate stakeholders are strongly preferred. The Isenberg School of Management is AACSB accredited, and part of a vibrant and growing leading public research university. The campus is also a member of the Five College Consortium and collaborates with Amherst, Hampshire, Mount Holyoke and Smith Colleges on many initiatives and projects, and Amherst was recently touted as the number one college town in the United States. A letter of application articulating the candidate's fit with the position description, a curriculum vita, and the names and contact information of four persons who can provide references should be sent to: Chair of Search Committee Department of Finance and Operations Management Isenberg School of Management University of Massachusetts Amherst Amherst, MA 01003. Priority deadline for applications is March 15, 2010, but we will continue accepting applications until a successful candidate is found. Salary is competitive. The University of Massachusetts Amherst is an Affirmative Action/Equal Opportunity Employer. The department is committed to developing a diverse faculty and student body. Applications from women and members of minority groups are strongly encouraged. ---------------------------- Kevin Fu Assistant Professor Computer Science Department University of Massachusetts Amherst Ph: 616-594-0385 Fax: 413-545-1249 http://www.cs.umass.edu/~kevinfu/