 |
June 7- 8, 2007 |
Home
Call for
Papers
Submission
Program
Registration
Travel
Organization
Past
Workshops
PROGRAM
Directions to the buildings hosting the different events are available on our Travel page.Please note that all presentation sessions will be held in the Collaborative Innovation Center (CIC), Room 1201, Carnegie Mellon University.
Wednesday, June 6
6-8pm Registration, Grand Room at Posner Hall, (3rd floor, Tepper School of Business), Carnegie Mellon University
6-8pm Welcome reception, Grand Room at Posner Hall
Thursday, June 7
8am-12pm Registration, Collaborative Innovation Center (CIC), Room 1201
7:30-8:15am Breakfast, Collaborative Innovation Center (CIC), Room 1201
8:15-8:30am Welcome Address, Collaborative Innovation Center (CIC), Room 1201
The welcome address will be given by Dean Mark Wessel, H. John Heinz III School of Public Policy & Management, Carnegie Mellon University.
Session I - 8:30-10:30am (Disclosure), Collaborative Innovation Center (CIC), Room 1201
-
Chair - Anindya Ghose, New York University
The legitimate vulnerability market: the secretive world of 0-day exploit sales
Charles Miller, Independent Security Evaluators
Inadvertent Disclosure - Information Leaks in the Extended Enterprise
M. Eric Johnson and Scott Dynes, Dartmouth College
Network Security: Vulnerabilities and Disclosure Policy
Jay Pil Choi, Michigan State University,
Chaim Fershtman, Neil Gandal, Tel Aviv University
The Countervailing Incentive of Restricted Patch Distribution: Economic and Policy Implications
Mohammad S. Rahman Karthik Kannan, Mohit Tawarmalani, Purdue University
10:30-11am Coffee Break
Session II - 11am-12pm (Privacy), Collaborative Innovation Center (CIC), Room 1201
-
Chair - Lorrie Cranor, Carnegie Mellon University
On the Viability of Privacy-Enhancing Technologies in a Self-Regulated Business-to-Consumer Market: Will Privacy Remain a Luxury Good?
Rainer Böhme and Sven Koble, Technische Universität Dresden
When 25 Cents is too much: An Experiment on Willingness-To-Sell and Willingness-To-Protect Personal Information
Jens Grossklags, University of California at Berkeley,
Alessandro Acquisti, Carnegie Mellon University
12-1pm Lunch, Newell-Simon Hall Atrium
1-2pm Keynote speech (George Loewenstein), Collaborative Innovation Center (CIC), Room 1201
WEIS 2007 is delighted to host a keynote speech by Dr. George Loewenstein, Herbert A. Simon Professor of Economics and Psychology at Carnegie Mellon University. The title of the talk will be: Searching for Security in all the Wrong Places: A psychological perspective on individual concern for privacy.
George Loewenstein is the Herbert A. Simon Professor of Economics and Psychology at Carnegie Mellon University. He received his PhD from Yale University in 1985 and since then has held academic positions at The University of Chicago and Carnegie Mellon University, and fellowships at Center for Advanced Study in the Behavioral Sciences, The Institute for Advanced Study in Princeton, The Russell Sage Foundation and The Institute for Advanced Study in Berlin. He is one of the founders of the field of behavioral economics and more recently of the new field of neuroeconomics. Loewenstein's research focuses on applications of psychology to economics, and his specific interests include decision making over time, bargaining and negotiations, psychology and health, law and economics, the psychology of adaptation, the role of emotion in decision making, the psychology of curiosity, conflict of interest, and "out of control" behaviors such as impulsive violent crime and drug addiction. He has published over 100 journal articles, numerous book chapters, and has edited 6 books on topics ranging from intertemporal choice to behavioral economics to emotions.
Session III - 2-3:30pm (Security Investments), Collaborative Innovation Center (CIC), Room 1201
-
Chair - Martin Loeb, University of Maryland
Optimally Securing Enterprise Information Systems and Assets
Vineet Kumar, Rahul Telang, Tridas Mukhopadhyay, Carnegie Mellon University
Interdependence of Reliability and Security
Peter Honeyman, University of Michigan,
Galina A. Schwartz, University of California Berkeley,
Ari Van Assche, HEC Montréal
A Framework for Classifying and Comparing Models of Cyber Security Investment to Support Policy and Decision-Making
Rachel Rue, Shari Lawrence Pfleeger, David Ortiz, RAND Corporation
3:30-4pm Coffee Break
Session IV - 4-5:30pm (Managed Security Service Providers), Collaborative Innovation Center (CIC), Room 1201
-
Chair - Bruce Schneier, BT Counterpane
Growth and sustainability of MSSP networks
Alok Gupta and Dmitry Zhdanov, University of Minnesota
Will Outsourcing IT Security Lead to a Higher Social Level of Security?
Brent Rowe, RTI International
Measuring Security Investment Benefit for Off the Shelf Software Systems - A Stakeholder Value Driven Approach
Yue Chen, Barry Boehm, Luke Sheppard, University of Southern California
Banquet Dinner, 6-9pm
- Phipps
Conservatory and Botanical Gardens
Schenley Park (near CMU Campus) Participants will have free access to a Chihuly exhibition during the banquet, and music by The Chris Hemingway Trio.
Friday, June 8
8am-12pm Registration, Collaborative Innovation Center (CIC), Room 1201
7:30-8:30am Breakfast, Collaborative Innovation Center (CIC), Room 1201
Session V - 8:30-10am (Privacy-Personalization), Collaborative Innovation Center (CIC), Room 1201
-
Chair - Srinivasan Raghunathan, University of Texas at Dallas
Incentive Design for Free but No Free Disposal Services: The Case of Personalization under Privacy Concerns
Ramnath K. Chellappa, Emory University Atlanta,
Shivendu Shivendu, University of Southern California
The Effect of Online Privacy Information on Purchasing Behavior: An Experimental Study
Janice Tsai, Serge Egelman, Lorrie Cranor, Alessandro Acquisti, Carnegie Mellon University
Economics of User Segmentation, Profiling, and Detection in Security
Srinivasan Raghunathan, Huseyin Cavusoglu, Byungwan Koh, The University of Texas at Dallas,
Bin Mai, Northwestern State University
10-10:30am Coffee Break
Session VI - 10:30am-12pm (Empirics of Information Security), Collaborative Innovation Center (CIC), Room 1201
-
Chair - Ross Anderson, University of Cambridge
The Deterrent Effect of Enforcement Against Computer Hackers: Cross-Country Evidence
Ivan Png, Chen Yu Wang, National University of Singapore
An Empirical Analysis of the Current State of Phishing Attack and Defence
Tyler Moore and Richard Clayton, University of Cambridge
Privacy, Network Effects and Electronic Medical Record Technology Adoption
Amalia R. Miller, University of Virginia,
Catherine E. Tucker, MIT
12-1:30pm Box Lunch and Tutorial, Collaborative Innovation Center (CIC), Room 1201
-
Neil Gandal will hold a tutorial on economic modeling titled: Writing an economics paper - A tutorial for information security experts. This tutorial will cover the key steps in writing an economics paper for information security, starting with the research idea and including detailed suggestions about modeling.
1:30-2pm Short Break
Session VII - 2-3pm, (Rump Sessions) Collaborative Innovation Center (CIC), Room 1201
-
Chair - Jean Camp, Indiana University
Assessing the Value of Investments in Network Security Operations: A Systems Analytics Approach
Jonathan Griffin, Brian Monahan, David Pym, Mike Wonham, and Mike Yearworth, HP Laboratories
The Gordon-Loeb Investment Model Generalized: Time Dependent Multiple Threats and Breach Losses over an Investment Period.
Rolf Hulthen, TeliaSonera
An Uneasy Relationship: Cyber Security Information Sharing, Communications Privacy, and the Boundaries of the Firm
Aaron Burstein, University of California, Berkeley
Hiding, Seeking, and the Evolution of Privacy Behavior
Stefan Dodds, Carleton University
A Reputation Mechanism for Software Vulnerability Disclosure and Patch Release
Xia Zhao, Jianqing Chen, and Andrew B. Whinston, University of Texas at Austin
A Survival Analysis of Disclosed Security Breaches
Xiaodong Jin, Dan Yomine
Session VIII 3- 4:30pm (Risk), Collaborative Innovation Center (CIC), Room 1201
-
Chair - Karthik Kannan, Purdue University
Mental Models of Computer Security Risks
Farzaneh Asgharpour, Debin Liu, L. Jean Camp, Indiana University
Cyber-Insurance: Copula Pricing Framework and Implications for Risk Management
Hemantha S. B. Herath, Brock University,
Tejaswini C. Herath, University at Buffalo
Strategic Defense and Attack of Complex Networks
Kjell Hausken, University of Stavanger