|
All events take place in the Northwest Building at 52 Oxford St unless otherwise noted. |
|
| Sunday, June 6, 2010 | |
| 4:30pm-6pm |
Tour of Historical Harvard and Cambridge Meeting Point: Maxwell Dworkin Lobby, 33 Oxford St |
| 6pm-8pm | Welcome Reception (serving drinks and hors d'oeuvres) Location: Maxwell Dworkin Lobby, 33 Oxford St |
| Monday, June 7, 2010 | |
| 8:15am–9:00am | Breakfast and Registration |
| 9:00am–9:15am | Conference Opening Tyler Moore and Allan Friedman |
|
Tracey Vispoli, Chubb Insurance |
|
| 10:15am–10:45am | Break |
| 10:45am–12:15pm |
Data Breaches and Organizational Security Session Chair: Stuart Schechter Data Breaches and Identity Theft: When is Mandatory Disclosure Optimal? - Sasha Romanosky, Richard Sharp and Alessandro Acquisti (Carnegie Mellon) [ Paper | Presentation ] Encryption and Data Loss - Amalia R Miller and Catherine Tucker (MIT) [ Paper | Presentation ] Market Impact on IT Security Spending - Bora Kolfal, Raymond Patterson and Lisa Yeo (Alberta) [ Paper available by contacting Lisa Yeo | Presentation ] Outsourcing Information Security: Contracting Issues and Security Implications - Asunur Cezar, Huseyin Cavusoglu, and Srinivasan Raghunathan (UT Dallas and Middle East Technical University) [ Paper | Presentation ] |
| 12:15pm–1:45pm | Lunch |
| 1:45pm–3:15pm |
Privacy and Controversial Social Issues Session Chair: Rainer Boehme Is the Internet for Porn? An Insight Into the Online Adult Industry - Gilbert Wondracek, Thorsten Holz, Christian Platzer, Engin Kirda and Christopher Kruegel (TU Vienna, Institute Eurecom and UCSB) [ Paper | Presentation ] Guns, Privacy, and Crime - Alessandro Acquisti (Carnegie Mellon) and Catherine Tucker (MIT) [ Paper | Presentation ] Misplaced Confidences: Privacy and the Control Paradox - Laura Brandimarte, Alessandro Acquisti and George Loewenstein (Carnegie Mellon) [ Paper | Presentation ] A Welfare Analysis of Secondary Use of Personal Data - Nicola Jentzsch (German Institute for Economic Research) [ Paper | Presentation ] |
| 3:15pm–3:45pm | Break |
| 3:45pm–5:00pm |
Empirical Studies Session Chair: Lawrence Gordon The password thicket: technical and market failures in human authentication on the web - Joseph Bonneau and S�ren Preibusch (Cambridge) [ Paper | Presentation ] Please Continue to Hold: An empirical study on user tolerance of security delays - Serge Egelman, David Molnar, Nicolas Christin, Alessandro Acquisti, Cormac Herley and Shriram Krishnamurthi (Brown, Microsoft Research and Carnegie Mellon) [ Paper | Presentation ] Inglourious Installers: Security in the Application Marketplace - Jonathan Anderson, Joseph Bonneau and Frank Stajano (Cambridge)[ Paper ] |
| 5:00pm | Adjourn |
| 5:45pm–7:30pm | Conference Banquet Location: Legal Sea Foods, Harvard Square |
| Tuesday, June 8, 2010 | |
| 8:15am–9:00am | Breakfast and Registration |
| 9:00am–10:30am |
Economic and Policy Considerations for ISPs Session Chair: Ross Anderson Might Governments Clean-up Malware? - Richard Clayton (Cambridge) [ Paper | Presentation ] The Role of Internet Service Providers in Botnet Mitigation: An Empirical Analysis Based on Spam Data - Michel van Eeten, Johannes M. Bauer, Hadi Asghari, Shirin Tabatabaie and Dave Rand (TU Delft, Michigan State and Trend Micro) [ Paper | Presentation ] Security Games in Online Advertising: Can Ads Help Secure the Web? - Nevena Vratonjic, Jean-Pierre Hubaux, Maxim Raya and David Parkes (EPFL and Harvard) [ Paper | Presentation ] Towards a Cooperative Defense Model Against Network Security Attacks - Harikrishna Narasimhan, Venkatanathan Varadarajan and Pandu Rangan Chandrasekaran (Anna and IIT Madras) [ Paper | Presentation ] |
| 10:00am–10:30am | Break |
| 11:00am–12:15pm |
Panelists: Richard J. Sullivan (Federal Reserve Bank of Kansas City) - The Changing Nature of US Card Payment Fraud: Issues for Industry and Public Policy [ Paper | Presentation ] Mark MacCarthy (Georgetown) - Information Security Policy in the U.S. Retail Payments Industry[ Paper | Presentation ] Ross Anderson (Cambridge)[ Presentation ] Moderator: Tyler Moore (Harvard) |
| 12:15pm–1:45pm | Lunch |
| 1:45pm–3:15pm |
Scale and the Economics of the Cloud Session Chair: Rahul Telang Self Hosting vs. Cloud Hosting: Accounting for the security impact of hosting in the cloud - David Molnar and Stuart Schechter (Microsoft Research) [ Paper ] Modeling Cyber-Insurance: Towards A Unifying Framework - Rainer Boehme and Galina Schwartz (ICSI Berkeley) [ Paper | Presentation ] The Plight of the Targeted Attacker in a World of Scale - Cormac Herley (Microsoft Research) [ Paper | Presentation ] On the Security Economics of Electricity Metering - Ross Anderson and Shailendra Fuloria (Cambridge) [ Paper | Presentation ] |
| 3:15pm–3:45pm | Break |
| 3:45pm–5:00pm |
Open Source and Security Management Session Chair: Nicolas Christin An Empirical Analysis of Exploitation Attempts based on Vulnerabilities in Open Source Software - Sam Ransbotham (Boston College) [ Paper | Presentation ] The Mathematics of Obscurity: On the Trustworthiness of Open Source - Hermann H�rtig, Claude-Joachim Hamann and Michael Roitzsch (TU Dresden) [ Paper | Presentation ] Structured Systems Economics for Security Management - Adam Beautement (UCL) and David Pym (Aberdeen) [ Paper | Presentation ] |
| 5:00pm–6:30pm | Brent Rowe - ISPs as Cyberecurity Providers Doron Becker - Security as Goodwill? Mark Felegyhazi - Security Investment with Penetration Testing Steven Murdoch - Chip and PIN Policy Tyler Moore - Policy Recommendations for Improving Cybersecurity Kanta Matsuura - Product-Validation Systems and EIS Jonathan Anderson - Rewards for Returning Lost Property Haruo Takasaki - Consumer Acceptance for Secondary Use Russell Cameron Thomas - Announcements Joseph Bonneau - Passwords and Intimacy Debin Liu - Incentive-based Access Control Steve Borbash - Determining the Difficulty of Security Problems Roger Dingledine - We Have Data! |
| 6:30pm | Adjourn |
| June 9-11, 2010 | |
| 11th ACM Conference on Electronic Commerce (separate registration) | |