[fc-discuss] CFP: The Economics of Securing the Information Infrastructure
Stuart E. Schechter
ses@ll.mit.edu
Mon, 30 Jan 2006 19:47:47 -0500
The Workshop on the Economics of
Securing the Information Infrastructure
http://wesii.econinfosec.org/
October 23-24, 2006
Arlington, VA
CALL FOR PAPERS
Our information infrastructure suffers from decades-old vulnerabilities,
from the low-level algorithms that select communications routes to the
application-level services on which we are becoming increasingly
dependent. Are we investing enough to protect our infrastructure? How
can we best overcome the inevitable bootstrapping problems that impede
efforts to add security to this infrastructure? Who stands to benefit
and who stands to lose as security features are integrated into these
basic services? How can technology investment decisions best be
presented to policymakers?
We invite infrastructure providers, developers, social scientists,
computer scientists, legal scholars, security engineers, and especially
policymakers to help address these and other related questions. Authors
of accepted papers will have the opportunity to present their work to
government and corporate policymakers. We encourage collaborative
research from authors in multiple fields and multiple institutions.
Submissions Due: August 6, 2006 (11:59PM PST)*
========================================================================
Suggested topics
(not intended to be comprehensive)
========================================================================
The economics of deploying security into:
The Domain Name System (DNS) BGP & routing infrastructure
Email & spam prevention Programming languages
Legacy code bases User interfaces
Operating systems Code origin authentication
Measuring the cost of adding security Liability and legal issues
Models of deployment penetration Measuring/estimating damages
Empirical studies of deployment Establishing roots of trust
Identity management infrastructure Internet politics
Securing open source code libraries Antitrust Issues
Adding security to/over existing APIs Privacy Issues
Data archival & warehousing infrastructure
========================================================================
Program Committee
========================================================================
Alessandro Acquisti Carnegie Mellon University
Heinz School of Public Policy & Management
Ross Anderson University of Cambridge
Jean Camp Indiana University
Huseyin Cavusoglu Tulane University
Richard Clayton University of Cambridge
Steve Crocker Shinkuro / DNSSEC Deployment Working Group
Ben Edelman Harvard University Department of Economics
Allan Friedman Harvard University
Kennedy School of Government
Adam M. Golodner Cisco Systems
Larry Gordon University of Maryland
Smith School of Business
Yacov Haimes University of Virginia
Cathy Handley U.S. Department of Commerce, National
Telecommunications & Information Administration
Barry Horowitz University of Virginia
Richard Hovey U.S. Federal Communications Commission (FCC)
Jeff Hunker Carnegie Mellon University
Heinz School of Public Policy & Management
M. Eric Johnson The Tuck School of Business at Dartmouth College
Jeffrey M. Kopchik U.S. Federal Deposit Insurance Corporation (FDIC)
Technology Supervision Branch
Steve Lipner Microsoft
Marty Loeb University of Maryland
Smith School of Business
Doug Maughan U.S. Department of Homeland Security (DHS)
Science and Technology Directorate
Doug Montgomery U.S. National Institute of Standards & Technology
Internetworking Technologies Group
Milton Mueller Syracuse University School of Information Studies
Andrew Odlyzko University of Minnesota
Andy Ozment MIT Lincoln Laboratory / University of Cambridge
Shari Lawrence Pfleeger RAND Corporation
Stuart Schechter MIT Lincoln Laboratory
Bruce Schneier Counterpane Internet Security
Rahul Telang Carnegie Mellon University
Heinz School of Public Policy & Management
Andrew Wyckoff Organisation for Economic Cooperation and
Development (OECD)
========================================================================
Workshop Sponsors
========================================================================
The Institute for Information Infrastructure Protection (I3P)
The Workshop on the Economics of Information Security (WEIS)
========================================================================
Paper Formats and Submission Instructions
========================================================================
See the workshop web site at:
http://wesii.econinfosec.og/