CfC: Fifth International Summer School CfP

[PDF version]

Call for Contributions

Fifth International Summer School
organised jointly by the PrimeLife EU project
in cooperation with the IFIP WG 9.2, 9.6/11.7 11.4, 11.6.
Privacy and Identity Management for Life
(PrimeLife/IFIP Summer School 2009)
to be held in Nice, France, 7^th – 11^th September 2009

New Internet developments pose greater and greater privacy dilemmas. In the Information Society, the need for individuals to protect their autonomy and retain control over their personal information is becoming more and more important. Today, information and communication technologies – and the people responsible for making decisions about them, designing, and implementing them – scarcely consider those requirements, thereby potentially putting individuals’ privacy at risk. The increasingly collaborative character of the Internet enables anyone to compose services and contribute and distribute information. It may become hard for individuals to manage and control information that concerns them and particularly how to eliminate outdated or unwanted personal information, thus leaving personal histories exposed permanently. These activities raise substantial new challenges for personal privacy at the technical, social, ethical, regulatory, and legal levels:

· How can privacy in emerging Internet applications such as collaborative scenarios and virtual communities be protected?

· What frameworks and technical tools could be utilised to maintain life-long privacy?

The theme of this Summer School to be held in September 2009 and co-organised by the PrimeLife EU project and the International Federation for Information Processing (IFIP) will be on privacy and identity management for emerging Internet applications throughout a person’s life.

Both IFIP and PrimeLife take a holistic approach to technology and support interdisciplinary exchange. Participants’ contributions that combine technical, legal, regulatory, socio-economic, ethical, philosophical, or psychological perspectives are especially welcome.

Contributions from students who are at the stages of preparing either masters’ or doctoral theses qualifications will be especially welcomed. The school is interactive in character, and is composed of both keynote lectures and seminars, tutorials and workshops with PhD student presentations. The principle is to encourage young academic and industry entrants to the privacy and identity management world to share their own ideas and to build up a collegial relationship with others. Students that actively participate, in particular those who present a paper, can receive a course certificate which awards 3 ECTS at the PhD level. The certificate can certify the topic of the contributed paper to demonstrate its relation or non-relation to the student’s PhD thesis.

Topics of interest include but are not limited to:
- privacy and Identity management (application scenarios/use cases, technologies, infrastructures, usability aspects)
- privacy-enhancing technologies
- anonymity and pseudonymity
- transparency-enhancing tools
- privacy and trust policies
- privacy-aware web service composition
- privacy metrics
- trust management and reputation systems
- assurance evaluation and control
- privacy in complex emerging real-life scenarios
- the use of privacy-enhancing mechanisms in various application areas that are often life-long in character such as eLearning, eHealth, or LBS
- life-long privacy challenges and sustainable privacy and identity management
- privacy issues relating to social networks, social network analysis, profiling
- privacy aspects of RFID and tracking technologies, biometrics
- surveillance, data retention, availability and other legal-regulatory aspects,
- socio-economic aspects of privacy and identity management, and
- impact on social exclusion/digital divide/cultural aspects.

Contributions will be selected based on an extended abstract review by the Summer School Programme Committee. Accepted short versions of papers will be made available to all participants in the Summer School Pre-Proceedings. After the Summer School, authors will have the opportunity to submit their final full papers (which will address questions and aspects raised during the Summer School) for publication in the Summer School Proceedings published by the official IFIP publisher. The papers to be included in the Final Proceedings published by Springer (or the official IFIP publisher) will again be reviewed and selected by the Summer School Programme Committee.

Summer School Website: http://www.it.kau.se/IFIP-summerschool/

The submission address for extended abstracts (2-4 pages in length) will be accessible via the Summer School Website.

Submission deadline: May 14, 2009
Notification of acceptance: June 18, 2009
Short paper (up to 6 pages) for the Pre-Proceedings: August 11, 2009

General Chair:
Michele Bezzi (SAP Research/ France)

Programme Committee Co-Chairs:
Penny Duquenoy (Middlesex University/ UK, IFIP WG 9.2 chair)
Simone Fischer-Hübner (Karlstad University/ Sweden, IFIP WG11.6 vice chair)
Marit Hansen (Independent Centre for Privacy Protection Schleswig-Holstein, Kiel/ Germany)

Programme Committee:
Jan Camenisch (IBM Research/ Switzerland, IFIP WP 11.4 chair)
Mark Gasson (University of Reading/ UK)
Hans Hedbom (Karlstad University/ Sweden)
Tom Keenan (University of Calgary/ Canada)
Dogan Kesdogan (Siegen University/ Germany)
Kai Kimppa (University of Turku/ Finland)
Eleni Kosta (KU Leuven/ Belgium)
Elisabeth de Leeuw (Ordina/ Netherlands, IFIP WG 11.6 chair)
Marc van Lieshout (Joint Research Centre/ Spain)
Javier Lopez (University of Malaga/ Spain)
Vaclav Matyas (Masaryk University, Brno/ Czech Republic)
Martin Meints (Independent Centre for Privacy Protection Schleswig-Holstein, Kiel/ Germany)
Jean-Christophe Pazzaglia (SAP Research/France)
Uli Pinsdorf (Europäisches Microsoft Innovations Center GmbH (EMIC)/ Germany)
Andreas Pfitzmann (TU Dresden/ Germany)
Charles Raab (University of Edinburgh/ UK)
Kai Rannenberg (Goethe University Frankfurt/ Germany, IFIP TC11 chair)
Dieter Sommer (IBM Research/ Switzerland)
Sandra Steinbrecher (TU Dresden/ Germany)
Morton Swimmer (John Jay College of Criminal Justice, CUNY/ USA)
Jozef Vyskoc (VaF/ Slovakia)
Rigo Wenning (W3C/ France)
Diane Whitehouse (The Castlegate Consultancy/ UK)

Organising Committee Chair:
Jean-Christophe Pazzaglia (SAP Research/ France)

Announcing the local New York chapter of the Heart Project

Although we haven't formally been accepted, I wanted to announce the formation of the local chapter of the Heart Project, which I've called "I heart New York". The idea is to participate in the development of an RDF store for Hadoop/Hbase. The main project is based mainly in Korea, which is just a bit too far for most people to travel, but there is quite a bit of interest in very large RDF databases here, so it seemed a good idea to have a local group. It will be attached to the NYC Semantic Web meetup group that Marco Neumann organizes, which is already one of the world's largest semantic web interest groups.
So, why am I interested, being the security geek that I am? Well, RDF and sematic web technology interests me in two ways. First of all, there is it's use in Data Centric Security. However, the other angle that I have is the encoding, exchange and reasoning over security relevant data expressed in RDF, or at the very least, using constrained (and well-defined) vocabularies. However, while looking at the amount of data that we at Trend Micro collect, I realized that no current system can handle it all. Furthermore, since we are working with a Hadoop infrastructure, it would be appropriate to leverage it. This led me to Heart.
If you are interested in the Heart project I'd encourage you to join in and if you are a New York local, then join our chapter, too!

Metrocards and PII

So, I guess I'm not surprised, but Metrocards do contain ID information allowing the user to be tracked, see the New York Times article on a recent case. If you bought your card with a credit or debit card, then you can be identified, too.
I guess this has to be considered a normal infraction of our privacy nowadays -- along with credit cards, social security numbers, EZ-Pass fobs, ...

Sigh.

[picture by Darny, used under a Creative Common's license.]

A few FCW Tournament photos

Hi all,

It's going to take a while to sift through all the photos I took at
the tournament and this is going to be a busy week for me. However,
I've posted a few photos from the trophy receiving ceremony for now.
It was already night when the Blue team finished their game (in the
dark) so I only have one photo available of them waiting for the
trophies. There are a few more photos of the White team and a group
photo with the trophies.

http://www.pbase.com/mswimmer/gallery/fcw_columbus_day_2008

Enjoy.

Cheers, Morton

I was reading a New York Times article titled "Agency’s ’04 Rule Let Banks Pile Up New Debt". It is a pretty damning article on the SEC and describes a quiet decision made by them to allow investment banks to take on more debt than previously allowed under the assumption that the banks were able to  manage their risk better with their newfangled computer models. This allowed Bear Stearns (R.I.P.) to raise it's leverage ratio to 33:1, which seems extraordinarily high. Anyway, while reading it I stumbled over this paragraph:

A lone dissenter — a software consultant and expert on risk management — weighed in from Indiana with a two-page letter to warn the commission that the move was a grave mistake. He never heard back from Washington.

The software consultant was Leonard D. Bole, of Valparaiso, Ind. and he was expressing doubts that computer models could protect companies seeing that they had failed to do so in the collapse of a hedge-fund in 1998 and the market plunge in 1987. While I have my doubts that any computer model can calculate risk well enough and certainly increasing allowed leverage ratios seems just plain daft, I think the current credit crisis is now just down to trust. Or the lack of it.

So, if it is a trust problem, how would a computer scientist approach the problem? First of all, I need to point out that trust is really a human issue, so there is a limit to how much computers can help, just as I doubt we can model risk. However, one of the problems is that there is a certain degree of mortgages that are of too high risk, but banks don't know what their exact exposure is, let alone that of their competitors. The result is that no one trusts each other and the capital market has suffered a form of seizure or heart attack.

A couple of years I was leading a project exploring Data Centric Security and as a part of my research I looked into provenance. We never had time to weave it into the model properly, but identified it as an important aspect that eventually needed to be included. But, wait. What is provenance?

Take paper. Paper documents have great provenance. You fill out a form, hand it in. It gets handled, gets coffee stains over it, stapled to other documents, stamped, filed, refiled, etc. By examining a paper document you get a feeling for where that document has been and what it went through. That is provenance. 

Unfortunately, electronic documents don't have provenance out of the box. Luckily, there has been some research into how provenance can be added. The project I was exposed to at IBM Research was the EU Provenance Project that was a part of the European Commission's Sixth Framework Programme, bless their cotton socks. Their proposed architecture, if I remember correctly, was to place hooks in document processing which record document use (CRUD operations: create, read, update, delete). Though I'm not sure if that is the way I would have done it, it certainly work work unless someone cheated or didn't implement the hooks, though I assume that would be uncovered the next time the provenance recording system saw the document. 

How would provenance help in the credit crisis? If we just isolate the problem of sub-prime mortgages (and my brother, who knows much more about the financial industry assures me that there are a whole pile of other problems) it does look like a provenance problem to me. From my perspective as an outsider, what seemed to be happening was that these sub-prime mortgages were being sold, repackaged with other debt, sold again and so on. In the end, the last one in the chain didn't know what he/she was actually getting. The lack of provenance of these aggregate debt packages meant it wasn't possible to sufficiently well calculate what the risk was (in itself a dubious thing, but made even more difficult in this case.)  

Remember that all financial instruments is really just a document of sorts that we attach a value to. The document has no intrinsic value. Take currency: The dollar bill has no real value. You can't eat it. It doesn't produce a lot of energy when burned. However, we place a certain amount of trust in it as the intricate design and the type of paper tells us that it comes from a trusted source: in this case the US Treasury. The provenance of this bill allows us to accept that the risk is low that the extrinsic value is not one dollar, US. 

When aggregating debt from multiple sources you need to collect the provenance of all the included debt documents. This allows you to better estimate the risk associated with the aggregate debt and also find inconsistencies that I really really hope dont exist like circular provenance (which would be similar to a Ponzi scheme.) It also would allow the banks to identify the bad parts of the debts and calculate their exposure, which is something that they don't seem to be able to do at the moment. If they could, they would probably find that the bad debt they own is not as bad as it could be and there would be less uncertainty. Amongst other things, it is the uncertainty about the exposure to bad debt that has resulted in the credit crisis. 

While not all the problems that banks are facing can be solved by computer scientists or mathematicians, and you can argue that we have been instrumental in getting us into this mess, provenance standards for financial documents would go a long way to alleviating the problems we have at the moment.

I survived VB 2008

The Virus Bulletin Conference is probably the most important anti-malware conference there is. It is also the oldest surviving. I have been attending only since 1995 as it was just too expensive as a student. 

This year, it was in Ottawa, Canada's capital. The conference switches sides of the Atlantic every year, but since 2001, it is not possible to hold it in USA because some delegates can not or will not travel to the US. That said, Canada is a great place to go to, though VB is starting to run out of likely venues. 

There were no real eye-openers in the presentations I saw, but there was a constant flow of useful snippets of information. Luckily, my talk was the first after the keynote, so I could enjoy the rest of the conference. 

The real value of this conference, as with nearly every one, is the networking one does. I had quite a few hallway chats with delegates and speakers, and I've come to realize that these chats are what makes the industry function. It builds trust in an industry where misplaced trust could be dangerous. 

What I really noticed this year was that photography seems to be a very popular hobby. I've put my own photos on pbase, but thought it might be fun to start a flickr vphoto group for the amateurs in the anti-virus industry. (I actually prefer pbase for more serious work, but more people are already on Flickr.)

So, not after four 18 hour days and too much food and alcohol, I'm in rehab mode. It was fun, but I'm glad there is only one VB conference a year.

I confess to world domination

Graham Cluley, of Sophos, filmed various anti-virus researchers on a variety of silly subjects at the Virus Bulletin 2008 conference. I was one of them. I'll have to confess that I was one of the few to see the questions beforehand, so I knew what was coming. In the spirit of things, I decided to be totally silly about it. Enjoy. Or cringe. Your choice.