- From: Erin Kenneally <erin@elchemy.org>
- Date: Mon, 20 Jan 2014 20:04:35 -0800
- To: public-privacy@w3.org
- Message-ID: <52DDF1D3.6010008@elchemy.org>
(Please, distribute among potentially interested colleagues) --------------------------------- The 2nd Cyber-security Research Ethics Dialog & Strategy (CREDS II) May 17, 2014, San Francisco, CA, Co-located with the 35th IEEE Symposium on Security and Privacy (IEEE S&P) --------------------------------- http://www.caida.org/workshops/creds/1405/ Overview: The future of online trust, innovation & self-regulation is threatened by a widening gap between users' expectations, formed by laws and norms, and the capacity for great benefits and harms generated by technological advances. As this gap widens, so too does ambiguity between asserted rights and threats. How do we close this gap and thereby lower risks, while also instilling trust in online activities? The solution embraces fundamental principles of ethics to guide our decisions in the midst of information uncertainty. One context where this solution is germinating is cybersecurity research. Commercial and public researchers and policymakers are tackling novel ethical challenges that exert a strong influence for online trust dynamics. These challenges are not exceptional, but increasingly the norm: (i) to understand and develop effective defenses to significant Internet threats, researchers infiltrate malicious botnets; (ii) to understand Internet fraud (phishing) studies require that users are unaware they are being observed in order to ascertain typical behaviors; and (iii) to perform experiments measuring Internet usage and network characteristics that require access to sensitive network traffic. This workshop anchors off of discussions, themes, and momentum generated from the inaugural CREDS 2013 workshop. Specifically, it targets the shifting roles, responsibilities, and relationships between Researchers, Ethical Review Boards, Government Agencies, Professional Societies, and Program Committees in incentivizing and overseeing ethical research. Its objective is to spawn dialogue and practicable solutions around the following proposition: Building a more effective research ethics culture is a prerequisite for balancing research innovation (i.e., academic freedom, reduced burdens and ambiguities) with public trust (i.e., respect for privacy and confidentiality, accountability, data quality), so we explore the pillars of such a culture as well as the strategies that might be adopted to incorporate them into research operations. CREDS II invites case studies, research experience and position papers that explore the following questions: What can we learn from other domains that struggle with ethical issues? What leadership should be engaged (i.e., institutional, government, peer groups), and what should their respective roles and responsibilities be? What education and awareness is needed? What information sharing/coordination needs to be improved: among researchers, among oversight entities, and between researchers and oversight entities? What knowledge and technology-transfer mechanisms can meet stated needs? Our goal is to create a set of targeted discussions among relevant stakeholders whose actions impact cyber security research ethics policy and practice, rather than a peer reviewed mini-conference. As such, will be reviewed by the Chairs for content quality and relevance, vetted by the PC for topic suitability an interest, but will not be peer reviewed as a mini-conference might. How to Participate: Authors are invited to submit abstracts, case studies, or position papers (maximum 5 pages, including the references and appendices) via EasyChair (CREDS 2014). Papers accepted by the workshop will be published in the Conference Proceedings published by IEEE Computer Society Press. While there are NO formatting requirements for your submissions, any accepted text will need will need to comply with IEEE guidelines for publication (i.e., Papers must be formatted for US letter (not A4) size paper. The text must be formatted in a two-column layout, with columns no more than 9.5 in. tall and 3.5 in. wide. The text must be in Times font, 10-point or larger, with 11-point or larger line spacing. Authors are encouraged to use the IEEE conference proceedings templates. LaTeX submissions should use IEEEtran.cls version 1.8, dated 2012/12/27). Costs/Fees: There are workshop registration fees required to attend, as this workshop is co-located with the 34th IEEE Symposium on Security and Privacy (IEEE S&P 2014), an event of The IEEE Computer Society's Security and Privacy Workshops (SPW 2014). Deadlines: Submission deadline March 1, 2014 Workshop acceptance notification date March 14, 2014 Final paper submission deadline April 1, 2014 Workshop date May 17, 2014 (Saturday) Chairs and Organizers Co-Chair Michael Bailey, University of Michigan Co-Chair Erin Kenneally, Cooperative Association of Internet Data Analysis (CAIDA), University of California San Diego Program Committee: Mark Allman, International Computer Science Institute Michael Bailey, University of Michigan Elizabeth Buchanan, UW-Stout kc Claffy, CAIDA, University of California San Diego David Dittrich, University of Washington Charles Ess, University of Oslo John Heidemann, University of Southern California Erin Kenneally, CAIDA, University of California San Diego Douglas Maughan, U.S. Department of Homeland Security Stefan Savage, University of California San Diego Stuart Schechter, Microsoft Research Contacts: Erin Kenneally, erin@caida.org Michael Bailey, mbailey@umich.edu -- Erin E. Kenneally, M.F.S., J.D. CEO, Founder eLCHEMY, Inc. 8677 Villa La Jolla Dr., #1133 La Jolla, CA 92037 www.elchemy.org
Received on Tuesday, 21 January 2014 04:04:59 UTC