BSF/DIMACS/DyDAn Workshop on Data Privacy

2008-01-25 Thread Linda Casals
*

BSF/DIMACS/DyDAn Workshop on Data Privacy

  February 4 - 7, 2008
  DIMACS/DyDAn Center, CoRE Building, Rutgers University

Organizers:
  Kobbi Nissim, Ben Gurion University, kobbi at cs.bgu.ac.il 
  Benny Pinkas, University of Haifa, benny at cs.haifa.ac.il 
  Rebecca Wright, Rutgers University, rebecca.wright at rutgers.edu 

Presented under the auspices of the DIMACS Special Focus on 
Communication Security and Information Privacy and 
the Center for Dynamic Data Analysis (DyDAn).



An ever-increasing amount of data is available in digital form, often
accessible via a network. Not surprisingly, this trend is accompanied
by an increase in public awareness of privacy issues and by
legislation of privacy laws. The interest in privacy, and the tension
between privacy and utility of data, is amplified by our growing
ability to collect and store large amounts of data, and our ability to
mine meaningful information from it. This workshop will view privacy
in a broad sense in order to facilitate interaction and discussion
between privacy-oriented researchers in different communities.

The study of privacy is inherently interdisciplinary, spanning a
range of applications and scenarios, such as analysis of census data,
detection and prevention of terrorist activity, and biomedical
research. There is a fundamental interplay between privacy and law,
security, economics, and the social sciences. This workshop will
foster interactions between researchers in these fields with those in
statistics and computer science, toward the goal of developing problem
formulations that can be translated into a technical mathematical
language that lends itself to a more rigorous study of privacy. The
workshop will contrast these formal definitions with more intuitive
notions of privacy from the social sciences, economics, philosophy and
law to determine the extent to which they capture the perceived
meaning of privacy in different settings.

Privacy-preserving technologies may soon become an integral part of
the basic infrastructure for the collection and dissemination of
official statistics, as well as for research in business, economics,
medical sciences, and social sciences. Functional solutions for
preserving privacy would therefore serve as a central part of the
infrastructure for those disciplines. This workshop will address a
variety of questions on algorithms for privacy-preserving analysis
such as:

  * To what extent can such techniques be applied to 
 statistical data?
  * What are the consequences to privacy and confidentiality 
 if such techniques are not used?
  * Are changes in statistical tools needed to make them 
 compatible with such techniques?
  * Can the techniques be modified to allow use of standard 
 statistical tools and practices? 

**
Program:

Monday, February 4, 2008

 8:00 -  8:50  Breakfast and Registration

 8:50 -  9:00  Welcome and Opening remarks
   Rebecca Wright, DIMACS Deputy Director

 9:00 - 10:00  Tutorial: Differential Privacy
   Adam Smith, Penn State University

10:00 - 10:30  PINQ 
   Frank McSherry

10:30 - 11:00  Break

11:00 - 12:00  Tutorial: Smooth Sensitivity and Sampling
   Sofya Raskhodnikova, Penn State University

12:00 - 12:30  Tutorial: Exponential Mechanism 
   Kunal Talwar

12:30 -  2:00  Lunch

 2:00 -  3:00  Tutorial: Statistical Methods 
   Alexandra Slavkovic

 3:00 -  3:30  Break

 3:30 -  4:30  Tutorial: Synthetic Data 
   John Abowd

Tuesday, February 5, 2008

 8:30 -  9:00  Breakfast and Registration

 9:00 - 10:30  Tutorial: Secure Multiparty Computation and 
   Privacy-Preserving Data Mining 
   Yehuda Lindell, Bar Ilan University

10:30 - 11:00  Break

11:00 - 11:35  The Difficulty of Preventing Disclosure
   Moni Naor

11:35 - 12:05  E Gov, Online Citizen Scrutiny and Participation -
   The Joint Challenges for Cryptologists and Policy Makers 
   Tal Zarsky, University of Haifa

12:05 - 12:30  Robust De-anonymization of Multi-dimensional Databases 
   Vitaly Shmatikov, The University of Texas at Austin 

12:30 -  2:00  Lunch

Statistics:
 2:00 -  2:25  Privacy: Theory Meets Practice on the Map
   John Abowd

 2:25 -  2:50  A Hybrid Perturbation/Swapping Approach for Masking Numerical 
Data
   Rathindra Sarathy, Oklahoma State University 

 2:50 -  3:20  Break

 3:20 -  3:45  Deterministic History-Independent Strategies for Storing 
   Information on Write-Once Memories
   Gil Segev, Weizmann Institute of Science

 3:45 -  4:10  Cell Suppressions Leak Information
   Shubha Nabar, Stanford University 

 4:10 -  4:35  A Learning Theory Perspective on Data 

Announcing DIMACS 2007-2010 Special Focus on Algorithmic Foundations of the Internet

2007-07-21 Thread Linda Casals
[Moderator's note: the Secure Routing focus may be of interest to some
readers. --Perry]

***

Announcing DIMACS 2007-2010 Special Focus on 
   Algorithmic Foundations of the Internet

http://dimacs.rutgers.edu/SpecialYears/2007_AFI/

***
 
The Internet has an ever-expanding role in our daily lives; yet, it is
arguably one of the most fragile components of our nation's critical
infrastructure. The Internet was designed as a research network
without the expectation that it would eventually be used for
everything from banking, commerce, and telecommunications to the
remote management of power networks. The scale and heterogeneity of
the Internet have far surpassed all expectations, and the Internet is
responding by showing signs of strain. Moreover, new applications
heighten the need for security and network management capabilities,
neither of which were major goals in the original design of Internet
protocols.

DIMACS is hosting a 3-year special focus devoted to the study of
algorithms and protocols for large-scale networks. The focus is
scheduled to start in August 2007 and continue through July 2010. The
special focus aims to enhance our understanding of the limitations of
today's protocols, as well as the gains that new designs could
achieve. This is an emerging cross-disciplinary area that requires
expertise from several fields including networking, theory of
computing, computer and communications security, and game
theory. Research collaborations spanning these communities are crucial
to making progress on the most challenging problems, and enabling
these collaborations is a major goal of this special focus.

As the Internet continues to grow, more and more business-critical
functions rely on its availability. One can easily envision a future
in which the vast majority of communications traffic, including
telephone, television, radio, business data, and government data, will
rely on an Internet infrastructure that is available and secure. For
the Internet to meet these challenges, we need a much deeper
understanding of the properties of our existing protocols and the
fundamental tradeoffs that should guide the design of the future
Internet. Providing a strong algorithmic foundation for the Internet
is especially timely, as the research community embarks on an
ambitious rethinking of the Internet architecture.

There are many algorithms and protocols used in the Internet and its
applications. Some adequately serve their desired purposes, while
others need improvement. However, there is a disconnect between the
methodology and results of algorithms research and the methodology and
results used to guide the adoption of Internet protocol standards. On
the one hand, traditional distributed-algorithms research does not
adequately model the Internet's design goals, including autonomy,
scalability, and privacy. On the other hand, protocol-adoption
standards far too often rely on experimentation and testing by vendors
and select customers, not on formal analysis. Protocols are often
tweaked to add customer functionality without scrutinizing the
resulting behavior in worst-case situations or proving any kind of
correctness or security properties. Furthermore, these worst-case
situations occur more often than expected, due to both the sheer size
of the network and the fact that malicious agents can use security
flaws to take control of significant parts of the Internet.

This special focus seeks to bridge the gap between networking research
focused on the existing artifacts - the protocols and mechanisms
underlying today's Internet - and the new work that needs to be done
to lay a solid foundation for the design of a future
Internet. Research focusing on today's network emphasizes
characterization, primarily through measurement and prototyping, of
existing protocols and mechanisms, in order to improve our
understanding of the Internet and guide incremental changes to the
system. Although algorithmic models have played a role in this work,
the details of today's protocols and mechanisms often defy attempts to
impose rigorous models after the fact. The future Internet needs to
be more secure, be easier to manage, and take greater advantage of new
underlying technologies, such as sensor networks, wireless networks,
and optical switching. This argues for the design of new protocols and
mechanisms with their key properties in mind from the outset. An
algorithmic mindset is an extremely important ingredient in this line
of research.

This special focus is guided by a deep understanding of the current
Internet but allows for the possibility of radical change where it is
warranted. The focus seeks to analyze and design protocols,
algorithms, and architectures for a future Internet that is based on
sound mathematical and computational foundations, 

IEEE International Conference on Intelligence and Security Informatics 2007

2007-05-09 Thread Linda Casals
 *
   IEEE International Conference on Intelligence and Security Informatics 2007 
  May 23-24, 2007
  Hyatt Hotel
  New Brunswick, New Jersey

  **  DEADLINE FOR EARLY REGISTRATION IS ALMOST HERE **

   Hosted by:
  Rutgers, The State University of New Jersey
  DIMACS-CAIT Laboratory for Port Security
  Center for Discrete Mathematics and Theoretical Computer Science (DIMACS) 
  Center for Interdisciplinary Studies in Information Privacy and Security 

   Sponsored by:
  Institute of Electrical and Electronics Engineers (IEEE)
  IEEE Systems, Man, and Cybernetics Society
  IEEE Intelligent Transportation Systems Society
  National Science Foundation
  Intelligence Technology Innovation Center
  Department of Homeland Security

   *

   Informatics research has emerged as a key scientific discipline and
   applications domain supporting counterterrorism and homeland security's
   missions of anticipation, interdiction, prevention, preparedness and
   response to terrorist acts.  ISI 2007 provides a forum for discussions among
   these vital communities: academic researchers (in information technologies,
   computer science, public policy, and social studies), local, state, and
   federal law enforcement and intelligence experts, and information technology
   industry consultants and practitioners.  Security informatics is a rapidly
   growing multidisciplinary area that crosscuts numerous disciplines,
   including computer science, information technology, engineering, public
   policy, medicine (medical informatics), biology (bioinformatics), social and
   behavioral sciences, political science, and modeling and analysis.  The
   combination of intelligence and security informatics strives to integrate
   computational social science, advanced information technologies and
   algorithms to support counterterrorism and homeland security policies,
   organizations and operations (both domestically and internationally).
   Because of the conference's location near major New York - New Jersey ports,
   one of its key themes is port security, where the term port is used here
   in its broad sense, namely, as a point of entry/exit for secure flows of
   people and cargo.  Other themes cover the components of effective
   counterterrorism, dynamic data analysis, and critical-infrastructure
   protection technologies.  This conference aims to foster the development and
   growth of a counterterrorism and homeland-security community by providing a
   forum and podium for diverse communities: academia, government (local,
   state, federal law enforcement, intelligence experts, etc.) and industry
   (consultants and practitioners etc.).  We solicit contribution of long or
   short papers, and proposals for panel discussions on both the science and
   the practice of intelligence and security informatics.  The conference
   proceedings will be published as an IEEE publication.  Several satellite
   conferences will also be held before ISI-2007.

   The upcoming IEEE International Conference on Intelligence and Security
   Informatics 2007 (ISI 2007) will be held May 23-24, 2007, in New Brunswick,
   New Jersey, at the Hyatt Hotel. There will also be two satellite
   conferences: The 2007 Conference on Interdisciplinary Studies in Information
   Privacy and Security. This conference will be held on May 22nd, 2007 from 9
   a.m to 5 p.m. at the University Inn, Douglass Campus, Rutgers, New
   Brunswick. The second event is the NSF Workshop on Biosurveillance Systems
   and Case Studies, May 22, 2007, New Brunswick, New Jersey.

   The two previous symposia on ISI (ISI-2003, ISI-2004) were held in Tucson,
   Arizona; the third (ISI-2005) in Atlanta, Georgia; the fourth
   (ISI-2006) in San Diego, California. These meetings provided a stimulating
   intellectual forum for discussions among previously disparate communities:
   academic researchers (in information technologies, computer science, public
   policy, and social and behavioral studies), local, state, and federal law
   enforcement and intelligence experts, and information technology industry
   consultants and practitioners. Proceedings of these past ISI meetings were
   published in Springer Lecture Notes in Computer Science (LNCS).

   *
   Registration Fees:

   (Pre-registration deadline: May 15, 2007)

   For complete registration information, please see:
   http://dimacs.rutgers.edu/ISI2007/registration.htm

   Your conference fee will entitle you to:
   - Entrance to all conference presentations
   - Breakfast on both conference days (May 23-24)
   - Entrance to the Conference Reception, held in conjunction 
 with the Poster and Demonstration Session,   
 where ample food will be served (evening, May 23)

DIMACS Workshop on Information Security Economics

2006-10-31 Thread Linda Casals

*

DIMACS Workshop on Information Security Economics

  January 18 - 19, 2007
  DIMACS Center, CoRE Building, Rutgers University

Organizers:
  Alessandro Acquisti, Carnegie Mellon University, [EMAIL PROTECTED] 
  Jean Camp, Indiana University, [EMAIL PROTECTED]

Presented under the auspices of the Special Focus on 
Communication Security and Information Privacy and 
the Special Focus on Computation and the Socio-Economic Sciences.



The deployment of an information security solution can be evaluated on
whether the benefits expected from its deployment are higher than the
costs of its deployment. Yet it is hard to quantify both benefits and
costs, due to uncertainty about factors such as attackers'
motivations, probability of an attack, and cost of an attack. This
uncertainty about the value of tangible costs and benefits is
complicated by intangible costs and benefits, such as user and market
perceptions of the value of security. The field of economics has well
developed theories and methods for addressing with these types of
uncertainty. As such, there has been a growing interest in the
economics of information security. Past notable work used the tools of
economics to offer insights into computer security, offered
mathematical economic models of computer security, detailed potential
regulatory solutions to computer security, or clarified the challenges
of improving security as implemented in practice. The goal of this
workshop is to expand that interest in economics of information
security. To meet this goal the workshop will bring together
researchers already engaged in this interdisciplinary effort with
other researchers in areas such as economics, security, theoretical
computer science, and statistics. Topics of interest include economics
of identity and identity theft, liability, torts, negligence, other
legal incentives, game theoretic models, security in open source and
free software, cyber-insurance, disaster recovery, reputation
economics, network effects in security and privacy, return on security
investment, security risk management, security risk perception both of
the firm and the individual, economics of trust, economics of
vulnerabilities, economics of malicious code, economics of electronic
voting security, and economic perspectives on spam.


Call for Participation:

Investments in information security are contingent on the expected 
benefits and costs of their deployment. Yet, it is difficult to
quantify those trade-offs: uncertainties about attackers' skills and
motivations, systems' dependability, and the consequences of security 
failures are heightened by intangible considerations - such as 
individual perceptions of the value of security. In recent years, 
growing attention has been directed towards the application to
information security of economic models for the evaluation of 
complex trade-offs under risk and uncertainty. This economics 
of information security has offered mathematical models of returns 
on security investments and behavioral models of users' decision 
making; it has detailed regulatory solutions to cyber-security 
issues; and it has clarified the challenges of improving everyday 
security and privacy.

The DIMACS Workshop on Information Security Economics aims at 
enlarging the interest in this area by bringing together 
researchers already engaged in the field with other scientists 
and investigators in disciplines such as economics, business, 
statistics, and computer science. We encourage researchers and 
industry experts to submit manuscripts with original work to the 
Workshop; we especially encourage collaborative and interdisciplinary 
research from authors in multiple fields.

Topics of interest include (but are not limited to) empirical and 
 theoretical works on the economics of:

* vulnerabilities and malicious code
* spam, phishing, and identity theft
* privacy, reputation, and trust
* DRM and trusted computing
* cyber-insurance, returns on security investments, and security risk 
management
* security risk perception at the firm and individual levels.

Questions about the workshop may be addressed to: [EMAIL PROTECTED]

Organizers:
 Alessandro Acquisti, Carnegie Mellon University, [EMAIL PROTECTED]
 Jean Camp, Indiana University, [EMAIL PROTECTED]

Submission instructions

 Submissions are due by November 3, 2006 (11:59PM PST), preferably in
 PDF format, to: [EMAIL PROTECTED] Submissions should not exceed 
 approximately 10,000 words. Notifications of acceptance for the
 program will be sent by November 18, 2006.


Registration:

(Pre-registration deadline: January 8, 2007 )

Please see website for complete registration details.


DIMACS Workshop on Information Security Economics

2006-10-09 Thread Linda Casals
*

DIMACS Workshop on Information Security Economics

  January 18 - 19, 2007
  DIMACS Center, CoRE Building, Rutgers University

Organizers:
  Alessandro Acquisti, Carnegie Mellon University, [EMAIL PROTECTED] 
  Jean Camp, Indiana University, [EMAIL PROTECTED]

Presented under the auspices of the Special Focus on 
Communication Security and Information Privacy and 
the Special Focus on Computation and the Socio-Economic Sciences.



The deployment of an information security solution can be evaluated on
whether the benefits expected from its deployment are higher than the
costs of its deployment. Yet it is hard to quantify both benefits and
costs, due to uncertainty about factors such as attackers'
motivations, probability of an attack, and cost of an attack. This
uncertainty about the value of tangible costs and benefits is
complicated by intangible costs and benefits, such as user and market
perceptions of the value of security. The field of economics has well
developed theories and methods for addressing with these types of
uncertainty. As such, there has been a growing interest in the
economics of information security. Past notable work used the tools of
economics to offer insights into computer security, offered
mathematical economic models of computer security, detailed potential
regulatory solutions to computer security, or clarified the challenges
of improving security as implemented in practice. The goal of this
workshop is to expand that interest in economics of information
security. To meet this goal the workshop will bring together
researchers already engaged in this interdisciplinary effort with
other researchers in areas such as economics, security, theoretical
computer science, and statistics. Topics of interest include economics
of identity and identity theft, liability, torts, negligence, other
legal incentives, game theoretic models, security in open source and
free software, cyber-insurance, disaster recovery, reputation
economics, network effects in security and privacy, return on security
investment, security risk management, security risk perception both of
the firm and the individual, economics of trust, economics of
vulnerabilities, economics of malicious code, economics of electronic
voting security, and economic perspectives on spam.


Call for Participation:

Investments in information security are contingent on the expected 
benefits and costs of their deployment. Yet, it is difficult to
quantify those trade-offs: uncertainties about attackers' skills and
motivations, systems' dependability, and the consequences of security 
failures are heightened by intangible considerations - such as 
individual perceptions of the value of security. In recent years, 
growing attention has been directed towards the application to
information security of economic models for the evaluation of 
complex trade-offs under risk and uncertainty. This economics 
of information security has offered mathematical models of returns 
on security investments and behavioral models of users' decision 
making; it has detailed regulatory solutions to cyber-security 
issues; and it has clarified the challenges of improving everyday 
security and privacy.

The DIMACS Workshop on Information Security Economics aims at 
enlarging the interest in this area by bringing together 
researchers already engaged in the field with other scientists 
and investigators in disciplines such as economics, business, 
statistics, and computer science. We encourage researchers and 
industry experts to submit manuscripts with original work to the 
Workshop; we especially encourage collaborative and interdisciplinary 
research from authors in multiple fields.

Topics of interest include (but are not limited to) empirical and 
 theoretical works on the economics of:

* vulnerabilities and malicious code
* spam, phishing, and identity theft
* privacy, reputation, and trust
* DRM and trusted computing
* cyber-insurance, returns on security investments, and security risk 
management
* security risk perception at the firm and individual levels.

Questions about the workshop may be addressed to: [EMAIL PROTECTED]

Organizers:
 Alessandro Acquisti, Carnegie Mellon University, [EMAIL PROTECTED]
 Jean Camp, Indiana University, [EMAIL PROTECTED]

Submission instructions

 Submissions are due by November 3, 2006 (11:59PM PST), preferably in
 PDF format, to: [EMAIL PROTECTED] Submissions should not exceed 
 approximately 10,000 words. Notifications of acceptance for the
 program will be sent by November 18, 2006.


Registration:

(Pre-registration deadline: January 8, 2007 )

Please see website for complete registration details.


DIMACS Workshop on Security of Web Services and E-Commerce

2005-05-20 Thread Linda Casals

*Pre-registration deadline: April 28, 2005*
***

DIMACS Workshop on Security of Web Services and E-Commerce

 May 5 - 6, 2005 
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizer: 

  Brian LaMacchia, Microsoft, [EMAIL PROTECTED] 
   
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.



 The growth of Web Services, and in particular electronic commerce
activities based on them, is quickly being followed by work on Web
Services security protocols. While core XML security standards like
XMLDSIG, XMLENC and WS-Security have been completed, they only provide
the basic building blocks of authentication, integrity protection and
confidentiality for Web Services. Additional Web Services standards
and protocols are required to provide higher-order operations such as
trust management, delegation, and federation. At the same time, the
sharp rise in phishing attacks and other forms of on-line fraud
simply confirms that all our work on security protocols is for naught
if we cannot make it both possible and easy for the average user to
discover when a security property has failed during a
transaction. This workshop aims to explore these areas as well as
other current and future security and privacy challenges for Web
Services applications and e-commerce.


**
Workshop Program:
This is a preliminary program subject to change.

Thursday, May 5, 2005

 8:00 -  9:00 Breakfast and Registration

 9:00 -  9:15 Welcome  Opening Remarks

 9:15 -  9:45 On the relation between Web Services Security and traditional 
protocols
  Eldar Kleiner and A.W. Roscoe, Oxford University Computing 
Laboratory, UK

 9:45 - 10:15 Verification Tools for Web Services Security
  Cédric Fournet, Microsoft Research -- Cambridge, UK

10:15 - 10:30 Break

10:30 - 11:00 Flexible Regulation of Virtual Enterprises
  Naftaly Minsky, Rutgers University

11:00 - 11:30 Negotiated Security and Privacy Policies for Web Services
  George Yee, National Research Council
  
11:30 - 12:00 Regulating Synchronous Communication, and its Applications to 
Web-Services
  Constantin Serban, Rutgers University

12:00 -  1:30 Lunch

 1:30 -  2:00 Scalable Configuration Management For Secure Web Services 
Infrastructure
  Sanjai Narain, Telcordia Technologies, Inc., USA

 2:00 -  2:30 Automating Deployment Configuration of Web Services Security
  J. Micallef, B. Falchuk and C. Chung, Telcordia Technologies, 
Inc., USA

 2:30 -  3:00 Software Based Acceleration Methods for XML Signature
  Youjin Song and Yuliang Zheng, UNC-Charlotte, USA
 
 3:00 -  3:30 Analysis of aspects of XML  WS-* that make
  hardware optimizations harder or easier
  Eugene Kuznetsov, DataPower Technology, Inc., USA
 
 3:30 -  3:45 Break
 
 3:45 -  4:15 XACML and role-based access control
  Jason Crampton, Royal Holloway, University of London, UK
 
 4:15 -  4:45 Use of REL Tokens for Higher-order Operations
  Thomas DeMartini, ContentGuard, USA

 4:45 -  5:15 Electronic Document Authorization: A Case for 
  Practical, Secure Delegation and Authorization
  Young H. Etheridge

Friday, May 6, 2005

 8:00 -  9:00 Breakfast  Registration

 9:00 -  9:30 Towards Decentralized and Secure Electronic Marketplace
  Yingying Chen, Constantin Serban, Wenxuan Zhang and 
  Naftaly Minsky, Rutgers University

 9:30 - 10:00 A Negotiation-based Access Control Model for Web Services
  Elisa Bertino, Purdue University , A. C. Squicciarini and 
  L. Martino, University of Milano, Italy

10:00 - 10:30 Using Certified Policies to Regulate E-Commerce
  Victoria Ungureanu, Rutgers University

10:30 - 10:45 Break

10:45 - 11:15 Active Intermediaries in Web Service and E-Commerce Environments
  John Linn, RSA Laboratories
  
11:15 - 11:45 Web services and Federated Identity Management
  Birgit Pfitzmann, IBM Zurich Research Lab, Switzerland

11:45 - 12:15 Web Services Architecture and the Old World
  Philip Hallam-Baker

12:15 -  1:45 Lunch

 1:45 -  2:15 On-line Certificate Validation via LDAP Component Matching
  Jong Hyuk Choi, Sang Seok Lim, IBM T. J. Watson Research Center, 
and 
  Kurt D. Zeilenga, IBM Linux Technology Center
  
 2:15 -  2:45 A Convenient Method for Securely Managing Passwords
  Brent Waters, Stanford University, Alex Halderman, and 
  Ed Felten, Princeton University

 2:45 -  3:00 Break
 
 3:00 -  3:30 Identifying Malicious Web Requests through Changes 
  

Conference: APPLIED CRYPTOGRAPHY and NETWORK SECURITY (ACNS 2005)

2005-05-20 Thread Linda Casals

The following message is being forwarded to you at the
request of Rebecca Wright.

***
 C A L L F O RP A R T I C I P A T I O N
 --


Conference: APPLIED CRYPTOGRAPHY and NETWORK SECURITY (ACNS 2005)
-

Location: COLUMBIA UNIVERSITY, NEW YORK CITY, NEW YORK, USA

Dates: JUNE 7-10, 2005
-

We invite you to participate in the Third Annual Conference on Applied
Cryptography and Network Security (ACNS 2005). This international
conference features original research papers on scientific and
technical aspects of cryptology and network security and is the third
in its series. There are two tracks at ACNS: a research-oriented
papers track (that will appear as a Springer's LNCS proceedings
available at the conference) and an industrial/ short papers track
(that will appear as a pre-proceedings and will be available at the
conference as well). The latter has an emphasis on practical
applications. In addition, invited talks by leading experts in the
field, covering various recent developments, will be presented.

It has been quite a while since there was a major full conference
dedicated to cryptography and security in the New York City
Metropolitan Area (a kind of NewYorCrypt), and ACNS 2005 is just it!
It will enable an advanced forum on cryptography and security in the
setting of New York City in one of the best time of the year to be in
the the city. This setting should allow the local researchers,
students and industry community easy access to very current issues and
topics, and should attract international participants as well.

The details about the program, the committee, registration details and
additional information is available at:

 http://acns2005.cs.columbia.edu

We believe that members of the scientific and technical industry
community who will participate will enjoy a high level scientific
event in the promising setting of NYC in June.

   John Ioannidis, Angelos Keromytis and Moti Yung
General and Program Chairs, ACNS2005


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


THE SIXTH ACM CONFERENCE ON ELECTRONIC COMMERCE (EC-05)

2005-05-20 Thread Linda Casals

This message is being forwarded to you on behalf of
Joan Feigenbaum, Yale University, DIMACS Member
***
THE SIXTH ACM CONFERENCE ON ELECTRONIC COMMERCE (EC-05)

Registration now Open!
See Accepted Papers, Workshops, Tutorials, below.

June 5-8, 2005, Vancouver, Canada
http://www.acm.org/ec05

Registration is now open for ACM EC-05!  Early registration ends May
16th, so sign up now at:
 http://www.acm.org/sigs/sigecom/ec05/registrations.shtml

Since 1999 the ACM Special Interest Group on Electronic Commerce
(SIGECOM) has sponsored the leading scientific conference on advances
in theory, systems, and applications for electronic commerce.  Below
is the schedule for the 4 tutorials, 1 workshop, and 32 papers
accepted for ACM EC-05.  For additional information, please visit:
 http://www.acm.org/ec05.

This year, ACM EC-05 will be held from Sunday, June 5 through
Wednesday, June 8, 2005 at the Vancouver Marriott Pinnacle resort, a
first-class hotel located downtown in the stunning city of Vancouver,
Canada. For more information about the conference surroundings, visit
Vancouver's tourism Web site:
 http://www.tourismvancouver.com

***
Tutorials
 http://www.acm.org/sigs/sigecom/ec05/tutorials.shtml

Sun, Jun 5, 2005 - Morning

1) Optimal Mechanism Design without Priors - Jason Hartline
2) Trading Agent Design and Analysis - Michael P. Wellman

Sun, Jun 5, 2005 - Afternoon (two one-hour talks)

1) Polynomial Time Algorithms for Market Equilibria
- Kamal Jain and Vijay Vazirani
2) Algorithms for Combinatorial Auctions and Exchanges
- Tuomas Sandholm

***
Workshop
 http://research.yahoo.com/~pennockd/ext/ssa/

Sun, Jun 5 2005 - All Day

Workshop on Sponsored Search Auctions - David Pennock and Kursad Asdemir
***
Final program

MONDAY
08:30 - 10:10 Ranking Systems: The PageRank Axioms
  Alon Altman, Moshe Tennenholtz

  Weak monotonicity suffices for truthfulness on convex domains 
  Michael Saks, Lan Yu

  Marginal Contribution Nets: A Compact Representation Scheme for
  Coalitional Games 
  Samuel Ieong, Yoav Shoham

  Cost Sharing in a Job Scheduling Problem Using the Shapley Value 
  Debasis Mishra, Bharath Rangarajan

10:10 - 10:40 BREAK

10:40 - 12:20 Interconnected Communication Networks Provisioned
  Selfishly 
  Pedro Ferreira, Marvin Sirbu

  Hidden-Action in Multi-Hop Routing
  Michal Feldman, John Chuang, Ion Stoica, Scott Shenker

  Content Availability, Pollution and Poisoning in Peer-to-Peer File
  Sharing Networks 
  Nicolas Christin, Andreas Weigend, John Chuang

  A Price-Anticipating Resource Allocation Mechanism for Distributed
  Shared Clusters 
  Michal Feldman, Kevin Lai, Li Zhang

12:20 - 02:00 LUNCH

02:00 - 03:00 Invited Speaker: Ehud Kalai, Northwestern University

03:00 - 03:30 BREAK

03:30 - 05:10 Nearly Optimal Multi Attribute Auctions
  Amir Ronen, Daniel Lehmann

  Optimal Design of English Auctions with Discrete bid Levels 
  Esther David, Alex Rogers, Nicholas Jennings, Jeremy Schiff, 
Sarit Kraus

  Robust Solutions for Combinatorial Auctions
  Alan Holland, Barry O'Sullivan

  Online Auctions with Re-usable Goods
  Mohammad Taghi Hajiaghayi, Robert D. Kleinberg, Mohammad Mahdian, 
David Parkes

TUESDAY

08:30 - 10:10 First-Price Path Auctions
  Nicole Immorlica, David Karger, Evdokia Nikolova, Rahul Sami

  From Optimal Limited to Unlimited Supply Auctions
  Robert McGrew, Jason Hartline

  True Costs of Cheap Labor Are Hard To Measure: Edge Deletion and 
VCG
  Payments in Graphs 
  Edith Elkind

  Multi-unit auctions with budget-constrained bidders
  Christian Borgs, Jennifer Chayes, Nicole Immorlica, Mohammad 
Mahdian, Amin Saberi

10:10 - 10:40 BREAK

10:40 - 12:20 Graceful Service Degradation (or, How to Know your
  Payment is Late) 
  Alexandr Andoni, Jessica Staddon

  Privacy-Preserving Credit Checking
  Keith Frikken, Mikhail Atallah, Chen Zhang

  Dynamic and Secure B2B E-contract Update Management
  Samuil Angelov, Sven Till, Paul Grefen

  Secure Distributed Human Computation
  Craig Gentry, Zulfikar Ramzan, Stuart Stubblebine

12:20 - 02:00 LUNCH

02:00 - 03:00 Invited Talk: Jennifer Rexford, Princeton University

03:00 - 03:30 BREAK

03:30 - 05:10 Communication Complexity of Common Voting Protocols

1st TIPPI Workshop

2005-05-20 Thread Linda Casals
Trustworthy Interfaces for Passwords and Personal Information 



The following message is being forwarded at the request
of Burt Kaliski, RSA Security and Dan Boneh, Stanford University.
*

1st TIPPI Workshop
Trustworthy Interfaces for Passwords and Personal Information 
Sponsored by the PORTIA project

Date: June 13th, 2005 

Location: Stanford University, 
Gates Computer Science Building, 
Room B12  

Organizers: 

 Burt Kaliski, RSA Security  
 Dan Boneh, Stanford University  


Workshop Purpose 

Despite tremendous advances in computer technology in general and
information security in particular, users still typically provide
personal information and credentials such as passwords the same way
they did 30 years ago: through a text interface that they assume they
can trust.  Today, that trust assumption clearly can no longer be
relied on.

Many security protocols have been proposed to protect credentials and
personal information, but few are used in practice. A major reason is
that the protocols have not been implemented in a way that ensures
that they are actually used. For instance, a rogue Web site can still
just ask the user for her password, regardless of how sophisticated a
protocol the correct site employs.

The purpose of the workshop is to facilitate an effective solution to
these problems by bringing together the designers of the cryptographic
protocols with the implementers of the user interfaces. Ideally, a
user should have confidence that when she provides a password or other
personal information, she can trust the interface she interacts with
to protect her data from misuse - even if an attacker happens to be
the one that asked her to provide it.

In short, our hope is that the workshop will motivate a trend where
trustworthy interfaces for passwords and personal information - TIPPI
- are the typical ones in our industry.

Speakers
Current confirmed speakers include: 

Todd Inskeep, Bank of America. 
Roots of Trusted Interfaces and the User Experience. 
  
Dave Jevans, Anti-Phishing Working Group 
  
Ramesh Kesanupalli, Phoenix Technologies.
Solutions for Secure and Trustworthy Authentication. 
  
Steve Myers, Indiana University
Delayed Password Disclosure. 

Submissions: 

We welcome additional presentations, both long (30 minutes) and short
(10 minutes). If you would like to give a presentation, please send us
a proposed title and abstract by May 15. There will be no proceedings,
but presentations and research papers (if available) will be posted on
the Web.  

More Information: 
For more information, please contact 

Burt Kaliski http://www.rsasecurity.com/rsalabs/node.asp?id=2017

or 

Dan Boneh  http://crypto.stanford.edu/~dabo/

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


DIMACS Workshop on Theft in E-Commerce: Content, Identity, and Service

2005-03-25 Thread Linda Casals

*
 
DIMACS Workshop on Theft in E-Commerce: Content, Identity, and Service 
  
  April 14 - 15, 2005
  DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
   Drew Dean, SRI International, [EMAIL PROTECTED]  
   Markus Jakobsson, Indiana University, [EMAIL PROTECTED] 
 
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy and is sponsored by RSA Security. 


This workshop is focusing on Theft in E-Commerce (of content, identity
and service). While theft is an old problem, the automated nature of
e-commerce introduces new opportunities for traditional forms of
theft, as well as entirely new forms of theft. The centrality of
computation makes these threats a part of computer security. This is
an area of research where we are seeing a lot of activity, and where
we believe there is a great potential for valuable research
contributions. While our primary interest is in defenses against
theft, we are also interested in novel attacks and real data about
attacks, as the defenders need to know what to defend against. It is
our hope that we could stimulate such research by bringing together
the leaders in this area, which is the very intention of this
workshop.

**
Workshop Program:
This is a preliminary program subject to change.

Thursday, April 14, 2005

 8:00 -  8:30 Registration and Breakfast

 8:30 -  8:45 Welcome and Opening Comments
  Fred Roberts, DIMACS Director

 8:45 -  9:45 Identity Theft: A Risk to Be Managed
  Richard A Parry, Consumer Risk Management, JPMorganChase

 9:45 - 10:15 Identity Theft and Legitimately - Minted Fraudulent Credentials
  Paul Van Oorschot, Carleton University, Canada

10:15 - 10:30 Break

10:30 - 11:15 Some are not thieves!
  Alexandr Andoni, MIT

11:00 - 11:30 Using Mutual Authentication to Fight Phishing
  Steve Myers, IUB

11:30 - 12:00 Building a Cryptovirus Using Microsoft's Cryptographic API
  Adam L: Young, LECG, LLC

12:00 -  1:30 Break

 1:30 -  2:00 An open - source USB token
  Hein Roehrig, University of Calgary

 2:00 -  2:30 Passwords Don't Get No Respect - - Or, How to Make the
  Most of (Weak) Shared Secrets
  Burt Kaliski, RSA Security 

 2:30 -  3:00 Blocking Phishing Spam: Pitfalls and Future Directions
  Minaxi Gupta, IUB  
 
 3:00 -  3:15 Break

 3:15 -  3:45 Phishing Countermeasures
  Aaron Emigh, Radix Labs

 3:45 -  4:15 Messin' with Texas: Deriving Mother's Maiden Names 
  Using Public Records
  Virgil Griffith, IUB 

Friday, April 15, 2005
 
 8:00 -  8:30 Breakfast and Registration

 8:30 -  9:15 Identity Theft: Methods and Prevention
  John Black, University of Colorado

 9:00 -  9:30 Preventing Theft in the Open
  Naftaly Minsky, Rutgers University

 9:30 - 10:15 Expressing Human Trust in Distributed Systems: the
  Mismatch Between Tools and Reality
  Sean Smith, Dartmouth College

10:00 - 10:15 Break

10:15 - 10:45 Separable Identity - Based Ring Signatures: Theoretical
  Foundations for Fighting Phishing Attacks
  Susan Hohenberger, MIT

10:45 - 11:15 Fighting Phishing Attacks: A Lightweight Trust
  Architecture for Detecting Spoofed Emails
  Ben Adida, MIT

11:15 - 11:45 How to Search Privately on Streaming Data
  Rafail Ostrovsky, UCLA

11:45 - 12:15 Distributed Phishing Attacks
  Markus Jakobsson, IUB, CACR

12:15 -  1:45 Lunch

 1:45 -  2:15 Are Peripheral Security Indicators Effective to 
  Prevent Phishing Attacks? 
  Min Wu, MIT

 2:15 -  2:45 Kleptography: The Outsider Inside Your Crypto Devices, 
  and its Trust Implications
  Moti Yung, Columbia University

 2:45 -  3:15 Safeguarding wireless service access
  Panos Papadimitratos,  Virginia Tech

 3:15 -  3:30 Break

 3:30 -  4:00 Social Networks and Trust Networks
  Jean Camp, IUB
 
 4:00 -  4:30 Fraud and Fraud Reduction on the Internet
  Bezalel Gavish, Southern Methodist University


**
Registration:

Pre-registration deadline: April 7, 2005

Please see website for registration information

  http://dimacs.rutgers.edu/Workshops/Intellectual/

*
Information on participation, registration, accomodations, and travel 
can be found at:

http://dimacs.rutgers.edu/Workshops/Intellectual/

   **PLEASE BE SURE TO PRE-REGISTER EARLY**






DIMACS Workshop on Theft in E-Commerce: Content, Identity, and Service

2005-02-04 Thread Linda Casals

CALL FOR PARTICIPATION**

*
 
DIMACS Workshop on Theft in E-Commerce: Content, Identity, and Service 
  
  April 14 - 15, 2005
  DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
   Drew Dean, SRI International, [EMAIL PROTECTED]  
   Markus Jakobsson, Indiana University, [EMAIL PROTECTED] 
 
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.




On April 14-15, 2005, we will hold a DIMACS workshop at Rutgers University, 
NJ, on the topic of Theft in E-Commerce. This will include but not be 
limited to theft of content, of identity, and of service. While theft 
is an old problem, the automated nature of e-commerce introduces new 
opportunities for traditional forms of theft, as well as entirely new 
forms of theft.  The centrality of computation makes these threats a 
part of computer security.  This is an area of research where we are 
seeing a lot of activity, and where we believe there is a great 
potential for valuable research contributions. While our primary 
interest is in defenses against theft, we are also interested in novel 
attacks and real data about attacks, as the defenders need to know what 
to defend against. For more information about the workshop location, 
organization, and the program (once finalized), please see:
 
   http://dimacs.rutgers.edu/Workshops/Intellectual/

We are soliciting contributions in these areas, for both long and short 
presentations (approx 30 minutes vs 10 minutes.) There are no 
proceedings, but we request that presentation material is submitted to 
the organizers at the time of the workshop, allowing it to be posted on 
the DIMACS webpage. In order to propose a talk, please contact one of 
the organizers, Markus Jakobsson ([EMAIL PROTECTED]) or Drew Dean 
([EMAIL PROTECTED]) with a title and a short abstract by February 28,
2005 that allows us to determine whether your proposed talk will fit 
within the scope of the workshop.

Please refer to the information on the webpage above for workshop 
registration, hotel reservation and travel information, and information 
on how to apply for financial support for those in need of this. There 
will be a limited number of scholarships to defray travel costs, with 
priority given to students and speakers who can not receive funding to 
attend.

The workshop is sponsored by RSA Security. 

**
Registration:

Pre-registration deadline: April 7, 2005

Please see website for registration information.

*
Information on participation, registration, accomodations, and travel 
can be found at:

http://dimacs.rutgers.edu/Workshops/Intellectual/

   **PLEASE BE SURE TO PRE-REGISTER EARLY**





-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


DIMACS Workshop on Security of Web Services and E-Commerce

2005-01-28 Thread Linda Casals

***CFP DEADLINE EXTENDED to Friday, February 11, 2005***
***

DIMACS Workshop on Security of Web Services and E-Commerce

 May 5 - 6, 2005 
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizer: 

  Brian LaMacchia, Microsoft, [EMAIL PROTECTED] 
   
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.



 The growth of Web Services, and in particular electronic commerce
activities based on them, is quickly being followed by work on Web
Services security protocols. While core XML security standards like
XMLDSIG, XMLENC and WS-Security have been completed, they only provide
the basic building blocks of authentication, integrity protection and
confidentiality for Web Services. Additional Web Services standards
and protocols are required to provide higher-order operations such as
trust management, delegation, and federation. At the same time, the
sharp rise in phishing attacks and other forms of on-line fraud
simply confirms that all our work on security protocols is for naught
if we cannot make it both possible and easy for the average user to
discover when a security property has failed during a
transaction. This workshop aims to explore these areas as well as
other current and future security and privacy challenges for Web
Services applications and e-commerce.


**
Participation:

The workshop will be open to the public (no submission is necessary to
attend but please register online). If you'd like to give a
presentation please send a title and abstract to:
 
 [EMAIL PROTECTED] by February 11, 2005. 

Submissions may describe ongoing or planned work related to the
security of Web Services and electronic commerce, or they may discuss
important research problems or propose a research agenda in this
area. Also, we intend this to be a participatory and interactive
meeting so we hope you will be able to contribute to the meeting even
without giving an announced talk.

*
Registration:

Pre-registration deadline: April 28, 2005

Please see website for complete registration information:
http://dimacs.rutgers.edu/Workshops/Commerce/

*

Information on participation, registration, accomodations, and travel 
can be found at:

http://dimacs.rutgers.edu/Workshops/Commerce/

   **PLEASE BE SURE TO PRE-REGISTER EARLY**





-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


DIMACS Workshop on Security of Web Services and E-Commerce

2005-01-26 Thread Linda Casals
Call for Participation Deadline January 17, 2005
***

DIMACS Workshop on Security of Web Services and E-Commerce

 May 5 - 6, 2005 
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizer: 

  Brian LaMacchia, Microsoft, [EMAIL PROTECTED] 
   
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.



 The growth of Web Services, and in particular electronic commerce
activities based on them, is quickly being followed by work on Web
Services security protocols. While core XML security standards like
XMLDSIG, XMLENC and WS-Security have been completed, they only provide
the basic building blocks of authentication, integrity protection and
confidentiality for Web Services. Additional Web Services standards
and protocols are required to provide higher-order operations such as
trust management, delegation, and federation. At the same time, the
sharp rise in phishing attacks and other forms of on-line fraud
simply confirms that all our work on security protocols is for naught
if we cannot make it both possible and easy for the average user to
discover when a security property has failed during a
transaction. This workshop aims to explore these areas as well as
other current and future security and privacy challenges for Web
Services applications and e-commerce.


**
Participation:

The workshop will be open to the public (no submission is necessary to
attend). If you'd like to give a presentation please send a title and
abstract to:
 
 [EMAIL PROTECTED] by January 17, 2005. 

Submissions may describe ongoing or planned work related to the
security of Web Services and electronic commerce, or they may discuss
important research problems or propose a research agenda in this
area. Also, we intend this to be a participatory and interactive
meeting so we hope you will be able to contribute to the meeting even
without giving an announced talk.

*
Registration:

Pre-registration deadline: April 28, 2005

Please see website for complete registration information:
http://dimacs.rutgers.edu/Workshops/Commerce/

*

Information on participation, registration, accomodations, and travel 
can be found at:

http://dimacs.rutgers.edu/Workshops/Commerce/

   **PLEASE BE SURE TO PRE-REGISTER EARLY**




-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


DIMACS Workshop on Theft in E-Commerce: Content, Identity, and Service

2005-01-26 Thread Linda Casals

CALL FOR PARTICIPATION**

*
 
DIMACS Workshop on Theft in E-Commerce: Content, Identity, and Service 
  
  April 14 - 15, 2005
  DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
   Drew Dean, SRI International, [EMAIL PROTECTED]  
   Markus Jakobsson, Indiana University, [EMAIL PROTECTED] 
 
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.




On April 14-15, 2005, we will hold a DIMACS workshop at Rutgers University, 
NJ, on the topic of Theft in E-Commerce. This will include but not be 
limited to theft of content, of identity, and of service. While theft 
is an old problem, the automated nature of e-commerce introduces new 
opportunities for traditional forms of theft, as well as entirely new 
forms of theft.  The centrality of computation makes these threats a 
part of computer security.  This is an area of research where we are 
seeing a lot of activity, and where we believe there is a great 
potential for valuable research contributions. While our primary 
interest is in defenses against theft, we are also interested in novel 
attacks and real data about attacks, as the defenders need to know what 
to defend against. For more information about the workshop location, 
organization, and the program (once finalized), please see:
 
   http://dimacs.rutgers.edu/Workshops/Intellectual/

We are soliciting contributions in these areas, for both long and short 
presentations (approx 30 minutes vs 10 minutes.) There are no 
proceedings, but we request that presentation material is submitted to 
the organizers at the time of the workshop, allowing it to be posted on 
the DIMACS webpage. In order to propose a talk, please contact one of 
the organizers, Markus Jakobsson ([EMAIL PROTECTED]) or Drew Dean 
([EMAIL PROTECTED]) with a title and a short abstract by February 28,
2005 that allows us to determine whether your proposed talk will fit 
within the scope of the workshop.

Please refer to the information on the webpage above for workshop 
registration, hotel reservation and travel information, and information 
on how to apply for financial support for those in need of this. There 
will be a limited number of scholarships to defray travel costs, with 
priority given to students and speakers who can not receive funding to 
attend.

The workshop is sponsored by RSA Security. 

**
Registration:

Pre-registration deadline: April 7, 2005

Please see website for registration information.

*
Information on participation, registration, accomodations, and travel 
can be found at:

http://dimacs.rutgers.edu/Workshops/Intellectual/

   **PLEASE BE SURE TO PRE-REGISTER EARLY**



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


DIMACS Workshop on Bounded Rationality

2005-01-26 Thread Linda Casals


Registration Deadline: January 24, 2005**
*
 
DIMACS Workshop on Bounded Rationality
  
 January 31 - February 1, 2005
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
   
 Lance Fortnow, University of Chicago, [EMAIL PROTECTED] 
 Richard McLean, Rutgers University, [EMAIL PROTECTED] 
 Daijiro Okada, Rutgers University, [EMAIL PROTECTED] 
 
Presented under the auspices of the Special Focus on Computation and
the Socio-Economic Sciences.

 

Traditionally, economists and game theorists have assumed that
strategic agents are fully rational but in the last few decades a
number of game theorists have argued that human players do not behave
in a way consistent with theoretical predictions. Questions have been
raised regarding the postulate of full rationality and some have
proposed formalizations of partially or boundedly rational players and
games played by such players. If one takes the view that a process of
decision-making in economic or other social situations constitutes
computation in a formal sense of theoretical computer science, then
one is naturally led to some notion of bounded computational power as
a formal expression of bounded rationality. Two important and
complementary questions in this line of inquiry are (1) What is the
computational power required in order to play a game in a way
consistent with full rationality? (2) If players are limited in their
computational power, how different will equilibrium outcomes be from
the fully rational case? This workshop will bring together economists
and game theorists interested in bounded rationality, as well as
theoretical computer scientists with experience in limited
computational models.

Topics of interest include:

* Bounded recall and bounded complexity in repeated games
* Strategic aspects of machine learning
* Game theoretic applications of cryptography 

**
Program:

This is a preliminary program.

Monday, January 31, 2005

 8:15 -  8:50 Breakfast and Registration

 8:50 -  9:00 Welcome and Opening Remarks
  Fred Roberts, DIMACS Director

 9:00 - 10:00 Correlation, Communication, Complexity and Competition
  Abraham Neyman, Hebrew University

10:00 - 10:30 Break

10:30 - 11:30 Olivier Gossner, TBA

11:30 - 12:30 Players as Serial or Parallel Random Access Machines
  Timothy Van Zandt, INSEAD

12:30 -  2:00 Lunch

 2:00 -  3:00 Michael Kearns, University of Pennsylvania, TBA

 3:00 -  3:30 Break

 3:30 -  4:30 Deterministic Calibration and Nash Equilibrium
  Sham Kakade, University of Pennsylvania

 4:30 -  5:30 For Bayesian Wannabees, Are Disagreements not About Information?
  Robin Hanson, George Mason University 

 6:00 Dinner - DIMACS Lounge

Tuesday, February 1, 2005

 8:30 -  9:00 Breakfast and Registration

 9:00 - 10:00 Algorithms for Graphical Games
  Luis Ortiz, MIT

10:00 - 10:30 Break

10:30 - 11:30 Deterministic Calibration with Simpler Checking Rules
  Dean Foster, University of Pennsylvania

11:30 -  1:00 Lunch

 1:00 -  2:00 Mechanism Design and Deliberative Agents
  Kate Larsen, University of Waterloo

 2:00 -  2:30 Break

 2:30 -  3:30 Vahab Mirrokni, MIT, Convergence Issues in Competitive Games

 3:30  - 4:30 Efficient Equilibrium Algorithms for Compact Repeated Games
  Michael Littman, Rutgers University 


**
Registration Fees:

(Pre-registration deadline: January 24, 2005)

Please see website for additional registration information.

*
Information on participation, registration, accomodations, and travel 
can be found at:

http://dimacs.rutgers.edu/Workshops/Bounded/

   **PLEASE BE SURE TO PRE-REGISTER EARLY**

***


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


DIMACS Workshop on Large-Scale Games at Northwestern University

2004-12-22 Thread Linda Casals

**Call For Papers
*
 
DIMACS Workshop on Large-Scale Games
 April 17 - 19, 2005
 **Location:  Evanston Campus, Northwestern University,
   Evanston, Illinois**

Organizers:
 Lance Fortnow, University of Chicago, [EMAIL PROTECTED] 
 Rakesh Vohra, Northwestern University, [EMAIL PROTECTED] 
 
Presented under the auspices of the Special Focus on Computation and
the Socio-Economic Sciences.

 

On the Internet we have games with a large number of agents,
asynchronous play, and an the absence of full knowledge about the
number of agents one is playing against or the beliefs they
possess. The Internet is not the only institution to possess these
features nor the first. Markets for traditional goods and services as
well as travel networks all possess these features.

This workshop is devoted to the analysis of large scale games of the
kinds inspired by the Internet and other computer networks, markets,
traffic networks and other large systems. We invite papers that will
show how to adapt and extend classical game theoretic models to deal
with a large number of players, accommodate the absence of common
knowledge, common priors, asynchrony in play and distributed
computation.

Examples of the kind of work that would be suitable for this workshop
include price of anarchy models, robust and on-line mechanism design,
timing games, asymptotic analysis of traditional auctions, continuous
double auctions (two-sided markets) and network formation.

Please submit an extended abstract or paper (in .pdf form only) to
[EMAIL PROTECTED] by January 15, 2005. Include the
word `DIMACS' in the subject heading.  Acceptance decisions will be
made by February 15, 2005.

It will consist of 5 invited overview talks (hour long) and a
collection of submitted talks (half hour). The overview talks are
listed below. This workshop is supported by DIMACS, the Managerial
Economics and Decision Sciences Department of the Kellogg School
(http://www.kellogg.nwu.edu/meds/index.htm) and Northwestern
University's Institute for Complex Systems
(http://ccl.northwestern.edu/nico/).

The workshop will take place at Northwestern University's Evanston
Campus. It will start on the morning of the 17th and end around lunch
time on the 19th.

OVERVIEW TALKS:

*   Network and Coalition Formation: Matthew Jackson
*   Price of Anarchy Models: Tim Roughgarden
*   Equilibrium Notions for Games with Many Players: Ehud Kalai
*   Mechanism Design Models without the Common Prior: Jason Hartline
*   Asymptotic Analysis of Market Mechanisms: Mark Satterthwaite


**
Call For Participation:

Please submit an extended abstract or paper (in .pdf form only) to
[EMAIL PROTECTED] by January 15, 2005. Include the
word `DIMACS' in the subject heading.  Acceptance decisions will be
made by February 15, 2005.

**
Registration Fees:

(Pre-registration deadline: March 15, 2005)

Please see website for additional registration information.

*
Information on participation, registration, accomodations, and travel 
can be found at:

http://dimacs.rutgers.edu/Workshops/Games/

   **PLEASE BE SURE TO PRE-REGISTER EARLY**

***

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


DIMACS Workshop on Security of Web Services and E-Commerce

2004-12-13 Thread Linda Casals

Call for Participation Deadline January 17, 2005
***

DIMACS Workshop on Security of Web Services and E-Commerce

 May 5 - 6, 2005 
 DIMACS Center, Rutgers University, Piscataway, NJ


Organizer: 

  Brian LaMacchia, Microsoft, [EMAIL PROTECTED] 
   
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.



 The growth of Web Services, and in particular electronic commerce
activities based on them, is quickly being followed by work on Web
Services security protocols. While core XML security standards like
XMLDSIG, XMLENC and WS-Security have been completed, they only provide
the basic building blocks of authentication, integrity protection and
confidentiality for Web Services. Additional Web Services standards
and protocols are required to provide higher-order operations such as
trust management, delegation, and federation. At the same time, the
sharp rise in phishing attacks and other forms of on-line fraud
simply confirms that all our work on security protocols is for naught
if we cannot make it both possible and easy for the average user to
discover when a security property has failed during a
transaction. This workshop aims to explore these areas as well as
other current and future security and privacy challenges for Web
Services applications and e-commerce.


**
Participation:

The workshop will be open to the public (no submission is necessary to
attend). If you'd like to give a presentation please send a title and
abstract to [EMAIL PROTECTED] by January 17, 2005. 
Submissions may describe ongoing or planned work related to the
security of Web Services and electronic commerce, or they may discuss
important research problems or propose a research agenda in this
area. Also, we intend this to be a participatory and interactive
meeting so we hope you will be able to contribute to the meeting even
without giving an announced talk.

*
Registration:

Pre-registration deadline: April 28, 2005

Please see website for complete registration information:
http://dimacs.rutgers.edu/Workshops/Commerce/

*

Information on participation, registration, accomodations, and travel 
can be found at:

http://dimacs.rutgers.edu/Workshops/Commerce/

   **PLEASE BE SURE TO PRE-REGISTER EARLY**



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


[Publicity-list] DIMACS Workshop on Mobile and Wireless Security

2004-10-28 Thread Linda Casals

*
 
DIMACS Workshop on Mobile and Wireless Security 
  
 November 3 - 4, 2004
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
  Bill Arbaugh, University of Maryland, [EMAIL PROTECTED] 
 
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.




The rapid growth of both voice and data wireless communications has
resulted in several serious security problems in both the voice and 
data spaces. Unfortunately, many of the early security mistakes made 
with wireless voice communications were repeated with data
communications, i.e. the use of flawed authentication and
confidentiality algorithms. For example, the standards committee for 
802.11 left many of the difficult security issues such as key
management and a robust authentication mechanism as open problems. 
This has led many organizations to use either a permanent fixed
cryptographic variable or no encryption with their wireless networks. 
Since wireless networks provide an adversary a network access point
that is beyond the physical security controls of the organization, 
security can be a problem. Similarly, attacks against WEP, the
link-layer security protocol for 802.11 networks can exploit design 
failures to successfully attack such networks. This workshop will 
focus on addressing the many outstanding issues that remain in
wireless cellular and WLAN networking such as (but not limited to):
Management and monitoring; ad-hoc trust establishment; secure roaming
between overlay networks; availability and denial of service
mitigation; and network and link layer security protocols. We will 
seek to extend work on ad hoc networking from a non-adversarial
setting, assuming a trusted environment, to a more realistic setting
in which an adversary may attempt to disrupt communication. We will
investigate a variety of approaches to securing ad hoc networks, in 
particular ways to take advantage of their inherent redundancy 
(multiple routes between nodes), replication, and new cryptographic 
schemes such as threshold cryptography.

**

Workshop Program:

Wednesday, November 3, 2004

 9:00 - 10:00  Breakfast and Registration

10:00 - 10:15  Welcome and Overview of Program  
   Fred Roberts, DIMACS Director

10:15 - 11:00  Wireless Authentication Overview 
   William Arbaugh

11:00 - 11:45  Role of Authorization in Wireless Network Security   
   Pasi Eronen, Nokia

11:45 - 12:30  Network Access Control Schemes Vulnerable to 
   Covert Channels  
   Florent Bersani

12:30 -  2:00  Lunch

 2:00 -  2:45  802.11 Authentication and Keying Requirements
   Jesse Walker, Intel 
 
 2:45 -  3:30  Secure and Efficient Network Access
   Jari Arkko, Ericsson
 
 3:30 -  4:00  Break

 4:00 -  5:00  Extending the GSM/3G Key Infrastructure
   Scott Guthery, CTO Mobile-Mind, Inc.

 5:00  Social Event

Thursday, November 4, 2004

 8:30 -  9:00  Breakfast and Registration   
 
 9:00 -  9:45  Wireless Security and Roaming Overview   
   Nidal Aboudagga, UCL

 9:45 - 10:30  A Proposal for Next Generation Cellular Network 
   Authentication and Authorization Architecture
   James Kempf, DoCoMo USA Labs

10:30 - 11:00  Break

11:00 - 11:45  Threshold Cryptography and Wireless Roaming
   Dan Geer and Moti Yung

11:45 - 12:30  Securing Wireless Localization   
   Zang Li, Rutgers

12:30 -  2:00  Lunch

 2:00 -  3:30  Discussion Period- how to move forward, hard problems?   
   William Arbaugh

 3:30  Closing

**
Registration:

Pre-registration deadline: October 27, 2004

Please see website for registration information.

*
Information on participation, registration, accomodations, and travel 
can be found at:

http://dimacs.rutgers.edu/Workshops/MobileWireless/

   **PLEASE BE SURE TO PRE-REGISTER EARLY**



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


DIMACS Workshop on Mobile and Wireless Security

2004-09-30 Thread Linda Casals

*
 
DIMACS Workshop on Mobile and Wireless Security 
  
 November 3 - 4, 2004
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
  Bill Arbaugh, University of Maryland, [EMAIL PROTECTED] 
 
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.




The rapid growth of both voice and data wireless communications has
resulted in several serious security problems in both the voice and 
data spaces. Unfortunately, many of the early security mistakes made 
with wireless voice communications were repeated with data
communications, i.e. the use of flawed authentication and
confidentiality algorithms. For example, the standards committee for 
802.11 left many of the difficult security issues such as key
management and a robust authentication mechanism as open problems. 
This has led many organizations to use either a permanent fixed
cryptographic variable or no encryption with their wireless networks. 
Since wireless networks provide an adversary a network access point
that is beyond the physical security controls of the organization, 
security can be a problem. Similarly, attacks against WEP, the
link-layer security protocol for 802.11 networks can exploit design 
failures to successfully attack such networks. This workshop will 
focus on addressing the many outstanding issues that remain in
wireless cellular and WLAN networking such as (but not limited to):
Management and monitoring; ad-hoc trust establishment; secure roaming
between overlay networks; availability and denial of service
mitigation; and network and link layer security protocols. We will 
seek to extend work on ad hoc networking from a non-adversarial
setting, assuming a trusted environment, to a more realistic setting
in which an adversary may attempt to disrupt communication. We will
investigate a variety of approaches to securing ad hoc networks, in 
particular ways to take advantage of their inherent redundancy 
(multiple routes between nodes), replication, and new cryptographic 
schemes such as threshold cryptography.

**

Call for Participation:

Advances in wireless technology as well as several other areas are
changing the way the world does business and as a result computing is
becoming more mobile, and users are demanding continuous access to the
Internet. At the same time, the number of devices with embedded
networking technology is growing exponentially--from boxes with RFID
tags to Wi-Fi capable refrigerators since they destroy the notion of a
static defensive perimeter. Furthermore, these trends make the ease of
use and management of wireless based networks more important since
naive consumers in the future will be establishing and using wireless
networks on a scale significantly larger than today. This workshop
will focus on identifying the current and future problems in wireless
security and privacy and discuss possible solutions.

The three day workshop will be organized around a series of talks on
subjects related to mobility, wireless, and security and privacy
technologies. There will be a mix between invited talks and talks
selected from extended abstracts with plenty of discussion time
between talks.



Workshop Program:
Wednesday, November 3, 2004

 9:00 - 10:00  Breakfast and Registration

10:00 - 10:15  Welcome and Overview of Program  
   Fred Roberts, DIMACS Director

10:15 - 11:00  Wireless Authentication Overivew 
   William Arbaugh

11:00 - 11:45  TBD  
   DJ Johnston, Intel (tentatively confirmed)

11:45 - 12:30  Role of Authorization in Wireless Network Security   
   Pasi Eronen, Nokia

12:30 -  2:00  Lunch

 2:00 -  2:45  Network Access Control Schemes Vulnerable to Covert Channels 
   Florent Bersani

 2:45 -  3:30  TBD  
   Jesse Walker, Intel 
 
 3:30 -  4:00  Break

 4:00 -  5:00  Secure and Efficient Network Access  
   Jari Arkko, Ericsson

 5:00  Social Event

Thursday, November 4, 2004

 8:30 -  9:00  Breakfast and Registration   
 
 9:00 -  9:45  Extending the GSM/3G Key Infrastructure  
   Scott Guthery

 9:45 - 10:30  Wireless Security and Roaming Overview   
   Nidal Aboudagga, UCL

10:30 - 11:00  Break

11:00 - 11:45  TBD  
   James Kempf, DoCoMo USA Labs

11:45 - 12:30  TBD  
   Nancy Cam-Winget, Cisco 

12:30 -  2:00  Lunch

 2:00 -  2:45  Securing Wireless Localization   
   Zang Li, Rutgers

 2:45 -  3:30  Discussion Period- how to move forward, hard problems?   
   William Arbaugh

 3:30  Closing

**
Registration:


[Publicity-list] DIMACS Workshop on Computational Issues in Auction Design

2004-09-16 Thread Linda Casals

*
 
DIMACS Workshop on Computational Issues in Auction Design
  
 October 7 - 8, 2004
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
   
 Jayant Kalagnanam, IBM Watson Lab, [EMAIL PROTECTED]  
 Eric Maskin, School of Social Science, Institute for Advanced
 Study, [EMAIL PROTECTED] 
 David Parkes, Harvard University, [EMAIL PROTECTED] 
 Aleksandar Pekec, Fuqua School of Business, Duke University,
 [EMAIL PROTECTED] 
 Michael Rothkopf, Rutgers University, [EMAIL PROTECTED] 
 
Presented under the auspices of the Special Focus on Computation and
the Socio-Economic Sciences.

 

Recent advances in information technology and its rapid acceptance by
the business community have allowed for the possibility of expediting
complex business transactions. The most prominent example is use of
auctions in corporate procurement and in government deregulation
efforts. When many items with interrelated values are being sold,
economic efficiency can be increased by allowing bidders to make bids
on combinations of items. Procedures for auctioning combinations of
items have inherent computational problems that have to be overcome,
and the emergence of these issues has sparked considerable research
activity in the computer science and combinatorial optimization
communities. The most prominent example is combinatorial auctions in
which multiple goods are auctioned and bidders have and wish to
express different valuations on which goods complement each other and
which goods substitute for each other.

Topics of interest include:
-- expressive bidding languages
-- practical applications (e.g. to electricity, spectrum,...)
-- procurement and e-sourcing
-- combinatorial exchanges
-- preference elicitation
-- optimal auction design
-- approximate mechanisms
-- communication and computation complexity in combinatorial auctions

**
Workshop Program:

Thursday, October 7, 2004 

 8:00 -  8:30  Registration and Breakfast - CoRE Building, 4th Floor

 8:30 -  8:45  Welcome and Opening Remarks
   Fred Roberts, DIMACS Director

 8:45 -  9:30  Characterizing Dominant Strategy Mechanisms with 
   Multi-dimensional types
   Rakesh Vohra, Northwestern

 9:30 - 10:10  Multiitem auctions with credit limits
   Shmuel Oren and Shehzad Wadalawala, UC Berkeley

10:10 - 10:30  Break

10:30 - 11:15  Approximation Algorithms for Truthful Mechanisms
   Eva Tardos, Cornell
 
11:15 - 11:55  Tolls for heterogeneous selfish users in multicommodity
   generalized congestion games
   Lisa Fleischer, Carnegie Mellon University, Kamal Jain,
   MSR and Mohammad Mahdian, MIT

11:55 - 12:35  VCG Overpayment in Random Graphs
   Evdokia Nikolova and  David Karger, MIT

12:35 -  2:00  Lunch

 2:00 -  2:45  The communication requirements of social
   choice rules and supporting budget sets
   Ilya Segal, Stanford University

 2:45 -  3:25  The communication complexity of the private
   value single item bisection auction
   Elena Grigorieva,  P Jean-Jacques Herings, Rudolf Muller, and
   Dries Vermeulen, University Maastricht, the Netherlands

 3:25 -  3:45  Break

 3:45 -  4:30  Market Mechanisms for Redeveloping Spectrum
   Evan Kwerel, FCC

 4:30 -  5:15  Issues in Electricity Market Auction Design
   Richard O'Neill, FERC

 5:15 -  6:15  Panel

 6:30  Dinner

Friday, October 8, 2004

 8:00 -  8:30  Breakfast and Registration

 8:30 -  9:15  Incentive Compatibility in Multi-unit Auctions
   Sushil Bikhchandani, UCLA
 
 9:15 - 10:00  The Over-Concentrating Nature of Simultaneous Ascending Auctions
   Charles Zheng, Northwestern

10:00 - 10:20  Break

10:20 - 11:00  Designing Auction Protocols under Asymmetric Information on
   Nature's Selection
   Takayuki Ito, Nagoya Inst.,  Makoto Yokoo, Kyushu and
   Shigeo Matsubara, NTT

11:00 - 11:40  Elicitation in combinatorial auctions with restricted 
   preferences and bounded interdependency between items
   Vincent Conitzer and Tuomas Sandholm, Carnegie 
   Mellon University, and Paolo Santi, Pisa University
   
11:40 - 12:20  Applying learning algorithms to preference elicitation
   in combinatorial auctions
   Sebastien Lahaie and David C. Parkes, Harvard

12:20 -  1:30  Lunch


 1:30 -  2:15  To auction or not?  Historical perspectives on the development
   of ecommerce
   Andrew Odlyzko, University of Minnesota

 2:15 -  2:55  Non-computational Approaches to Mitigating Computational Problems
   

[Publicity-list] DIMACS Workshop on Mobile and Wireless Security

2004-08-31 Thread Linda Casals
*
 
DIMACS Workshop on Mobile and Wireless Security 
  
 November 3 - 4, 2004
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
  Bill Arbaugh, University of Maryland, [EMAIL PROTECTED] 
 
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.

CALL FOR PAPERS DEADLINE:  September 1, 2004



The rapid growth of both voice and data wireless communications has
resulted in several serious security problems in both the voice and 
data spaces. Unfortunately, many of the early security mistakes made 
with wireless voice communications were repeated with data
communications, i.e. the use of flawed authentication and
confidentiality algorithms. For example, the standards committee for 
802.11 left many of the difficult security issues such as key
management and a robust authentication mechanism as open problems. 
This has led many organizations to use either a permanent fixed
cryptographic variable or no encryption with their wireless networks. 
Since wireless networks provide an adversary a network access point
that is beyond the physical security controls of the organization, 
security can be a problem. Similarly, attacks against WEP, the
link-layer security protocol for 802.11 networks can exploit design 
failures to successfully attack such networks. This workshop will 
focus on addressing the many outstanding issues that remain in
wireless cellular and WLAN networking such as (but not limited to):
Management and monitoring; ad-hoc trust establishment; secure roaming
between overlay networks; availability and denial of service
mitigation; and network and link layer security protocols. We will 
seek to extend work on ad hoc networking from a non-adversarial
setting, assuming a trusted environment, to a more realistic setting
in which an adversary may attempt to disrupt communication. We will
investigate a variety of approaches to securing ad hoc networks, in 
particular ways to take advantage of their inherent redundancy 
(multiple routes between nodes), replication, and new cryptographic 
schemes such as threshold cryptography.

**

Call for Participation:

Advances in wireless technology as well as several other areas are
changing the way the world does business and as a result computing is
becoming more mobile, and users are demanding continuous access to the
Internet. At the same time, the number of devices with embedded
networking technology is growing exponentially--from boxes with RFID
tags to Wi-Fi capable refrigerators since they destroy the notion of a
static defensive perimeter. Furthermore, these trends make the ease of
use and management of wireless based networks more important since
naive consumers in the future will be establishing and using
wireless networks on a scale significantly larger than today. This
workshop will focus on identifying the current and future problems in
wireless security and privacy and discuss possible solutions.

The three day workshop will be organized around a series of talks on
subjects related to mobility, wireless, and security and privacy
technologies. There will be a mix between invited talks and talks
selected from extended abstracts with plenty of discussion time
between talks.

Authors are encouraged to submit an extended abstract on any topic
related to wireless and mobile security. Example topics of interest
are Interworking security, mesh network security, sensor network
security, the privacy of RFID networks, and the security of community
networks. These topics are examples only and authors are encouraged to
submit extended abstracts on other topics related to the workshop as
long as the abstract is of a technical and research nature. Authors
are also encouraged to submit early work, and new or outlandish ideas
as the primary goal of the workshop is to allow researchers from the
networking and security communities to meet in a workshop environment
where ideas can be exchanged and discussed in an inter-disciplinary
environment.

Authors should submit a two page extended abstract in a font no less
than 11pt with reasonable margins by midnight (Eastern time) 
September 1, 2004. Submission instructions will be posted at
http://www.missl.cs.umd.edu/dimacs-workshop.


Workshop Program:
The following is a list of invited speakers:

* Bernard Aboba, Microsoft
* Nancy Cam-Winget, Cisco
* David Johnston, Intel
* James Kempf, DoCoMo USA Labs
* Insun Lee, Samsung Electronics
* Jari Malinen, Nokia
* Jesse Walker, Intel 
**
Registration:

Pre-registration deadline: October 27, 2004

Please see website for registration information.


[Publicity-list] DIMACS Workshop on Computational Issues in Auction Design

2004-08-31 Thread Linda Casals
*
 
DIMACS Workshop on Computational Issues in Auction Design
  
 October 7 - 8, 2004
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
   
 Jayant Kalagnanam, IBM Watson Lab, [EMAIL PROTECTED]  
 Eric Maskin, School of Social Science, Institute for Advanced
 Study, [EMAIL PROTECTED] 
 David Parkes, Harvard University, [EMAIL PROTECTED] 
 Aleksandar Pekec, Fuqua School of Business, Duke University,
 [EMAIL PROTECTED] 
 Michael Rothkopf, Rutgers University, [EMAIL PROTECTED] 
 
Presented under the auspices of the Special Focus on Computation and
the Socio-Economic Sciences.

 

Recent advances in information technology and its rapid acceptance by
the business community have allowed for the possibility of expediting
complex business transactions. The most prominent example is use of
auctions in corporate procurement and in government deregulation
efforts. When many items with interrelated values are being sold,
economic efficiency can be increased by allowing bidders to make bids
on combinations of items. Procedures for auctioning combinations of
items have inherent computational problems that have to be overcome,
and the emergence of these issues has sparked considerable research
activity in the computer science and combinatorial optimization
communities. The most prominent example is combinatorial auctions in
which multiple goods are auctioned and bidders have and wish to
express different valuations on which goods complement each other and
which goods substitute for each other.

Topics of interest include:
-- expressive bidding languages
-- practical applications (e.g. to electricity, spectrum,...)
-- procurement and e-sourcing
-- combinatorial exchanges
-- preference elicitation
-- optimal auction design
-- approximate mechanisms
-- communication and computation complexity in combinatorial auctions

**
Workshop Program:

Thursday, October 7, 2004 

 8:00 -  8:30  Registration and Breakfast - CoRE Building, 4th Floor

 8:30 -  8:45  Welcome and Opening Remarks
   Fred Roberts, DIMACS Director

 8:45 -  9:30  Characterizing Dominant Strategy Mechanisms with Multi-dimensional types
   Rakesh Vohra, Northwestern

 9:30 - 10:10  Multiitem auctions with credit limits
   Shmeul Oren and Shehzad Wadawala, UC Berkeley

10:10 - 10:30  Break

10:30 - 11:15  Approximation Algorithms for Truthful Mechanisms
   Eva Tardos, Cornell
 
11:15 - 11:55  Tolls for heterogeneous selfish users in multicommodity
   generalized congestion games
   Lisa Fleischer, Carnegie Mellon University, Kamal Jain, MSR and 
   Mohammad Mahdian, MIT

11:55 - 12:35  VCG Overpayment in Random Graphs
   Evdokia Nikolova and  David Karger, MIT

12:35 -  2:00  Lunch

 2:00 -  2:45  The communication requirements of social
   choice rules and supporting budget sets
   Ilya Segal, Stanford University

 2:45 -  3:25  The communication complexity of the private
   value single item bisection auction
   Elena Grigorieva,  P Jean-Jacques Herings, Rudolf Muller, and
   Dries Vermeulen, U. Maastricht

 3:25 -  3:45  Break

 3:45 -  4:30  Market Mechanisms for Redeveloping Spectrum
   Evan Kwerel, FCC

 4:30 -  5:15  Issues in Electricity Market Auction Design
   Richard O'Neill, FERC

 5:15 -  6:15  Panel

 6:30  Dinner

Friday, October 8, 2004

 8:00 -  8:30  Breakfast and Registration

 8:30 -  9:15  Incentive Compatibility in Multi-unit Auctions
   Sushil Bikhchandani, UCLA
 
 9:15 - 10:00  The Over-Concentrating Nature of Simultaneous Ascending Auctions
   Charles Zheng, Northwestern

10:00 - 10:20  Break

10:20 - 11:00  Designing Auction Protocols under Asymmetric Information on
   Nature's Selection
   Takayuki Ito, Nagoya Inst.,  Makoto Yokoo, Kyushu and
   Shigeo Matsubara, NTT

11:00 - 11:40  Towards a Characterization of Polynomial Preference Elicitation
   with Value queries in Combinatorial Auctions
   Paolo Santi, Pisa, Tuomas Sandholm, Carnegie Mellon University and
   Vincent Conitzer, CMU

11:40 - 12:20  Applying learning algorithms to preference elicitation
   in combinatorial auctions
   Sebastien Lahaie and David C. Parkes, Harvard

12:20 -  1:30  Lunch


 1:30 -  2:15  To auction or not?  Historical perspectives on the development
   of ecommerce
   Andrew Odlyzko, University of Minnesota

 2:15 -  2:55  Non-computational Approaches to Mitigating Computational Problems
   in Combinatorial Auctions
   Sasa Pekec, Duke University 

[Publicity-list] DIMACS Workshop on Mobile and Wireless Security

2004-08-20 Thread Linda Casals

*
 
DIMACS Workshop on Mobile and Wireless Security 
  
 November 3 - 4, 2004
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
  Bill Arbaugh, University of Maryland, [EMAIL PROTECTED] 
 
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.

CALL FOR PAPERS DEADLINE:  September 1, 2004



The rapid growth of both voice and data wireless communications has
resulted in several serious security problems in both the voice and 
data spaces. Unfortunately, many of the early security mistakes made 
with wireless voice communications were repeated with data
communications, i.e. the use of flawed authentication and
confidentiality algorithms. For example, the standards committee for 
802.11 left many of the difficult security issues such as key
management and a robust authentication mechanism as open problems. 
This has led many organizations to use either a permanent fixed
cryptographic variable or no encryption with their wireless networks. 
Since wireless networks provide an adversary a network access point
that is beyond the physical security controls of the organization, 
security can be a problem. Similarly, attacks against WEP, the
link-layer security protocol for 802.11 networks can exploit design 
failures to successfully attack such networks. This workshop will 
focus on addressing the many outstanding issues that remain in
wireless cellular and WLAN networking such as (but not limited to):
Management and monitoring; ad-hoc trust establishment; secure roaming
between overlay networks; availability and denial of service
mitigation; and network and link layer security protocols. We will 
seek to extend work on ad hoc networking from a non-adversarial
setting, assuming a trusted environment, to a more realistic setting
in which an adversary may attempt to disrupt communication. We will
investigate a variety of approaches to securing ad hoc networks, in 
particular ways to take advantage of their inherent redundancy 
(multiple routes between nodes), replication, and new cryptographic 
schemes such as threshold cryptography.

**

Call for Participation:

Advances in wireless technology as well as several other areas are
changing the way the world does business and as a result computing is
becoming more mobile, and users are demanding continuous access to the
Internet. At the same time, the number of devices with embedded
networking technology is growing exponentially--from boxes with RFID
tags to Wi-Fi capable refrigerators since they destroy the notion of a
static defensive perimeter. Furthermore, these trends make the ease of
use and management of wireless based networks more important since
naive consumers in the future will be establishing and using
wireless networks on a scale significantly larger than today. This
workshop will focus on identifying the current and future problems in
wireless security and privacy and discuss possible solutions.

The three day workshop will be organized around a series of talks on
subjects related to mobility, wireless, and security and privacy
technologies. There will be a mix between invited talks and talks
selected from extended abstracts with plenty of discussion time
between talks.

Authors are encouraged to submit an extended abstract on any topic
related to wireless and mobile security. Example topics of interest
are Interworking security, mesh network security, sensor network
security, the privacy of RFID networks, and the security of community
networks. These topics are examples only and authors are encouraged to
submit extended abstracts on other topics related to the workshop as
long as the abstract is of a technical and research nature. Authors
are also encouraged to submit early work, and new or outlandish ideas
as the primary goal of the workshop is to allow researchers from the
networking and security communities to meet in a workshop environment
where ideas can be exchanged and discussed in an inter-disciplinary
environment.

Authors should submit a two page extended abstract in a font no less
than 11pt with reasonable margins by midnight (Eastern time) 
September 1, 2004. Submission instructions will be posted at
http://www.missl.cs.umd.edu/dimacs-workshop.


Workshop Program:
The following is a list of invited speakers:

* Bernard Aboba, Microsoft
* Nancy Cam-Winget, Cisco
* David Johnston, Intel
* James Kempf, DoCoMo USA Labs
* Insun Lee, Samsung Electronics
* Jari Malinen, Nokia
* Jesse Walker, Intel 
**
Registration:

Pre-registration deadline: October 27, 2004

Please see website for registration information.


DIMACS Workshop on Mobile and Wireless Security

2004-07-28 Thread Linda Casals


***CALL FOR PAPERS*

*
 
DIMACS Workshop on Mobile and Wireless Security 
  
 November 3 - 5, 2004
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
  Bill Arbaugh, University of Maryland, [EMAIL PROTECTED] 
 
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.

CALL FOR PAPERS DEADLINE:  September 1, 2004



The rapid growth of both voice and data wireless communications has
resulted in several serious security problems in both the voice and 
data spaces. Unfortunately, many of the early security mistakes made 
with wireless voice communications were repeated with data
communications, i.e. the use of flawed authentication and
confidentiality algorithms. For example, the standards committee for 
802.11 left many of the difficult security issues such as key
management and a robust authentication mechanism as open problems. 
This has led many organizations to use either a permanent fixed
cryptographic variable or no encryption with their wireless networks. 
Since wireless networks provide an adversary a network access point
that is beyond the physical security controls of the organization, 
security can be a problem. Similarly, attacks against WEP, the
link-layer security protocol for 802.11 networks can exploit design 
failures to successfully attack such networks. This workshop will 
focus on addressing the many outstanding issues that remain in
wireless cellular and WLAN networking such as (but not limited to):
Management and monitoring; ad-hoc trust establishment; secure roaming
between overlay networks; availability and denial of service
mitigation; and network and link layer security protocols. We will 
seek to extend work on ad hoc networking from a non-adversarial
setting, assuming a trusted environment, to a more realistic setting
in which an adversary may attempt to disrupt communication. We will
investigate a variety of approaches to securing ad hoc networks, in 
particular ways to take advantage of their inherent redundancy 
(multiple routes between nodes), replication, and new cryptographic 
schemes such as threshold cryptography.

**

Call for Participation:

Advances in wireless technology as well as several other areas are
changing the way the world does business and as a result computing is
becoming more mobile, and users are demanding continuous access to the
Internet. At the same time, the number of devices with embedded
networking technology is growing exponentially--from boxes with RFID
tags to Wi-Fi capable refrigerators since they destroy the notion of a
static defensive perimeter. Furthermore, these trends make the ease of
use and management of wireless based networks more important since
naive consumers in the future will be establishing and using
wireless networks on a scale significantly larger than today. This
workshop will focus on identifying the current and future problems in
wireless security and privacy and discuss possible solutions.

The three day workshop will be organized around a series of talks on
subjects related to mobility, wireless, and security and privacy
technologies. There will be a mix between invited talks and talks
selected from extended abstracts with plenty of discussion time
between talks.

Authors are encouraged to submit an extended abstract on any topic
related to wireless and mobile security. Example topics of interest
are Interworking security, mesh network security, sensor network
security, the privacy of RFID networks, and the security of community
networks. These topics are examples only and authors are encouraged to
submit extended abstracts on other topics related to the workshop as
long as the abstract is of a technical and research nature. Authors
are also encouraged to submit early work, and new or outlandish ideas
as the primary goal of the workshop is to allow researchers from the
networking and security communities to meet in a workshop environment
where ideas can be exchanged and discussed in an inter-disciplinary
environment.

Authors should submit a two page extended abstract in a font no less
than 11pt with reasonable margins by midnight (Eastern time) 
September 1, 2004. Submission instructions will be posted at
http://www.missl.cs.umd.edu/dimacs-workshop.

**
Registration:

Pre-registration deadline: October 27, 2004

Please see website for registration information.

*
Information on participation, registration, accomodations, and travel 
can be found at:

http://dimacs.rutgers.edu/Workshops/MobileWireless/

   **PLEASE BE SURE TO PRE-REGISTER EARLY**






DIMACS Workshop on Bounded Rationality

2004-07-28 Thread Linda Casals

*
 
DIMACS Workshop on Bounded Rationality
  
 January 31 - February 1, 2005
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
   
 Lance Fortnow, University of Chicago, [EMAIL PROTECTED] 
 Richard McLean, Rutgers University, [EMAIL PROTECTED] 
 Daijiro Okada, Rutgers University, [EMAIL PROTECTED] 
 
Presented under the auspices of the Special Focus on Computation and
the Socio-Economic Sciences.

 

Traditionally, economists and game theorists have assumed that
strategic agents are fully rational in the sense that all players can
completely reason about the consequences of their actions. In the last
few decades, a number of game theorists have argued, in part motivated
by experimental results, that human players do not behave in a way
consistent with theoretical predictions. Questions have been raised
regarding the postulate of full rationality and some have attempted
formalization of partially or boundedly rational players and games
played by such players. This research falls under the rubric of
bounded rationality.

If one takes the view that a process of decision making in economic or
other social situations constitutes a computation in a formal sense of
theoretical computer science, then one is naturally led to some notion
of bounded computational power as a formal expression of bounded
rationality. Two important and complementary questions in this line of
inquiry are: (1) What is the computational power required in order to
play a game in a way consistent with full rationality? (2) If players
are limited in their computational power, how different will
equilibrium outcomes be from the fully rational case? With regard to
the first question, some researchers have examined the computational
complexity of finding best responses in games. As to the second
question, a number of researchers have focused on repeated games
played by various types of computing machines with an emphasis on
their role in facilitating cooperative behavior. In one branch of this
work, bounded rationality is interpreted as bounded recall where a
player's strategic options are limited by constraints that are placed
on memories of past actions. A larger literature models bounded
rationality in terms of finite automata. In particular, the strategies
of players are limited to those that are implementable by finite state
automata. Further work that studies strategies implementable by Turing
machines may be found. Most of the aforementioned work has been
carried out by game theorists and, with the exception of a short burst
of activity in the mid-1990's, there has not been a significant amount
of activity in bounded rationality from the computer science point of
view. This workshop will bring together economists and game theorists
interested in bounded rationality, as well as theoretical computer
scientists with experience in limited computational models. It will
explore previous interactions between computer scientists and
economists concerning this topic. It will then address such issues as:
What are the desiderata of a model of bounded rationality? How do
models of bounded rationality affect conclusions of standard models?
What aspects of human behavior have no compelling model of bounded
rationality to explain them? Are there computational models that
properly estimate the computational power of bounded players while
allowing for an analysis that yields useful results?


**
Registration Fees:

(Pre-registration deadline: January 24, 2005)

Please see website for additional registration information.

*
Information on participation, registration, accomodations, and travel 
can be found at:

http://dimacs.rutgers.edu/Workshops/Bounded/

   **PLEASE BE SURE TO PRE-REGISTER EARLY**

***

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


[Publicity-list]: DIMACS Workshop on Mobile and Wireless Security

2004-07-01 Thread Linda Casals

***CALL FOR PAPERS*
*
 
DIMACS Workshop on Mobile and Wireless Security 
  
 November 3 - 5, 2004
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
  Bill Arbaugh, University of Maryland, [EMAIL PROTECTED] 
 
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.



The rapid growth of both voice and data wireless communications has
resulted in several serious security problems in both the voice and 
data spaces. Unfortunately, many of the early security mistakes made 
with wireless voice communications were repeated with data
communications, i.e. the use of flawed authentication and
confidentiality algorithms. For example, the standards committee for 
802.11 left many of the difficult security issues such as key
management and a robust authentication mechanism as open problems. 
This has led many organizations to use either a permanent fixed
cryptographic variable or no encryption with their wireless networks. 
Since wireless networks provide an adversary a network access point
that is beyond the physical security controls of the organization, 
security can be a problem. Similarly, attacks against WEP, the
link-layer security protocol for 802.11 networks can exploit design 
failures to successfully attack such networks. This workshop will 
focus on addressing the many outstanding issues that remain in
wireless cellular and WLAN networking such as (but not limited to):
Management and monitoring; ad-hoc trust establishment; secure roaming
between overlay networks; availability and denial of service
mitigation; and network and link layer security protocols. We will 
seek to extend work on ad hoc networking from a non-adversarial
setting, assuming a trusted environment, to a more realistic setting
in which an adversary may attempt to disrupt communication. We will
investigate a variety of approaches to securing ad hoc networks, in 
particular ways to take advantage of their inherent redundancy 
(multiple routes between nodes), replication, and new cryptographic 
schemes such as threshold cryptography.

**

Call for Participation:

Advances in wireless technology as well as several other areas are
changing the way the world does business and as a result computing is
becoming more mobile, and users are demanding continuous access to the
Internet. At the same time, the number of devices with embedded
networking technology is growing exponentially--from boxes with RFID
tags to Wi-Fi capable refrigerators since they destroy the notion of a
static defensive perimeter. Furthermore, these trends make the ease of
use and management of wireless based networks more important since
naïve consumers in the future will be establishing and using
wireless networks on a scale significantly larger than today. This
workshop will focus on identifying the current and future problems in
wireless security and privacy and discuss possible solutions.

The three day workshop will be organized around a series of talks on
subjects related to mobility, wireless, and security and privacy
technologies. There will be a mix between invited talks and talks
selected from extended abstracts with plenty of discussion time
between talks.

Authors are encouraged to submit an extended abstract on any topic
related to wireless and mobile security. Example topics of interest
are Interworking security, mesh network security, sensor network
security, the privacy of RFID networks, and the security of community
networks. These topics are examples only and authors are encouraged to
submit extended abstracts on other topics related to the workshop as
long as the abstract is of a technical and research nature. Authors
are also encouraged to submit early work, and new or outlandish ideas
as the primary goal of the workshop is to allow researchers from the
networking and security communities to meet in a workshop environment
where ideas can be exchanged and discussed in an inter-disciplinary
environment.

Authors should submit a two page extended abstract in a font no less
than 11pt with reasonable margins by midnight (Eastern time) 
September 1, 2004. Submission instructions will be posted at
http://www.missl.cs.umd.edu/dimacs-workshop.

**
Registration:

Pre-registration deadline: October 27, 2004

Please see website for registration information.

*
Information on participation, registration, accomodations, and travel 
can be found at:

http://dimacs.rutgers.edu/Workshops/MobileWireless/

   **PLEASE BE SURE TO PRE-REGISTER EARLY**






[Publicity-list] DIMACS Workshop on Security Analysis of Protocols

2004-05-25 Thread Linda Casals

*
  
 DIMACS Workshop on Security Analysis of Protocols
  
 June 7 - 9, 2004
 DIMACS Center, CoRE Building, Rutgers University, Piscataway, NJ

Organizers: 

  John Mitchell, Stanford, [EMAIL PROTECTED] 
  Ran Canetti, IBM Watson, [EMAIL PROTECTED] 
   
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.

 

The analysis of cryptographic protocols is a fundamental and
challenging area of network security research. Traditionally, there
have been two main approaches. One is the logic approach aimed at
developing automated tools for the formal verification of
protocols. The other is the computational or complexity-theoretic
approach that characterizes protocol security as a set of
computational tasks and proves protocol security via reduction to the
strength of the underlying cryptographic functions. Although these two
lines of work share a common goal, there has been little commonality
between them until the last year or two.

The goal of this workshop is to promote work on security analysis of
protocols and provide a forum for cooperative research combining the
logical and complexity-based approaches.

The workshop will include tutorials on the basics of each approach and
will allow researchers from both communities to talk about their
current work.

Several tutorials and a number of research talks have already been
selected. However, some additional program slots have been set aside
for late-breaking Contributions from interested participants. If you
are interested in giving a talk, please send a title and short
abstract (1-3 pages) to the organizers, Ran Canetti and John Mitchell,
with subject heading DIMACS Security Protocols - title and abstract,
by May 15, 2004.

TOPICS

* - Analysis methods involving computational complexity
* - Game-theoretic approaches
* - Methods based on logic and symbolic computation
* - Probabilistic methods
* - Model checking and symbolic search
* - Formal proof systems
* - Decision procedures and lower bounds
* - Anything else that sounds like a great idea 

**
Participation:

Several tutorials and a number of research talks have already been
selected. However, some additional program slots have been set aside
for late-breaking Contributions from interested participants. If you
are interested in giving a talk, please send a title and short
abstract (1-3 pages) to the organizers, Ran Canetti and John Mitchell,
with subject heading DIMACS Security Protocols - title and abstract,
by May 15, 2004.

The workshop will be open to the public. If you'd like to give a
presentation, please send a title and abstract to the organizers by
May 15, 2004. Also, we intend this to be a participatory and
interactive meeting so we hope you will be able to contribute to the
meeting even without giving an announced talk. 

**

Workshop Program:

Monday, June 7, 2004
 
 8:30 -  9:00  Breakfast and Registration - 4th Floor CoRE Bldg.

 9:00 -  9:10  Welcome and Opening Remarks
   Fred Roberts, DIMACS Director

 9:10 -  9:30  Welcome 
   John Mitchell, Stanford University
   Ran Canetti, IBM Watson

 9:30 - 10:30  Tutorial: Formal methods and protocol analysis
   Peter Ryan, University of Newcastle Upon Tyne

10:30 - 11:00  Break

11:00 - 12:30  Session
 
   Modeling security protocols using I/O automata
   Nancy Lynch, MIT

   Automata-based analysis of recursive cryptographic protocols
   Thomas Wilke, Kiel University

   Formal Analysis of Availability
   Carl A. Gunter, UPenn

12:30 -  2:00  Lunch

 2:00 -  3:00  Tutorial: Towards cryptographically sound formal analysis
   Daniele Micciancio, UCSD 

 3:00 -  3:30  Break

 3:30 -  5:00  Session  

   A Reactively Secure Dolev-Yao-style Cryptographic Library
   Birgit Pfitzmann, IBM Research

   Automated Computationally Faithful Verification of Cryptoprotocols:
   Applying and Extending the Abadi-Rogaway-Jürjens Approach
   Jan Jerjens, TU Munich

   Universally Composable Symbolic Analysis of Cryptographic Protocols
   Jonathan Herzog, MIT

 5:00  Reception - Wine and cheese - DIMACS Lounge

Tuesday, June 8, 2004

 8:30 -  9:00  Breakfast and Registration - 4th Floor CoRE Bldg.
 
 9:30 - 10:30  Tutorial: On composability of cryptographic protocols   
   Yehuda Lindell, IBM Research

10:30 - 11:00  Break

11:00 - 12:30  Session   

   New Notions of Security: Achieving Universal Composability 
   without Trusted Setup
   Manoj Prabhakaran and Amit Sahai, Princeton U

   

[Publicity-list]: DIMACS Workshop on Usable Privacy and Security Software

2004-05-25 Thread Linda Casals

*
 
DIMACS Workshop on Usable Privacy and Security Software
  
 July 7 - 8, 2004
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 

 Lorrie Cranor, Chair, ATT, [EMAIL PROTECTED] 
 Mark Ackerman, University of Michigan, [EMAIL PROTECTED] 
 Fabian Monrose, Johns Hopkins University, [EMAIL PROTECTED] 
 Andrew Patrick, NRC Canada, [EMAIL PROTECTED] 
 Norman Sadeh, Carnegie Mellon University, [EMAIL PROTECTED] 

Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.



This workshop and working group is intended to bring together security
and privacy experts with human-computer interaction experts to discuss
approaches to developing more usable privacy and security
software. The workshop sessions on July 7 and July 8 will include
invited talks and discussion. July 9 will feature a working group of
invited participants who will spend the day identifying important
problems, discussing some of the research issues raised during the
workshop in more depth, and brainstorming about approaches to future
research, collaboration, and more user-centered design of security and
privacy software.

**
Participation:

Participation in the workshop is open to anyone who registers (no
submission necessary).

**
Program:

Wednesday, July 7, 2004

 8:15 -  8:50  Breakfast and Registration - CoRE Bldg., 4th floor

 8:50 -  9:00  Welcome and Opening Remarks
   Fred Roberts, DIMACS Director

 9:00 -  9:15  Opening Session
   Welcome: Lorrie Cranor, Carnegie Mellon University

 9:15 - 11:30  CHALLENGES, APPROACHES, AND MENTAL MODELS 

   Usable Security: Beyond the Interface
   Angela Sasse, University College London

   HCI Issues in Privacy
   Mark Ackerman, University of Michigan

   Security as Experience and Practice: Supporting Everyday Security
   Paul Dourish, UC Irvine

   Best Practices for Usable Security In Desktop Software
   Simson Garfinkel, MIT 

   Short Talk: A Flock of Birds, Safely Staged
   Scott Flinn, National Research Council of Canada

11:30 - 12:00  BREAK

12:00 - 12:45  Keynote:  Privacy and Security: Putting People First
   Elizabeth Mynatt, Georgia Institute of Technology

12:45 - 1:45   LUNCH

 1:45 - 2:30   Keynote: Human-Scale Security
   Matt Blaze, University of Pennsylvania

 2:30 - 3:00   BREAK

 3:00 - 5:30   AUTHENTICATION 

   Some Practical Guidance for Improved Password Usability
   Mike Just, Treasury Board of Canada

   Fingerprint authentication: The user experience
   Lynne Coventry, NCR

   Authentication for Humans
   Rachna Dhamija, UC Berkeley

   On user choice in graphical password schemes
   Fabian Monrose, Johns Hopkins University

   Short talk: Secure Web Authentication with Mobile Phones
   Min Wu, MIT

   Short talk: Toward Usable Security
   Dirk Balfanz, Palo Alto Research Center

5:30   Reception

6:15   Dinner

Thursday, July 8, 2004

 8:30 -  9:00  Breakfast and Registration
 
 9:00 - 10:30  PRIVACY, ANONYMITY, AND ENCRYPTION TOOLS (part I)

   Cryptography and Information Sharing in Civil Society
   Marc Levine, Benetech

   Anonymity loves company: Usability as a security parameter
   Roger Dingledine, The Free Haven Project

   Making Security Visible
   Alma Whitten, Google

   Short talk: Techniques for Visual Feedback of Security State
   Tara Whalen, Dalhousie University

10:30 - 11:00  BREAK

11:00 - 12:30  PRIVACY, ANONYMITY, AND ENCRYPTION TOOLS (part II)

   Privacy Analysis for the Casual User Through Bugnosis
   David Martin, University of Massachusetts Lowell

   Protecting privacy in software agents: Lessons from the PISA project
   Andrew Patrick, National Research Council, Canada

   Architectural issues in distributed, privacy-protecting 
   social networking
   Lenny Foner, MIT

   Short talk: Privacy in Instant Messaging
   Sameer Patil, University of California, Irvine


12:45 -  1:45  LUNCH

 1:45 -  3:15  UBIQUITOUS COMPUTING

   Knowing What You're Doing: A Design Goal for Usable Ubicomp Privacy
   Scott Lederer, UC Berkeley

   Privacy Challenges in Ubiquitous Computing
   Marc Langheinrich, ETH Zurich

   Semantic Web Technologies to Reconcile Privacy 

[Publicity-list] DIMACS Workshop on Electronic Voting -- Theory and Practice

2004-05-25 Thread Linda Casals


*
 
DIMACS Workshop on Electronic Voting -- Theory and Practice
  
   May 26 - 27, 2004 
   DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
   
   Markus Jakobsson, RSA Laboratories, [EMAIL PROTECTED]  
   Ari Juels, RSA Laboratories, [EMAIL PROTECTED] 
   
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy and the Special Focus on Computation 
and the Socio-Economic Sciences..



To many technologists, electronic voting represents a seemingly simple
exercise in system design. In reality, the many requirements it
imposes with regard to correctness, anonymity, and availability pose
an unusually thorny collection of problems, and the security risks
associated with electronic voting, especially remotely over the
Internet, are numerous and complex, posing major technological
challenges for computer scientists. (For a few examples, see
references below.) The problems range from the threat of
denial-of-service-attacks to the need for careful selection of
techniques to enforce private and correct tallying of ballots. Other
possible requirements for electronic voting schemes are resistance to
vote buying, defenses against malfunctioning software, viruses, and
related problems, audit ability, and the development of user-friendly
and universally accessible interfaces.

The goal of the workshop is to bring together and foster an interplay
of ideas among researchers and practitioners in different areas of
relevance to voting. For example, the workshop will investigate
prevention of penetration attacks that involve the use of a delivery
mechanism to transport a malicious payload to the target host. This
could be in the form of a ``Trojan horse'' or remote control
program. It will also investigate vulnerabilities of the communication
path between the voting client (the devices where a voter votes) and
the server (where votes are tallied). Especially in the case of remote
voting, the path must be ``trusted'' and a challenge is to maintain an
authenticated communications linkage. Although not specifically a
security issue, reliability issues are closely related and will also
be considered. The workshop will consider issues dealing with random
hardware and software failures (as opposed to deliberate, intelligent
attack). A key difference between voting and electronic commerce is
that in the former, one wants to irreversibly sever the link between
the ballot and the voter. The workshop will discuss audit trails as a
way of ensuring this. The workshop will also investigate methods for
minimizing coercion and fraud, e.g., schemes to allow a voter to vote
more than once and only having the last vote count.

This workshop is part of the Special Focus on Communication Security
and Information Privacy and will be coordinated with the Special Focus
on Computation and the Socio-Economic Sciences.

This workshop follows a successful first WOTE event, organized by
David Chaum and Ron Rivest in 2001 at Marconi Conference Center in
Tomales Bay, California (http://www.vote.caltech.edu/wote01/). Since
that time, a flurry of voting bills has been enacted at the federal
and state levels, including most notably the Help America Vote Act
(HAVA). Standards development has represented another avenue of reform
(e.g., the IEEE Voting Equipment Standards Project 1583), while a
grassroots movement (http://www.verifiedvoting.org) has arisen to
promote the importance of audit trails as enhancements to
trustworthiness.

**
Program:

This is a preliminary program.

Wednesday, May 26, 2004

 7:45 -  8:20  Breakfast and Registration

 8:20 -  8:30  Welcome and Opening Remarks
   Fred Roberts, DIMACS Director

 8:30 -  9:15  Ron Rivest, MIT (tentative) 

 9:15 - 10:15  Rebecca Mercuri

10:15 - 10:45  Break

10:45 - 11:30  David Chaum  

11:30 - 12:15  Michael Shamos, Carnegie Mellon University   

12:15 -  1:30  Lunch

 1:30 -  1:50  European online voting experiences
   Andreu Riera i Jorba, Universitat AutUnoma de Barcelona, Spain

 1:50 -  2:10  Providing Trusted Paths Using Untrusted Components
   Andre Dos Santos, Georgia Institute of Technology

 2:10 -  2:30  Internet voting based on PKI: the TruE-vote system
   Emilia Rosti, Università degli Studi di Milano, Italy

 2:30 -  2:50  Andy Neff, VoteHere, Inc. 

 2:50 -  3:10  E-voting with Vector Ballots : Homomorphic
   Encryption with Writeins and Shrink-and-Mix networks
   Aggelos Kiayas, University of Connecticut

 3:10 -  3:30  How hard is it to manipulate voting?
   Edith Elkind, Princeton University and
   Helger Lipmaa, Helsinki University of Technology

 3:30 -  3:50  Towards a dependability case for the Chaum e - voting scheme
   Peter Ryan, 

[Publicity-list] DIMACS Workshop on Security Analysis of Protocols

2004-04-28 Thread Linda Casals
*
  
 DIMACS Workshop on Security Analysis of Protocols
  
 June 7 - 9, 2004
 DIMACS Center, CoRE Building, Rutgers University, Piscataway, NJ

Organizers: 

  John Mitchell, Stanford, [EMAIL PROTECTED] 
  Ran Canetti, IBM Watson, [EMAIL PROTECTED] 
   
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.

 

The analysis of cryptographic protocols is a fundamental and
challenging area of network security research. Traditionally, there
have been two main approaches. One is the logic approach aimed at
developing automated tools for the formal verification of
protocols. The other is the computational or complexity-theoretic
approach that characterizes protocol security as a set of
computational tasks and proves protocol security via reduction to the
strength of the underlying cryptographic functions. Although these two
lines of work share a common goal, there has been little commonality
between them until the last year or two.

The goal of this workshop is to promote work on security analysis of
protocols and provide a forum for cooperative research combining the
logical and complexity-based approaches.

The workshop will include tutorials on the basics of each approach and
will allow researchers from both communities to talk about their
current work.

Several tutorials and a number of research talks have already been
selected. However, some additional program slots have been set aside
for late-breaking Contributions from interested participants. If you
are interested in giving a talk, please send a title and short
abstract (1-3 pages) to the organizers, Ran Canetti and John Mitchell,
with subject heading DIMACS Security Protocols - title and abstract,
by May 15, 2004.

TOPICS

* - Analysis methods involving computational complexity
* - Game-theoretic approaches
* - Methods based on logic and symbolic computation
* - Probabilistic methods
* - Model checking and symbolic search
* - Formal proof systems
* - Decision procedures and lower bounds
* - Anything else that sounds like a great idea 

**
Participation:

Several tutorials and a number of research talks have already been
selected. However, some additional program slots have been set aside
for late-breaking Contributions from interested participants. If you
are interested in giving a talk, please send a title and short
abstract (1-3 pages) to the organizers, Ran Canetti and John Mitchell,
with subject heading DIMACS Security Protocols - title and abstract,
by May 15, 2004.

The workshop will be open to the public. If you'd like to give a
presentation, please send a title and abstract to the organizers by
May 15, 2004. Also, we intend this to be a participatory and
interactive meeting so we hope you will be able to contribute to the
meeting even without giving an announced talk. 

**
Registration Fees:

(Pre-registration deadline: May 28, 2004)

Please see website for information on registration.

*
Information on participation, registration, accomodations, and travel 
can be found at:

http://dimacs.rutgers.edu/Workshops/Protocols/

   **PLEASE BE SURE TO PRE-REGISTER EARLY**



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


[Publicity-list]: DIMACS Workshop on Mobile and Wireless Security

2004-04-22 Thread Linda Casals

*
 
DIMACS Workshop on Mobile and Wireless Security 
  
 June 15 - 17 , 2004
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
  Bill Arbaugh, University of Maryland, [EMAIL PROTECTED] 
 
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.



The rapid growth of both voice and data wireless communications has
resulted in several serious security problems in both the voice and 
data spaces. Unfortunately, many of the early security mistakes made 
with wireless voice communications were repeated with data
communications, i.e. the use of flawed authentication and
confidentiality algorithms. For example, the standards committee for 
802.11 left many of the difficult security issues such as key
management and a robust authentication mechanism as open problems. 
This has led many organizations to use either a permanent fixed
cryptographic variable or no encryption with their wireless networks. 
Since wireless networks provide an adversary a network access point
that is beyond the physical security controls of the organization, 
security can be a problem. Similarly, attacks against WEP, the
link-layer security protocol for 802.11 networks can exploit design 
failures to successfully attack such networks. This workshop will 
focus on addressing the many outstanding issues that remain in
wireless cellular and WLAN networking such as (but not limited to):
Management and monitoring; ad-hoc trust establishment; secure roaming
between overlay networks; availability and denial of service
mitigation; and network and link layer security protocols. We will 
seek to extend work on ad hoc networking from a non-adversarial
setting, assuming a trusted environment, to a more realistic setting
in which an adversary may attempt to disrupt communication. We will
investigate a variety of approaches to securing ad hoc networks, in 
particular ways to take advantage of their inherent redundancy 
(multiple routes between nodes), replication, and new cryptographic 
schemes such as threshold cryptography.

**
Participation:

Participants interested in presenting talks may contact the organizer.

**
Registration:

Pre-registration deadline: June 8, 2004

Please see website for registration information.

*
Information on participation, registration, accomodations, and travel 
can be found at:

http://dimacs.rutgers.edu/Workshops/MobileWireless/

   **PLEASE BE SURE TO PRE-REGISTER EARLY**



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


DIMACS Workshop on Electronic Voting -- Theory and Practice

2004-04-15 Thread Linda Casals

*
 
DIMACS Workshop on Electronic Voting -- Theory and Practice
  
   May 26 - 27, 2004 
   DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
   
   Markus Jakobsson, RSA Laboratories, [EMAIL PROTECTED]  
   Ari Juels, RSA Laboratories, [EMAIL PROTECTED] 
   
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy and the Special Focus on Computation 
and the Socio-Economic Sciences..



To many technologists, electronic voting represents a seemingly simple
exercise in system design. In reality, the many requirements it
imposes with regard to correctness, anonymity, and availability pose
an unusually thorny collection of problems, and the security risks
associated with electronic voting, especially remotely over the
Internet, are numerous and complex, posing major technological
challenges for computer scientists. (For a few examples, see
references below.) The problems range from the threat of
denial-of-service-attacks to the need for careful selection of
techniques to enforce private and correct tallying of ballots. Other
possible requirements for electronic voting schemes are resistance to
vote buying, defenses against malfunctioning software, viruses, and
related problems, audit ability, and the development of user-friendly
and universally accessible interfaces.

The goal of the workshop is to bring together and foster an interplay
of ideas among researchers and practitioners in different areas of
relevance to voting. For example, the workshop will investigate
prevention of penetration attacks that involve the use of a delivery
mechanism to transport a malicious payload to the target host. This
could be in the form of a ``Trojan horse'' or remote control
program. It will also investigate vulnerabilities of the communication
path between the voting client (the devices where a voter votes) and
the server (where votes are tallied). Especially in the case of remote
voting, the path must be ``trusted'' and a challenge is to maintain an
authenticated communications linkage. Although not specifically a
security issue, reliability issues are closely related and will also
be considered. The workshop will consider issues dealing with random
hardware and software failures (as opposed to deliberate, intelligent
attack). A key difference between voting and electronic commerce is
that in the former, one wants to irreversibly sever the link between
the ballot and the voter. The workshop will discuss audit trails as a
way of ensuring this. The workshop will also investigate methods for
minimizing coercion and fraud, e.g., schemes to allow a voter to vote
more than once and only having the last vote count.

This workshop is part of the Special Focus on Communication Security
and Information Privacy and will be coordinated with the Special Focus
on Computation and the Socio-Economic Sciences.

This workshop follows a successful first WOTE event, organized by
David Chaum and Ron Rivest in 2001 at Marconi Conference Center in
Tomales Bay, California (http://www.vote.caltech.edu/wote01/). Since
that time, a flurry of voting bills has been enacted at the federal
and state levels, including most notably the Help America Vote Act
(HAVA). Standards development has represented another avenue of reform
(e.g., the IEEE Voting Equipment Standards Project 1583), while a
grassroots movement (http://www.verifiedvoting.org) has arisen to
promote the importance of audit trails as enhancements to
trustworthiness.

**
Program:

This is a preliminary program.

Wednesday, May 26, 2004

 7:45 -  8:20  Breakfast and Registration

 8:20 -  8:30  Welcome and Opening Remarks
   Fred Roberts, DIMACS Director

 8:30 -  9:15  Ron Rivest (tentative) 

 9:15 - 10:15  Rebecca Mercuri

10:15 - 10:45  Break

10:45 - 11:30  David Chaum  

11:30 - 12:15  Michael Shamos   

12:15 -  1:30  Lunch

 1:30 -  1:50  European online voting experiences
   Andreu Riera i Jorba

 1:50 -  2:10  Providing Trusted Paths Using Untrusted Components
   Andre Dos Santos

 2:10 -  2:30  Internet voting based on PKI: the TruE-vote system
   Emilia Rosti

 2:30 -  2:50  Andy Neff 

 2:50 -  3:10  Aggelos Kiayas

 3:10 -  3:30  How hard is it to manipulate voting?
   Edith Elkind and Helger Lipmaa 

 3:30 -  3:50  Towards a dependability case for the Chaum e - voting scheme
   Peter Ryan 

 3:50 -  4:20  Break

 4:20 -  4:40  Secure practical voting systems: A Cautionary Note
   Quisquater

 4:40 -  5:25  Rob Ritchie

 5:25 -  6:10  Panel (moderator: David Chaum)
 
 6:10 -  7:30  Buffet Dinner - Reception - DIMACS Lounge

Thursday, May 27, 2004

 7:45 -  8:30  Breakfast and Registration

 8:30 -  9:15  Rice University hack - a - vote project
   Dan 

[Publicity-list] DIMACS Tutorial on Social Choice and Computer Science

2004-04-05 Thread Linda Casals
*
 
DIMACS Tutorial on Social Choice and Computer Science
  
 May 10 - 14, 2004
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
   
  Kevin Chang, University of Illinois, [EMAIL PROTECTED]  
  Michel Regenwetter, University of Illinois, [EMAIL PROTECTED] 
 
Presented under the auspices of the Special Focus on Computation and
the Socio-Economic Sciences.



The theory of social choice and voting has had a long history in the
social sciences, dating back to early work of Condorcet and others in
the 18th century. Some modern issues facing the theory of social
choice relate heavily to computer science. Often we need to determine
preferences for an individual or group, while maintaining accuracy,
fairness and security, sometimes with only limited information and/or
computational power. This tutorial will consider computer science and
social science issues in insuring the best choices given limited
information and computation. It will build on early work on
computational complexity of computing the winner of an election in. 
Moreover, we are also seeing voting/social choice
issues arising in strictly computer science applications such as
database and information retrieval, Internet search and meta-search,
and collaborative filtering. The tutorial will also consider such
applications. The tutorial will present an introduction to the
concepts and models of individual preference or utility as well as
social choice theory and introduce participants to a variety of modern
computational issues and computer science applications.

The following is a tentative list of topics:

  * Introduction to Voting Theory: History and Procedures. 
  * Computational Complexity of Social Choice Procedures. 
  * Mathematical Representations of Preference and Utility. 
  * Ranking and Preference in Computer Science: Models and Semantics. 
  * Rank-based Top-k Query Algorithms in Database Search. 
  * Voting and Security: An introduction to the use of
error-resilient, waitless methods of voting analysis. 
  * Collaborative Filtering in Information Retrieval. 
  * Internet Search and Meta-Search.
  * Behavioral Social Choice Theory. 
  * Voting over the Internet.

**
Participation:

Talks for this workshop are by invitation only.

**
Workshop Program:
Monday, May 10, 2004

 8:15 -  8:45  Registration and Breakfast

 8:45 -  9:00  Welcome and Opening Remarks
   Fred Roberts, DIMACS Director
   Kevin Chang and Michel Regenwetter, Organizers

 9:00 -  9:50  Introduction to Voting Theory: History and Procedures
   Arnold Urken, Stevens Institute of Technology

 9:50 - 10:05  Break

10:05 - 10:55  Introduction to Voting Theory: History and Procedures (continued)
   Arnold Urken, Stevens Institute of Technology

10:55 - 11:10  Break

11:10 - 12:00  Introduction to Voting Theory: History and Procedures (continued)
   Arnold Urken, Stevens Institute of Technology

12:00 -  1:30  Lunch - DIMACS Lounge

 1:30 -  2:20  Mathematical Representations of Preference and Utility
   Michel Regenwetter, University of Illinois at Urbana-Champaign 

 2:20 -  2:35  Break

 2:35 -  3:25  Mathematical Representations of Preference and Utility (continued)
   Michel Regenwetter, University of Illinois at Urbana-Champaign 

 3:25 -  3:40  Break

 3:40 -  4:30  Mathematical Representations of Preference and Utility (continued)
   Michel Regenwetter, University of Illinois at Urbana-Champaign 

 Tuesday, May 11, 2004

 8:30 -  9:00  Registration and Breakfast

 9:00 -  9:50  Voting and Security
   Arnold Urken, Stevens Institute of Technology
 
 9:50 - 10:05  Break

10:05 - 10:55  Voting and Security (continued)
   Arnold Urken, Stevens Institute of Technology

10:55 - 11:10  Break

11:10 - 12:00  Voting and Security (continued)
   Arnold Urken, Stevens Institute of Technology

12:00 -  1:30  Lunch - DIMACS Lounge

 1:30 -  2:20  Computational Complexity of Social Choice Procedures
   Craig Tovey, Georgia Institute of Technology

 2:20 -  2:35  Break

 2:35 -  3:25  Computational Complexity of Social Choice Procedures (continued)
   Craig Tovey, Georgia Institute of Technology

 3:25 -  3:40  Break

 3:40 -  4:30  Computational Complexity of Social Choice Procedures (continued)
   Craig Tovey, Georgia Institute of Technology

 Wednesday, May 12, 2004

 8:30 -  9:00  Registration and Breakfast

 9:00 -  9:50  Ranking and Preference in Computer Science: Models and Semantics
   Kevin Chang, University of Illinois at Urbana-Champaign 

 9:50 - 10:05  Break

10:05 - 10:55  Ranking and Preference in Computer Science: Models 

DIMACS Workshop on Electronic Voting -- Theory and Practice

2004-03-31 Thread Linda Casals
*
 
DIMACS Workshop on Electronic Voting -- Theory and Practice
  
   May 26 - 27, 2004 
   DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
   
   Markus Jakobsson, RSA Laboratories, [EMAIL PROTECTED]  
   Ari Juels, RSA Laboratories, [EMAIL PROTECTED] 
   
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy and the Special Focus on Computation 
and the Socio-Economic Sciences..



To many technologists, electronic voting represents a seemingly simple
exercise in system design. In reality, the many requirements it
imposes with regard to correctness, anonymity, and availability pose
an unusually thorny collection of problems, and the security risks
associated with electronic voting, especially remotely over the
Internet, are numerous and complex, posing major technological
challenges for computer scientists. (For a few examples, see
references below.) The problems range from the threat of
denial-of-service-attacks to the need for careful selection of
techniques to enforce private and correct tallying of ballots. Other
possible requirements for electronic voting schemes are resistance to
vote buying, defenses against malfunctioning software, viruses, and
related problems, audit ability, and the development of user-friendly
and universally accessible interfaces.

The goal of the workshop is to bring together and foster an interplay
of ideas among researchers and practitioners in different areas of
relevance to voting. For example, the workshop will investigate
prevention of penetration attacks that involve the use of a delivery
mechanism to transport a malicious payload to the target host. This
could be in the form of a ``Trojan horse'' or remote control
program. It will also investigate vulnerabilities of the communication
path between the voting client (the devices where a voter votes) and
the server (where votes are tallied). Especially in the case of remote
voting, the path must be ``trusted'' and a challenge is to maintain an
authenticated communications linkage. Although not specifically a
security issue, reliability issues are closely related and will also
be considered. The workshop will consider issues dealing with random
hardware and software failures (as opposed to deliberate, intelligent
attack). A key difference between voting and electronic commerce is
that in the former, one wants to irreversibly sever the link between
the ballot and the voter. The workshop will discuss audit trails as a
way of ensuring this. The workshop will also investigate methods for
minimizing coercion and fraud, e.g., schemes to allow a voter to vote
more than once and only having the last vote count.

This workshop is part of the Special Focus on Communication Security
and Information Privacy and will be coordinated with the Special Focus
on Computation and the Socio-Economic Sciences.

This workshop follows a successful first WOTE event, organized by
David Chaum and Ron Rivest in 2001 at Marconi Conference Center in
Tomales Bay, California (http://www.vote.caltech.edu/wote01/). Since
that time, a flurry of voting bills has been enacted at the federal
and state levels, including most notably the Help America Vote Act
(HAVA). Standards development has represented another avenue of reform
(e.g., the IEEE Voting Equipment Standards Project 1583), while a
grassroots movement (http://www.verifiedvoting.org) has arisen to
promote the importance of audit trails as enhancements to
trustworthiness.

**
Participation:

Interested participants may contact the organizers.

**
Registration Fees:

(Pre-registration deadline: May 20, 2004)

Regular Rate 
Preregister before deadline $120/day 
After preregistration deadline  $140/day

Reduced Rate*
Preregister before deadline $60/day
After preregistration deadline $70/day

Postdocs 
Preregister before deadline $10/day 
After preregistration deadline $15/day

DIMACS Postdocs $0 

Non-Local Graduate  Undergraduate students 
Preregister before deadline $5/day 
After preregistration deadline $10/day

Local Graduate  Undergraduate students $0
(Rutgers  Princeton) 

DIMACS partner institution employees** $0 

DIMACS long-term visitors*** $0 

Registration fee to be collected on site, cash, check, VISA/Mastercard
accepted.

Our funding agencies require that we charge a registration fee during
the course of the workshop. Registration fees include participation in
the workshop, all workshop materials, breakfast, lunch, breaks and any
scheduled social events (if applicable).

* College/University faculty and employees of nonprofit and government
organizations will automatically receive the reduced rate. Other
participants may apply for a reduction of fees. They should email
their request for the 

[Publicity-list]: DIMACS Workshop on Usable Privacy and Security Software

2004-03-31 Thread Linda Casals

*
 
DIMACS Workshop on Usable Privacy and Security Software
  
 July 7 - 8, 2004
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 

  Lorrie Cranor, Chair, Carnegie Mellon University, [EMAIL PROTECTED]
  Mark Ackerman, University of Michigan, [EMAIL PROTECTED] 
  Fabian Monrose, Johns Hopkins University, [EMAIL PROTECTED] 
  Andrew Patrick, NRC Canada, [EMAIL PROTECTED]
  Norman Sadeh, Carnegie Mellon University, [EMAIL PROTECTED]

Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.



This workshop and working group is intended to bring together security
and privacy experts with human-computer interaction experts to discuss
approaches to developing more usable privacy and security
software. The workshop sessions on July 7 and July 8 will include
invited talks and discussion. July 9 will feature a working group of
invited participants who will spend the day identifying important
problems, discussing some of the research issues raised during the
workshop in more depth, and brainstorming about approaches to future
research, collaboration, and more user-centered design of security and
privacy software.

**

Participation:

 Participation in the workshop is open to anyone who registers (no
 submission necessary). Participation in the working group on July 9 is
 limited because of the emphasis on achieving a high degree of
 interactivity and discussion. Workshop participants who are interested
 in participating in the working group session should send a 1-page
 abstract or position paper describing their work relevant to this
 workshop to [EMAIL PROTECTED] Abstracts and position papers should be
 submitted in plain text, HTML, or PDF formats only. All submissions
 must be received by April 2, 2004 and authors will be notified by
 April 19, 2004 as to whether they have been accepted to participate in
 the working group. In addition, the authors of some submissions will
 be invited to present 10-minute short talks about their
 work. Submissions may describe ongoing or planned work related to the
 development of usable interfaces for security or privacy software, or
 they may discuss important research problems or propose a research
 agenda in this area. Submissions are especially encouraged that
 identify security and privacy areas in need of examination by HCI
 researchers, as well as areas where HCI researchers would like
 assistance from security and privacy researchers.

**
Registration Fees:

(Pre-registration deadline: June 30, 2004)

Please see website for registration fees and details.

*
Information on participation, registration, accomodations, and travel 
can be found at:

http://dimacs.rutgers.edu/Workshops/Tools/

   **PLEASE BE SURE TO PRE-REGISTER EARLY**



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


[Publicity-list]: DIMACS Workshop on Mobile and Wireless Security

2004-03-31 Thread Linda Casals
*
 
DIMACS Workshop on Mobile and Wireless Security 
  
 June 15 - 17 , 2004
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
  Bill Arbaugh, University of Maryland, [EMAIL PROTECTED] 
 
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.



The rapid growth of both voice and data wireless communications has
resulted in several serious security problems in both the voice and 
data spaces. Unfortunately, many of the early security mistakes made 
with wireless voice communications were repeated with data
communications, i.e. the use of flawed authentication and
confidentiality algorithms. For example, the standards committee for 
802.11 left many of the difficult security issues such as key
management and a robust authentication mechanism as open problems. 
This has led many organizations to use either a permanent fixed
cryptographic variable or no encryption with their wireless networks. 
Since wireless networks provide an adversary a network access point
that is beyond the physical security controls of the organization, 
security can be a problem. Similarly, attacks against WEP, the
link-layer security protocol for 802.11 networks can exploit design 
failures to successfully attack such networks. This workshop will 
focus on addressing the many outstanding issues that remain in
wireless cellular and WLAN networking such as (but not limited to):
Management and monitoring; ad-hoc trust establishment; secure roaming
between overlay networks; availability and denial of service
mitigation; and network and link layer security protocols. We will 
seek to extend work on ad hoc networking from a non-adversarial
setting, assuming a trusted environment, to a more realistic setting
in which an adversary may attempt to disrupt communication. We will
investigate a variety of approaches to securing ad hoc networks, in 
particular ways to take advantage of their inherent redundancy 
(multiple routes between nodes), replication, and new cryptographic 
schemes such as threshold cryptography.

**
Participation:

Interested participants may contact the organizer.

**
Registration Fees:

(Pre-registration deadline: June 8, 2004)

Regular Rate 
Preregister before deadline $120/day 
After preregistration deadline  $140/day

Reduced Rate*
Preregister before deadline $60/day
After preregistration deadline $70/day

Postdocs 
Preregister before deadline $10/day 
After preregistration deadline $15/day

DIMACS Postdocs $0 

Non-Local Graduate  Undergraduate students 
Preregister before deadline $5/day 
After preregistration deadline $10/day

Local Graduate  Undergraduate students $0
(Rutgers  Princeton) 

DIMACS partner institution employees** $0 

DIMACS long-term visitors*** $0 

Registration fee to be collected on site, cash, check, VISA/Mastercard
accepted.

Our funding agencies require that we charge a registration fee during
the course of the workshop. Registration fees include participation in
the workshop, all workshop materials, breakfast, lunch, breaks and any
scheduled social events (if applicable).

* College/University faculty and employees of nonprofit and government
organizations will automatically receive the reduced rate. Other
participants may apply for a reduction of fees. They should email
their request for the reduced fee to the Workshop Coordinator at
[EMAIL PROTECTED] Include your name, the Institution you
work for, your job title and a brief explanation of your
situation. All requests for reduced rates must be received before the
pre-registration deadline. You will promptly be notified as to the
decision about it.

** Fees for employees of DIMACS partner institutions are
waived. DIMACS partner institutions are: Rutgers University, Princeton
University, ATT Labs - Research, Bell Labs, NEC Laboratories America
and Telcordia Technologies. Fees for employees of DIMACS affiliate
members Avaya Labs, IBM Research and Microsoft Research are also
waived.

***DIMACS long-term visitors who are in residence at DIMACS for two or
more weeks inclusive of dates of workshop.

*
Information on participation, registration, accomodations, and travel 
can be found at:

http://dimacs.rutgers.edu/Workshops/MobileWireless/

   **PLEASE BE SURE TO PRE-REGISTER EARLY**



-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]


[Publicity-list]: DIMACS/PORTIA Workshop on Privacy-Preserving Data Mining

2003-12-18 Thread Linda Casals
*
  
 DIMACS/PORTIA Workshop on Privacy-Preserving Data Mining
  
 March 15 - 16, 2004
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 

   Cynthia Dwork, Microsoft, dwork at microsoft.com  
   Benny Pinkas, HP Labs, benny.pinkas at hp.com  
   Rebecca Wright, Stevens Institute of Technology, 
rwright at cs.stevens-tech.edu 

Presented under the auspices of the Special Focus on Communication
Security and Information Privacy, and the PORTIA project.



This workshop and working group will bring together researchers and
practitioners in cryptography, data mining, and other areas to discuss
privacy-preserving data mining. The workshop sessions on March 15 and
16, 2004 will consist of invited talks and discussion. March 17, 2004
will be a working group of invited participants to identify and
explore approaches that could serve as the basis for more
sophisticated algorithms and implementations than presently exist, and
to discuss directions for further research and collaboration.

Both the workshop and working group will investigate the construction
and exploitation of private databases, e.g.

 * Merging information from multiple data sets in a consistent,
   secure, efficient and privacy-preserving manner;
 * Sanitizing databases to permit privacy-preserving public study.

In a wide variety of applications it would be useful to be able to
gather information from several different data sets. The owners of
these data sets may not be willing, or legally able, to share their
complete data with each other. The ability to collaborate without
revealing information could be instrumental in fostering inter-agency
collaboration.

Particular topics of interest include:

* Secure multi-party computation. This is a very general and 
  well-studied paradigm that unfortunately has not been used in
  practice so far. We will investigate ways to make it more
  efficient and encourage its deployment.
* Statistical techniques such as data swapping,
  post-randomization, and perturbation.
* Articulation of different notions and aspects of privacy.
* Tradeoffs between privacy and accuracy.
* Architectures that facilitate private queries by a
  (semi-trusted) third party.
* Methods for handling different or incompatible formats, 
  and erroneous data. We will investigate ideas from dimension 
  reduction, clustering and searching strategy.

**
Registration Fees:

(Pre-registration deadline: March 8, 2004)

Regular Rate 
Preregister before deadline $120/day 
After preregistration deadline  $140/day

Reduced Rate*
Preregister before deadline $60/day
After preregistration deadline $70/day

Postdocs 
Preregister before deadline $10/day 
After preregistration deadline $15/day

DIMACS Postdocs $0 

Non-Local Graduate  Undergraduate students 
Preregister before deadline $5/day 
After preregistration deadline $10/day

Local Graduate  Undergraduate students $0
(Rutgers  Princeton) 

DIMACS partner institution employees** $0 

DIMACS long-term visitors*** $0 

Registration fee to be collected on site, cash, check, VISA/Mastercard
accepted.

Our funding agencies require that we charge a registration fee during
the course of the workshop. Registration fees include participation in
the workshop, all workshop materials, breakfast, lunch, breaks and any
scheduled social events (if applicable).

* College/University faculty and employees of nonprofit and government
organizations will automatically receive the reduced rate. Other
participants may apply for a reduction of fees. They should email
their request for the reduced fee to the Workshop Coordinator at
[EMAIL PROTECTED] Include your name, the Institution you
work for, your job title and a brief explanation of your
situation. All requests for reduced rates must be received before the
pre-registration deadline. You will promptly be notified as to the
decision about it.

** Fees for employees of DIMACS partner institutions are
waived. DIMACS partner institutions are: Rutgers University, Princeton
University, ATT Labs - Research, Bell Labs, NEC Laboratories America
and Telcordia Technologies. Fees for employees of DIMACS affiliate
members Avaya Labs, IBM Research and Microsoft Research are also
waived.

***DIMACS long-term visitors who are in residence at DIMACS for two or
more weeks inclusive of dates of workshop.

*
Information on participation, registration, accomodations, and travel 
can be found at:

http://dimacs.rutgers.edu/Workshops/Privacy/

   **PLEASE BE SURE TO PRE-REGISTER EARLY**



-
The Cryptography Mailing List

[Publicity-list] [Publicity-list]: DIMACS Workshop on Large-Scale Internet Attacks

2003-09-17 Thread Linda Casals
*
  
 DIMACS Workshop on Large-Scale Internet Attacks
  
 September 23 - 24, 2003
 DIMACS Center, Rutgers University, Piscataway, NJ

Organizers: 
   Vern Paxson, ICSI, [EMAIL PROTECTED]
   Steve Bellovin, ATT Research, [EMAIL PROTECTED]
   Stuart Staniford, Silicon Defense 
   Stefan Savage, University of California,  [EMAIL PROTECTED] 
  
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.



As the Internet has grown greatly in size, new forms of attacks that
leverage the network's increasing scale have gained prominence.  At the
same time, the network's scale also often increases the difficulty of
countering attacks, making it more difficult to trace back attackers or
deploy widespread defensive measures.  This workshop aims to assess the
lay of the land in terms of large-scale Internet attacks and then to look
for principles common to the problem domain.  The focus will be on three
general types of large-scale attacks: distributed denial-of-service (DDOS),
self-propagating malicious code (worms), and attacks targetting the
network's components (infrastructure attacks).

Participation in the workshop is quite limited because of the emphasis on
achieving a high degree of interactivity  discussion.  Potential attendees
interested in participating should contact the organization chair at
[EMAIL PROTECTED], including a description of relevant background and the
specific topic(s) of interest for discussion  exploration.



Workshop Program:

Preliminary Program for DIMACS Workshop on Large-Scale Attacks

IMPORTANT: the workshop is meant to be a true workshop, in which the
actual program is fluid, and the emphasis is on interactivity and
incubating new connections (both between people and across areas). We
anticipate last-minute changes, and indeed may alter the program on
the spot as discussion and opportunity suggests.

Tuesday, September 23, 2003

 8:30 -  9:30  Breakfast and Registration

 9:30 -  9:40  Opening remarks
   Melvin Janowitz, Associate Director of DIMACS

 9:40 - 10:00  Welcome
   Attendee Introductions

10:00 - 12:00  Experiences with large-scale attacks
   A Large-scale View of Large-scale Attacks
   Sean Donalen, SBC Internet Services

   Infrastructure Attack Trends 
   Craig Labovitz, Arbor Networks

   Attacks on services 

   Discussion

12:00 -  1:30  Lunch

 1:30 -  3:00  DDoS
   Overview
   John Ioannidis, ATT Labs - Research

   Defenses
   Angelos Keromytis, Columbia University

   Source address filtering 

   Discussion:
 is the problem still relevant?
 is traceback relevant?
 barriers to deploying solutions?

 3:00 -  3:30  Break

 3:30 -  5:00  Techniques
   Telescopes 
   David Moore, UCSD

   Sampling techniques 
   George Varghese, UCSD

   P2P techniques, large-scale coordination 
   Joel Sandin, Stanford University

   Honeynets
   Dave Dittrich, University of Washington

   Open Mike (i.e., we'll call in advance for presentations here)

   Discussion

 6:00  Dinner

Wednesday, September  24, 2003

 8:30 -  9:00  Breakfast and Registration

 9:00 - 11:30  Worms
   Overview
   Stuart Staniford, Silicon Defense
   
   Diverse axes of scaling 
   Dan Ellis, MITRE
   
   Modeling/detecting worm propagation 
   Lixin Gao, University of Massachusetts 

   Topological worm defenses 
   Nick Weaver, UCB

   Break

   Pulsing attacks on routers

   Auto-patching 
   Angelos Keromytis, Columbia University

   Discussion

11:30 -  1:00  Lunch

 1:00 -  2:30  Attacks on routing
   BGP attacks

   Targeted link attacks 
   Steve Bellovin, ATT Labs - Research

   Authentication and robustness
   Alex Snoeren, UCSD

   Discussion

 2:30 -  2:45  Break

 2:45 -  4:00  Where do we need to go?
   Facilitated discussion
   Stefan Savage, UCSD
**
Registration Fees:

(Pre-registration deadline: September 17, 2003)

Regular Rate 
Preregister before deadline $120/day 
After preregistration deadline  $140/day

Reduced Rate*
Preregister before deadline $60/day
After preregistration deadline $70/day

Postdocs 
Preregister before deadline $10/day 
After preregistration deadline $15/day

DIMACS Postdocs $0