Hi all,

See this CfP which found its way into my inbox.

Best,
Aaron

______________________________________

                CALL FOR PAPERS


 Workshop on Information Security and Privacy
     in a De-Perimeterised World (DISP09)
               (www.disp09.info)

              Associated with the
     2009 IEEE International Conference on      
 Information Privacy, Security, Risk and Trust
                 (PASSAT-09)
       (http://cse.stfx.ca/~passat09/)

      Vancouver, Canada, August 29, 2009



De-perimeterisation is the process in which the boundary around the
trusted environment inside organisations is disappearing due to joint
ventures and the use of distributed resources. Examples of such
developments include outsourcing, cloud computing, mobile workforce and
the effects of insider abuse. Instead of well-defined organisational and
system boundaries, in a de-perimeterised world organisations have to
protect their information in a situation of increased connectivity and
dependency. Similar developments take place with respect to information
about individuals, which is stored in social networking sites, personal
health records, etc. rather than in a clearly located system.
Organisations as well as individuals thus need to protect their
information without relying on security boundaries, which challenges
various aspects of information security and privacy. In the field of
security modelling and threat analysis, models will have to include the
mobility of data, people and systems typical of de-perimeterised
settings.
In the field of security mechanisms, protection mechanisms have to be
developed that must function in a potentially hostile environment. And
in
the field of security requirements engineering and policy specification,
methods have to be developed that do not assume well-defined boundaries
between systems and organisations.

The perspectives of requirements engineering, modelling and mechanisms
are
interrelated. What is possible in modelling depends on the mechanisms
available for security, and the way security is modelled also influences
the degrees of freedom one has in the requirements engineering process.
These connections lead to the following major research goals:
- techniques for including the increased uncertainties due to
de-perimeterisation in both security models and security requirements
engineering;
- integrated combinations of de-perimeterised security policies that can
be described in security models and de-perimeterised security mechanisms
that can be implemented in practice;
- directions for research in security primitives based on new security
requirements induced by de-perimeterisation.

In this workshop, we bring together researchers from the mechanisms,
modelling and requirement engineering communities to study the security
and privacy problems induced by the process of de-perimeterisation, and
to
discuss integrated solutions that transcend these disciplines.

Topics of interest include, but are not limited to:
- access control
- applied crypto and protocols for de-perimeterised security and privacy
- auditing de-perimeterised systems
- centralised vs. decentralised security architectures
- data-centric security and data classification
- de-perimeterised trust management
- economic, social and legal aspects of de-perimeterisation
- identity-centric security and identity management
- incident identification and management
- interaction between the physical, digital and social security domains
- risk analysis and risk management of de-perimeterised systems
- security and privacy in cloud computing
- security and privacy in outsourcing
- security and privacy in virtual worlds
- security and privacy in Web 2.0
- security modelling and threat analysis for de-perimeterised systems
- security requirements engineering for de-perimeterised systems

We especially encourage the submission of papers that connect two or
more
of these topics. Papers should be PDF, 8 pages maximum, in IEEE
conference
proceedings style, without author identification, and should be
submitted
through the EasyChair website by May 15. Submission implies that, should
the paper be accepted, at least one author will attend the workshop and
present the paper. Papers will be selected based on blind review.
Accepted
papers will be published by IEEE in the workshop section of the
conference
proceedings.


IMPORTANT DATES:

Paper submission:               May 15, 2009, 23:59 GMT (firm)
Notification:                   June 3, 2009
Final papers & registration:    June 15, 2009
Workshop:                       August 29, 2009


ORGANISING COMMITTEE:

dr. Wolter Pieters
Prof.dr. Pieter Hartel (program chair)
Prof.dr. Roel Wieringa
University of Twente, Netherlands

Prof.dr. Sandro Etalle
Eindhoven University of Technology, Netherlands

Prof.dr. Bart Jacobs
Radboud University Nijmegen, Netherlands

Prof.dr. Sjouke Mauw
University of Luxembourg, Luxembourg


PROGRAM COMMITTEE:

Pieter Hartel, University of Twente, Netherlands (chair)    
Yudis Asnar, University of Trento, Italy   
Travis Breaux, North Carolina State University, USA   
Ruth Breu, University of Innsbruck, Austria   
Sandro Etalle, Eindhoven University of Technology, Netherlands   
David Evans, University of Cambridge, UK   
Paul de Hert, Free University Brussels, Belgium   
Bart Jacobs, Radboud University Nijmegen, Netherlands   
Ronald Leenes, University of Tilburg, Netherlands   
Fabio Massacci, University of Trento, Italy   
Sjouke Mauw, University of Luxembourg, Luxembourg   
Bashar Nuseibeh, Open University, UK   
Wolter Pieters, University of Twente, Netherlands   
Joachim Posegga, University of Passau, Germany   
Geraint Price, Royal Holloway University of London, UK   
Christian W. Probst, Technical University of Denmark, Denmark   
Simon Rogerson, De Montfort University, UK   
Eric Verheul, PWC & Radboud University Nijmegen, Netherlands   
Roel Wieringa, University of Twente, Netherlands   
Sheng Zhong, State University of New York at Buffalo, USA   

Please access the attached hyperlink for an important electronic communications disclaimer: http://www.lse.ac.uk/collections/secretariat/legal/disclaimer.htm

****************************************************
This is a message from the SURVEILLANCE listserv
for research and teaching in surveillance studies.

To unsubscribe, please send the following message to
<[log in to unmask]>:

UNSUBSCRIBE SURVEILLANCE

For further help, please visit:

http://www.jiscmail.ac.uk/help
****************************************************