April 24, 2007

WEIS2007 - Econ Info Sec - programme announced

Follows is the Programme for WEIS2007, the annual Workshop on Economics of Information Security to be held in June 7- 8, 2007, Pittsburgh, USA.

Session I - 8:30-10:30am (Disclosure),

The legitimate vulnerability market: the secretive world of 0-day exploit sales
Charles Miller, Independent Security Evaluators

Inadvertent Disclosure - Information Leaks in the Extended Enterprise
M. Eric Johnson and Scott Dynes, Dartmouth College

Network Security: Vulnerabilities and Disclosure Policy
Jay Pil Choi, Michigan State University,
Chaim Fershtman, Neil Gandal, Tel Aviv University

The Countervailing Incentive of Restricted Patch Distribution: Economic and Policy Implications
Mohammad S. Rahman Karthik Kannan, Mohit Tawarmalani, Purdue University

Session II - 11am-12pm (Privacy),

On the Viability of Privacy-Enhancing Technologies in a Self-Regulated Business-to-Consumer Market: Will Privacy Remain a Luxury Good?
Rainer Böhme and Sven Koble, Technische Universität Dresden

When 25 Cents is too much: An Experiment on Willingness-To-Sell and Willingness-To-Protect Personal Information
Jens Grossklags, University of California at Berkeley,
Alessandro Acquisti, Carnegie Mellon University

Keynote speech (George Loewenstein),

WEIS 2007 is delighted to host a keynote speech by Dr. George Loewenstein, Herbert A. Simon Professor of Economics and Psychology at Carnegie Mellon University.

George Loewenstein is the Herbert A. Simon Professor of Economics and Psychology at Carnegie Mellon University. He received his PhD from Yale University in 1985 and since then has held academic positions at The University of Chicago and Carnegie Mellon University, and fellowships at Center for Advanced Study in the Behavioral Sciences, The Institute for Advanced Study in Princeton, The Russell Sage Foundation and The Institute for Advanced Study in Berlin. He is one of the founders of the field of behavioral economics and more recently of the new field of neuroeconomics. Loewenstein's research focuses on applications of psychology to economics, and his specific interests include decision making over time, bargaining and negotiations, psychology and health, law and economics, the psychology of adaptation, the role of emotion in decision making, the psychology of curiosity, conflict of interest, and "out of control" behaviors such as impulsive violent crime and drug addiction. He has published over 100 journal articles, numerous book chapters, and has edited 6 books on topics ranging from intertemporal choice to behavioral economics to emotions.

Session III - 2:-3:30pm (Security Investments),

Optimally Securing Enterprise Information Systems and Assets
Vineet Kumar, Rahul Telang, Tridas Mukhopadhyay, Carnegie Mellon University

Interdependence of Reliability and Security
Peter Honeyman, University of Michigan,
Galina A. Schwartz, University of California Berkeley,
Ari Van Assche, HEC Montréal

A Framework for Classifying and Comparing Models of Cyber Security Investment to Support Policy and Decision-Making
Rachel Rue, Shari Lawrence Pfleeger and David Ortiz, RAND Corporation

Session IV - 4-5:30pm (Managed security Service Providers),

Growth and sustainability of MSSP networks
Alok Gupta and Dmitry Zhdanov, University of Minnesota

Will Outsourcing IT Security Lead to a Higher Social Level of Security?
Brent Rowe, RTI International

Measuring Security Investment Benefit for Off the Shelf Software Systems - A Stakeholder Value Driven Approach
Yue Chen, Barry Boehm, Luke Sheppard, University of Southern California

Session I - 8:30-10am (Privacy-Personalization),

Incentive Design for Free but No Free Disposal Services: The Case of Personalization under Privacy Concerns
Ramnath K. Chellappa, Emory University Atlanta,
Shivendu Shivendu, University of Southern California

The Effect of Online Privacy Information on Purchasing Behavior: An Experimental Study
Janice Tsai, Serge Egelman, Lorrie Cranor, Alessandro Acquisti, Carnegie Mellon University

Economics of User Segmentation, Profiling, and Detection in Security
Srinivasan Raghunathan, Huseyin Cavusoglu, Byungwan Koh, The University of Texas at Dallas,
Bin Mai, Northwestern State University

Session II - 10:30am-12pm (Empirics of Information Security),

The Deterrent Effect of Enforcement Against Computer Hackers: Cross-Country Evidence
Ivan Png, Chen Yu Wang, National University of Singapore

An Empirical Analysis of the Current State of Phishing Attack and Defence
Tyler Moore and Richard Clayton, University of Cambridge

Privacy, Network Effects and Electronic Medical Record Technology Adoption
Amalia R. Miller, University of Virginia,
Catherine E. Tucker, MIT

Session IV 3- 4:30pm (Risk),

Mental Models of Computer Security Risks
Farzaneh Asgharpour, Debin Liu, L. Jean Camp, Indiana University

Cyber-Insurance: Copula Pricing Framework and Implications for Risk Management
Hemantha S. B. Herath, Brock University,
Tejaswini C. Herath, University at Buffalo

Strategic Defense and Attack of Complex Networks
Kjell Hausken, University of Stavanger

Posted by iang at April 24, 2007 08:56 AM | TrackBack
Comments

Oh, I thought WEIS2007 was a conference honouring usual suspect Ruediger
Weis.

http://cryptolabs.org/ruedi/
http://de.wikipedia.org/w/index.php?title=R%C3%BCdiger_Weis&redirect=no

Posted by: Bigmac at April 25, 2007 06:53 AM
Post a comment









Remember personal info?






Hit preview to see your comment as it would be displayed.