The Third Annual Workshop on
Economics and Information Security
(WEIS04)
May 13-14, 2004
University of Minnesota
http://www.dtc.umn.edu/weis2004
Submissions due: March 1, 2004
How much should we spend to secure our computer systems? Can we
determine a.which investments will provide the best protection?
How will
we know when we've reached our goals? Can market forces ensure that
firms will act to improve security? Can incentives align the goals of
employees with the security goals of their employers?
While security technologies have benefited from decades of study,
there has been a dearth of research into decision making
tools required
to choose among these technologies and employ them properly. The
growing importance of information security and the failings of
technology-centric approaches have made security economics an
area ripe
for new research. There is much work to be done both in applying
existing economic tools to today's security questions and in
pioneering
new economic approaches to address problems unique to the study of
security.
The Third Annual Workshop on Economics and Information
Security (WEIS04)
is a successor to the two pioneering workshops on this
subject, held in
2002 at UC Berkeley and in 2003 at Univ. Maryland.
Information about them
is available at URLs given at end.
We encourage economists, computer scientists, security specialists,
business school faculty, and industry experts to submit
original research
to the 2004 conference. We would especially like to
encourage collaborative
research from authors in multiple fields. Among past and
suggested topics are:
Game theoretic security models Analysis of security
solutions market
Security investment optimization Threat modeling
Information sharing Risk management
Algorithmic mechanism design Security metrics
DRM and customer lock-in Security loss estimation
Economics of privacy Cyberterrorism
Behavioral security economics Economics of pseudonyms
Reputation systems Case studies
There will be no printed proceedings of this workshop, but
as with the
preceding workshops, authors of accepted papers will be
encouraged to post
their papers and presentation decks on the conference site.
There may later be
a printed volume of selected papers from the workshop,
similar to the volume
based on the first two workshops that is in preparation.
Submissions should not exceed approximately 8,000 words
(i.e., about 12 single
spaced pages in a standard 11 point font). They must be
submitted by March 1,
2004. Position papers of significantly shorter length are
also welcome.
Notification of acceptance for the program will be sent by
April 1, 2004.
Submissions should be sent, preferably in PDF format, to
weissub@dtc.umn.edu.
For general information about the conference, check the website:
http://www.dtc.umn.edu/weis2004/ or email weisinfo@dtc.umn.edu.
Program Committee:
Alessandro Acquisti, Heinz School, Carnegie Mellon University
Ross Anderson, Computer Laboratory, Cambridge University
Jean Camp, Kennedy School of Government, Harvard University
Li Gong, Sun Microsystems
Larry Gordon, Smith School of Business, University of Maryland
Marty Loeb, Smith School of Business, University of Maryland
Andrew Odlyzko (co-chair), Digital Technology Center,
University of
Minnesota
Stuart Schechter, Division of Engineering and Applied
Sciences, Harvard
Bruce Schneier (co-chair), Counterpane Internet Security
Doug Tygar, Computer Science and Information Management,
UC Berkeley
Hal Varian, School of Information Management and Systems
and Economics
Dept., UC Berkeley
Dave Farber