Subject: call for papers: economics of security
From: jean_camp <jean_camp@harvard.edu>
Date: Mon, 21 Feb 2005 13:12:55 -0500

Here is a call for papers on economics of security. I cannot remember 
if I sent this before. If I have, please do pardon me.

One of the earlier papers argued that the additional potential for 
security review of open source exactly balanced the additional 
potential for exploitation based on source knowledge in comparison with 
closed source. One paper last year on honey pots illustrated that Linux 
boxes were more resilient to attack. If you have data on open vs. 
closed systems with respect to security, even a well written position 
statement, that would be welcome.

I would like there to be more discussion of the role of closed source, 
monoculture and secrecy at this workshop than there has been in the 
past.

Thanks for considering this.

-Jean
///////////

Call for Papers

Fourth Workshop on the Economics of Information Security
http://www.infosecon.net/workshop/

June 2-3, 2005
Harvard University
Cambridge, MA 02138


   ----------------Submissions now being accepted----------------
       ----------------Scholarships available----------------

Original Research Papers on all aspects of the Economics of Information 
Security are solicited for submission to the Fourth Workshop on the 
Economics of Information Security. Topics of interest include liability 
and other legal incentives, game theoretic models, economics of digital 
rights management, security in open source and free software, 
cyber-insurance, disaster recovery, trusted computing, reputation 
economics, network effects in security and privacy, security in grid 
computing,  return on security investment, security and privacy in 
pervasive computing, risk management, risk perception, economics of 
trust, virus models, vulnerabilities and incentives, economics of 
malicious code,  identity including PKI, access control, economics of 
electronic voting security, and economic perspectives on spam.

We  invite talks emphasizing economic theory, mathematical modeling, or 
legal theory.  Past notable work used the tools of economics to offer 
insights into computer security; offered mathematical models of 
computer security and economics; detailed potential regulatory 
solutions to computer security; or clarified the challenges of 
improving security as implemented in practice.


Important Dates:
Submissions due -  Extended to March 6
Notification of acceptance - March 21
Final papers due - April 22
Workshop June 2-3, 2005

For formats and submission instruction  please visit  
http://www.infosecon.net/workshop/

      ----------------Scholarships available----------------

Student registration scholarships (valued at $250) and two travel plus 
registration scholarships (valued at $1000) are available for students 
who have papers accepted at the workshop. Application instructions will 
be sent upon paper acceptance.

Policy and law students will be given preference for travel 
scholarships.

These scholarships are generously provided by IP3: the Institute for 
Information Infrastructure Protection,  http://www.thei3p.org/

Additional funding provided by the Center for Applied Cybersecurity 
Research http://cacr.iu.edu/

Chair:
Jean Camp

Committee
Alessandro Acquisti (CMU)
Ross Anderson (Cambridge)
Huseyin Cavusoglu (Tulane)
Larry Gordon (UMD)
Marty Loeb (UMD)
Andrew Odlyzko (U Minnesota)
Stuart Schechter (MIT Lincoln Laboratories)
Bruce Schneier (Counterpane)
Rahul Telang (CMU)
Hal Varian (UC Berkeley)