Rohloff, Kurt | 21 Nov 06:05 2015

CFP: 4th Workshop on Encrypted Computing and Applied Homomorphic Cryptography WAHC 2016, Feb. 26, Barbados

We invite you to submit a paper to this year's Workshop on Encrypted Computing and Applied Homomorphic Cryptography (WAHC):


The workshop will be held after Financial Crypto (FC) in Barbados on Feb 26th.  The workshop focuses on the implementation and application of Homomorphic Encryption (HE) and and Secure Multi-Party Computation (SMC) technologies in both software and hardware.

Secure computation is becoming a key feature of future information systems. Distributed network applications and cloud architectures are at danger because lots of personal consumer data is aggregated in all kinds of formats and for various purposes. Industry and consumer electronics companies are facing massive threats like theft of intellectual property and industrial espionage. Public infrastructure has to be secured against  sabotage and manipulation. A possible solution is encrypted computing: Data can be processed on remote, possibly insecure resources, while program code and data is encrypted all the time. This allows to outsource the computation of confidential information independently from the trustworthiness or the security level of the remote system. The technologies and techniques discussed in this workshop are a key to extend the range of applications that can be securely outsourced.

The goal of the workshop is to bring together researchers with practitioners and industry to present, discuss and to share the latest progress in the field. We want to exchange ideas that address real-world problems with practical approaches and solutions.

Schedule

Submission Deadline EXTENDED: Nov. 30, 2015
Acceptance Notice: Jan. 16, 2016
Camera Ready Due: Jan. 31, 2016
Workshop: Feb. 26, 2016

Accepted submissions will be published in a Springer LNCS volume (as part of the main FC '16 proceedings or typically collected in a subsidiary workshop volume). Papers are limited to 12-16 pages including references and appendices. This year, we also encourage authors to submit Demos which are limited to 6-8 pages and feature a presentation with an extensive code review.

Submission instructions can be found on the workshop website.

--
Kurt Rohloff
Assoc. Prof., NJIT
Director, NJ Cybersecurity Research Center
_______________________________________________
ietf-privacy mailing list
ietf-privacy <at> ietf.org
https://www.ietf.org/mailman/listinfo/ietf-privacy
Thorsten Strufe | 17 May 22:18 2015

[PrInf] CfP: Privacy and Inference 2015

                   [ apologies for cross-posting ]

            Workshop on Privacy and Inference (PrInf 2015)
                        http://www.prinf.eu

The First Workshop on Privacy and Inference will be held in conjunction
with the 38th Conference on Artificial Intelligence that will take place
at TU Dresden, Germany, on September 21-25, 2015.

========
Contents
========

The recent past has brought an increasing use of integrated online
services for information discovery, the publication of personal
information and an extensive exchange of opinions. Companies and
institutions have greatly enhanced their means to collect information
about individuals at the same time, and their deployment and utilisation
is ever more sophisticated and widespread. A parallel trend exhibits the
move towards cloud computing, the outsourcing of both data and
processing to external providers.

These trends have a tremendous impact on the privacy, and terminally the
liberty of individuals users and institutions, a fact that has even
reached the legislative bodies that struggle to find regulations to
protect data while avoiding exceedingly inhibiting consequences for the
commercial affairs. The scientific advance, however, is currently
limited to highly specialised cryptographic primitives that lack general
applicability, some attempts to quantify privacy, and intermediate
solutions of outsourcing the trust to potentially independent hardware
vendors (cf. Intel SGX).

The PrInf workshop in consequence aims at uniting scientists that are
currently interested in, and working on solutions to better protect the
privacy of both the individuals with the desire to share information
online, as well as institutions that actively outsource data and
computation to cloud providers. It will hence encompass research
advances in all areas of private inference and countermeasures to
unwanted inference on personal information.

Both large-scale governmental surveillance and extensive profiling of
individuals over several integrated services has recently been enjoying
large general interest. There also have been several, rather individual
attempts at addressing these issues, but unfortunately no joint effort
covering the complete range from logics, over machine learning and data
mining, to privacy and cryptography. We hope to help build such an
inter-disciplinary forum, attracting both interest and participation of
the general audience at KI.

In particular we are interested in the following topics:
* Inference attacks on social media profiles
* Privacy metrics
* Inference and profiling prevention techniques
* Privacy preserving regression
* Privacy preserving clustering
* Privacy preserving classification
* Privacy preserving anomaly detection in social media behaviour
* Replication studies
* Data sets

===============
Important Dates
===============

Paper submission deadline            June 12
Notification of acceptance           July 13
Camera Ready deadline                July 26
Workshop                             Sep 21/22 (to be announced)

Organizers

*  Ulf Brefeld (TU Darmstadt)
*  Thorsten Strufe (TU Dresden)

Technical Program Committee

*    Frederik Armknecht (University of Mannheim)
*    Battista Biggio (University of Cagliari)
*    Raphael Bost (Université de Rennes)
*    Michael Brückner (Amazon)
*    Christos Dimitrakakis (Chalmers)
*    Krishna Gummadi (MPI for Software Systems)
*    Stratis Ioannidis (Yahoo!)
*    Katerina Mitrokotsa (Chalmers)
*    Yves-Alexandre de Montjoye (MIT)
*    Arvind Narayanan (Princeton)
*    Alex Pretschner (TUM)
*    Konrad Rieck (University of Göttingen)
*    Keith W. Ross (NYU Shanghai)
*    Björn Scheuermann (HU Berlin)

Further Information

* PrInf workshop web page:
  http://www.prinf.eu
* KI conference web page:
  http://ki2015.computational-logic.org/

_______________________________________________
ietf-privacy mailing list
ietf-privacy <at> ietf.org
https://www.ietf.org/mailman/listinfo/ietf-privacy
Thorsten Strufe | 21 Apr 14:32 2015

Privacy vs. Machine Learning (Forum in Dresden Sept 21/22)

Hi everybody,

considering the improvements and ubiquity of machine learning applications, and the impact they (may) have on the privacy of individuals, we want to bring together people interested in either of the two sides, here in Dresden on Sept 21/22 2015 ( http://www.prinf.eu ).
 
To ignite discussions, we see two (rather obvious) topics, that we think are important and interesting:
1)  considering all the public personal data by all sorts of people, we wonder how good inference attacks can actually get, even on people who don't publish (a lot of) information about themselves
  - directly related of course is the question, if we can find new privacy metrics, and
- if there are ways to encounter such attacks, without diminishing the utility for the users (too much). And

2) on a related note we want to further explore ideas towards privacy-preserving recommenders.

We will organize this event as a "traditional" scientific workshop soliciting submissions, which will be reviewed and subsequently published, to make it easier for the academic audiences to convince their funding entity of its importance ;-) - but we really mainly want to engage in discussions, may be fostering some future collaborations, as well.

I'm attaching the usual Call for Papers - and I hope, of course, that we will receive some interesting submissions (to make the official part interesting - so help in advertising is appreciated). We will accept both novel scientific contributions, but also datasets and replication studies. But most importantly, we hope to attract a broad audience of interested participants from different professional backgrounds, to facilitate great discussions!

Thanks a lot!

Ulf & Thorsten

--
Thorsten Strufe                   
TU Dresden                           https://dud.inf.tu-dresden.de/
CASED                                          http://www.cased.de/

Call for Papers:

Workshop on Privacy and Inference (PrInf 2015)

TU Dresden, September, 21/22 (TBA)

http://www.prinf.eu

The First Workshop on Privacy and Inference will be held in conjunction
with the 38th German Conference on Artificial Intelligence that will
take place in September 21-25, 2015 in Dresden, Germany.

Contents

The recent past has brought an increasing use of integrated online
services for information discovery, the publication of personal
information and an extensive exchange of opinions. Companies and
institutions have greatly enhanced their means to collect information
about individuals at the same time, and their deployment and utilisation
is ever more sophisticated and widespread. A parallel trend exhibits the
move towards cloud computing, the outsourcing of both data and
processing to external providers.

These trends have a tremendous impact on the privacy, and terminally the
liberty of individuals users and institutions, a fact that has even
reached the legislative bodies that struggle to find regulations to
protect data while avoiding exceedingly inhibiting consequences for the
commercial affairs. The scientific advance, however, is currently
limited to highly specialised cryptographic primitives that lack general
applicability, some attempts to quantify privacy, and intermediate
solutions of outsourcing the trust to potentially independent hardware
vendors (cf. Intel SGX).

The PrInf workshop in consequence aims at uniting scientists that are
currently interested in, and working on solutions to better protect the
privacy of both the individuals with the desire to share information
online, as well as institutions that actively outsource data and
computation to cloud providers. It will hence encompass research
advances in all areas of private inference and countermeasures to
unwanted inference on personal information.

Both large-scale governmental surveillance and extensive profiling of
individuals over several integrated services has recently been enjoying
large general interest. There also have been several, rather individual
attempts at addressing these issues, but unfortunately no joint effort
covering the complete range from logics, over machine learning and data
mining, to privacy and cryptography. We hope to help build such an
inter-disciplinary forum, attracting both interest and participation of
the general audience at KI.

In particular we are interested in the following topics:
* Inference attacks on social media profiles
* Privacy metrics
* Inference and profiling prevention techniques
* Privacy preserving regression
* Privacy preserving clustering
* Privacy preserving classification
* Privacy preserving anomaly detection in social media behaviour
* Replication studies
* Data sets

Important Dates

Paper submission deadline       		June 12
Notification of acceptance			July 13
Camera Ready deadline                   	July 26
Workshop                             		Sep 21/22 (TBA)

Organizers

*  Ulf Brefeld (TU Darmstadt)  
*  Thorsten Strufe (TU Dresden)

Program Committee

* Frederik Armknecht (University of Mannheim)
* Battista Biggio (University of Cagliari)
* Raphael Bost (Université de Rennes)
* Michael Brückner (Amazon)
* Christos Dimitrakakis (Chalmers)
* Krishna Gummadi (MPI for Software Systems)
* Stratis Ioannidis (Yahoo!)
* Katerina Mitrokotsa (Chalmers)
* Arvind Narayanan (Princeton)
* Yves-Alexandre de Montjoye (MIT)
* Alex Pretschner (TUM)
* Konrad Rieck (University of Göttingen)
* Björn Scheuermann (HU Berlin)

Further Information

* PrInf workshop web page:
http://www.prinf.eu
* KI conference web page:
http://ki2015.computational-logic.org/
_______________________________________________
ietf-privacy mailing list
ietf-privacy <at> ietf.org
https://www.ietf.org/mailman/listinfo/ietf-privacy
Erin Kenneally | 20 Apr 21:39 2015

Re: ietf-privacy Digest, Vol 41, Issue 8

I use the following def and have yet to find situations that aren't encompassed within:

Information Privacy = the rights and interests between and among persons and organizations regarding contexts for the collection, use and/or disclosure of information.

/erin

-- Erin E. Kenneally, M.F.S., J.D. CEO, Founder eLCHEMY, Inc. 8677 Villa La Jolla Dr., #1133 La Jolla, CA 92037 www.elchemy.org

On 4/20/15 12:00 PM, ietf-privacy-request <at> ietf.org wrote:
Send ietf-privacy mailing list submissions to ietf-privacy <at> ietf.org To subscribe or unsubscribe via the World Wide Web, visit https://www.ietf.org/mailman/listinfo/ietf-privacy or, via email, send a message with subject or body 'help' to ietf-privacy-request <at> ietf.org You can reach the person managing the list at ietf-privacy-owner <at> ietf.org When replying, please edit your Subject line so it is more specific than "Re: Contents of ietf-privacy digest..."

Today's Topics: 1. Re: Is there an official working definition for Privacy Online? (Fred Yeboah)

_______________________________________________ ietf-privacy mailing list ietf-privacy <at> ietf.org https://www.ietf.org/mailman/listinfo/ietf-privacy

_______________________________________________
ietf-privacy mailing list
ietf-privacy <at> ietf.org
https://www.ietf.org/mailman/listinfo/ietf-privacy
Fred Yeboah | 16 Apr 16:51 2015
Picon

Is there an official working definition for Privacy Online?

Dear all,
Can some help me with the official working definition of Online Privacy as used by IETF-Privacy group?
Thank you
-- Best regards Fred Yeboah
_______________________________________________
ietf-privacy mailing list
ietf-privacy <at> ietf.org
https://www.ietf.org/mailman/listinfo/ietf-privacy
S Moonesamy | 6 Jun 08:39 2014

Logging Recommendations for Internet-Facing Servers

Hello,

BCP 162 contains logging recommendations for internet-facing 
servers.  Quoting the document:

   "Discussions about data-retention policies are out of scope for this
    document.  Server security and transport security are important for
    the protection of logs for Internet-facing systems.  The operator of
    the Internet-facing server must consider the risks, including the
    data and services on the server, to determine the appropriate
    measures.  The protection of logs is critical in incident
    investigations.  If logs are tampered with, evidence could be
    destroyed."

In other words, the BCP makes a recommendation without any discussion 
about privacy considerations.  The issue is traceability.  It has 
been the practice to log IP addresses.  Keeping the logs for years is 
not a good idea as it is difficult to argue that the information is necessary.

I suggest that the BCP be reconsidered given the lack of privacy 
considerations.

Regards,
S. Moonesamy 
David Singer | 28 May 00:03 2014
Picon

cursory PPM Review of RFC 4368

<http://tools.ietf.org/html/rfc4368>

This is about low-level access (SNMP) to low-level (multi-protocol switching) network information, and
has an apparently well-developed security considerations. Privacy is only mentioned once:
"It is RECOMMENDED that implementers consider the security features as
   provided by the SNMPv3 framework (see [RFC3410], section 8),
   including full support for the SNMPv3 cryptographic mechanisms (for
   authentication and privacy)."

Since not even IP addresses are exposed, or traffic details, it's hard to see direct privacy implications
here. However, the whole area of being able to interrogate network equipment over protocols such as SNMP
might well have such implications (e.g. if it's possible to work out which addresses a given IP address is
communicating with). 

David Singer
Manager, Software Standards, Apple Inc.
=JeffH | 15 May 00:59 2014

Big Data Ethics (was: recent scholarship wrt privacy law, obligations, legal theories & frameworks

And, building upon Solove's work, there's this...

Big Data Ethics
http://papers.ssrn.com/sol3/papers.cfm?abstract_id=2384174

Neil M. Richards
Jonathan H. King

January 23, 2014

Wake Forest Law Review, 2014

Abstract:

We are on the cusp of a "Big Data" Revolution, in which increasingly large 
datasets are mined for important predictions and often surprising insights. 
The predictions and decisions this revolution will enable will transform our 
society in ways comparable to the Industrial Revolution. We are now at a 
critical moment; big data uses today will be sticky and will settle both 
default norms and public notions of what is "no big deal" regarding big data 
predictions for years to come.

In this paper, we argue that big data, broadly defined, is producing 
increased powers of institutional awareness and power that require the 
development of a Big Data Ethics. We are building a new digital society, and 
the values we build or fail to build into our new digital structures will 
define us. Critically, if we fail to balance the human values that we care 
about, like privacy, confidentiality, transparency, identity and free choice 
with the compelling uses of big data, our Big Data Society risks abandoning 
these values for the sake of innovation and expediency.

In Part I, we trace the origins and rapid growth of the Information 
Revolution. In Part II, we call for the development of a "Big Data Ethics," 
a set of four related principles that should govern data flows in our 
information society, and inform the establishment of big data norms. First, 
we must recognize "privacy" as an inevitable system of information rules 
rather than merely secrecy. Second, we must recognize that shared private 
information can remain "confidential." Third, we must recognize that big 
data requires transparency. Fourth, we must recognize that big data can 
compromise identity. In Part III, we suggest how we might integrate big data 
ethics into our society. Law will be an important part of Big Data Ethics, 
but so too must the establishment of ethical principles and best practices 
that guide government, corporations, and users. We must all be part of the 
conversation, and part of the solution. Big Data Ethics are for everyone.
=JeffH | 15 May 00:59 2014

recent scholarship wrt privacy law, obligations, legal theories & frameworks

Some interesting recent research/thinking around privacy law, obligations, 
legal theories & frameworks...

The FTC and the New Common Law of Privacy
by Daniel Solove * April 13, 2014
http://www.concurringopinions.com/archives/2014/04/the-ftc-and-the-new-common-law-of-privacy-2.html

10 Reasons Why Privacy Matters
by Daniel Solove * January 14, 2014
http://www.concurringopinions.com/archives/2014/01/10-reasons-why-privacy-matters.html

What Is Personally Identifiable Information (PII)? Finding Common Ground in 
the EU and US
by Daniel Solove * June 26, 2013
http://www.concurringopinions.com/archives/2013/06/what-is-personally-identifiable-information-pii-finding-common-ground-in-the-eu-and-us.html

Privacy Self-Management and the Consent Dilemma
by Daniel Solove * May 21, 2013
http://www.concurringopinions.com/archives/2013/05/privacy-self-management-and-the-consent-dilemma.html

Harvard Law Review Privacy Symposium Issue
http://www.concurringopinions.com/archives/2013/05/harvard-law-review-privacy-symposium-issue.html
May 21, 2013

The privacy symposium issue of the Harvard Law Review is hot off the 
presses.  Here are the articles:

SYMPOSIUM
PRIVACY AND TECHNOLOGY
Introduction: Privacy Self-Management and the Consent Dilemmas
Daniel J. Solove
http://www.harvardlawreview.org/issues/126/may13/Symposium_9475.php

What Privacy is For
Julie E. Cohen
http://www.harvardlawreview.org/issues/126/may13/Symposium_9476.php

The Dangers of Surveillance
Neil M. Richards
http://www.harvardlawreview.org/issues/126/may13/Symposium_9477.php

The EU-U.S. Privacy Collision: A Turn to Institutions and Procedures
Paul M. Schwartz
http://www.harvardlawreview.org/issues/126/may13/Symposium_9478.php

Toward a Positive Theory of Privacy Law
Lior Jacob Strahilevitz
http://www.harvardlawreview.org/issues/126/may13/Symposium_9479.php
Hannes Tschofenig | 5 May 19:43 2014
Picon
Picon

Status?

Hi all,

I was wondering what the status of the review activities is.
Various folks expressed interest to do some reviews at the last f2f
meeting in London.

Did anything happen already?

Ciao
Hannes

_______________________________________________
ietf-privacy mailing list
ietf-privacy <at> ietf.org
https://www.ietf.org/mailman/listinfo/ietf-privacy
S Moonesamy | 29 Apr 22:14 2014

Re: CFP: The 6th International Symposium on Cyberspace Safety and Security (off-topic)

Hello,

Was the message at 
http://www.ietf.org/mail-archive/web/ietf-privacy/current/msg00394.html 
approved by the ietf-privacy mailing list moderator?

Regards,
S. Moonesamy

Gmane