Call for Participation
   "Community Workshop on Ethical Guidelines for Security Research"

From activities involving the use of deception to study Internet
phishing, to the infiltration of botnets to understand cyber crime, to
disclosure of systems vulnerabilities to advance scientific ground
truth, computer and information security researchers are increasingly
in the cross-hairs of activities that raise ethical issues.

Computers and networks are ever more intertwined in our lives, and
correspondingly security and network research present both similar and
novel issues as those faced by traditional social and biomedical
research.  Those issues concern respecting persons, maximizing
potential benefits and minimizing harm, and equitably apportioning
benefits and burdens across research subjects and the larger society.
For those issues that are distinctively different from conventional
research there is a need for ethical guidance to identify unique
issues, design experiments, apply protocols, and assess the
acceptability of research in accordance with ethics principles.

This full-day workshop will anchor off of a multi-year effort by
network and security research stakeholders that has resulted in a
guiding framework, known as The Menlo Report.  This workshop is
intended to engage the wider community of researchers, oversight
entities, and policymakers in a dialogue that will inform and reflect
community accord on ethics in security and network research.  The
participants will be guided by facilitators from the Menlo Report
effort in interactive and informative sessions concerning: the Menlo
Report background, feedback and impact statements from various
stakeholders who have reviewed the Report, vehicles for implementing
ethical principles, and alternative approaches to applying ethical
principles in research.  Results from the community workshop will
inform changes to the Menlo Report, which will subsequently be
submitted as a final draft report to the Federal Register for full
public comment.

The workshop will be co-located with the IEEE Symposium on Security
and Privacy. Participants can register through the Symposium website
application form.  For participant stakeholders who wish to inform
workshop organizers about works in progress, or for any questions,
concerns or comments please contact

Date: Thursday, May 26, 2011
Venue:  Claremont Hotel, Berkeley, CA
Organizers:   Douglas Maughan, Program Manager, Cyber Security R&D 
Science and Technology Directorate, Department of Homeland Security 
Washington DC; Menlo Report Co-Authors: Erin Kenneally, Cooperative 
Association for Internet Data Analysis (CAIDA), Dave Dittrich, 
University of Washington.

The workshop Agenda and a working draft of the Menlo Report will be made 
available at