DIMACS Workshop on Information Security Economics January 18-19, 2007 - DIMACS Center, CoRE Building, Rutgers University http://dimacs.rutgers.edu/Workshops/InformationSecurity/ CALL FOR PAPERS Investments in information security are contingent on the expected benefits and costs of their deployment. Yet, it is difficult to quantify those trade-offs: uncertainties about attackers' skills and motivations, systems' dependability, and the consequences of security failures are heightened by intangible considerations - such as individual perceptions of the value of security. In recent years, growing attention has been directed towards the application to information security of economic models for the evaluation of complex trade-offs under risk and uncertainty. This *economics of information security* has offered mathematical models of returns on security investments and behavioral models of users' decision making; it has detailed regulatory solutions to cyber-security issues; and it has clarified the challenges of improving everyday security and privacy. The DIMACS Workshop on Information Security Economics aims at enlarging the interest in this area by bringing together researchers already engaged in the field with other scientists and investigators in disciplines such as economics, business, statistics, and computer science. We encourage researchers and industry experts to submit manuscripts with original work to the workshop; we especially encourage collaborative and interdisciplinary research from authors in multiple fields. Topics of interest include (but are not limited to) empirical and theoretical works on the economics of: - vulnerabilities and malicious code - spam, phishing, and identity theft - privacy, reputation, and trust - DRM and trusted computing - cyber-insurance, returns on security investments, and security risk management - security risk perception at the firm and individual levels. Questions about the workshop may be addressed to: email@example.com. *** Organizers Alessandro Acquisti, Carnegie Mellon University firstname.lastname@example.org Jean Camp, Indiana University email@example.com *** Submission instructions Submissions are due by November 3, 2006 (11:59PM PST), preferably in PDF format, to: firstname.lastname@example.org Submissions should not exceed approximately 10,000 words. Notifications of acceptance for the program will be sent by November 18, 2006.