Workshop on Governance of Technology, Information, and Policies (GTIP)

Addressing the Challenges of Worldwide Interconnectivity
December 6, 2011

The online CFP is at: http://www.acsac.org/2011/workshops/gtip/
A PDF version is at: http://nob.cs.ucdavis.edu/~bishop/announce/GTIP2011.pdf

http://www.acsac.org/2011/workshop/

In many nations, governments and businesses rely on information
technology and the Internet for mission-critical functionality. A vast
number of people also rely on computers and the Internet to conduct
business and to establish and maintain personal and professional
relationships. The worldwide adoption of these new technologies,
however, has stressed the minimalist governance systems that were
established when information technology and the Internet were used
much more sparingly. These developments have produced unprecedented
legal, policy, and technological issues.

For example, when cloud computing crosses national borders, which
jurisdiction's privacy laws apply to data management and access? What
types of disclosures should be required for customer/participant
protection, and what regulatory structures are best suited for
governing this rapidly moving data? For the Internet as a whole, what
governance or regulatory structures,standards, and protocols are
needed, and how do we ensure that regulatory decisions are based on
sound scientific and technological information?

Despite laudable national, international and formal United Nations
efforts, the "governance gap" is becoming more exacerbated as the use
of collaborative technologies, virtual worlds, and cloud computing
expands. This workshop is dedicated to exploring the governance issues
that arise in this world-wide explosion of technology. It focuses on
governance designed to achieve objectives of security, privacy,
reliability, resiliency, and accountability, both technically and by
governmental or quasi-governmental regulatory structures.

A broad range of original position and research papers are within the
workshop's scope.  These may address the policies, processes and
technologies that may prove useful in dealing with these problems
generated by world interconnectivity; the security, technological,
societal, and legal issues that arise from computing and data
management in a world of fragmented and incompatible rules; and the
foreseeable problems for technological and business development, for
human values, and for governments or international relations due to
inadequate governance structures and regulatory policies for the
networked world.

The workshop will embrace the topics that follow as well as other
questions generated by multi-jurisdiction computation, data
management, and networking.

* Governance and technologies designed to:
   - Reduce cyber-crime, cyberattack, malicious computing and
     otherwise enhance security;
   - Protect Internet access during natural disasters, and major
     social and political crises;
   - Promote privacy and limit governmental surveillance; and,
   - Provide mechanisms for monitoring compliance with governance.
* Governance and mechanisms for achieving governance of:
   - Cloud computing;
   - Electronic personal health records and other mission-critical or
     human safety-critical database systems; and
   - Networking.
* Frameworks for Internet and data governance, particularly at the
  international level for determining Internet standards and
  protocols.
* Compliance issues for multinational entities (networks, corporations).
* Emerging areas of transnational conflict and co-operation.
* Anonymity (including the need or lack of need).
* Attribution and identity management.
* Incident response and handling, and forensics.
* Issues related to those above.

We particularly welcome papers that raise new concepts, describe
emerging issues, and highlight work in progress that contributes to a
better understanding of critical issues or their resolution. In
addition to academic submissions, we encourage papers from
non-academic groups, nonprofits, and institutions involved with these
issues.

Final papers must be 8 pages long at most. Please use any of the templates at
       http://www.acm.org/sigs/publications/proceedings-templates
to prepare your submission, as accepted papers will be posted to the
ACM Digital Library. Papers previously published elsewhere will not be
accepted. Papers published at GTIP may, under certain circumstances,
be resubmitted elsewhere; see the details at:
       https://www.acsac.org/2011/workshops/gtip/

To submit a paper or an abstract, go to:
       http://www.acsac.org/2011/workshops/gtip/openconf/
This workshop is co-located with the 2011 Annual Computer Security
Applications Conference (ACSAC 2011). See
       http://www.acsac.org/
for more information.

Important dates:

Abstract of proposed paper August 15, 2011 (preferred but optional)
Full paper due September 7, 2011
Notification of acceptance October 10, 2011
Camera-ready artwork due November 1, 2011
Workshop date December 6, 2011

Program Committee (in formation; acceptances include):

Candice Hoke, C|M| Law, Cleveland State University, 2011 Chair
Michael Aisenberg, The MITRE Corporation
Matt Bishop, University of California, Davis
Lizzie Coles-Kemp, University of London
Ann Cavoukian, Information and Privacy Commissioner of Ontario, Canada
Mary Ann Davidson, Oracle
David Farber, Carnegie Mellon University
Carrie Gates, CA Labs, CA Technologies
Sharona Hoffman, Case Western Reserve University
Jeffrey Hunker, JH Associates
Peter Matthews, CA Labs, CA Technologies
Peter Neumann, SRI International
Andy Podgurski, Case Western Reserve University
Harvey Rubinovitz, The MITRE Corporation

Organizing Committee:

Matt Bishop, University of California, Davis
Carrie Gates, CA Labs, CA Technologies
Candice Hoke, C|M| Law, Cleveland State University
Peter Matthews, CA Labs, CA Technologies
Harvey Rubinovitz, The MITRE Corporation