Workshops and Tutorials
The WorldCIS is an international forum for both researchers and industry practitioners to exchange the latest fundamental advances in the state of the art and practice, Internet SecurityTechnologies, Application of Agents, Cybernetics, Data Mining, E-Society, Security of Web Sevices, Mobile, Ad Hoc and Sensor Network Security, and identify emerging research topics.
The WorldCIS encourages you to submit workshop or tutorial proposals. The workshop or tutorial duration can be one day or one and half day. All the accepted papers will be included in the conference proceedings. You can consider organising a workshop that is related to WorldCIS-2011 topics.
The purpose of these workshops is to provide a platform for presenting novel ideas in a less formal and possibly more focused way than the conferences themselves. It offers a good opportunity for young researchers to present their work and to obtain feedback from an interested community. The format of each workshop or tutorial is to be determined by the organisers, but it is expected that they contain ample time for general discussion. The preference is for one day workshops, but other schedules will also be considered.
Tutorial 1: Understanding the legal, compliance and privacy risks associated with new mandates to report security breaches
Security will be the defining legal issue of the next several years. Legal issues and compliance obligations are the most misunderstood areas in security practice. Business potential will likely be determined by whether companies are able to clearly communicate their compliance strategies and understand legal issues like breach notification, reporting and confidentiality issues related to them.
This tutorial uses real world case studies developed by David Snead to communicate strategies to address these legal implications regardless of the attendee’s status as a user, provider, or supplier. Avoiding theoretical analyses of the law, or long forays into esoteric legal issues, the tutorial will present:
- A matrix companies can use to evaluate their security risks
- Easy to understand explanations combined with smart contract examples for any business owner
- Transnational security issues involved in new evolutions in computing such as cloud computing
Attendees will leave this presentation with a tool kit and questions they can use immediately in their business to understand and compartmentalize legal risks associated with security issues.
- Detailed understanding of U.S. and EU laws mandating reporting of security breaches;
- Working knowledge of how contract issues and legal issues may be resolved to create a more secure environment; and
- Creation of security and compliance plans that move the business’ security needs forward without compromising internal success or sales.
David Snead, W. David Snead, USA
Carolyn Herzog, Symantec Corporation, UK
Tutorial 2: Secure Multi-party Computation for Preserving Privacy: Problems, Techniques and Applications
Several aspects of secure multi-party computation like privacy of Individuals, correctness of result and network traffic reductions will be presented in this tutorial and the following issues will be addressed:
- Introduced multiple TTPs and the problem of hiding the data form trusted third party (TTP) which computes the result
- The existing solutions of SMC along with the developed protocols
- The introduction of a randomly selected anonymizer between the parties and the TTP to
hide the data
- The problem, which enables the SMC to perform the correct computation of the result as
well as the authentication of computational body
- Present the problem of dealing with adversaries in SMC and minimizing their effects
An authentication protocol is needed between nodes using some cryptographic technique. In service-oriented MANET the denial of the service must be taken care of so that the availability of the service is maintained. The security requirement of the ad hoc network depends on its application. For example, for a simple business meeting the requirement is mitigated and for the military battlefield it is severe. Thus no general security architecture can be developed for MANET. Specific security architecture is needed for specific application.
Professor Durgesh Kumar Mishra
Chairman IEEE Computer Society Chapter, Bombay Section
Acropolis Institute of Technology and Research, Indore, MP, India