• The meeting has been kicked off by by John Leibowitz (chairman of the US Federal Trade Commission; transcript)
• Dr. Carl-Christian Buhr from the cabinet of Neelie Kroes introduced the EU perspective and brought this video message on Do Not Track from Neelie Kroes
• The Art 29 group formally send Rob van Eijk as their delegate to our team
• Members from the FTC as well as the EC attended large portions of the meeting.
• We achieved wide attendance including (but not limited to) Adobe, Apple, CDT, Google, Microsoft, Mozilla, NAI, Opera, Paypal, W3C, and Yahoo.

We made substantial progress, have discussed and assigned all open issues (and closed many), and are now working on creating the corresponding text.

We were impressed by the wide coverage and the open and collaborative atmosphere that allowed us to achieve this progress.

More information can be found at the W3C Blog.

The ACM Symposium on Cloud Computing 2012 is the third in a new series of symposia that brings together researchers, developers, users, and practitioners interested in cloud computing. Co-sponsored by the ACM Special Interest Groups on Management of Data (SIGMOD) and on Operating Systems (SIGOPS), SoCC 2012 will take place from October 14th-17th in San Jose, CA. For the first time, ACM SoCC 2012 is being held independently, recognizing the growing research fertility and societal/commercial importance of cloud computing. (SoCC was previously held in conjunction with the SIGMOD and SOSP).

Important dates are:

• Architecture and design of clouds and data centers for dependability
• Faults, failure diagnosis, and recovery issues in clouds and data centers
• Dependability challenges and solutions for cloud users and cloud providers
• Dependability and security of virtual machine and multicore technology
• Dependability metrics, analysis, and evaluation for clouds and data centers
• Assured services, protocols and standards for clouds
• Dependability benchmarking and measurements in clouds and data centers
• Security and privacy issues in clouds and data centers
• Sustainability issues and energy management in clouds/data centers
• Trust, policy management and regulatory compliance issues

IMPORTANT DATES

• Paper submission: Mar. 15, 2012
• Acceptance notification: Apr. 15, 2012
• Camera-ready version: May. 01, 2012
• Workshop: June 25, 2012

The full Call for Papers can be found at http://www.cse.ust.hk/DCDV2012/cfp.html

Christian Cachin, Matthias Schunter: A Cloud You Can Trust -
How to ensure that cloud computing’s problems—data breaches, leaks, service outages—don’t obscure its virtues, IEEE Spektrum, December 2011, pp 28-51.

Read it online at
http://spectrum.ieee.org/computing/networks/a-cloud-you-can-trust/0

Important Dates

TRUST 2012 is an international conference on the technical and soci-economic aspects of trustworthy infrastructures. It provides an excellent interdisciplinary forum for researchers, practitioners, and decision makers to explore new ideas and discuss experiences in building, designing, using and understanding trustworthy computing systems.

Important dates are

• Submission due: 15 February 2012
• Notification: 25 March 2012
• Camera ready: 09 April 2012
• Conference: 13-15 June 2012

“To address rising concerns about privacy on the Web, W3C publishes today two first drafts for standards that allow users to express preferences about online tracking:

• Tracking Preference Expression (DNT), which defines mechanisms for users to express cross-site tracking preferences and for sites to indicate whether they honor these preferences.
• Tracking Compliance and Scope Specification, which defines the meaning of a “Do Not Track” preference and sets out practices for websites to comply with this preference.

These documents are the early work of a broad set of stakeholders in the W3C Tracking Protection Working Group, including browser vendors, content providers, advertisers, search engines, and experts in policy, privacy, and consumer protection. W3C invites review of these early drafts, expected to become standards by mid-2012. Read the full press release and testimonials and learn more about Privacy.”

Important Dates:

• Paper submission: December 01, 2011
• Notification of acceptance: December 15, 2011
• Final paper submission: January 03, 2012
• Workshop: February 28, 2012

Quote from the Call for Papers at http://www.nii.ac.jp/jeisec/resys/index.html:

Cyber-physical systems support domains of social infrastructures in monitoring and controlling their physical environment. Context data of a physical environment is being collected by sensors, digitally processed as well as stored, and as a result processes and flows of this physical environment are controlled.

However, social infrastructures are threatened by crime, terrorism, and natural disasters.A lesson learned from latest dramatically unwanted interference – Great East Japan Earthquake and its consequences – is that Cyber-physical systems cannot be protected against failures. There is always the possibility of an unexpected interference that breaks the assumptions of current risk management guidelines and standards. Resilience aims at an equilibrium of a system in case of interferences. It is not only understood in terms of resistance against threats and attacks (prevent and protect) but also in terms of the ability to mitigate them (respond). The affected system should still deliver trusted services in an hostile environment. A resilient Cyber-physical system consists of numerous components, such as sensors, working with each other in a decentralised way such that when some components fail, the system as a whole dynamically uses equivalent ones and runs the expected service continuously while at the same time fulfilling security requirements at an acceptable degree. Objective

The workshop focuses on identifying open research questions and discussing mechanisms to establish this property. Additionally to accepted articles and their presentations, we plan to offer a combined demo, poster and video session to foster hands-on experience, discussion and collaboration among participants. Each full paper session focuses on papers with solid research results.

Topics

Topics of interest include, but are not restricted to:

Context-based security mechanisms

• Context-based mobile wireless authentication
• Context-based device pairing
• Securing context-aware applications
• Sensor-, context-, and location-based authentication
• Spontaneous secure context-based device interactions
• Cyber-physical security

Autonomic and Dependable Computing

• Methods and Techniques for Self-Configuration, Self-Healing, Self-Protecting
• Distributed Systems and Agents
• Flexible and Secure Orchestration of ICT Services
• Trustworthy Organic Computing

Privacy in Cyber-physical systems

• Establishing and managing trust in cyber physical systems
• Anonymous/pseudonymous context aware mobile computation
• Legal and social issues of security and privacy for mobile devices
• Perception of security and privacy in mobile computing

Resilient cryptography

• Entropy of context based keys
• Fuzzy cryptography
• Security with noisy data

We are seeking unpublished and original submissions in PDF format. Submission should follow the ARCS workshop template and not exceed 6 pages. The review process is double blind and authors are asked to remove any indication to their identity from their submission.

Submission instructions

Authors should prepare an Adobe Acrobat PDF version of their full paper. Papers must not exceed 6 pages formatted according to the VDE formatting rules. A Latex template is available. Papers will be rigorously reviewed by an international technical program committee. Accepted submissions will be published in the ARCS Workshop Proceedings which will be indexed by IEEEexplore.

Important dates:

• Submission deadline: January 27, 2012
• Author notification: March 14, 2012
• Final version: March 20, 2012

The workshop welcomes submissions on all aspects of dependability in cloud computing, data center architectures, scalable systems and virtualization technology. Some of the topics of interest are:

• Virtualization-based mechanism for tolerating faults and intrusions
• Dependability issues in virtualization technology
•  Scalability issues in dependable systems
• Security and privacy in the Cloud
• Data center dependability issues
• Disaster recovery for cloud-based and Internet-scale systems
• Cloud dependability metrics, models, studies and benchmarks
• Large scale problem diagnosis and recovery
•  Intrusion detection and tolerance in cloud environment
•  Service-oriented architectures dependability
• Dependability issues in “cloud programming models” such as MapReduce
• Service Level Agreement (SLA) and Quality of Service in the cloud

More information about the workshop can be obtained by emailing to ewdcc12_AT_di.fc.ul.pt.

The Tracking Protection Working Group is chartered to improve user privacy and user control by defining mechanisms for expressing user preferences around Web tracking and for blocking or allowing Web tracking elements. The group seeks to standardize the technology and meaning of Do Not Track, and of Tracking Selection Lists.

My mission as the chair is to drive the consensus-based standardisation process. My personal goal is to ensure that the privacy requirements of individuals as well as the industry requirements are met by the emerging recommendations.

Our kick-off meeting on September 21+22 in Boston MA, managed to assemble many important stakeholders such as Apple, the Center of Democracy and Privacy, ComScore, the EFF, FTC (Ed Felten), Google, the Interactive Advertising Bureau (IAB), Microsoft, Nielsen, and Yahoo in one room.