Workshop on Governance of Technology, Information, and Policies (GTIP)

Addressing the Challenges of Worldwide Interconnectivity
December 6, 2011

http://www.acsac.org/2011/workshop/

In many nations, governments and businesses rely on information technology and the Internet for mission-critical functionality. A vast number of people also rely on computers and the Internet to conduct business and to establish and maintain personal and professional relationships. The worldwide adoption of these new technologies, however, has stressed the minimalist governance systems that were established when information technology and the Internet were used much more sparingly. These developments have produced unprecedented legal, policy, and technological issues.

For example, when cloud computing crosses national borders, which jurisdiction's privacy laws apply to data management and access? What types of disclosures should be required for customer/participant protection, and what regulatory structures are best suited for governing this rapidly moving data? For the Internet as a whole, what governance or regulatory structures,standards, and protocols are needed, and how do we ensure that regulatory decisions are based on sound scientific and technological information?

Despite laudable national, international and formal United Nations efforts, the "governance gap" is becoming more exacerbated as the use of collaborative technologies, virtual worlds, and cloud computing expands. This workshop is dedicated to exploring the governance issues that arise in this world-wide explosion of technology. It focuses on governance designed to achieve objectives of security, privacy, reliability, resiliency, and accountability, both technically and by governmental or quasi-governmental regulatory structures.

A broad range of original position and research papers are within the workshop's scope. These may address the policies, processes and technologies that may prove useful in dealing with these problems generated by world interconnectivity; the security, technological, societal, and legal issues that arise from computing and data management in a world of fragmented and incompatible rules; and the foreseeable problems for technological and business development, for human values, and for governments or international relations due to inadequate governance structures and regulatory policies for the networked world.

The workshop will embrace the topics that follow as well as other questions generated by multi-jurisdiction computation, data management, and networking.

* Governance and technologies designed to:
- Reduce cyber-crime, cyberattack, malicious computing and otherwise enhance security;
- Protect Internet access during natural disasters, and major social and political crises;
- Promote privacy and limit governmental surveillance; and,
- Provide mechanisms for monitoring compliance with governance.
* Governance and mechanisms for achieving governance of:
- Cloud computing;
- Electronic personal health records and other mission-critical or human safety-critical database systems; and
- Networking.
* Frameworks for Internet and data governance, particularly at the international level for determining Internet standards and protocols.
* Compliance issues for multinational entities (networks, corporations).
* Emerging areas of transnational conflict and co-operation.
* Anonymity (including the need or lack of need).
* Attribution and identity management.
* Incident response and handling, and forensics.
* Issues related to those above.

We particularly welcome papers that raise new concepts, describe emerging issues, and highlight work in progress that contributes to a better understanding of critical issues or their resolution. In addition to academic submissions, we encourage papers from non-academic groups, nonprofits, and institutions involved with these issues.

Final papers must be 8 pages long at most. Please use any of the templates at
http://www.acm.org/sigs/publications/proceedings-templates
to prepare your submission, as accepted papers will be posted to the ACM Digital Library. Papers previously published elsewhere will not be accepted. Papers published at GTIP may, under certain circumstances, be resubmitted elsewhere; see the details at:
https://www.acsac.org/2011/workshops/gtip/

To submit a paper or an abstract, go to:
http://www.acsac.org/2011/workshops/gtip/openconf/
This workshop is co-located with the 2011 Annual Computer Security Applications Conference (ACSAC 2011). See
http://www.acsac.org/
for more information.

Important dates:

Abstract of proposed paper August 15, 2011 (preferred but optional)
Full paper due September 7, 2011
Notification of acceptance October 10, 2011
Camera-ready artwork due November 1, 2011
Workshop date December 6, 2011

Program Committee (in formation; acceptances include):

Candice Hoke, C|M| Law, Cleveland State University, 2011 Chair
Michael Aisenberg, The MITRE Corporation
Matt Bishop, University of California, Davis
Lizzie Coles-Kemp, University of London
Ann Cavoukian, Information and Privacy Commissioner of Ontario, Canada
Mary Ann Davidson, Oracle
David Farber, Carnegie Mellon University
Carrie Gates, CA Labs, CA Technologies
J. Paul Gibson, Telecom SudParis
Sharona Hoffman, Case Western Reserve University
Jeffrey Hunker, JH Associates
Peter Matthews, CA Labs, CA Technologies
Peter Neumann, SRI International
Andy Podgurski, Case Western Reserve University
Harvey Rubinovitz, The MITRE Corporation
Tara Whalen, Carleton University, Ottowa

Organizing Committee:

Matt Bishop, University of California, Davis
Carrie Gates, CA Labs, CA Technologies
Candice Hoke, C|M| Law, Cleveland State University
Peter Matthews, CA Labs, CA Technologies
Harvey Rubinovitz, The MITRE Corporation