|
|
November 21-22, 2003
Upcoming Conference to Explore Relationship
Between Computer Security, Privacy, and Disclosure of Information
About Security Vulnerabilities
|
September 11 gave new urgency to the debate over whether information
collection and dissemination is dangerous or empowering. One view
is that vulnerability information should be kept secret and out
of the hands of potential criminals and foreign agents. Another
view is that the public needs to be informed about security weaknesses,
so that people can take appropriate precautions and so that there
will be a constituency to pressure for the rapid repair of vulnerabilities.
Meanwhile, policy makers struggle to find a balance between promoting
security research, constructive information sharing, remediation
and protecting commercial interests. Industry has tried to develop
best practices for reporting and repairing vulnerabilities,
but major disagreements - over how much information to disclose,
to whom, and when - persist.
The
federal government has tried to both establish standards for commercial
entities to share information about vulnerabilities and to pass
laws to deter the distribution of information that may enable cyberattacks.
However, critics say these initiatives help only a select few, threaten
proprietary information, deter legitimate security research and
are overly expensive. During the course of this two-day-long conference,
featured speakers and participants will work towards a solution
for both industry and government that promotes computer security
and addresses the economic, governmental, and social issues that
arise under current research and reporting practices.
Audience
The relevant audience for this conference includes computer security
researchers and practitioners, computer science academics and professionals,
hackers, policy formulators, software vendors and writers, commercial
entities that use networked computers, consumers, officials charged
with increasing government and national security and security-critical
infrastructure including law enforcement and national security officers,
consumer rights advocates and civil libertarians.
|