IWSSI/SPMU 2009 - IWSSI/SPMU 2009, the Second International Workshop on Security and Privacy in Spontaneous Interaction and Mobile Device Use

Website http://iwssi2009.cs.univie.ac.at/doku.php | Edit Freely

Category IWSSI/SPMU 2009

Deadline: February 10, 2009 | Date: May 11, 2009

Venue/Country: Nara, Japan

Updated: 2010-06-04 19:32:22 (GMT+9)

Call For Papers - CFP

One of the cornerstones in Mark Weiser¡¯s vision of ubiquitous computing is the potential for interacting with services, anywhere, anytime. Advances in mobile computing, ad hoc networks, context awareness, and human computer interaction now facilitate a seamless, spontaneous interaction between users, devices, and services. One example of the potential of this development is the spread of cell phones. Today, the mobile phone has become the most widely deployed computing platform in the world. Analysts predict some 2.6 billion mobile phones in regular use by 2009. For many people, the mobile phone is the first computer they encounter, and certainly the only computer they carry with them most of their waking moments. Not surprisingly, it is increasingly used as the primary interface for such spontaneous interactions, e.g., for mobile payments schemes, ticketing, or mobile collaborative gaming.

Mobile devices in general, and mobile phones in particular, present unique challenges not only in terms of user interface, battery life, and form factor, but also in terms of ensuring their users¡¯ privacy and security. Privacy and security are often in conflict with another and have been the topic of many research projects. Emerging mobile payment and ticketing solutions require the secure transmission and storage of financial information, while electronic health records or access certificates/tokens might imply the use of highly sensitive personal information on such devices. Securing the potentially massive amount of interactions using mobile devices is difficult, because typically there will be no a priori shared information such as passwords, addresses, or PIN codes between the phone, its user, and the service they want to use. Additionally, mobile devices often lack powerful user interfaces to support classical authentication methods.

An increasing number of approaches to securing spontaneous interactions and ¨C at the same time ¨C protecting users¡¯ privacy have been suggested, and some of them have already been adopted for standardization. Some of these approaches were explicitly designed for use with mobile devices, while others can benefit from user mobility. Many research challenges still remain as none of the known solutions is fully satisfactory with respect to security and privacy, on the one hand, and usability, on the other hand.

This joint workshop merges IWSSI 2007 and SPMU 2008, two prior workshops that were co-located with Ubicomp 2007 and Pervasive 2008, respectively. These workshops shared many topics of interest, and the trend to use mobile phones for spontaneous interaction with pervasive environments has recently become more pronounced. It is therefore desirable to discuss spontaneous interaction and security and privacy issues in mobile device use together. The joint workshop will accept topics of either research area to broaden the potential number of participants. IWSSI 2007 (http://www.comp.lancs.ac.uk/iwssi2007/) was highly successful in bringing together a research community working on se- curity for spontaneous interaction (which resulted in a special issue of IJSN, the International Journal on Security and Networks, presenting the most important approaches), and SPMU 2008 (http://www.vs.inf.ethz.ch/events/spmu08/) showed the need for a specific workshop on security and privacy research for mobile devices (with the result of a collaboratively assembled list of open research questions).

This workshop aims to bring together researchers working on these topics, to define open issues, clarify the used terminology, and foster cooperation between researchers in this area. One of the main issues is still the lack of common ground, although common protocol families have started to appear since IWSSI 2007. This includes both terminology and a shared understanding of the open research issues covering various aspects like user interaction, cryptographic primitives, and dealing with limited device resources, as well as legal, social, and cultural implications of increased mobile phone use for security- and privacy-relevant interactions. One specific focus question is how mobile devices in general (and mobile phones in particular) can assist their users in interacting with an increasingly pervasive environment of networked services ¨C securely, protecting the users¡¯ privacy, and usable to non-experts.

That is, how can mobile devices act as a trustworthy interface to the digital world?

The workshop will provide a forum for researchers to discuss these problem areas and to put forward an agenda for future research. An expected outcome of the workshop is increased cooperation between research groups and a special issue in a renowned international journal. As for IWSSI 2007, we plan to in- vite authors of other groundbraking papers to contribute to the special issue in addition to the best workshop papers.

Topics of Interest

Specific topics of interest for this workshop include, but are not limited to, the following items as they appear in the context of spontaneous interaction and/or mobile device use:

Authentication protocols and methods for device pairing or user authentication

Sensor-, context-, and location-based authentication methods

Authorization, access control, and trust management

Logging and auditing of spontaneous interactions with mobile devices

Network and system models

Security and privacy of mobile phone users

Security and privacy issues in mobile phone networks

Privacy and anonymous/pseudonymous interactions

User interfaces and models for user interaction on mobile devices

Making use of spontaneous interaction in applications

Public perception of security and privacy issues of mobile phones

Legal and social issues of security and privacy for mobile phones

Options for lawful, auditable, and restricted tracking and surveillance using mobile phones in law enforcement