2nd International Workshop on Managing Insider Security Threats (MIST 2010) – Morioka, Iwate, Japan
Morioka, Iwate, Japan
**Overview
During the past decades, information security developments have been mainly concerned with preventing illegal attacks by outsiders, such as hacking, virus propagation, and spyware.
However, according to a recent Gartner Research Report, information leakage caused by insiders who are legally authorized to have access to some corporate information is increasing dramatically. These leakages can cause significant damages such as weakening the competitiveness of companies (and even countries).
Information leakage caused by insiders occurs less frequently than information leakage caused by outsiders, but the financial damage is much greater.
Countermeasures in terms of physical, managerial, and technical aspects are necessary to construct an integral security management system to protect companies’ major information assets from unauthorized internal attackers.
The objective of this workshop is to showcase the most recent challenges and advances in security technologies and management systems to prevent leakage of organizations’ information caused by insiders.
It may also include state-of-the-art surveys and case analyses of practical significance. We expect that the workshop will be a trigger for further research and technology improvements related to this important subject.
** NEWS
Outstanding papers from MIST 2010, after further revisions, will be published in
Special Issue of Security and Communication Networks (SCN)(indexed by SCIE)
**Important dates
Paper Submission deadline: April 30, 2010
Acceptance notification: May 24, 2010
Camera-ready due: June 4, 2010
**Topics (include but are not limited to)
-Theoretical foundations and algorithms for addressing insider threats
-Insider threat assessment and modelling
-Security technologies to prevent, detect and avoid insider threats
-Validating the trustworthiness of staff
-Post-insider threat incident analysis
-Data breach modelling and mitigation techniques
-Registration, authentication and identification
-Certification and authorization
-Database security
-Device control system
-Digital forensic system
-Digital right management system
-Fraud detection
-Network access control system
-Intrusion detection
-Keyboard information security
-Information security governance
-Information security management systems
-Risk assessment and management
-Log collection and analysis
-Trust management
-IT compliance (audit)
-Continuous auditing
**Workshop Organizers
A Min Tjoa (Vienna University of Technology, Austria)
Ilsun You (Korean Bible University, South Korea)
**Program Committee
Elisa Bertino (Purdue University, USA)
Dawn M. Cappelli (Carnegie Mellon University, USA)
Hang Bae Chang (Daejin University , South Korea)
Fariborz Farahmand (Purdue University, USA)
Steven Furnell (University of Plymouth, UK)
Yong Guan (Iowa State University, USA)
Shlomo Hershkop (Columbia University, USA)
Dong Seong Kim (Duke University, USA)
Fang-Yie Leu (Tunghai University, Taiwan)
Gabriele Lenzini (SnT – Univ. of Luxembourg, Luxembourg)
Leszek T. Lilien (Western Michigan University, USA)
Chu-Hsing Lin (Tunghai University, Taiwan)
Debin Liu (Indiana University, USA)
Barton P. Miller (University of Wisconsin, Madison, USA)
Chris Mitchell (University of London, UK)
Peter G. Neumann (SRI, USA)
Marek R. Ogiela (AGH University of Science & Technology Institute of Automatics, Poland)
Kazumasa Omote (JAIST, Japan)
Gunther Pernul (University of Regensburg, Germany)
Malek Ben Salem (Columbia University, USA)
Stelios Sidiroglou-Douskos (MIT, USA)
Sean W. Smith (Dartmouth College, USA)
Masakazu Soshi (Hiroshima City University, Japan)
Huiping Sun (Peking University, China)
Yuqing Sun (Shandong University, China)
Kenichi Takahashi (ISIT, Japan)
Shambhu Upadhyaya (SUNY Buffalo, USA)
Kangbin Yim, (Soonchunhyang University, Korea)
Meng Yu (Western Illinois University, USA)
[Additional members still being invited]
Your Comment