Network.training-awareness March 2019

network.training-awareness@internal.sparta.eu

4 participants
3 discussions

[SPARTA - network.training-awareness] WP9 Kickoff

by Jan Hajny

Dear SPARTA WP9 Task Leaders, Dear WP9 members, As discussed at the kick-off meeting in Paris, we’re planning a WP9 in-person kick-off. At this moment, we have two options. Either organize an independent 1-day meeting in Brno, Czech Republic (2 hours from Prague or from Vienna), or collocate our meeting with WP6 in Luca, Italy (3,5 hours from Milan and close to Pisa). In both cases, the date would be either in late March or early April. Since I would like to have all Task Leaders (L3CE, IMT and SMILE) and most members present, I created a voting for the time and place. Please vote for the best day until this Sunday (10.3.): https://doodle.com/poll/abtmxpmckzsfq97g <https://doodle.com/poll/abtmxpmckzsfq97g> Thank you! Jan —— doc. Ing. Jan Hajný, Ph.D. Advanced Cybersecurity Brno University of Technology Phone: +420 541 146 961 WWW: http://crypto.utko.feec.vutbr.cz <http://crypto.utko.feec.vutbr.cz/>

6 years, 3 months

[SPARTA - network.training-awareness] Call for Papers: IFIP Summer School Privacy and Identity Management

by Friedewald, Michael

Dear Spartans, the IFIP Summer Schools Privacy and Identity Management are an established interdisciplinary forum to discuss technical and non-technical issues related to privacy protection, indentity management and also cybersecurity. This year representatives of two Cybersecurity Competence Networks are involved in the organization of this summer school (Michael Friedewald, WP 2 lead from SPARTA, Stephan Krenn and Kai Rannenberg from Cybersec4Europe) and it would be a good opportunity for SPARTA to show its colours. Junior SPARTANs are invited to submit papers related to their current project or PhD work. Senior SPARTANs are invited to suggest tutorials and workshops. M.Friedewald 14th IFIP Summer School on Privacy and Identity Management 19-23 August 2019 in Brugg/Windisch, Switzerland =================================================== We are inviting contributions to this Summer School from students who are at the stage of preparing a master or a PhD thesis as well as young researchers and practitioners. The school is interactive in character, and is composed of plenary lectures and workshops based around Master/PhD students’ presentations. The principle is to encourage young academic and industry entrants to the privacy and identity management world to share their own ideas, build up a collegial relationship with others, gain experience in making presentations, and potentially publish a paper through the resulting book proceedings. This year, the IFIP Summer School on Privacy and Identity Management is particularly interested in contributions on Data for Better Living looking at the perspectives of Artificial Intelligence (AI) and Privacy. For more information see: https://www.ifip-summerschool.org/ CALL FOR PAPER SUBMISSIONS ----------------------------------------- The Summer School takes a holistic approach to society and technology and supports interdisciplinary exchange through keynote and plenary lectures, tutorials, workshops, and research paper presentations. In particular, participants’ contributions that combine any of the following approaches are welcome: technical, legal, regulatory, socioeconomic, social or societal, political, ethical, anthropological, philosophical, historical, psychological, or media & communication studies perspectives. The interdisciplinary character of the work has long been fundamental to the School. The research paper presentations and the workshops focus on involving students, and on encouraging the publication of high-quality, thorough, research papers by students/young researchers. To this end, the School has a three-phase review process for submitted papers. In the first phase, submissions are short abstracts. Submissions within the scope of the call are selected for presentation at the School. For accepted submissions, the full papers of up to 16 pages in length in Springer LNCS format are to be submitted before the Summer School takes place and they appear in the (unreviewed) pre-proceedings. In a second review phase, the full papers are reviewed soon after the Summer School. The students are invited to resubmit their full papers after they have revised them based on two sets of feedback: the discussions that took place at the Summer School, as well as a formal written review by programme committee members. In the third review phase, after the full papers are resubmitted, they are reviewed again for inclusion in the School’s proceedings, which will be published by Springer. Submissions by senior researchers and participants in European, national, or regional/community research projects are also very welcome and are generally published in a separate section of the book volume. CALL FOR TUTORIALS AND WORKSHOPS ----------------------------------------------------- The School also welcomes contributions in the form of tutorials and workshop proposals from a wide range of disciplines (e.g. computer science, economics, ethics, law, psychology, sociology, political and other social sciences, surveillance studies, media and communication studies, and others). The timelines for submission of these tutorials and workshops are the same as those of the student papers. Topics of interest include but are not limited to: concepts, technologies and applications, design, enforcement mechanisms, effects, attitudes, and user practices. Tutorials are expected to last one or two hours. Proposals should contain a short summary and state the level and background required for attendees to follow the tutorial. Workshops are expected to last one or two hours and must generate short papers that recapitulate the outcome and the kinds of discussions raised in the School, for inclusion in the post-proceedings. Proposals should contain a short statement summarising the topic(s) to be discussed and the expected contributions from the audience members, e.g. responding to a questionnaire or conducting a small experiment. Proposers should indicate whether any special equipment is needed for the workshop, such as audiovisual systems or computational equipment and support. TOPICS OF INTEREST --------------------------- The topics of interest include, but are not limited to: General Topics • Privacy-enhancing technologies (PETs) & transparency-enhancing technologies (TETs) • Privacy and identity management (services, technologies, infrastructures, usability aspects, legal and socio-economic aspects) • Privacy and security in citizens’ digital communications, online platforms, e-mail and instant messaging • Privacy protection and in particular confidentiality of communications by both traditional players/incumbents and OTTs • Privacy-by-design, privacy-by-default, value-sensitive design, ethical-by-design, human-rights-by-design, data protection/privacy impact assessments, data protection on the ground • Social accountability • Privacy standards and seals • Digital literacy and data (infrastructure) literacy • Regulatory regimes and instruments More specific topics • Privacy attacks and data breaches: the challenges • Privacy threats, privacy attacks against or using AI, AI and data breaches • Adversarial learning and identity management • AI for profiling and tracking technologies, online anonymity, surveillance, video surveillance • AI’s impact on fundamental rights and legal principles o protection of personal data, o right to non-discrimination, o rule of law, o presumption of innocence, o children’s rights, etc. • AI and the fight against cybercrime o AI, data retention and law enforcement • Corporate and organisational views on AI and privacy and data protection measures o Challenges facing large corporations, small- and medium-sized enterprises, micro-enterprises and entrepreneurs, and a wide range of categories of professions and occupations in relation to AI applications o Challenges facing AI in healthcare, finance, heavy industry, or crime prevention and detection o Public service AI, Public service algorithms, public interest technologies • Designing societally compatible AI o Effects of AI on discrimination, bias, social profiling, social exclusion, digital divides, communities, societies and cultures o Public attitudes to and trust regarding the deployment of AI and the impact on security, privacy, and identity o How people or organisations participate in shaping AI applications • Codes of conduct; Ethical guidelines and charters for AI ABSTRACT SUBMISSION AND REVIEW PROCESS -------------------------------------------------------------- The School has a three-phase review process for submitted papers. (1) In the first phase, papers will be selected for presentation at the school by the Summer School Programme Committee based on reviews of a short 2-4-page abstract. The abstract submissions should contain a concise problem statement, an outline, and clear messages (they should not be about work “to be done”). (2) On acceptance of the abstract, authors should submit their full papers of up to 16 pages in length in Springer LNCS format. These versions of the papers will be made available to all participants in the (unreviewed) summer school pre-proceedings that will be published online. (3) After the summer school, authors will have the opportunity to submit their revised full papers (again in Springer LNCS format, max. 16 pages). These versions should address the questions and discussions raised on the paper during the summer school as well as in the detailed reviews provided by the Programme Committee members. They will be considered for publication in the summer school proceedings by the official IFIP publisher (Springer). The papers to be included in the final proceedings will again be reviewed and finally selected by the summer school Programme Committee. Students are expected to try to publish their work through this volume. All paper submissions must be made in PDF format, in the Springer LNCS template, and using the Easychair System: Please use the https://www.springer.com/computer/lncs?SGWID=0-164-6-793341-0 for your submissions! https://www.springer.com/gp/computer-science/lncs/conference-proceedings-gu… https://easychair.org/my/conference.cgi?conf=ifipsc2019 IMPORTANT DATES -------------------------- 06 May 2019: Extended Abstracts for Presentations (2-4 pages) 13 May 2019: Extended Abstracts for Workshops and Tutorials (2-4 pages) 06 Jun 2019: Notifications 05 Aug 2019: Full Papers (up to 16 pages) for Pre-Proceedings 19-23 Aug 2019: Presentation at Summer School 23 Sep 2019: Feedback to Authors 25 Oct 2019: Full Papers for Springer Proceedings (up to 16 pages) 29 Nov 2019: Notifications 20 Dec 2019: Camera-Ready Copies --- Dr. Michael Friedewald IFIP Summerschoool Programme Co-Chair SPARTA Responsibility Activities Lead Fraunhofer-Institut für System- und Innovationsforschung ISI Breslauer Straße 48 | 76139 Karlsruhe fon: +49 721 6809-146 (-189, ass.) | fax: +49 721 6809-77-146 mailto: mailto:michael.friedewald@isi.fraunhofer.de

6 years, 6 months

[SPARTA - network.training-awareness] First sketch of a roadmap for T9.3

by Olivier Levillain

Dear WP9 members, We proposed at the kick-off meeting to share our plans for 2019, regarding the WP9. As Task leader for WP9.3 (Professional Training in Cybersecurity), here is a first sketch. = March-June = First, as we discussed together, it seems important to analyse the current situation of cybersecurity training in general, be it from the framework point of view or from the offering point of view. This is why we should definitely spend some time to gather information about existing skills and label framework (this will obviously also be discussed in T9.1), and we should try and collect data about existing courses (actual training courses, but more importantly course description/specifications). For this part, I have in mind the following existing initatives: - ECSO WG5 on skill framework, which will most certainly also be studied in T9.1 - The emerging French label "SecNumedu-FC" (Full disclosure: I was part of its definition back when I worked at ANSSI, but I still believe it can be an interesting starting point) - Existing certifications (ISO270001, CISSP) - Current trends in professional training in cybersecurity (ICS security, cyberrange, etc.) This could lead to a document that we should share and publish. = July-October = Then, we should focus on the domains we believe are both important and under-developped. Clearly, ICS security and cyberrange are the hot stuff, but we should try and explain which subjects are to be developped Possible subjects: - ICS security - Cyberrange - 5G and its applications ? - IoT ? - Focus on bridges between existing operational positions and security-oriented ones (what I have in mind here is the development positions for example, where security should definitely take a bigger role today, but this is also the case for network and system administrators, or for database admins) Ideally, we should identify several domains and be able to define the broad objectives/skills a training course should reach. = November-Some time in 2020 = Specify training courses in one or several domains identified in the previous phase. The output would be a set of more precise syllabus, and even when possible pedagogical resources. = Further in 2020 = Test our training courses in real conditions, and evaluate its impact (developed skills, professional insertion, etc.). = Next steps (beyond March 2020) = Repeat the 2 or 3 last steps: re-identify relevant domains to improve, specify training courses, test them with real students. Obviously, we can run several instances of this cycle in parallel. Standardize training courses if possible. If we find (or produce) a relevant framework to label our training course specifications, the produced and evaluated courses would clearly be candidates to such standardization. I would be happy to discuss this very first proposal. If we manage to converge, I will transform this into a more formal roadmap and discuss the possible contributions of everyone involved. In the SPARTA proposal, it is said that we should work tightly with T9.4, aiming at raising awareness in cybersecurity. Indeed, some of the courses we might end up specifying and evaluating may not aim at producing cybersecurity experts but also security-aware professionals. We might add such topics in the possible subjects to explore. Best regards, Olivier Levillain

6 years, 7 months

2025

2024

2023

2022

2021

2020

2019

Network.training-awareness March 2019