Univ.-Prof. Dr. Sarah Spiekermann, Vienna University of Economics and Business (WU Wien): Trust through Privacy Impact Assessments and Privacy by Design
Sarah is a professor for Information Systems (Wirtschaftsinformatik) since 2009 and chairs the Institute for Management Information Systems at Vienna University of Economics and Business (WU Wien). Before starting her career in Vienna, she completed her ,Habilitation‘ at the Institute of Information Systems at Humboldt University Berlin (Germany) and held an Adjunct Professor positions with the Heinz College of Public Policy and Management, Carnegie Mellon University (Pittsburgh, USA). Sarah has published over 60 articles and 2 books in the area of IS, Ubiquitous Computing and Marketing. Her areas of expertise are electronic privacy, RFID, personalization/CRM as well as user interaction behaviour in E-Commerce and M-Commerce environments. A key goal of her work is to investigate the importance of behavioral constructs and social values for IT design and to refine the concept of ethical computing in an E-Society.
Abstract: Privacy Impact Assessments are regarded as a core instrument to create privacy by design. With the help of PIAs privacy is supposed to be considered during system requirements' engineering leading to more privacy sensitive IT architectures. In this talk I will present a PIA methodology that has been established as a standard for how to conduct PIAs for RFID. I will show in what way PIAs differ from data protection compliance instruments. And I will discuss the virtue of putting European legislation at the centre of a PIA analysis.
Thomas A. Henzinger, IST Austria: From Boolean to Quantitative Theories of Systems
Thomas A. Henzinger is President of IST Austria (Institute of Science and Technology Austria). He holds a Dipl.-Ing. degree in Computer Science from Kepler University in Linz, Austria, and a Ph.D. degree in Computer Science from Stanford University (1991). He was Assistant Professor of Computer Science at Cornell University (1992-95), Assistant Professor (1996-97), Associate Professor (1997-98), and Professor (1998-2004) of Electrical Engineering and Computer Sciences at the University of California, Berkeley. He was also Director at the Max-Planck Institute for Computer Science in Saarbruecken, Germany (1999), and Professor of Computer and Communication Sciences at EPFL in Lausanne, Switzerland (2004-09). His research focuses on modern systems theory, especially models, algorithms, and tools for the design and verification of reliable software, hardware, and embedded systems. He is an ISI highly cited researcher, a member of Academia Europaea, a member of the German Academy of Sciences (Leopoldina), a member of the Austrian Academy of Sciences, a Fellow of the ACM, a Fellow of the IEEE, and the recipient of an ERC Advanced Investigator Grant.
Abstract: We propagate the replacement of boolean requirements for systems by quantitative measures for the acceptability of systems. In quantitative system analysis, the aim is to compute the distance of a system from a given property, such as correctness, timeliness, reliabitilty, security, or robustness. In quantitative synthesis, the objective is to construct a system that has minimal distance from a given property.
Mukund Gunti, VMWare, Inc.: Securing workloads in a multi-tenant cloud
Mukund Gunti is a Staff Engineer in the Datacenter Platform group at VMware, Inc. His primary focus is on hypervisor security. Mukund holds a Masters degree from the Information Networking Institute at Carnegie Mellon University and a Bachelors degree in Electronics and Telecommunications from Pune University.
Abstract: The economies of scale in cloud computing come at the cost of losing some control over your private data. As more workloads move to a cloud-like infrastructure, security of the data is an important concern. This model introduces new threats that relate to data protection, workload visibility and administrative control. This talk describes an architecture for a trusted multi-tenant cloud computing platform. This architecture provides protection against privileged users at the cloud premises, while providing fine grained audit logs related to the workloads. A combination of virtualization, data protection (at rest and in-memory) and trusted computing technologies are used to achieve this goal. We will also look at the challenges in implementing such an infrastructure.