Web 2.0 Security & Privacy 2014

Sunday, May 18 2014
The Fairmont Hotel, San Jose, California

The goal of this one-day workshop is to bring together researchers, practitioners, web programmers, policy makers, and others interested in the latest understanding and advances in the security and privacy of the web, browsers, cloud, mobile and their eco-system. We have had seven years of successful W2SP workshops.

More information regarding workshops co-located with the 2014 IEEE Symposium on Security and Privacy can be found on the conference website.

Previous W2SP Workshops:  2013, 2012, 2011, 2010, 2009, 2008, 2007

Read the 2014 Call For Papers


7:30–8:30 Breakfast
8:30–8:40 Welcome
8:40–8:50 Remarks from the Workshop Chairs
8:50–9:00 Best Paper Award & Keynote Intro
9:00–10:00 Keynote: The Privacy Engineer's Manifesto

Speaker: Michelle Finneran Dennedy - Vice President & Chief Privacy Officer, McAfee

Abstract: Concepts, regulations and strategies around data, intellectual property and the concepts of "privacy" and "security" are important to the information age. This talk will address a cross functional view on How we got to where we are in the world of taglines like "Big Data" "The Information Age" "Quantified Self" and "IoT". I will address how pervasive computing and data are becoming realities, where security and privacy seem to be on a fatal collision course, and a world where legal, management, technical and design teams either don't communicate at all or cannot seem to speak the same language.

I will introduce a Privacy Manifesto, a call to action, a call to creativity, a call to passion and a call to engineering excellence to guide our way back to respect for humans and the data that is used to try to describe them. I will also give our overview to provide practical and immediately action guidance leveraging well known frameworks for legal and compliance requirements as well as well-known engineering processes and principles to use as a compass to navigate and build privacy engineered (and reengineered) systems. I will also cover how these practices may fit into an enterprise as small as a 2 person development team up to a multinational colossus. I offer several potential valuation models to begin to "sell" privacy as a matter of data quality and value to the person and the enterprise. Finally, I offer some thoughts about a future that needs us and adventures just begun.

Speaker Bio:

Michelle Finneran Dennedy

Michelle currently serves as Chief Privacy Officer to McAfee, an Intel Company. She is responsible to creating a privacy practice that is focused on quality and excellence in McAfee’s policies, products, procedures and governance efforts. Her team is a staunch supporter of McAfee’s outreach efforts to educate and protect children, families and communities in the Digital Age.

Before coming to McAfee, Michelle founded The iDennedy Project, a consulting and advisory company specializing in privacy and security sensitive organizations. Michelle is also a founder and editor in chief of a new media site—TheIdentityProject.com—that was started as an advocacy and education site, currently focused on the growing crime of Child ID theft.

Michelle was the Vice President for Security & Privacy Solutions for the Oracle Corporation. Her team worked closely with customers to enable them to proceed with the confidence that information is protected and accelerated as an asset.

Before the Oracle acquisition of Sun, Michelle was Chief Data Governance Officer within the Cloud Computing division at Sun Microsystems, Inc. Michelle worked closely with Sun's business, technical and legal teams to create to the best data governance policies and processes possible for cloud computing to build trust for cloud environments through vendor transparency.

Michelle also served as Sun’s Chief Privacy Officer where she was responsible for the development and implementation of Sun's data privacy policies and practices, working across Sun's business groups to drive the company's continued data privacy excellence.

Michelle has a JD from Fordham University School of Law and a BS degree with university honors from The Ohio State University. In 2009, she was awarded the Goodwin Procter-IAPP Vanguard award for lifetime achievement and the EWF – CSO Magazine Woman of Influence award for work in the privacy and security fields. In 2012, she was honored by the National Diversity Council as one of California’s Most Powerful and Influential Women.

Michelle is a Coauthor, The Privacy Engineer's Manifesto: Getting from Policy to Code to QA to Value, 2014, Apress Media."

10:00–10:30 Morning Coffee Break
10:30–12:00 Session 1: Social Networks and the Web (Session Chair: Tyrone Grandison, Proficiency Labs)

Benjamin Henne (Leibniz Universitat Hannover), Marcel Linke (Leibniz Universitat Hannover) and Matthew Smith (Universitat Bonn)

Sai Lu, Janne Lindqvist and Rebecca Wright (Rutgers University)

Yaoqi Jia, Xinshu Dong, Zhenkai Liang and Prateek Saxena (National University of Singapore)

12:00–1:10pm Lunch
1:10–2:30 Session 2: Analysis and Improvement (Session Chair: Anuja Sonalker, Battelle)

Joel Lee and Lujo Bauer (Carnegie Mellon University)

Lin-Shung Huang (Carnegie Mellon University), Shrikant Adhikarla (Microsoft), Dan Boneh (Stanford University) and Collin Jackson (Carnegie Mellon University)

Sonali Batra (University at Buffalo)

2:30–3:00 Break
3:00–4:45 Session 3: Tools and Insight (Session Chair: Mike Just, Glasgow Caledonian University)

Ksenya Kveler, Abigail Goldsteen, Tamar Domany, Igor Gokhman, Boris Rozenberg and Ariel Farkash (IBM Research – Haifa)

Amy Zhang, Sandilya Bhamidipati, Nadia Fawaz and Branislav Kveton (Technicolor)

Marco Ghiglieri (Technische Universitat Darmstadt)

Andrew West (Verisign Labs) and Adam Aviv (U.S. Naval Academy)

4:45–... Schmoozing

All workshop attendees are invited to the Welcome Reception of the IEEE Symposium on Security and Privacy from 4pm to 7pm. Details here

Workshop Co-Chairs

Larry Koved (IBM Research)
Matt Fredrikson (University of Wisconsin - Madison)

Program Chair

Tyrone Grandison (Proficiency Labs)

Program Committee

Aaron Massey (Georgia Institute of Technology)
Adrienne Porter Felt (Google)
Aleecia M. McDonald (Center for Internet & Society)
Alex Smolen (Twitter)
Alexander Polyakov (ERPScan)
Amine Cherrai (Amine Cherrai Consulting)
Anand Prakash (Flipkart)
Bhavani Thuraisingham (University of Texas - Dallas)
Brad Malin (Vanderbilt University)
Carrie Gates (Dell Research)
Christy Philip Matthew (Offcon Info Security)
Dieter Gollmann (Hamburg University of Technology)
Elena Ferrari (University of Insubria)
Gerome Miklau (University of Massachusetts - Amherst)
Hakan Hacigumus (NEC Labs)
Ilya Mironov (Microsoft Research)
James Kettle (Context Information Security)
Kimberley Hall (Security Advisory & Management Services Ltd)
Michael Franz (University of California - Irvine)
Michael Waidner (Technische Universitat Darmstadt)
Monica Chew (Mozilla)
Pierangela Samarati (University of Milan)
Raquel L. Hill (Indiana University)
Rafae Bhatti (Price Waterhouse Coopers)
Reginaldo Silva (Ubercomp)
Rose Gamble (University of Tulsa)
Sabrina De Capitani di Vimercati (University of Milan)
Sean Thorpe (University of Technology - Jamaica)
Sid Stamm (Mozilla)
Simson Garfinkel (Naval Postgraduate School)
Szymon Gruszecki
Varun Bhagwan (Yahoo)
Vinnie Moscaritolo (Silent Circle)