iNetSec 2009 - open research problems in network security : IFIP WG 11.4 International Workshop Zurich, Switzerland, April 23-24, 2009 : revised selected papers

The working group WG 11.4 of IFIP ran an iNetSec conference a few times in the past, sometimes together with IFIP security conference, sometimes as a stand-alone workshop with a program selected from peer-reviewed submissions. When we were elected to chair WG 11.4 we asked ourselveswhether the security and also the computer science community at large bene?ts from this workshop. In particular,as there aremany (too many?) securityconferences, it has become di?cult to keep up with the ?eld. After having talked to many colleagues, far too many to list all of them here, we decided to try a di?erent kind of workshop: one where people would attend to discuss open research topics in our ?eld, as typically only happens during the co?ee breaks of ordinary conferences. Toenablethiswecalledforabstractsof2pageswheretheauthorsoutlinethe open problems that they would like to discuss at the workshop, the intent being that the author would be given 15 minutes to present the topic and another 15 minutes for discussion. These abstracts were then read by all members of the Program Committee and ranked by them according to whether they thought thiswouldleadtoaninterestingtalk and discussion. We then simply selected the abstracts that got the best rankings. We were happy to see this result in many really interesting talks and disc- sions in the courseof the workshop.Ofcourse,these lively anddirect discussions are almost impossible to achieve in a printed text. Still, we asked the authors to distill the essence of these discussions into full papers. The results are in your hands.

Involving Humans.- On the Design of Forgiving Biometric Security Systems.- Remotely Telling Humans and Computers Apart: An Unsolved Problem.- Web 2.0.- Leveraging Social Links for Trust and Privacy in Networks.- Open Problems in Web 2.0 User Content Sharing.- Protecting Resources.- Mitigating Drive-By Download Attacks: Challenges and Open Problems.- Context-Dependent Authentication and Access Control.- Pervasive Devices.- New Directions in RFID Security.- Tailored Security and Safety for Pervasive Computing.- Protocol Security.- Rational Protocols.- Security Issues for P2P-Based Voice- and Video-Streaming Applications.- Threshold Things That Think: Authorisation for Resharing.- Privacy.- Privacy Policies, Tools and Mechanisms of the Future.- Security and Privacy Preservation in Human-Involved Networks.- Discussing Anonymity Metrics for Mix Based Anonymity Approaches.