Security SIG Annual Report 2004

The Security Special Interest Group was established November 2003. In July 2004 the SIG has 12 members. The SIG leaders are Jose J. Gonzalez and Klaus Breuer.

Pending the development of a home page with list server, the SIG activities have been conducted informally by email and oral contacts. (The Security SIG home page is expected to become active by September – a prototype is currently being tested.)

The main activity by the Security SIG (or members of the SIG) has been to convene a special session on security dynamics at the ISDC 2004. It turned out that responses only came from members engaging in information security.

The convened security session – Tuesday 11.30 - 12.30 at Henry Ley Room – consists of the following papers by (mostly) members of the SIG:

1. Business Dynamics Supported Security Policy Management by Denis Trcek

2. Preliminary System Dynamics Maps Of The Insider Cyber-Threat Problem by David Andersen, Dawn Cappelli, José J Gonzalez, Mohammad Mojtahedzadeh, Andrew Moore, Eliot Rich, Jose Maria Sarriegui, Timothy Shimeall, Jeffrey Stanton, Elise Weaver, Aldo Zagonel

3. Dynamics Of Vulnerability by Johannes Wiik, José Gonzalez, Howard Lipson, Timothy Shimeall

In addition, some members of the Security SIG have poster presentations related to security dynamics.

Paper 2 above is the result of an interdisciplinary collaboration involving several US American and European institutions (viz. CERT/Coordination Center at CARNEGIE Mellon University, University at Albany, Syracuse University, Attune Group, Agder University College and TECNUN, Universidad de Navarra). Paper 3 is also an interdisciplinary collaboration involving CERT/Coordination Center and Agder University College).