Tuesday, 17 February 2015

IWPE2015 Keynote

I'm giving the keynote speech at IWPE2015 which is provisionally entitled

"Engineering Privacy as a Safety-Critical Concern"

I'll talk about some tools and techniques which we can use from other domains such as aviation and medicine and how privacy in software engineering is synonymous with safety in these other domains.

Conference details can be found from an earlier posting or via the link above. Conference date is 21st May 2015 and it will be held in conjunction with the 36th IEEE Symposium on Security and Privacy in San Jose, California.

Tuesday, 10 February 2015

Privacy Engineering Tutorial Session held in conjunction with IEEE TrustCom-15

Privacy Engineering Tutorial Session held in conjunction with IEEE TrustCom-15

August 20-22, 2015, Helsinki, Finland

Privacy from legal aspects through to engineering concepts has become a defining aspect of system design. Knowledge of how this relatively young and important area links together lawyers and engineers is critical to a proper implementation of privacy beyond mere lip-service and obscure privacy policies.

What would make this tutorial session unique is the presentation of the end-to-end privacy ‘process’ with examples drawn from industry demonstrating how Privacy-by-Design becomes Privacy Engineering with foundational aspects, tools and techniques, risk management, requirements management, checklists, auditing etc being properly integrated together.


Dr. Ian Oliver, Nokia, Finland
Michelle Dennedy, VP/Chief Privacy Officer, McAfee/Intel, US
Jonathan Fox, Director Data Privacy, McAfee/Intel, US


This tutorial will be held on the 20th of August 2015.


This tutorial session will be held in four parts and presented by the three organizers listed above.

  1. Legal Aspects of Privacy For Managers and Engineers(JF)
  2. Privacy Development in the Software Process (MD)
  3. Engineering Foundations of Privacy (IO)
  4. Guest Lectures
    1. Privacy at F-Secure, Antti Vaha-Sipila, F-Secure
    2. Privacy at Nokia, TBD
  5. Discussion (All)

The above sessions are supported by material in the following books:

  • The Privacy Engineer's Manifesto - Apress
  • Privacy Engineering: A dataflow and ontological approach - CreateSpace


Please direct enquiries and registration for the tutorial to Ian Oliver.

IW5GS2015 - The 1st International Workshop on 5G Security held in conjunction with IEEE TrustCom-15


The 1st International Workshop on 5G Security held in conjunction with IEEE TrustCom-15

August 20-22, 2015, Helsinki, Finland

There is a fast on-going change in the technical architectures and topologies of the Internet: in the near future 5G and next generation 4G/LTE network architectures will be based on or migrated to Software Defined Networking (SDN) and Network Functions Virtualization (NFV). These create new virtual network elements each affecting the logic of the network operation, traffic management and introducing new and novel security challenges. Aspects such as security of orchestration, management functionality as well as surveillance and privacy are brought to the fore. At the same time they introduce new ways of dealing with attack prevention, management and recovery.

The one-day workshop will consist of papers, presentations and demonstrations on the subject of advanced network security. While primarily related to 5G networks, experiences from 4G/LTE, 3G and earlier, including case studies on practicalities of known attacks and novel attack vectors will be considered for acceptance. An invited keynote speech will be given setting out the overall area of security in network development and operations.

Scope and Interests
We solicit papers and demonstrations in the following areas related to 5G/LTE security:

  • Core Network Security
  • Cellular security
  • Device to Device (D2D)
  • Security Management and Orchestration of NFV and SDN elements
  • Terminal and Edge Computing Security
  • Malware and attack detection and prevention techniques, eg: machine learning
  • Authentication and Authorisation
  • Encryption protocols, eg: homomorphic encryption
  • Key Exchange, Storage and Protection
  • Content/Semantic processing, inc. anonymisation of (meta*-) data
  • Honeypot and Firewall Technologies
  • Protocol security: Diameter, SS7, BGP, etc
  • Physical Layer Security
  • Formal Specification and Analysis of Protocols and Attacks, eg: model checking etc.
  • Trusted Computing with NFV and SDN

Submission and Publication Information


Important Dates

Submission deadline: March 31, 2015
Authors notification: May 31, 2015
Camera-ready due: July 1, 2015
Registration: July 1, 2015

Program Co-Chairs

Dr. Ian Oliver, Nokia, Finland
Dr. Silke Holtmanns, Nokia, Finland

Program Committee

Dr. Rolf Blom (Security Researcher), SICS Security Lab, Sweden
Dr. Aidan Delaney, University of Brighton, UK
Tobias Engel (Security Expert), Sternraute, Germany (tbc)
Hannu Flinck (Senior Specialist in Internet Technologies), Nokia Networks, Finland
Dr. Martin Gerdes (Ph.D. Fellow), University of Agdar, Norway
Dr. Philip Ginzboorg (Senior Researcher), Huawei, Finland
Leo Hippalainen (Security Expert), Nokia Networks, Finland
Prof. John Howse, University of Brighton, UK
Prof. Theo Kanter, University of Stockholm, Sweden
Dr. Kari Kostiainen (Researcher), ETH Zürich, Switzerland
Dr. Ulrike Meyer (Security Expert), RWTH Aachen, Germany
Prof. Chris Mitchell, Royal Holloway, University of London, UK
Markus Miettinen (Research Assistant), University of Darmstadt, Germany
Dr. Martin Otto (Head of Cyber Security Research), Siemens AG, Germany
Dr. Anand Prasant (3GPP Security Chair), NEC, Japan
Peter Schneider (Senior Specialist Security Solutions), Nokia Networks, Germany
Prof. Taleb Tirak, Aalto University, Finland
Prof. Ralf Tönjes, University of Applied Science, Osnabrueck, Germany
Janne Uusilehto (Head of Security and Privacy), Microsoft Mobile, Finland
Prof. Thanh van Do, Telenor, Norway
Prof. Alf Zugenmaier, Munich University of Applied Science, Germany


Please email inquiries concerning the workshop to Ian Oliver and Silke Holtmanns.