Security & Privacy Usability Technology Transfer: Emerging Research (SPUTTER) Workshop CALL FOR PAPERS http://cups.cs.cmu.edu/soups/2010/sputter.html How do we fix the sorry state of usable security and privacy today? Simple -- it's just a matter of inventing a few clever UI techniques and protocols, running user studies to show they work, and then it's problem solved, right? Unfortunately, no -- there's another hurdle to clear. Even the best usable security solutions need to be deployed on a massive scale if they are actually to improve life in the online ecosystem. And too often great ideas sputter out on their way to the market. Getting great ideas to the market requires effective tech transfer. That means explaining your idea to a LOT of people and convincing them not only that your solution is technically great, but also that it is worth the cost and effort of building, deploying, and maintaining. You'll have to make the case for your technology to engineers, business people, policy makers, privacy advocates, and, of course, customers. You'll have to balance the technical elegance of your solution against entrenched practices, existing policy, business considerations, and development and operational costs. Tech transfer introduces problems that many experts in industry, let alone grad students who have never been exposed to these problems, don't know how to deal with. This workshop will provide a chance for those who have encountered, are interested in, or have solved the problems that come with usable security and privacy tech transfer to share ideas -- stories, tips & tricks, and lessons learned -- for what works and what doesn't. The workshop should be of interest to anyone in industry or public policy who wants to share tech transfer experiences or to anyone in academia who sees tech transfer in their future. Those interested in presenting should submit a position, research, or anecdotal paper on a relevant topic. Relevant topics include, but are not limited to: -- tech transfer war stories (successes and failures both welcome); -- lessons learned from tech transfer attempts; -- tips and tricks for successful tech transfer; -- pitfalls to avoid; -- methods for disseminating usable security and privacy research to business and government decision makers. Authors of accepted papers will be invited to present their ideas at the workshop. Accepted workshop papers will be available on the SOUPS website, but will not be included in the ACM Digital library. SUBMISSIONS We invite authors to submit original papers in PDF format. Papers should use the SOUPS formatting template (available for LaTeX or MS Word). Submissions should be 2 to 6 pages in length, not counting appendices. The paper should be self-contained without requiring that readers also read the appendices. The appendices need not conform to the formatting template. Submissions should not be blinded. Email inquiries and submissions to: sputter_workshop2010@hotmail.com IMPORTANT DATES Workshop paper submission deadline: May 8, 2010, 5:00 pm PST Notification of workshop paper acceptance: June 3, 2010 Final papers for website due: June 12, 2010, 5:00pm PST ORGANIZERS Mary Ellen Zurko IBM mzurko@us.ibm.com Rob Reeder Microsoft roreeder@microsoft.com