CRiSIS 2012 security standards tutorial

This tutorial will introduce researchers to security related activities within some Internet standards development organisations (SDOs), mainly the Internet Engineering Task Force and the World Wide Web Consortium. Having reviewed basic structure and process issues, we will consider how both security researchers and the SDOs can benefit from improved interactions, and how researchers can best approach these SDOs with results. We will then consider a number of technical areas where additional security research or research outputs within the next 2-3 years would be of use to these SDOs. A number (perhaps 3) of these areas will be selected by the tutorial participants for detailed discussion on potentially relevant research. The topics range from the “political” layer (e.g. privacy, censor-reistant protocols), down to protocol-specific areas where highly focused research is needed (e.g. DHCP security, traffic analysis). The goal is to give participants an understanding of the needs and processes of these SDOs, so that researchers with relevant results can feed those into the Internet standards process, benefiting the work of those SDOs and possibly achieving greater real-world impact for the research.