Workshop on Security Incident Information Sharing (SIIS)
Friday, July 26, 2013 from 12:00 PM to 6:30 PM
High-profile data breaches and security incidents on the Internet are gaining increasing attention from the Internet community, but also from the public and also from governments. Various Cybersecurity initiative have recently been launched, such as the EU Cybersecurity plan, which plan to improve security on the Internet. Sharing of security incident information is one of the items that shall improve awareness and ensure a quicker response.
Within the Internet Engineering Task Force (IETF) the Managed Incident Lightweight Exchange (MILE) working group has been chartered to develop standards and extensions for the purpose of improving incident information sharing and handling capabilities. The work in MILE builds on earlier work developed in the IETF Extended INCident Handling (INCH) working group. As a result of the standardization efforts, the Incident Object Description Exchange Format (IODEF) and the Real-time Inter-network Defense (RID) have been published.
As related work, the IETF Messaging Abuse Reporting Format (marf) working group had developed a standardized report format that enables automated processing of observed fraud, spam, virus or other abuse activity in email communication. The Extensible Messaging and Presence Protocol (XMPP) community had also gained experience with incident reporting.
With the increased interest in incident information sharing the workshop organizers believe it is a good time to organize a tutorial workshop to discuss the current state of the standardization and deployment efforts, to share operational experience, and to brainstorm about some upcoming activities, for example the planned work on standardizing a Security Content Automation Protocol (SACM). Ideally, participants will have gained a much better understanding of the big picture as a result of this tutorial workshop.
More information can be found at http://siis.realmv6.org/
When & Where
Freie Universität Berlin
Our host, the Institute of Computer Science of the Freie Universität Berlin, is happy to host this workshop.