NSPW

The New Security Paradigms workshop (NSPW) is unique among conferences, focusing on work that directly challenges long-held beliefs about security, or that challenges attendees to look at problems -- and their solutions -- in entirely new ways. This year's papers continue this tradition, with work that touches on many of the major challenges facing computer security today. Resilience, Usable Security and Human Factors, Privacy and Inference, Web Application Security... all these problems were examined, as well as less mature areas, including how we should approach solving security problems and how we can appropriately evaluate solutions. We even had a paper that explored what happens (or should happen) to your digital identity after death! Each paper in some way challenged previously-held assumptions, and forced attendees to carefully examine their beliefs.

As one might expect, reviewing papers that are designed to be provocative was a non-trivial undertaking. Our twelve program committee members (to whom we are extraordinarily grateful) each reviewed approximately eight papers, and then began a vigorous discussion on the merits of each, sometimes resulting in some committee members being asked for additional reviews of papers that seemed especially contentious. Unlike other security conferences, NSPW seeks those submissions that hold truly new paradigms, even if not proven, and so often the discussion over each paper can be very spirited as committee members discuss the novelty of the paradigms being presented. Once consensus had been reached, shepherds were assigned to each accepted paper, in order to help authors prepare for the workshop experience.

As a participant, the NSPW experience is unusual. Attendees agree to a "psychological contract," where each person agrees to try to foster new thought, attend all sessions (without having one's nose buried in a laptop!), and, above all, engage in the discussion. Presentations quickly deviate from their script as presenters respond to questions and comments from the audience, and it is not unheard of for the vast majority of each talk to be filled with a two-way conversation with the audience rather than a one-way transfer of information. Despite this vigorous discussion, however, NSPW remains above all a nurturing venue, and one in which we are happy (and proud) to place students as presenters.

In order to further help authors refine their ideas, all the discussions for each paper are recorded by two scribes, who then provide their notes to the authors for reference while they prepare the camera-ready versions of their papers. This is another area where NSPW deviates from traditional security conferences -- papers are not submitted for publication until after the workshop has ended, and authors are expected to revise their submissions based on the feedback they received at the workshop.

As should be clear, NSPW thus required a significantly larger time and energy commitment from program committee members, authors, and participants than is the norm for security venues. We believe their effort was worthwhile; after reading these proceedings, we hope you will agree. In closing, we would like to thank the scribes, the organizers of the workshop, all the program committee members and external reviewers, other workshop attendees, and especially the authors for making this year's workshop yet another success in the NSPW series. We hope to see you all again at next year's workshop!