These services are âdata-centricâ by ... RISI 2014 starts with the invited talk of Stefan Sackmann et al. on coordinating recovery activities of volunteers and official rescue teams via mobile devices in the case of natural disasters such as flooding.
The Fourth International Workshop on Resilience and IT‐Risk in Social Infrastructures (RISI 2014) Welcome Message from Workshop Organizers RISI 2014 is the fourth workshop in this series within the International Conference on Availability, Reliability and Security (ARES), which is held this time in Fribourg, Switzerland. Over the last several years, resilience has increased in importance for business network applications and for IT infrastructures. In order to prepare for expected interferences and to respond to unexpected, inevitable interferences in real‐time, current initiatives in computer science aim to analyze huge amounts of data from public and private domains and to share derived information with adaptive IT systems, e.g. social networks. Realizing adequate IT services implies availability of sufficient authentic, partly personal data from different origins, their aggregation, and secondary use. These services are “data‐centric” by definition. One main challenge to be solved when achieving reliable data‐centric services within acceptable risks is cross‐domain processing of (personal) data in compliance with law, business rules, and social norms. For instance, the European Commission proposes—with the aim of improving security and reliability—an information flow of incident reporting on data security breaches between public and private service providers, national regulatory authorities, ENISA, and the European Commission. At the same time, the European Commission promotes Privacy by Design, integrating privacy and data protection in the entire life cycle of an IT system. The review of the General Data Protection Framework will consider the possibility for extension of the obligation for incident reporting. The talks of RISI 2014, which have been selected by a double‐blind review process, give an overview and introduce work in progress on trustworthiness of spontaneous information exchange between parties and their different security interests. RISI 2014 starts with the invited talk of Stefan Sackmann et al. on coordinating recovery activities of volunteers and official rescue teams via mobile devices in the case of natural disasters such as flooding. Their contribution presents the app‐based IT system Hand2Help, which has been awarded the 1st prize in the SCIDEA idea competition 2013. Yu Ichifuji et al. focus on visualizing the status of a recovery situation in a disaster area by indirectly monitoring and evaluating travelling data if other means are not adequate enough to fulfill the requirements of recovery activities. However, information sharing is threatened by the inevitable dependencies between IT systems, so that a reporting entity might be harmed twice: once by the attack and then by an information leakage of the report on the attack. Hidenobu Oguri et al. present a k‐anonymity method, which is based on the related anonymity set of data about a natural disaster. Hoang‐Quoc Nguyen‐Son et al. address real‐time requirements for k‐ anonymization of information, which is available at social network sites as a community place for spontaneous information exchange. Haruno Kataoka et al. introduce measuring protection by anonymity when external information and anonymized data would be aggregated. Finally and in conclusion, the keynote of Piotr Cholda presents a current view on a design of networks resilient to non‐ malicious failures supported by risk engineering.
xxvi
We thank the authors and reviewers for contributing to the quality of the RISI 2014 workshop with their submissions and their constructive and thorough reviews. The RISI 2014 Organizing Committee Isao Echizen, National Institute of Informatics, Japan Stefan Sackmann, Martin Luther University Halle‐Wittenberg, Germany Sven Wohlgemuth, TU Darmstadt/CASED, Germany
xxvii
