Organizer: CROSSING / GRK Privacy & Trust / CRISP
Recent years have seen increasing calls to make security research more “scientific”. Who can argue with science being desirable? But what exactly do people mean when they suggest this, and what are they really seeking? There is little clarity on what a “Science of Security” would look like. We consider this question, in the context of historical science and more recent security research, offer observations and insights, and suggest where things might be improved.
Paul Van Oorschot is a Professor of Computer Science at Carleton University in Ottawa, where he has been Canada Research Chair since 2002, following 14-years in industry at Bell-Northern Research and related companies. He is an ACM Fellow and a Fellow of the Royal Society of Canada. He was Program Chair of NSPW 2014-2015, USENIX Security 2008, NDSS 2001-2002, and co-author of the Handbook of Applied Cryptography (1996). He has served on the editorial boards of IEEE TDSC, IEEE TIFS, and ACM TISSEC. He was Scientific Director of NSERC ISSNet (2008-2013), a pan-Canadian strategic research network exploring computer and Internet security. His research interests include authentication and identity management, computer security, Internet security, security and usability, software security, and applied cryptography.