The Workshop on Privacy Threat Modeling brings together researchers, practitioners, government representatives, and industry specialists to collaborate on the topic of privacy threats. While aspects of privacy risk modeling are relatively well-developed, such as constructions of privacy harms (Solove’s Taxonomy of Privacy and Calo’s subjective/objective privacy harms for instance), there has been insufficient discussion around approaches to modeling privacy threats, broadly construed.
The workshop will include an informative session and a collaborative session. The informative session will consist of a keynote, brief updates on two privacy threat models (MITRE PANOPTIC™ and LINDDUN), and presentations selected from participant submissions. In the collaborative session we will discuss threat model generalization and operationalization in break-out groups, then come together to share discussion outcomes.
We will address how the community assesses the relative appropriateness of different degrees of privacy threat model generalization (from specific to global) and how to operationalize privacy threat models for threat assessment, risk modeling, and red teaming.
Broadly, we hope this workshop will forge new relationships across the privacy community around the topic of privacy threats, shape and guide the development of new and existing privacy threat models, and stimulate further research into privacy threats by providing an informative baseline on what privacy threat modeling is, as well as knowledge about the current state of the field, and ideas about operationalizing privacy threat models.
Topics of interest include:
May 1, 2023 – Submissions open for presentation proposals
June 1, 2023 23:59 AOE – Submission deadline
June 8, 2023 – Decisions announced
August 6, 2023 – The 2nd Workshop on Privacy Threat Modeling
Please email PTMworkshop@mitre.org to be added to our WPTM listserv.