Monday (June, 3rd) 08.30 - 09.30 Registration 09.30 - 10.30 Invited Talk: Pierangela Samarati TITLE: Data security and privacy in the cloud ABSTRACT: Cloud computing is changing the way we access, manage, and use data and services. While convenient for functionalities and economy of scale, cloud computing clearly raises security and privacy protection issues. In fact, data are stored and managed outside the direct control of their data owner. External parties storing or processing data may be not fully trusted (and then should not know the actual data themselves or the operations performed on them), or trustworthy (and then be not completely reliable in their operating). The requirement of maintaining confidentiality and integrity in cloud scenarios entails several challenges. In this talk, I will provide a characterization of such challenges and related open problems, as well as of emerging directions for ensuring security and privacy to data and users in the cloud. BIO: Pierangela Samarati is a Professor at the Department of Computer Science of the Universita' degli Studi di Milano. Her main research interests are access control policies, models and systems, data security and privacy, information system security, and information protection in general. She has participated in several projects involving different aspects of information protection. On these topics she has published more than 220 peer-reviewed articles in international journals, conference proceedings, and book chapters. She has been Computer Scientist in the Computer Science Laboratory at SRI, CA (USA). She has been a visiting researcher at the Computer Science Department of Stanford University, CA (USA), and at the ISSE Department of George Mason University, VA (USA). She is the chair of the IEEE Systems Council Technical Committee on Security and Privacy in Complex Information Systems (TCSPCIS), of the Steering Committees of the European Symposium on Research in Computer Security (ESORICS), and of the ACM Workshop on Privacy in the Electronic Society (WPES). She is member of several steering committees. She is ACM Distinguished Scientist (named 2009) and IEEE Fellow (named 2012). She has been awarded the IFIP TC11 Kristian Beckman award from (2008) the IFIP WG 11.3 Outstanding Research Contributions Award (2012). She has served as General Chair, Program Chair, and program committee member of server international conferences. 10.30 - 11.00 Coffee Break 11.00 - 11.30 Symbolic Privacy Analysis through Linkability and Detectability, Meilof Veeningen, Benne De Weger and Nicola Zannone 11.30 - 12.00 Middleware-based Security Privacy for In-car Integration of Third-party Applications, Alexandre Bouard, Maximilian Graf and Dennis 12.00 - 12.30 Towards Automated Trust Establishment in Federated Identity Management, David Chadwick and Mark Hibbert 12.30 - 13.00 On Beta Models with Trust Chains, Tim Muller and Patrick Schweitzer 13.00 - 14.30 Lunch 14.30 - 15.00 Reputation-based Trust Systems for Wireless Sensor Networks: A Comprehensive Review, Hani Alzaid, Manal Alfaraj, Sebastian Ries, Audun Jøsang, Muneera Albabtain and Alhanof Abuhaimed 15.00 - 15.30 Understanding trust within online discussion boards: trust formation in the absence of reputation systems, Sarah Talboom and Jo Pierson 15.30 - 16.00 In Cloud we Trust: Risk-Assessment-as-a-Service, Marianthi Theoharidou, Nikolaos Tsalis and Dimitris Gritzalis 16.00 - 16.30 Coffee break 16.30 - 17.00 An Empirical Test of How Events Turn the Cognitive Gears of Trust, D. Harrison McKnight and Peng Liu 17.00 - 17.30 Reflections on Measuring the Trust Empowerment Qualities of Digital Designs, Natasha Dwyer, Anirban Basu and Stephen Marsh Tuesday (June, 4th) 08.30 - 09.30 Registration 09.30 - 10.30 Invited Talk: Jorge Cuellar TITLE: Security: proactive or reactive? Science or best practices?" BIO: Jorge Cuellar is a principal research scientist at Siemens AG. He was awarded the DI-ST Award for the best technical Achievement for his work on modelling of operating systems and transaction managers. He has co-authored about 30 papers on different topics, including mathematical modelling of performance analysis, on learning algorithms, hand-writing recognition, formal specification and verification of distributed system design, and security. He has done technical standardization work, related to the development of privacy and security protocols at the IETF, 3GPP, and the Open Mobile Alliance. He has worked in several EU funded research projects, in particular in AVISPA and AVANTSSAR, both related to the formal modelling and verification of security and currently in NESSoS, WebSand and SPACIoS. He has served in many Program Committees in international conferences, and in particular he has been the PC Co-Chair of SEFM (Software Engineering and Formal Methods in 2004), FM'08 (Formal Methods in 2008), and STM'10 and in the steering committee of ESSoS. He has presented more than 20 invited talks at conferences and seminars, and acts regularly as a reviewer for international conferences and journals. He has been in the editorial board of Journal of Science of Computer Programming - Elsevier, and has been guest editor in several journals. He is member of the Industrial Curatory Board of Dagstuhl, Leibniz Centre for Informatics, the world's premier venue for informatics. He has held many short term visiting teaching positions, in different Universities around the world. 10.30 - 11.00 Coffee Break 11.00 - 11.30 Securing Identity Assignment using Implicit Certificates in P2P Overlays, Juan Caubet, Oscar Esparza, Juanjo Alins, Jorge Mata-Diaz and Miguel Soriano 11.30 - 12.00 Impact of Dataset Representation on Smartphone Malware Detection Performance, Abdelfattah Amamra, Chamseddine Talhi and Jean-Marc Robert 12.00 - 12.30 Sensor Enhanced Access Control: Extending Traditional Access Control Models with Context-Awareness, Christian Damsgaard Jensen, Kristine Geneser and Ida C. Willemoes- Wissing 12.30 - 13.00 Noninterference Analysis of Delegation Subterfuge in Distributed Authorization System, Simon Foley 13.00 - 14.30 Lunch 14.30 - 18.00 Special Session: Security by Design: from Theory to Practice 14.30 - 15.00 Keynote Speech: Amardeo Sarma (NEC) 15.00 - 15.45 Lessons from Industry In Secure Software and Service Engineering
15.45 - 16.00 Coffee Break 16.00 - 17.00 Security by Design and E2E Trust
17.00 - 17.15 DEMO Session
17.15 - 17.30 Announcement of Will Winsborough Award 17.30 - 20.00 Afternoon and Evening: Social Event in Castillo Gibralfaro 20.30 Gala Dinner: Parador Castillo de Gibralfaro Wednesday (June, 5th) 08.30 - 09.30 Registration 09.30 - 10.00 An Automatic Trust Calculation Based on the Improved Kalman Filter Detection Algorithm, Bo Ye 10.00 - 10.30 The method of Trust and Reputation systems based on Link prediction and Clustering, Ji-Wan Seo, Seung-Jin Choi and Sang-Yong Han 10.30 - 11.00 Network-aware Evaluation Environment for Reputation Systems, Alessandro Celestini, Rocco De Nicola and Francesco Tiezzi 11.00 - 11.30 Coffee Break 11.30 - 12.00 Trust Model for Cloud Based On Cloud Characteristics, Pramod Pawar, Muttukrishnan Rajarajan, Theo Dimitrakos and Andrea Zisman 12.00 - 12.30 Modeling Reactive Trust Acquisition using State Transition Systems, Sergiy Gladysh and Peter Herrmann 12.30 - 13.00 Towards Trust-Aware and Self-Adaptive Systems, Francisco Moyano, Benoit Baudry and Javier Lopez 13.00 - 14.30 Lunch 14.30 - 15.00 An Attack-resistant Hybrid Data-privatization Method with Low Information Loss, Kalpana Singh and Lynn Batten 15.00 - 15.30 Position paper: PERSONA - A Personalized Data Protection Framework, Marina Egea, Federica Paci, Marinella Petrocchi and Nicola Zannone 15.30 - 16.00 A Socio-Technical Understanding of TLS Certificate Validation, Giampaolo Bella, Rosario Giustolisi and Gabriele Lenzini |