Monday (June, 3rd)

08.30 - 09.30    Registration

09.30 - 10.30    Invited Talk: Pierangela Samarati

Data security and privacy in the cloud

Cloud computing is changing the way we access, manage, and use data and services. While convenient for functionalities and economy of scale, cloud computing clearly raises security and privacy protection issues.  In fact, data are stored and managed outside the direct control of their data owner. External parties storing or processing data may be not fully trusted  (and then should not know the actual data themselves or the operations performed on them), or trustworthy (and then be not completely reliable in their operating).  The requirement of maintaining confidentiality and integrity in cloud scenarios entails several challenges. In this talk, I will provide a characterization of such challenges and related open problems, as well as of emerging directions for ensuring security and privacy to data and users in the cloud.

Pierangela Samarati is a Professor at the Department of Computer Science of the Universita' degli Studi di Milano. Her main research
interests are access control policies, models and systems, data security and privacy, information system security, and information protection in general. She has participated in several projects involving different aspects of information protection. On these topics she has published more than 220 peer-reviewed articles in international journals, conference proceedings, and book chapters. 

She has been Computer Scientist in the Computer Science Laboratory at SRI, CA (USA). She has been a visiting researcher at the Computer Science Department of Stanford University, CA (USA), and at the ISSE Department of George Mason University, VA (USA).

She is the chair of the IEEE Systems Council Technical Committee on Security and Privacy in Complex Information Systems (TCSPCIS), of the Steering Committees of the European Symposium on Research in Computer Security (ESORICS), and of the ACM Workshop on Privacy in the Electronic Society (WPES). She is member of several steering committees.  She is ACM Distinguished Scientist (named 2009) and IEEE Fellow (named 2012). She has been awarded the IFIP TC11 Kristian Beckman award from (2008) the IFIP WG 11.3 Outstanding Research Contributions Award (2012).

She has served as General Chair, Program Chair, and program committee member of server international conferences.

10.30 - 11.00    Coffee Break

11.00 - 11.30    Symbolic Privacy Analysis through Linkability and Detectability, Meilof Veeningen, Benne De Weger and Nicola Zannone

11.30 - 12.00    Middleware-based Security Privacy for In-car Integration of Third-party Applications, Alexandre Bouard, Maximilian Graf  
                       and Dennis

12.00 - 12.30    Towards Automated Trust Establishment in Federated Identity Management, David Chadwick and Mark Hibbert

12.30 - 13.00    On Beta Models with Trust Chains, Tim Muller and Patrick Schweitzer 

13.00 - 14.30    Lunch

14.30 - 15.00    Reputation-based Trust Systems for Wireless Sensor Networks: A Comprehensive Review, Hani Alzaid, Manal Alfaraj,
                       Sebastian Ries, Audun Jøsang, Muneera Albabtain and Alhanof Abuhaimed

15.00 - 15.30    Understanding trust within online discussion boards: trust formation in the absence of reputation systems, Sarah Talboom
                       and Jo Pierson

15.30 - 16.00    In Cloud we Trust: Risk-Assessment-as-a-Service, Marianthi Theoharidou, Nikolaos Tsalis and Dimitris Gritzalis

16.00 - 16.30    Coffee break

16.30 - 17.00    An Empirical Test of How Events Turn the Cognitive Gears of Trust, D. Harrison McKnight and Peng Liu

17.00 - 17.30    Reflections on Measuring the Trust Empowerment Qualities of Digital Designs, Natasha Dwyer, Anirban Basu and Stephen

17.30 - 18.00    Contingency Revisited: Secure Construction and Legal Implications of Verifiably Weak Integrity, Henrich C. Pöhls

Tuesday (June, 4th)

08.30 - 09.30    Registration

09.30 - 10.30    Invited Talk: Jorge Cuellar

Security: proactive or reactive? Science or best practices?"

Jorge Cuellar is a principal research scientist at Siemens AG.  He was awarded the DI-ST Award for the best technical Achievement for his work on modelling of operating systems and transaction managers. He has co-authored about 30 papers on different topics, including mathematical modelling of performance analysis, on learning algorithms, hand-writing recognition, formal specification and verification of distributed system design, and security.  He has done technical standardization work, related to the development of privacy and security protocols at the IETF, 3GPP, and the Open Mobile Alliance.  He has worked in several EU funded research projects, in particular in AVISPA and AVANTSSAR, both related to the formal modelling and verification of security and currently in NESSoS, WebSand and SPACIoS.  He has served in many Program Committees in international conferences, and in particular he has been the PC Co-Chair of SEFM (Software Engineering and Formal Methods in 2004), FM'08 (Formal Methods in 2008), and STM'10 and in the steering committee of ESSoS.  He has presented more than 20 invited talks at conferences and seminars, and acts regularly as a reviewer for international conferences and journals. He has been in the editorial board of Journal of Science of Computer Programming - Elsevier, and has been guest editor in several journals.  He is member of the Industrial Curatory Board of Dagstuhl, Leibniz Centre for Informatics, the world's premier venue for informatics.  He has held many short term visiting teaching positions, in different Universities around the world.

10.30 - 11.00    Coffee Break 

11.00 - 11.30    Securing Identity Assignment using Implicit Certificates in P2P Overlays, Juan Caubet, Oscar Esparza, 
                       Juanjo Alins, Jorge Mata-Diaz and Miguel Soriano

11.30 - 12.00    Impact of Dataset Representation on Smartphone Malware Detection Performance, Abdelfattah Amamra, Chamseddine
                       Talhi and Jean-Marc Robert

12.00 - 12.30    Sensor Enhanced Access Control: Extending Traditional Access Control Models with Context-Awareness, Christian 
                       Damsgaard Jensen, Kristine Geneser and Ida C. Willemoes- Wissing

12.30 - 13.00    Noninterference Analysis of Delegation Subterfuge in Distributed Authorization System, Simon Foley

13.00 - 14.30    Lunch

14.30 - 18.00    Special Session: Security by Design: from Theory to Practice

    14.30 - 15.00    Keynote Speech: Amardeo Sarma (NEC)

    15.00 - 15.45    Lessons from Industry In Secure Software and Service Engineering
  • Reducing Cost by Assurance in the Early Phases of SDLC, Pawel Krawtzyk (AON)
  • Markets for Discovery of Software Vulnerabilities or the New Malware, Alfonso De Gregorio (BeeWise)
  • Lessons from ANIKETOS Project, Dhouha Ayed (Thales)
    15.45 - 16.00    Coffee Break

    16.00 - 17.00    Security by Design and E2E Trust    
  • Software Assurance and Cybersecurity, Volkmar Lotz (SAP)
  • System Evolution and Security: Security Risk Assessment for Complex Long-lived Systems, Paul Stephane (Thales)
  • Identity Assurance, Paul Thomas (Microsoft)

    17.00 - 17.15    DEMO Session
  • ANIKETOS demo: Erkuden Rios (Tecnalia)

17.15 - 17.30    Announcement of Will Winsborough Award

17.30 - 20.00    Afternoon and Evening: Social Event in Castillo Gibralfaro

20.30               Gala Dinner: Parador Castillo de Gibralfaro

Wednesday (June, 5th)

08.30 - 09.30    Registration

09.30 - 10.00    An Automatic Trust Calculation Based on the Improved Kalman Filter Detection Algorithm, Bo Ye

10.00 - 10.30    The method of Trust and Reputation systems based on Link prediction and Clustering, Ji-Wan Seo, Seung-Jin Choi and 
                       Sang-Yong Han

10.30 - 11.00    Network-aware Evaluation Environment for Reputation Systems, Alessandro Celestini, Rocco De Nicola and Francesco 

11.00 - 11.30    Coffee Break

11.30 - 12.00    Trust Model for Cloud Based On Cloud Characteristics, Pramod Pawar, Muttukrishnan Rajarajan, Theo Dimitrakos and
                       Andrea Zisman

12.00 - 12.30    Modeling Reactive Trust Acquisition using State Transition Systems, Sergiy Gladysh and Peter Herrmann

12.30 - 13.00    Towards Trust-Aware and Self-Adaptive Systems, Francisco Moyano, Benoit Baudry and Javier Lopez

13.00 - 14.30    Lunch

14.30 - 15.00    An Attack-resistant Hybrid Data-privatization Method with Low Information Loss, Kalpana Singh and Lynn Batten

15.00 - 15.30    Position paper: PERSONA - A Personalized Data Protection Framework, Marina Egea, Federica Paci, Marinella Petrocchi
                       and Nicola Zannone

15.30 - 16.00    A Socio-Technical Understanding of TLS Certificate Validation, Giampaolo Bella, Rosario Giustolisi 
                       and Gabriele Lenzini