|
SACMAT 2011
Date |
Event |
Time |
June 14, 2011 |
Registration |
18:00 - 20:00 |
June 15, 2011 |
Registration |
08:00 – |
Welcome |
08:45 – 09:00 |
Keynote Address (Session Chair: Jorge Lobo, IBM, USA)
Title: A Decade of Model-Driven Security
David Basin - ETH Zurich, Switzerland
|
09:00 – 10:00 |
Coffee Break |
10:00 – 10:30 |
Session 1: Distributed Processing and Access Control
Session chair: Murat Kantarcioglu (University of Texas at Dallas, USA)
|
10:30 – 12:00 |
Deriving Role Engineering Artifacts from Business Processes and Scenario Models
Anne Baumgrass (Vienna University of Economics and Business),
Mark Strembeck (Vienna University of Economics and Business),
Stefanie Rinderle-Ma (University of Vienna)
|
|
An Integrated Approach for Identity and Access Management in a SOA Context
Waldemar Hummer (Vienna University of Technology),
Patrick Gaubatz (University of Vienna),
Mark Strembeck (Vienna University of Economics and Business),
Uwe Zdun (University of Vienna),
Schahram Dustdar (Vienna University of Technology)
|
|
On the Management of User Obligations
Murillo Pontual (University of Texas at San Antonio, USA),
Omar Chowdhury (University of Texas at San Antonio, USA),
William Winsborough (University of Texas at San Antonio, USA),
Ting Yu (North Carolina State University, USA),
Keith Irwin (Winston-Salem State University) |
|
Lunch |
12:00 – 14:00 |
Session
2: Policy Languages
Session chair: Mahesh Tripunitara (University of Waterloo, Canada) |
14:00 – 15:30 |
Program Synthesis in Administration of Higher-Order Permissions
Glenn Bruns (Bell Laboratories, USA),
Michael Huth (Imperial College, UK),
Avijit Kumar (Carnegie Mellon University, USA)
|
|
Relationship-based Access Control Policies and Their Policy Languages
Philip Fong (University of Calgary,Canada),
Ida Siahaan (University of Calgary, Canada)
|
|
xfACL: An Extensible Functional Language for Access Control
Qun Ni (Purdue University, USA),
Elisa Bertino (Purdue University, USA)
|
|
Coffee Break |
15:30 – 16:00 |
Session
3: Logic Programming based Access Control Specification
Session chair: David Basin (ETH Zurich, Switzerland) |
16:00 – 17:00 |
Rumpole: A Flexible Break-Glass Access Control Model
Srdjan Marinovic (Imperial College, UK),
Robert Craven (Imperial College, UK),
Jiefei Ma (Imperial College, UK),
Naranker Dulay (Imperial College, UK)
|
|
Anomaly Discovery and Resolution in Web Access Control Policies
Hongxin Hu (Arizona State University, USA),
Gail-Joon Ahn (Arizona State University, USA),
Ketan Kulkarni (Arizona State University, USA)
|
|
Welcome Reception |
18:00 - |
June 16, 2011
|
Registration |
08:00 – |
Session
4: Data Flow and Access Control
Session chair: Elisa Bertino (Purdue University, USA) |
9:00 – 10:30 |
Transforming Provenance using Redaction
Tyrone Cadenhead (University of Texas at Dallas, USA),
Vaibhav Khadikar (University of Texas at Dallas, USA),
Murat Kantarcioglu (University of Texas at Dallas, USA),
Bhavani Thuraisingham (University of Texas at Dallas, USA)
|
|
Data Leakage Prevention for Discretionary Access Control in Collaboration Clouds
Qihua Wang (IBM, US),
Hongxia Jin (IBM, US)
|
|
Modeling Data Flow in Socio-Information Networks: A Risk Estimation Approach
Mudhakar Srivatsa (IBM, US),
Ting Wang (Georgia Tech, USA)
|
|
Coffee Break |
10:30 – 11:00 |
Session
5: Applications
Session chair: Philip Fong (University of Calgary, Canada) |
11:00 – 12:00 |
An Authorization Scheme for Version Control Systems
Sitaram Chamarty (Tata Consultancy Services, India),
Hiren Patel (University of Waterloo, Canada),
Mahesh Tripunitara (University of Waterloo, Canada)
|
|
An Approach to Modular and Testable Security Models of Real-World Health-care Applications
Achim Brucker (SAP Research Karlsruhe, Germany),
Lukas Bruegger (ETH Zurich, Switzerland),
Paul Kearney (British Telecom, UK),
Burkhart Wolff (Laboratoire de Recherche Informatique, France)
|
|
Lunch |
12:00 – 14:00 |
System Demonstrations
Session Chair: Andreas Schaad (SAP Labs, Germany)
|
14:00 – 15:30 |
Security Validation Tool for Business Processes
Wihem Arsac, Luca Compagna, Serena Ponta, Samuel Paul Kaluvuri (SAP)
|
|
System for Automatic Estimation of Data Sensitivity with Applications to Access Control and Other Applications
Youngja Park, Stephen C Gates, Wilfried Teiken, Suresh N Chari (IBM, US)
|
|
Visualizing Security in Business Processes
Anja Monakova, Andreas Schaad (SAP)
|
|
Access Control for a Federated Police Information System
Matthew Hudnall, Allen Parish (University of Alabama, USA), Maury Mitchell (Alabama Criminal Justice Information Center)
|
|
Data-centric Multi-layer Usage Control Enforcement: A Social Network Example
Enrico Lovat, Alexander Pretschner (Karlsruher Institut fur Technologie, Germany)
|
|
Coffee Break, and Poster Session - Evolving Security in Eternal Software Systems |
15:30 – 16:00 |
Panel
Usable Access Control For All(pdf)
Panel Moderator: Robert W. Reeder (Microsoft, USA)
|
16:00 – 17:30 |
Guided Tour through the Old Town of Innsbruck |
19:00 – |
Dinner |
20:00 – |
June 17, 2011
|
Registration |
08:00 – |
Keynote Address (Session Chair: Ruth Breu, University of Innsbruck, Austria)
Title: Access Control (in Theory) and modern Linux Phones
Jean-Pierre Seifert (Technical University of Berlin, Germany)
|
09:00 – 10:00 |
Coffee Break |
10:00 – 10:30 |
Session
6: Policy Analysis and Obligations
Session chair: Michael Huth (Imperial College, UK)
|
10:30 – 12:00 |
Validation of Security Policies By the Animation of Z Specifications
Yves Ledru (Laboratoire d'Informatique de Grenoble, France),
Nafees Qamar (INRIA, France),
Akram Idani (Laboratoire d'Informatique de Grenoble, France),
Jean-Luc Richier (Laboratoire d'Informatique de Grenoble, France),
Mohamed-Amine Labiadh (Laboratoire d'Informatique de Grenoble, France)
|
|
SEAL: A Logic Programming Framework for Specifying and Verifying Access Control Models
Prasad Naldurg (Microsoft Research, India),
Raghavendra KR (Indian Institute of Science, Bangalore, India)
|
|
xDAuth: A Scalable and Lightweight Framework for Cross Domain Access Control and Delegation
Masooom Alam (IMSciences, Pakistan),
Xinwen Zhang (Huawei Research Center, USA)
|
|
Closing Remarks |
12:00 – 12:15 |
|