SACMAT 2011

Date	Event	Time
June 14, 2011	Registration	18:00 - 20:00
June 15, 2011	Registration	08:00 –
	Welcome	08:45 – 09:00
	Keynote Address (Session Chair: Jorge Lobo, IBM, USA) Title: A Decade of Model-Driven Security David Basin - ETH Zurich, Switzerland	09:00 – 10:00
	Coffee Break	10:00 – 10:30
	Session 1: Distributed Processing and Access Control Session chair: Murat Kantarcioglu (University of Texas at Dallas, USA)	10:30 – 12:00
	Deriving Role Engineering Artifacts from Business Processes and Scenario Models Anne Baumgrass (Vienna University of Economics and Business), Mark Strembeck (Vienna University of Economics and Business), Stefanie Rinderle-Ma (University of Vienna)
	An Integrated Approach for Identity and Access Management in a SOA Context Waldemar Hummer (Vienna University of Technology), Patrick Gaubatz (University of Vienna), Mark Strembeck (Vienna University of Economics and Business), Uwe Zdun (University of Vienna), Schahram Dustdar (Vienna University of Technology)
	On the Management of User Obligations Murillo Pontual (University of Texas at San Antonio, USA), Omar Chowdhury (University of Texas at San Antonio, USA), William Winsborough (University of Texas at San Antonio, USA), Ting Yu (North Carolina State University, USA), Keith Irwin (Winston-Salem State University)
	Lunch	12:00 – 14:00
	Session 2: Policy Languages Session chair: Mahesh Tripunitara (University of Waterloo, Canada)	14:00 – 15:30
	Program Synthesis in Administration of Higher-Order Permissions Glenn Bruns (Bell Laboratories, USA), Michael Huth (Imperial College, UK), Avijit Kumar (Carnegie Mellon University, USA)
	Relationship-based Access Control Policies and Their Policy Languages Philip Fong (University of Calgary,Canada), Ida Siahaan (University of Calgary, Canada)
	xfACL: An Extensible Functional Language for Access Control Qun Ni (Purdue University, USA), Elisa Bertino (Purdue University, USA)
	Coffee Break	15:30 – 16:00
	Session 3: Logic Programming based Access Control Specification Session chair: David Basin (ETH Zurich, Switzerland)	16:00 – 17:00
	Rumpole: A Flexible Break-Glass Access Control Model Srdjan Marinovic (Imperial College, UK), Robert Craven (Imperial College, UK), Jiefei Ma (Imperial College, UK), Naranker Dulay (Imperial College, UK)
	Anomaly Discovery and Resolution in Web Access Control Policies Hongxin Hu (Arizona State University, USA), Gail-Joon Ahn (Arizona State University, USA), Ketan Kulkarni (Arizona State University, USA)
	Welcome Reception	18:00 -
June 16, 2011
	Registration	08:00 –
	Session 4: Data Flow and Access Control Session chair: Elisa Bertino (Purdue University, USA)	9:00 – 10:30
	Transforming Provenance using Redaction Tyrone Cadenhead (University of Texas at Dallas, USA), Vaibhav Khadikar (University of Texas at Dallas, USA), Murat Kantarcioglu (University of Texas at Dallas, USA), Bhavani Thuraisingham (University of Texas at Dallas, USA)
	Data Leakage Prevention for Discretionary Access Control in Collaboration Clouds Qihua Wang (IBM, US), Hongxia Jin (IBM, US)
	Modeling Data Flow in Socio-Information Networks: A Risk Estimation Approach Mudhakar Srivatsa (IBM, US), Ting Wang (Georgia Tech, USA)
	Coffee Break	10:30 – 11:00
	Session 5: Applications Session chair: Philip Fong (University of Calgary, Canada)	11:00 – 12:00
	An Authorization Scheme for Version Control Systems Sitaram Chamarty (Tata Consultancy Services, India), Hiren Patel (University of Waterloo, Canada), Mahesh Tripunitara (University of Waterloo, Canada)
	An Approach to Modular and Testable Security Models of Real-World Health-care Applications Achim Brucker (SAP Research Karlsruhe, Germany), Lukas Bruegger (ETH Zurich, Switzerland), Paul Kearney (British Telecom, UK), Burkhart Wolff (Laboratoire de Recherche Informatique, France)
	Lunch	12:00 – 14:00
	System Demonstrations Session Chair: Andreas Schaad (SAP Labs, Germany)	14:00 – 15:30
	Security Validation Tool for Business Processes Wihem Arsac, Luca Compagna, Serena Ponta, Samuel Paul Kaluvuri (SAP)
	System for Automatic Estimation of Data Sensitivity with Applications to Access Control and Other Applications Youngja Park, Stephen C Gates, Wilfried Teiken, Suresh N Chari (IBM, US)
	Visualizing Security in Business Processes Anja Monakova, Andreas Schaad (SAP)
	Access Control for a Federated Police Information System Matthew Hudnall, Allen Parish (University of Alabama, USA), Maury Mitchell (Alabama Criminal Justice Information Center)
	Data-centric Multi-layer Usage Control Enforcement: A Social Network Example Enrico Lovat, Alexander Pretschner (Karlsruher Institut fur Technologie, Germany)
	Coffee Break, and Poster Session - Evolving Security in Eternal Software Systems	15:30 – 16:00
	Panel Usable Access Control For All(pdf) Panel Moderator: Robert W. Reeder (Microsoft, USA)	16:00 – 17:30
	Guided Tour through the Old Town of Innsbruck	19:00 –
	Dinner	20:00 –
June 17, 2011
	Registration	08:00 –
	Keynote Address (Session Chair: Ruth Breu, University of Innsbruck, Austria) Title: Access Control (in Theory) and modern Linux Phones Jean-Pierre Seifert (Technical University of Berlin, Germany)	09:00 – 10:00
	Coffee Break	10:00 – 10:30
	Session 6: Policy Analysis and Obligations Session chair: Michael Huth (Imperial College, UK)	10:30 – 12:00
	Validation of Security Policies By the Animation of Z Specifications Yves Ledru (Laboratoire d'Informatique de Grenoble, France), Nafees Qamar (INRIA, France), Akram Idani (Laboratoire d'Informatique de Grenoble, France), Jean-Luc Richier (Laboratoire d'Informatique de Grenoble, France), Mohamed-Amine Labiadh (Laboratoire d'Informatique de Grenoble, France)
	SEAL: A Logic Programming Framework for Specifying and Verifying Access Control Models Prasad Naldurg (Microsoft Research, India), Raghavendra KR (Indian Institute of Science, Bangalore, India)
	xDAuth: A Scalable and Lightweight Framework for Cross Domain Access Control and Delegation Masooom Alam (IMSciences, Pakistan), Xinwen Zhang (Huawei Research Center, USA)
	Closing Remarks	12:00 – 12:15