Symposium on Access Control Models and Technologies

Program

To Authors: The presentation time (including Q&A) is 30 minutes for Regular, Blue-Sky, and Systematization-of-Knowledge papers; 20 minutes for Dataset/Tool and Work-in-Progress papers.

To Attendees:The following schedule is tentative and may be slightly updated as needed. All times are in Eastern Daylight Time (UTC-4:00).

Day 1 - July 8, 2025

Opening Remarks

09:00 AM - 09:30 AM

Session Chair: TBD

Keynote 1 - Policy Mining: Putting LLMs to Work

09:30 AM - 10:30 AM

Speaker: Vijayalakshmi Atluri (Rutgers University)

Break (Coffee and Refreshments)

10:30 AM - 10:50 AM

Paper Session 1: Policy Maintenance and Mining

10:50 AM - 12:15 PM

Minimizing the Number of Roles in Bottom-Up Role-Mining using Maximal Biclique Enumeration Regular
Mahesh Tripunitara (University of Waterloo)
Predictive Enhancement of ABAC Policies Using Access Log Analytics Work-in-Progress
Shmuel Amour (The Open University); Ehud Gudes (Ben-Gurion University of the Negev)
New Algorithms for Minimizing the Number of Edges in Bottom-Up Role Mining Regular
Puneet Gill, Mahesh Tripunitara (University of Waterloo)

Session Chair: TBD

Lunch Break (Provided by Conference)

12:15 PM - 01:45 PM

Paper Session 2: Trusted Enforcement

01:45 PM - 03:10 PM

Caplification: Bridging Capability-Aware and Capability-Oblivious Software Regular
Jason Zhijingcheng Yu (National University of Singapore); Mingkai Li (Columbia University); Aditya Badole, Trevor E. Carlson (National University of Singapore); Michael Swift (University of Wisconsin--Madison); Prateek Saxena (National University of Singapore)
Relying on Trust to Balance Protection and Performance in Cryptographic Access Control Regular
Simone Brunello, Stefano Berlato, Roberto Carbone (Fondazione Bruno Kessler); Adam J. Lee (University of Pittsburgh); Silvio Ranise (University of Trento and Fondazione Bruno Kessler)
Coordinated Enforcement of Obligations in Distributed Usage Control Systems Work-in-Progress
Hussein Joumaa (Department of Information Engineering and Computer Science, University of Trento, Trento, Italy); Ali Hariri, Theo Dimitrakos (Huawei Technologies Duesseldorf GmbH Munich, Germany); Bruno Crispo (Department of Information Engineering and Computer Science, University of Trento, Trento, Italy)

Session Chair: TBD

Break (Coffee and Refreshments)

03:10 PM - 03:30 PM

Paper Session 3: Network Security

03:30 PM - 04:55 PM

SPEAR: Security Posture Evaluation using AI Planner-Reasoning on Attack-Connectivity Hypergraphs Regular
Rakesh Podder, Turgay Caglar, Shadaab Kawnain Bashir, Sarath Sreedharan, Indrajit Ray, Indrakshi Ray (Colorado State University)
ACGuard5GC: Privacy-Preserving Prevention of Access Control Attacks within 5G Core Networks Regular
Harsh Sanjay Pacherkar, Guanhua Yan (Binghamton University, State University of New York)
Ran Tester UE: An Automated Declarative UE Centric Security Testing Platform Tool/Dataset
Charles Ueltschey, Joshua Moore, Aly Abdalla, Vuk Marojevic (Mississippi State University)

Session Chair: TBD

Day 2 - July 9, 2025

Keynote 2 - Cedar: A New Language for Expressive, Fast, Safe, and Analyzable Authorization

09:00 AM - 10:00 AM

Speaker: John Kastner (Amazon Web Services)

Break (Coffee and Refreshments)

10:00 AM - 10:20 AM

Paper Session 4: Analysis of Access Control Systems

10:20 AM - 11:45 AM

Safety Analysis in the NGAC Model Regular
Brian Tan, Ewan Davies, Indrakshi Ray, Mahmoud Abdelgawad (Colorado State University)
ProfessorX: Detecting Silent Vulnerabilities in Policy Engine Implementations Regular
Ben Weintraub, Chanyuan Liu (Northeastern University); William Enck (North Carolina State University); Cristina Nita-Rotaru (Northeastern University)
ABAC Lab: An Interactive Platform for Attribute-based Access Control Policy Analysis, Tools, and Datasets Dataset/Tool
Thang Bui, Anthony Matricia, Emily Contreras, Ryan Mauvais, Luis Medina, Israel Serrano (California State University, Monterey Bay)

Session Chair: TBD

Lunch Break (Provided by Conference)

11:45 AM - 01:30 PM

Special Session

01:30 PM - 02:30 PM

Break (Coffee and Refreshments)

02:30 PM - 02:50 PM

Paper Session 5: Policy Specification and Privacy

02:50 PM - 04:15 PM

Towards Explainable Access Control BlueSky
Gelareh Hasel Mehri (Eindhoven University of Technology); Charles Morisset (Durham University); Nicola Zannone (Eindhoven University of Technology)
A Policy-Based Mitigation of Transaction Exclusion in Ethereum Work-in-Progress
Patrick Spiesberger, Jan Droll, Hannes Hartenstein (Karlsruhe Institute of Technology (KIT))
Leakage-Resilient Easily Deployable and Efficiently Searchable Encryption (EDESE) Regular
Jiaming Yuan, Yingjiu Li (University of Oregon); Yangguang Tian (University of Surrey); Daoyuan Wu (The Hong Kong University of Science and Technology); Jianting Ning (Wuhan University); Robert H. Deng (School of Computing & Information Systems, Singapore Management University, Singapore); Jun Li (University of Oregon)

Session Chair: TBD

Excursion

05:15 PM - 07:00 PM

Bus Departs the Hilton Garden Inn 05:30 PM
Bus Arrives at Port Jeff. 05:50 PM

Banquet Dinner

07:00 PM - 09:00 PM

Banquet at Danfords 07:00 PM
Bus Departs Danfords 09:00 PM

Day 3 - July 10, 2025

Paper Session 6: Machine Learning for Access Control

09:00 AM - 10:25 AM

Machine Learning in Access Control: A Taxonomy Systematization of Knowledge
MOHAMMAD NUR NOBI, Ram Krishnan (University of Texas at San Antonio); Maanak Gupta (Tennessee Tech University); Md Shohel Rana (University of Massachusetts Dartmouth); Lopamudra Praharaj (Tennessee Tech University); Mahmoud Abdelsalam (North Carolina Agricultural and Technical State University)
Extraction of Machine Enforceable ABAC Policies from Natural Language Text using LLM Knowledge Distillation Regular
Mian Yang, Vijay Atluri (Rutgers University); Shamik Sural (Indian Institute of Technology Kharagpur); Ashish Kundu (Cisco Research)
In-Context Vulnerability Propagation in LLMs Work-in-Progress
Aditya Nangia (Columbia University); Sriya Ayachitula (Ardsley High School); Chinmay Kundu (KIIT University)

Session Chair: TBD

Break (Coffee and Refreshments)

10:25 AM - 10:45 AM

Paper Session 7: Machine Learning and Security

10:45 AM - 12:10 PM

MUBox: A Critical Evaluation Framework of Deep Machine Unlearning Systematization of Knowledge
Xiang Li (Fordham University); Bhavani Thuraisingham (University of Texas at Dallas); Wenqi Wei (Fordham University)
ZeroTouch: Reinforcing RSS for Secure Geofencing Regular
Nikola Antonijević, Sayon Duttagupta, Dave Singelée, Enrique Argones Rúa, Bart Preneel (COSIC, KU Leuven)
“Bring your own device!”: Adaptive IoT Device-type Fingerprinting using Automatic Behavior Extraction Work-in-Progress
Maxwel Bar-on, Katherine Patterson (Colorado State University); Bruhadeshwar Bezawada (Southern Arkansas University); Indrakshi Ray, Indrajit Ray (Colorado State University)

Session Chair: TBD

Closing Remarks

12:10 PM - 12:20 PM

Session Chair: TBD

Lunch (Provided by Conference)

12:20 PM

Contact

General Chairs

Find us on Social Media

The 30th ACM Symposium on Access Control Models and Technologies

July 8 - 10, 2025. Stony Brook, NY, USA

Program

Day 1 - July 8, 2025

Opening Remarks

Keynote 1 - Policy Mining: Putting LLMs to Work

Break (Coffee and Refreshments)

Paper Session 1: Policy Maintenance and Mining

Lunch Break (Provided by Conference)

Paper Session 2: Trusted Enforcement

Break (Coffee and Refreshments)

Paper Session 3: Network Security

Day 2 - July 9, 2025

Keynote 2 - Cedar: A New Language for Expressive, Fast, Safe, and Analyzable Authorization

Break (Coffee and Refreshments)

Paper Session 4: Analysis of Access Control Systems

Lunch Break (Provided by Conference)

Special Session

Break (Coffee and Refreshments)

Paper Session 5: Policy Specification and Privacy

Excursion

Banquet Dinner

Day 3 - July 10, 2025

Paper Session 6: Machine Learning for Access Control

Break (Coffee and Refreshments)

Paper Session 7: Machine Learning and Security

Closing Remarks

Lunch (Provided by Conference)