About
Advance Program
Invited Speakers
Call for Papers
Important Dates
Accepted Papers
Program Committee
Officers
Registration
Hotel Reservation
Miscellaneous
Since 1995

 

Maintained and
Sponsored by

SACMAT 2011

Date
Event
Time
June 14, 2011 Registration 18:00 - 20:00
June 15, 2011 Registration 08:00 –
Welcome 08:45 – 09:00

Keynote Address (Session Chair: Jorge Lobo, IBM, USA)
Title: A Decade of Model-Driven Security

David Basin - ETH Zurich, Switzerland

09:00 – 10:00
Coffee Break 10:00 – 10:30

Session 1: Distributed Processing and Access Control

Session chair: Murat Kantarcioglu (University of Texas at Dallas, USA)

10:30 – 12:00
Deriving Role Engineering Artifacts from Business Processes and Scenario Models

Anne Baumgrass (Vienna University of Economics and Business),
Mark Strembeck (Vienna University of Economics and Business),
Stefanie Rinderle-Ma (University of Vienna)

 
An Integrated Approach for Identity and Access Management in a SOA Context

Waldemar Hummer (Vienna University of Technology),
Patrick Gaubatz (University of Vienna),
Mark Strembeck (Vienna University of Economics and Business),
Uwe Zdun (University of Vienna),
Schahram Dustdar (Vienna University of Technology)

 
On the Management of User Obligations

Murillo Pontual (University of Texas at San Antonio, USA),
Omar Chowdhury (University of Texas at San Antonio, USA),
William Winsborough (University of Texas at San Antonio, USA),
Ting Yu (North Carolina State University, USA),
Keith Irwin (Winston-Salem State University)

 
Lunch 12:00 – 14:00

Session 2: Policy Languages

Session chair: Mahesh Tripunitara (University of Waterloo, Canada) 

14:00 – 15:30
Program Synthesis in Administration of Higher-Order Permissions

Glenn Bruns (Bell Laboratories, USA),
Michael Huth (Imperial College, UK),
Avijit Kumar (Carnegie Mellon University, USA)

 

Relationship-based Access Control Policies and Their Policy Languages

Philip Fong (University of Calgary,Canada),
Ida Siahaan (University of Calgary, Canada)

 
xfACL: An Extensible Functional Language for Access Control

Qun Ni (Purdue University, USA),
Elisa Bertino (Purdue University, USA)

 
Coffee Break 15:30 – 16:00

Session 3: Logic Programming based Access Control Specification

Session chair: David Basin (ETH Zurich, Switzerland) 

16:00 – 17:00
Rumpole: A Flexible Break-Glass Access Control Model

Srdjan Marinovic (Imperial College, UK),
Robert Craven (Imperial College, UK),
Jiefei Ma (Imperial College, UK),
Naranker Dulay (Imperial College, UK)

 
Anomaly Discovery and Resolution in Web Access Control Policies

Hongxin Hu (Arizona State University, USA),
Gail-Joon Ahn (Arizona State University, USA),
Ketan Kulkarni (Arizona State University, USA)

 
Welcome Reception 18:00 -
June 16, 2011
Registration 08:00 –

Session 4: Data Flow and Access Control

Session chair: Elisa Bertino (Purdue University, USA)

9:00 – 10:30
Transforming Provenance using Redaction

Tyrone Cadenhead (University of Texas at Dallas, USA),
Vaibhav Khadikar (University of Texas at Dallas, USA),
Murat Kantarcioglu (University of Texas at Dallas, USA),
Bhavani Thuraisingham (University of Texas at Dallas, USA)

 
Data Leakage Prevention for Discretionary Access Control in Collaboration Clouds

Qihua Wang (IBM, US),
Hongxia Jin (IBM, US)

 
Modeling Data Flow in Socio-Information Networks: A Risk Estimation Approach

Mudhakar Srivatsa (IBM, US),
Ting Wang (Georgia Tech, USA)

 
Coffee Break 10:30 – 11:00

Session 5: Applications

Session chair: Philip Fong (University of Calgary, Canada)

11:00 – 12:00

An Authorization Scheme for Version Control Systems

Sitaram Chamarty (Tata Consultancy Services, India),
Hiren Patel (University of Waterloo, Canada),
Mahesh Tripunitara (University of Waterloo, Canada)

 

An Approach to Modular and Testable Security Models of Real-World Health-care Applications

Achim Brucker (SAP Research Karlsruhe, Germany),
Lukas Bruegger (ETH Zurich, Switzerland),
Paul Kearney (British Telecom, UK),
Burkhart Wolff (Laboratoire de Recherche Informatique, France)

 

Lunch

12:00 – 14:00

System Demonstrations

Session Chair: Andreas Schaad (SAP Labs, Germany)

14:00 – 15:30

Security Validation Tool for Business Processes

Wihem Arsac, Luca Compagna, Serena Ponta, Samuel Paul Kaluvuri (SAP)

 

System for Automatic Estimation of Data Sensitivity with Applications to Access Control and Other Applications

Youngja Park, Stephen C Gates, Wilfried Teiken, Suresh N Chari (IBM, US)

 

Visualizing Security in Business Processes

Anja Monakova, Andreas Schaad (SAP)

 

Access Control for a Federated Police Information System

Matthew Hudnall, Allen Parish (University of Alabama, USA), Maury Mitchell (Alabama Criminal Justice Information Center)

 

Data-centric Multi-layer Usage Control Enforcement: A Social Network Example

Enrico Lovat, Alexander Pretschner (Karlsruher Institut fur Technologie, Germany)

 

Coffee Break, and Poster Session - Evolving Security in Eternal Software Systems

15:30 – 16:00

Panel
Usable Access Control For All(pdf)

Panel Moderator: Robert W. Reeder (Microsoft, USA)

16:00 – 17:30
Guided Tour through the Old Town of Innsbruck 19:00 –
Dinner 20:00 –
June 17, 2011
Registration 08:00 –

Keynote Address (Session Chair: Ruth Breu, University of Innsbruck, Austria)
Title: Access Control (in Theory) and modern Linux Phones

Jean-Pierre Seifert (Technical University of Berlin, Germany)

09:00 – 10:00
Coffee Break 10:00 – 10:30

Session 6: Policy Analysis and Obligations

Session chair: Michael Huth (Imperial College, UK)

10:30 – 12:00
Validation of Security Policies By the Animation of Z Specifications

Yves Ledru (Laboratoire d'Informatique de Grenoble, France),
Nafees Qamar (INRIA, France),
Akram Idani (Laboratoire d'Informatique de Grenoble, France),
Jean-Luc Richier (Laboratoire d'Informatique de Grenoble, France),
Mohamed-Amine Labiadh (Laboratoire d'Informatique de Grenoble, France)

 

SEAL: A Logic Programming Framework for Specifying and Verifying Access Control Models

Prasad Naldurg (Microsoft Research, India),
Raghavendra KR (Indian Institute of Science, Bangalore, India)

 
xDAuth: A Scalable and Lightweight Framework for Cross Domain Access Control and Delegation

Masooom Alam (IMSciences, Pakistan),
Xinwen Zhang (Huawei Research Center, USA)

 
Closing Remarks 12:00 – 12:15

 

 


Copyright (c) ACM SACMAT All rights reserved.