Advance Program
Invited Speakers
Call for Papers
Important Dates
Accepted Papers
Program Committee
Conference Location
Hotel Reservation
Since 1995


Maintained and
Sponsored by


June 12, 2013 Registration 08:00 –
Welcome 08:30 – 09:00

Keynote Session (Session Chair: Mauro Conti, University of Padua, Italy)
Title: Mobile Security and Privacy: The Quest for the Mighty Access Control

Dr. Ahmad-Reza Sadeghi - Technische Universitat Darmstadt, Germany

09:00 – 10:00
Coffee Break 10:00 – 10:30

Session 1: Privacy and Compliance

Session chair: Vijayalakshmi Atluri (NSF and Rutgers University, USA)

10:30 – 12:00
Privacy Promises That Can Be Kept: A Static Policy Analysis Method with Application to the HIPAA Privacy Rules

Omar Chowdhury, Andreas Gampe, Jianwei Niu, Jeffery von Ronne, Jared Bennatt, Anupam Datta, Limin Jia and William Winsborough

Combining Social Authentication and Untrusted Clouds for Private Location Sharing

Andrew K Adams and Adam J. Lee

Private Data Warehouse Queries

Xun Yi, Russell Paulet, Elisa Bertino and Guandong Xu

Lunch 12:00 – 13:00

Session 2:Policy Management and Enforcement

Session chair: Adam Lee (University of Pittsburgh, USA) 

13:00 – 15:00
Evolving Role Definitions Through Permission Invocation Patterns

Wen Zhang, You Chen, Carl Gunter, David Liebovitz and Bradley Malin


Ensuring Continuous Compliance through Reconciling Policy with Usage

Suresh Chari, Ian Molloy, Youngja Park and Wilfried Teiken

Least-Restrictive Enforcement of the Chinese Wall Security Policy

Alireza Sharifi and Mahesh Tripunitara

Constraint Expressions and Workflow Satisfiability

Jason Crampton and Gregory Gutin

Coffee Break 15:00 – 15:30

Panel Session (Session Chair: Ian Molly, IBM Research, USA)
Title: Granularity in Access Control


  • Volkmar Lotz (SAP Global Research)
  • Martin Kuhlmann (Omada)
  • Casey Schaufler (Intel Open Source Technology Center)
  • Vijay Atluri (NSF and Rutgers University)
15:30 – 17:00
June 13, 2013
Registration 08:00 –

Keynote Session (Session Chair: Andreas Schaad, SAP Labs, Germany)
Title: Searching Over Encrypted In-Memory Databases

Dr. Florian Kerschbaum - SAP, Germany

08:30 – 9:30
Coffee Break 9:30 – 10:00

Session 3: Systems and Information Flow

Session chair: Jason Crampton (Royal Holloway, University of London, UK)

10:00 – 12:00
Information Flow Control for Stream Processing in Clouds

Xing Xie, Indrakshi Ray, Raman Adaikkalavan and Rose Gamble

An Information Flow Control Meta-model

Dennis Kafura and Denis Gracanin

HyXAC: a Hybrid Approach for XML Access Control

Manogna Thimma, Tsam Kai Tsui and Bo Luo

ERBAC: Event-Driven RBAC

Piero Bonatti, Clemente Galdi and Davide Torres

Lunch 12:00 – 13:00

Session 4: Policy Analysis

Session chair: Gail-Joon Ahn (Arizona State University, USA)

13:00 – 15:00

Heuristic Safety Analysis of Access Control Models

Peter Amthor, Winfried Kühnhauser and Anja Pölck


A White-Box Policy Analysis and its Efficient Implementation

Jayalakshmi Balasubramaniam and Philip Fong


Minimization of Access Control Policies

Marco Guarnieri, Mario Arrigoni Neri, Eros Magri and Simone Mutti


Specification and Analysis of Access Control Policies for Mobile Applications

Ramadan Abdunabi and Indrakshi Ray

Coffee Break 15:00 – 15:30

Demo Session I

Session chair: Axel Kern (Beta Systems, Germany)

  • A BigData Platform for Analytics on Access Control Policies and Logs
  • Enabling Intensional Access Control via Preference-aware Query Optimization
  • RMiner: A Tool Set for Role Mining
  • Secure Benchmarking in the Cloud
15:30 – 16:00
June 14, 2013
Registration 08:00 –

Session 5: Applications

Session chair: Murat Kantarcioglu (University of Texas at Dallas, USA)

08:30 – 10:30

A Storage-Efficient Cryptography-Based Access Control Solution for Subversion

Dominik Leibenger and Christoph Sorge


Beyond Accountability: Using Obligations to Reduce Risk Exposure and Deter Insider Attacks

Nathalie Baracaldo and James Joshi


Property-Testing Real-World Authorization Systems

Alireza Sharifi, Paul Bottinelli and Mahesh Tripunitara


User-Centric Management of Distributed Credential Repositories: Balancing Availability and Vulnerability

Jens Köhler, Jens Mittag and Hannes Hartenstein

Coffee Break 10:30 – 11:00

Demo Session II

Session chair: Mahesh Tripunitara (University of Waterloo, Canada)

  • A Versatile Access Control Implementation: Secure Box
  • Permission Path Analysis Based on Access Intelligence
  • Sticky Policies for Mobile Devices
  • Content-based Information Protection and Release in NATO Operations
11:00 – 12:30



Copyright (c) ACM SACMAT All rights reserved.