DPM12 DPM2012 ESORICS 2012

Keynote Speakers

Pierangela Samarati

Affiliation: Universita` degli Studi di Milano, Italy

» homepage

Title: Supporting User Privacy Preferences in Digital Interactions
Abstract: Users can today enjoy the many benefits brought by the development and widespread adoption of Internet and related services conveniently accessing digital resources. Servers offering such resources typically require users to release information about them, which servers can then use for enforcing possible access policies on the offered services. A major problem in this context relates to providing users with the ability of determining which information to release to satisfy the server requests during their electronic interactions.
Privacy-friendly solutions are therefore essential to empower users on the control of what happens to their personal information and to effectively regulate the release of personal information in digital interactions. In this talk, I will illustrate some solutions for supporting user privacy preferences in emerging scenarios, and possible directions on privacy preference specifications.

Short biography: Pierangela Samarati is a Professor at the Computer Science Department of the Universitą degli Studi di Milano. Her main research interests are access control policies, models and systems, data security and privacy, information system security, and information protection in general. She has participated in several projects involving different aspects of information protection. On these topics she has published more than 200 peer-reviewed articles in international journals, conference proceedings, and book chapters. She is co-author of the book "Database Security," Addison-Wesley, 1995.
She has been Computer Scientist in the Computer Science Laboratory at SRI, CA (USA). She has been a visiting researcher at the Computer Science Department of Stanford University, CA (USA), and at the Center for Secure Information Systems, George Mason University, VA (USA).
She is the chair of the IEEE Systems Council Technical Committee on Security and Privacy in Complex Information Systems (TCSPCIS), and of the Steering Committees of the European Symposium on Research in Computer Security (ESORICS) and of the ACM Workshop on Privacy in the Electronic Society (WPES). She is the Coordinator of the Working Group on Security of the Italian Association for Information Processing (AICA), the Italian representative in the IFIP (International Federation for Information Processing) Technical Committee 11 (TC-11) on "Security and Privacy". She is a member of the Steering Committee of: ACM Symposium on InformAtion, Computer and Communications Security (ASIACCS), International Conference on Information Systems Security (ICISS), and International Conference on Information and Communications Security (ICICS). In 2009, she has been named ACM Distinguished Scientist. In 2011, she has been named IEEE Fellow. In 2012, she has received the IFIP WG 11.3 Outstanding Research Contributions Award.
She is co-Editor in Chief of the Journal of Computer Security. She has served and is serving as Associate Editor of several journals. She has served as General Chair, Program Chair, and program committee member of various conferences.

Chris Mitchell

Affiliation: Royal Holloway, UK

» homepage

Title: Re-using existing security infrastructures
Abstract: Almost any large scale network security system requires the establishment of a security infrastructure of some kind. For example, if network authentication or authenticated key establishment is to be implemented, then the communicating parties need access to a shared secret key or certificates for each other’s public keys. Setting up a new security infrastructure for a significant number of clients is by no means a trivial task, and as a result web security is typically based on a password and a unilaterally-authenticated SSL/TLS channel, with all the associated problems. It is therefore tempting to try to exploit an existing security infrastructure to avoid the need for the potentially costly roll-out of a new infrastructure. Indeed, the fact that such an approach allows security context setup with no provisioning step is increasingly attractive, and looks set to become a widely used security paradigm, especially for mobile devices. In this context, the GAA architecture has been designed to enable the pre-existing mobile telephony security infrastructure to be exploited for the provision of generic security services. We propose the adoption of the architecture used by GAA to enable a wide range of other pre-existing infrastructures to be similarly exploited. We briefly look at two examples, namely what we refer to as TC-GAA and EMV-GAA, and consider the privacy and security implications both of the GAA approach and some of the other approaches already in use.

Short biography: Chris Mitchell received his BSc (1975) and PhD (1979) degrees in Mathematics from Westfield College, University of London. Prior to his appointment in 1990 as Professor of Computer Science at Royal Holloway, he was at Hewlett-Packard Laboratories (1985-90) and Racal-Comsec Ltd. (1979-85). At Royal Holloway he played a major role in setting up the Information Security Group in 1991 and launching the MSc in Information Security in 1992. His research interests mainly relate to information security and the applications of cryptography. He has played an active role in a large number of international collaborative research projects. He has served as a UK Expert on ISO/IEC JTC1/SC27/WG2 since 1992, and his contributions to security standardisation were recognised in the receipt of the IEC 1906 award in 2011. He has edited around twenty international security standards and published well over 200 research papers. He is co-editor-in-chief of Designs, Codes and Cryptography, a member of the editorial boards of The Computer Journal, IEEE Communications Letters, Information Management and Computer Security, the International Journal of Information Security, and the KSII Transactions on Internet and Information Systems. He has been a member of Microsoft's Trustworthy Computing Academic Advisory Board since 2003, and he continues to act as a consultant on a variety of topics in information security.

Virgil Gligor

Affiliation: Carnegie Mellon University, USA

» homepage

Title: On the Foundations of Trust in Networks of Humans and Computers
Abstract: A general theory of trust in networks of humans and computers must be built on both a theory of behavioral trust and a theory of computational trust. This argument is motivated by increased participation of people in online social networking, crowdsourcing, human computation, and socio-economic protocols; e.g., protocols modeled by trust and gift-exchange games, norms-establishing contracts, and scams/deception. We illustrate a class of interactive social protocols that relies both on trustworthy properties of commodity systems (e.g., verifiable endto- end trusted path) and participant trust, since on-line verification of protocol compliance is often impractical; e.g., it can lead to undecidable problems, co-NP complete test procedures, and user inconvenience. Trust is captured by participant preferences (i.e., risk and betrayal aversion) and beliefs in the trustworthiness of other protocol participants. Both preferences and beliefs can be enhanced whenever protocol non-compliance leads to punishment of untrustworthy participants; i.e., it seems natural that betrayal aversion can be decreased and belief in trustworthiness increased by properly defined punishment. Similarly, risk aversion can be decreased and trustworthiness increased by feasible recovery from participant non-compliance.
A general theory of trust which focuses on the establishment of new trust relations where none were possible before would help create new economic opportunities. New trust relations would increase the pool of services available to users, remove cooperation barriers, and enable the “network effect” where it really matters; i.e., at the application level. Hence, it seems important that security research should enable and promote trustenhancement infrastructures in human and computer networks; e.g., trust networks. Finally, we argue that a general theory of trust should mirror human expectations and mental models without relying on false metaphors and analogies with the physical world.

Short biography: Virgil D. Gligor received his B.Sc., M.Sc., and Ph.D. degrees from the University of California at Berkeley. He taught at the University of Maryland between 1976 and 2007, and is currently a Professor of Electrical and Computer Engineering at Carnegie Mellon University and co- Director of CyLab. Over the past thirtyfive years, his research interests ranged from access control mechanisms, penetration analysis, and denial-of-service protection to cryptographic protocols and applied cryptography. Gligor was an editorial board member of several IEEE and ACM journals, and the Editor in Chief of the IEEE Transactions on Dependable and Secure Computing. He received the 2006 National Information Systems Security Award jointly given by NIST and NSA in the US, and the 2011 Outstanding Innovation Award given by the ACM Special Interest Group on Security, Audit and Control.