Workshop on Security, Privacy, and Identity Management in the Cloud

to be held in conjunction with the ARES EU Projects Symposium 2016, held at the 11th International Conference on Availability, Reliability and Security (ARES 2016 – http://www.ares-conference.eu)

August 31 – September 2, 2016
Salzburg, Austria

Over the last years, the computing paradigm has experienced a massive shift from local to cloud-based applications. As a result, users and organizations do no longer have full control over their data and services, but they rely on third-party cloud providers.

This development poses various challenges concerning the integrity and confidentiality of data as well as the privacy of users of such systems. Currently, no satisfactory solutions to these challenges exist, which is a roadblock for the large-scale deployment of cloud-based applications handling sensitive data such as electronic health records.

The aim of this symposium is to provide a platform to discuss innovative ideas related to the following questions: How can cloud services be made more trustworthy? How can we build distributed systems without single point of failure or trust? How to design end-to-end secure services in an untrusted environment? Which methodologies and technologies are required to integrate security and privacy by design? Is it possible to give back users full control over their data, i.e., let them decide when and to whom they are revealed?

Next to the regular session with peer-reviewed research papers, an invited talk will be given by a representative of the H2020 project SAFECLOUD.

Project Abstracts

The ambition of PRISMACLOUD is to develop and show-case cryptographic tools that protect the security and privacy of user data during its lifecycle in the cloud. In particular, the project focuses on the development of (information theoretically) secure storage solutions as well as efficient, privacy preserving yet verifiable computing on authenticated data.

Complementary to this, CREDENTIAL aims at developing privacy friendly means for storing and sharing personal data in the cloud, and at realizing an “identity and access management as a service” system supporting publicly certified identity data.

Topics of interest comprise but are not limited to:
(Publicly) verifiable computing
Malleable signatures
Privacy-preserving authentication
Proxy cryptography
Format preserving encryption
Order preserving encryption
Secret sharing
Cloud Cryptography
Secure distributed systems
Security and privacy in web services
Security and privacy in cloud scenarios
Fault tolerance in distributed systems
Auditing of cloud based systems
Transparency-enhancing technologies
Identity management
Authentication and Authorization
Application areas (smart cities, e-Government, …)
Important Dates
Submission Deadline May 02, 2016
Author Notification May 30, 2016
Proceedings Version June 20, 2016
Conference August 31 – September 2, 2016
Workshop Chairs

Stephan Krenn 
AIT Austrian Institute of Technology GmbH, Austria

Thomas Lorünser
AIT Austrian Institute of Technology GmbH, Austria

Daniel Slamanig
Graz University of Technology, Austria

Bernd Zwattendorfer
Stiftung Secure Information and Communication Technologies, Austria

Program Committee

Manuel Barbosa, University of Porto, Portugal
Christina Brzuska, Hamburg University of Technology, Germany
Jan Camenisch, IBM Research – Zurich, Switzerland
Denise Demirel, University of Darmstadt, Germany
Simone Fischer-Hübner, Karlstad University, Sweden
Tibor Jager, University of Bochum, Germany
Markulf Kohlweiss, Microsoft Research, UK
Andreas Mauthe, Lancaster University, UK
Henrich Pöhls, University of Passau, Germany
Kai Rannenberg, Goethe University Frankfurt, Germany

Submission

The submission guidelines valid for the SECPID workshop are the same as for the ARES conference. They can be found >>here<<.