Workshop on Future Access Control, Identity Management and Privacy Preserving Solutions in Internet Services

Co-Organized by EU-H2020-ReCRED (From real-world identities to privacy-preserving and attribute-based credentials for Device-centric Access Control) and  EU-H2020-TYPES (Towards Transparency and Privacy in Online Advertising Business)
to be held in conjunction with the ARES EU Projects Symposium 2016, held at the 11th International Conference on Availability, Reliability and Security (ARES 2016 –

August 31 – September 2, 2016
Salzburg, Austria

With e-commerce and online advertising now exceeding 1 trillion USD per annum, the sharing economy on the rise, and the emergence of the Internet of Things, the design and implementation of novel solutions for privacy preservation, integrated identity management and reliable and user-friendly authentication and authorization mechanisms is more pressing than ever.

Current online services are opaque with respect to data gathering and processing and rely on the password-based concept (developed in the 60’s) do not meet the requirements and expectations of users and do not leverage the potential of existing technologies.

Although some important steps have been made in resolving fundamental challenges in these areas, new paradigms for transparency, privacy, authentication, authorization and access control are needed. The next generation online services need to facilitate robust access control, safe e-commerce and sharing transactions. At the same time such services should provide an adequate level of transparency on the utilization of user data as well as guarantee a privacy-preserving data processing, sharing and storage.

In this workshop we encourage the submission of original works describing more sophisticated solutions in the areas of data transparency, privacy, authentication, authorization and access control, aiming to define the common basis for the development of next generation of online services.

Project Abstracts

TYPES: Online advertising generated in 2013 $42B worth of revenue and more than 3.4 million direct and indirect jobs in Europe in 2012 alone. It supports some of the most important Internet services such as search, social media and user generated content sites. However, the lack of transparency regarding tracking techniques and the type of information companies collect about users is creating increasing concerns in society. Software tools for implementing total mitigation (e.g., ad blocker or cookies blocker) have been released to block any transfer of information from end users towards the online advertising ecosystem. A massive adoption of these tools by end users may cause disruptions in the digital economy by affecting the online advertising sector and leading to consequences such as losing of a large number of employments. TYPES aims to cope with this challenge by defining, implementing, and validating in pre-market status a holistic framework of technologies and tools that guarantees both transparency and privacy preservation, gives the end user control upon the amount of information he/she is willing to share, and defines privacy-by-design solutions. In particular, these tools should enable the end user: i) to configure the privacy settings so that only the information allowed by the end-user is collected by online advertising platforms; ii) to understand the flow of their information within the online advertising ecosystem and how it is being used; iii) to detect episodes of information collection occurring without consent and identify the offender; iv) to know the value of their data. TYPES will demonstrate solutions that protect user’s privacy while empowering them to control how their data is used by service providers for advertising purposes. At the same time, TYPES will make it easier to verify whether users’ online rights are respected and if personal data is exchanged for a reasonable value-added to users.

ReCRED: ReCRED’s ultimate goal is to promote the user’s personal mobile device to the role of a unified authentication and authorization proxy towards the digital world. ReCRED adopts an incrementally deployable strategy in two complementary directions: extensibility in the type and nature of supported stakeholders and services (from local access control to online service access), as well as flexibility and extensibility in the set of supported authentication and access control techniques; from widely established and traditional ones to emerging authentication and authorization protocols as well as cryptographically advanced attribute-based access control approaches. Simplicity, usability, and users privacy is accomplished by: i) hiding inside the device all the complexity involved in the aggregation and management of multiple digital identifiers and access control attribute credentials, as well as the relevant interaction with the network infrastructure and with identity consolidation services; ii) integrating in the device support for widespread identity management standards and their necessary extensions; and iii) controlling the exposure of user credentials to third party service providers. ReCRED addresses key security and privacy issues such as resilience to device loss, theft and impersonation, via a combination of: i) local user-to-device and remote device-to-service secure authentication mechanisms; ii) multi-factor authentication mechanisms based on behavioral and physiological user signatures not bound to the device; iii) usable identity management and privacy awareness tools; iv) usable tools that offer the ability for complex reasoning of authorization policies through advanced learning techniques. ReCRED’s viability will be assessed via four large-scale realistic pilots in real-world operational environments. The pilots will demonstrate the integration of the developed components and their suitability for end users, so as to show their TRL7 readiness.

Topics of interest comprise but are not limited to:
Authentication and authorization policies and techniques
Biometrics and behavioral authentication
Cryptographic attributes and credentials
Privacy violation detection techniques
Personal data valuation tools
Legal, ethical and regulation issues
Testbeds, prototypes and experimental results
Novel access control techniques
Trust and identity management
Privacy safeguarding solutions
Electronic identities
Single sign on
Important Dates
Submission Deadline May 09, 2016
Author Notification May 30, 2016
Proceedings Version June 20, 2016
Conference August 31 – September 2, 2016
Workshop Chairs

Christos Xenakis (Chair)
University of Piraeus, Greece

Nikos Passas (Co-Chair)
University of Athens, Greece

Francesco Bonchi (Co-Chair)
ISI Foundation, Italy, and Eurecat, Spain

Technical Program Chairs

Michael Sirivianos (Co-Chair)
Cyprus University of Technology, Cyprus

Angel Cuevas Rumín (Co-Chair)
Universidad Carlos III de Madrid, Spain
acrumin [@]

Technical Program Committee

Giuseppe Bianchi, University of Roma Tor Vergata, Italy
Sotiria Chatzi, Wedia, Greece
Filitsa Chasapi, UPCOM, Belgium
Rubén Cuevas Rumín, Universidad Carlos III de Madrid, Spain
Antonio Fernandez Anta, IMDEA Networks, Spain
Rica Gonen, Open University of Israel, Israel
Roberto González, NEC, Germany
Sara Hajian, Eurecat, Spain
Evangelos Kotsifakos, Wedia, Greece
Nikolaos Laoutaris, Telefonica, Spain
Ionel Naftanaila, IAB Europe, Belgium
Christoforos Ntantogian, University of Piraeus, Greece
Kwstantinos Papadamou, Cyprus University of Technology, Cyprus
Claudio Soriente, Telefonica, Spain
Tamir Tassa, Open University of Israel, Israel


The submission guidelines valid for the FASES workshop are the same as for the ARES conference. They can be found >>here<<.