Information sharing is essential for today's business and societal transactions. Nevertheless, such a sharing should not violate the security and privacy requirements dictated by Law, by internal regulations of organisations, and by data subjects. An effectual, rapid, and unfailing electronic data sharing among different parties, while protecting legitimate rights on these data, is a key issue with several shades. Among them, how to translate the high-level law obligations, business constraints, and users' requirements into system-level privacy policies, providing efficient and practical solutions for policy definition and enforcement. TELERISE aims at providing a forum for researchers and engineers, in academia and industry, to foster an exchange of research results, experiences, and products in the area of privacy preserving and secure data management, from a technical and legal perspective. The ultimate goal is to conceive new trends and ideas on designing, implementing, and evaluating solutions for privacy-preserving information sharing, with an eye to cross-relations between ICT and regulatory aspects of data management.
The list of topics includes (but it is not limited to):
- Model-based and experimental assessment of data protection
- Privacy in identity management and authentication
- Modeling and analysis languages for representation, visualization, specification of legal regulations
- Technical, legal, and user requirements for data protection
- User-friendly authoring tools to edit privacy preferences
- IT infrastructures for privacy and security policies management
- IT infrastructure for supporting privacy and security policies evolution
- Privacy and security policies conflict analysis and resolution strategies
- Electronic Data Sharing Agreements representation: languages and management infrastructure
- Cross-relations between privacy-preserving technical solutions and legal regulations
- Privacy aware access and usage control
- Privacy and security policies enforcement mechanisms
- Privacy preserving data allocation and storage
- Software systems compliance with applicable laws and regulations
- Heuristic for pattern identification in law text
- Empirical analysis of consumer's awareness of privacy and security policies
Welcome domains of application are (but may not limited to):
- Telecommunication and Networks
- Cloud Computing and Web Services
- Mobile Devices
- Video Suirvellance
- Smart Grid, Smart Cities, and Smart Spaces
- Public Administration
- Finance & Business
- Social Networks
|Submission deadline for paper:|
|Notification of authors:|
|Camera-ready copy due:||February 27, 2015|
- Ilaria Matteucci, IIT-CNR, Italy
- Paolo Mori, IIT-CNR, Italy
- Marinella Petrocchi, IIT-CNR, Italy
- Annie Antón, Georgia Institute of Technology, US
- Benjamin Aziz, University of Portsmouth, UK
- Francesco Di Cerbo, SAP Labs, France
- Ioanna Dionysiou, University of Nicosia, Cyprus
- Marina Egea Gonzalez, Indra, Spain
- Samson Yoseph Esayas, Dept. of Private Law, University of Oslo, Norway
- Carmen Fernandez Gago, University of Malaga, Spain
- Jens Jensen, STFC, UK
- Emil Lupu, Imperial College London, UK
- Alejandro Mañas-García, Grupo Hospitalario Quiron, Spain
- Mirko Manea, HP Italia, Italy
- Aaron Massey, Georgia Institute of Technology, US
- Kevin McGillivray, Dept. of Private Law, University of Oslo, Norway
- Jose Luis Cabrera, Grupo Hospitalario Quiron, Spain
- Bashar Nuseibeh, The Open University, UK
- Bart Preneel, KU Leuven, BE
- Roberto Sanz Requena, Grupo Hospitalario Quiron, Spain
- Daniele Sgandurra, Imperial College London, UK
- Jatinder Singh, Computer Laboratory, University of Cambridge, UK
- Debora Stella, Bird&Bird, Italy
- Peter Swire, Georgia Institute of Technology, US
- Slim Trabelsi, SAP Labs, France
- Roel Wieringa, University of Twente, NL
Title. Cryptography and Information Security in the post-Snowden era.
In June 2013 Snowden has transferred a set of sensitive documents to journalists, resulting in a continuous stream of revelations on mass surveillance by governments. We present an overview of these revelations; we also discuss their impact on our understanding of mass surveillance practices and the security of ICT systems. In particular, we discuss the known ways in which sophisticated attackers can bypass or undermine cryptography. We conclude by analyzing how these revelations affect future research in information security and privacy.
- 09:30-10:30 Keynote
- Bart Preenel. Cryptography and Information Security in the post-Snowden era.
- 10:30-11:00 Coffee Break
- 11:00-12:30 Session 1. Security Aspects
- Francesco Di Cerbo, Doliere Francis Some, Laurent Gomez, and Slim Trabelsi. PPL v2.0: Uniform Data Access and Usage Control on Cloud and Mobile.
- Said Daoudagh, Francesca Lonetti, and Eda Marchetti. Assessment of Access Control Systems Using Mutation Testing.
- Sorren Hanvey and Nestor Catano. Identifying Transitivity Threats in Social Networks.
- 12:30-14:00 Lunch
- 14:00-15:30 Session 2. Legal Aspects
- Denis Butin and Daniel Le Métayer. A Guide to End-to-End Privacy Accountability.
- Sepideh Ghanavati and Joris Hulstijn. Impact of Legal Interpretation in Business Process Compliance.
- Marina Buzzi, Luca Ferrucci, Francesco Gennai, and Claudio Petrucci. Introducing new technology into Italian Certified Electronic Mail: a proposal.
- 15:30-16:00 Coffee Break
- 16:00-18:00 Session 3. Privacy Aspects
- Dónal McCarthy, Paul Malone, Johannes Hange, Kenny Doyle, Eric Robson, Dylan Conway, Stepan Ivanov, Lukasz Radziwonowicz, Robert Kleinfeld, Theodoros Michalareas, Timotheos Kastrinogiannis, Nikos Stasinos, and Fenareti Lampathaki. Personal Cloudlets: Implementing a User-Centric Datastore with Privacy Aware Access Control for Cloud-based Data Platforms.
- Hanna Farah, Daniel Amyot, and Khaled El Emam. Common Length Name Representation: An Efficient Privacy-Preserving Scheme.
- Julia Himmel, Nikolas Siebler, Felix Laegeler, Marco Grupe, and Hanno Langweg. Privacy Points as a Method to Support Privacy Impact Assessments (Short Paper)
- Roberto Sanz-Requena, Alejandro Mañas-García, José Luis Cabrera-Ayala, and Gracián García-Martí. A cloud-based radiological portal for the patients. (Short Paper)
- Daniele Sgandurra, Francesco Di Cerbo, Slim Trabelsi, Fabio Martinelli, and Emil Lupu. Sharing Data Through Confidential Clouds: An Architectural Perspective. (Short Paper)
For any question, please contact the organizing committee at firstname.lastname@example.org.
The workshop is supported by the FP7-EU Project CoCo-Cloud: Confidential and Compliant Clouds funded by the European Commission under the grant n°610853