Final program

Day 1: July 11th – Room B310

8:30 – 9:15


9:15 – 9:30

Gérard Memmi
, Head of Network and Computer Science Department (INFRES) at Telecom ParisTech

Keynote Session
Chair: Nora Cuppens
9:30 – 10:30

Patrick McDaniel, Pennsylvania State University
Permission-based Application Governance; A Step Forward or Backward?

Break (Room: B316)
Session 1
Access Control
Chair: Joachim Biskup
11:00 – 12:30

Yuan Cheng, Jaehong Park, Ravi Sandhu
A User-to-User Relationship-based Access Control Model for Online Social Networks

Alessandro Armando, Silvio Ranise
Automated and Efficient Analysis of Role-Based Access Control with Attributes

Xin Jin, Ram Krishnan, Ravi Sandhu
A Unified Attribute-Based Access Control Model Covering DAC, MAC and RBAC

Lunch (Room: E800)
Session 2
Confidentiality and Privacy
Chair: Leon van der Torre
14:00 – 15:30

Joachim Biskup, Sven Hartmann, Sebastian Link, Jan-Hendrik Lochner, Torsten Schlotmann
Signature-Based Inference-Usability Confinement for Relational Databases under Functional and Join Dependencies

Rosa Karimi Adl, Mina Askari, Ken Barker, and Reihaneh Safavi-Naini
Privacy Consensus in Anonymization Systems Via Game Theory

Robert Nix, Murat Kantarcioglu, Keesook J. Han
Approximate Privacy-Preserving Data Mining on Vertically Partitioned Data

Break (Room: B316)
Session 3
Smart Card Security (short papers)
Chair: Meng Yu
16:00 – 17:00

Ravi Singh Pippal, Jaidhar C.D., Shashikala Tapaswi
Security Vulnerabilities of User Authentication Scheme using Smart Card

Ding Wang, Chun-guang Ma, Peng Wu
Secure password-based remote user authentication scheme with non-tamper resistant smart cards

Tiana Razafindralambo, Guillaume Bouffard and Jean-Louis Lanet
A friendly framework for hidding fault enabled virus for Java based smartcard

17:00 – 18:00 Ifip 11.3 Business Meeting

Day 2: July 12th – Room B310

Keynote Session
Chair: Frédéric Cuppens
9:00 – 10:00

Leon van der Torre, University of Luxembourg
Logics for Security and Privacy

Break (Room: B316)
Session 4
Threats and malware
Chair: Vijay Atluri
10:30 – 11:30

Simon N. Foley, William M. Fitzgerald
Decentralized Semantic Threat Graphs

Abhijith Shastry, Murat Kantarcioglu, Yan Zhou, Bhavani Thuraisingham
Randomizing Smartphone Malware Profiles against Statistical Mining Techniques

Session 5
Probabilistic attacks and protection (Short Papers)
Chair: Ehud Gudes
11:30 – 12:30

Hamed Saljooghinejad, Wilson Naik Bhukya
Layered Security Architecture for Masquerade Attack Detection

Abbas Taheri Soodejani, Mohammad Ali Hadavi, and Rasool Jalili
k-Anonymity-based Horizontal Fragmentation to Preserve Privacy in Data Outsourcing

Sébastien Gambs, Ahmed Gmati, Michel Hurfin
Reconstruction Attack through Classifier Analysis

Lunch (Room: E800)
14:00 – 19:00

Social event at Vaux le Vicomte


Gala dinner at La Coupole

Day 3: July 13th – Room B310

Session 6
Privacy-preserving Technologies
Chair: Pierangela Samarati
9:00 – 10:30

Gianluca Dini, Pericle Perazzo
Uniform Obfuscation for Location Privacy

Jonathan L. Dautrich, Chinya V. Ravishankar
Security Limitations of Using Secret Sharing for Data Outsourcing

Danish Mehmood, Basit Shafiq, Jaideep Vaidya, Yuan Hong, Nabil Adam, Vijayalakshmi Atluri
Privacy-Preserving Subgraph Discovery

Break (Room: B316)
Session 7
Data Management
Chair: Sabrina De Capitani di Vimercati
11:00 – 12:30

Smitha Sundareswaran, Anna Cinzia Squicciarini
XSS-Dec: a hybrid solution to mitigate Cross-Site Scripting attacks

Rami Sharon, Ehud Gudes
Code Type Revealing Using Experiments Framework

Nikolay Yakovets, Jarek Gryz, Stephanie Hazlewood, Paul van Run
From MDM to DB2: A Case Study of Security Enforcement Migration

Lunch (Room: E800)
Session 8
Cloud Computing
Chair: Ravi Sandhu
14:00 – 15:30

Takao Takenouchi, Takahiro Kawamura, Akihiko Ohsuga
Distributed Data Federation without Disclosure of User Existence

Wuqiong Pan, Yulong Zhang, Meng Yu, Jiwu Jing
Improving Virtualization Security by Splitting Hypervisor into Smaller Components

Sabrina De Capitani di Vimercati, Sara Foresti, Sushil Jajodia, Giovanni Livraga
Enforcing subscription-based authorization policies in cloud scenarios


Conclusion and farewell