Middleware Announcements

[Renee Frost <>]

8TH ANNUAL SYMPOSIUM ON IDENTITY AND TRUST ON THE INTERNET (IDtrust 2009)
APRIL 14-16, 2009
NIST - Gaithersburg, MD  USA

THEME:  AUTHORIZATION AND ATTRIBUTES
IDtrust is devoted to research and deployment experience related to making good security decisions based on identity information, especially when public key cryptography is used and the human elements of usability are considered. The success of any business strategy depends on having the right people gain access to the right information at the right time. This implies that an IT infrastructure has - among other things - an authorization framework in place that can respond to dynamic security conditions and regulatory requirements quickly, flexibly and securely.  What are the authorization strategies that will succeed in the next decade? What technologies exist to address complex requirements today? What research is academia and industry pursuing to solve the problems likely to show up in the next few years?

Complete details on the Symposium, including registration fees and hotel details, will be available at http://middleware.internet2.edu/idtrust


IMPORTANT DATES
PAPERS DUE:  November 17, 2008
Panel proposals due:  January 9, 2009
Notification to authors: January 15, 2009 
Final papers due: February 21, 2009 


CALL FOR PAPERS
We solicit technical papers and panel proposals from researchers, systems architects, vendor engineers, and users. Suggested topics include but are not limited to:
- Reports of real-world experience with the use and deployment of identity and trust applications for broad use on the Internet (where the population of users is diverse) and within enterprises who use the Internet (where the population of users may be more limited), how best to integrate such usage into legacy systems, and future research directions. Reports may include use cases, business case scenarios, requirements, best practices, implementation and interoperability reports, usage experience, etc.
- Identity management protocols (SAML, Liberty, CardSpace, OpenID, and PKI-related protocols)
- Identity metasystems, frameworks, and systems (Shibboleth, Higgins, etc.)
- User-centric identity, delegation, reputation
- Identity and Web 2.0, secure mash-ups, social networking, trust fabric and mechanisms of “invited networks”
- Identity management of devices from RFID tags to cell phones; Host Identity Protocol (HIP)
- Federated approaches to trust
- Trust management across security domains
- Standards related to identity and trust, including X.509, SPKI/SDSI, PGP, S/MIME, XKMS, XACML, XRML, and XML signatures
- Intersection of policy-based systems, identity, and trust; identity and trust policy enforcement, policy and attribute mapping and standardization
- Attribute management, attribute-based access control
- Trust path building and certificate validation in open and closed environments
- Improved usability of identity and trust systems for users and administrators, including usability design for authorization and policy management, naming, signing, verification, encryption, use of multiple private keys, and selective disclosure
- Identity and privacy
- Levels of trust and assurance
- Trust infrastructure issues of scalability, performance, adoption, discovery, and interoperability
- Use of PKI in emerging technologies (e.g., sensor networks)
- Application domain requirements: web services, grid technologies, document signatures, (including signature validity over time), data privacy, etc.


Submissions should be provided electronically, in PDF, for standard US letter-size paper (8.5 x 11 inches). Paper submissions must not exceed 15 pages (single space, two column format with 1" margins using a 10 pt or larger font) and should adhere to the ACM SIG proceedings template athttp://www.acm.org/sigs/pubs/proceed/template.html (LaTeX users should use template Option 2). Successful technical papers should clearly describe the contribution to the field and cite related work. 

Submissions of papers must not substantially duplicate work that any of the authors have published elsewhere or have submitted in parallel to any other conferences or journals. Proposals for panels should be no longer than five pages and include possible panelists and an indication of which panelists have confirmed participation.  Detailed submission instructions can be found at the symposium website. All submissions will be acknowledged.   

Accepted papers will be published in a conference proceedings at the symposium. Accepted papers will also appear in the ACM Digital Library as part of the ACM International Conference Proceedings Series.


2009 PROGRAM COMMITTEE
Kent Seamons, Brigham Young University (chair)
Gail-Joon Ahn, Arizona State University    
Peter Alterman, National Institutes of Health    
Abbie Barbir, Nortel    
John Bradley, ooTao 
David Chadwick, University of Kent    
Carl Ellison, Microsoft    
Stephen Farrell, Trinity College Dublin    
Simson Garfinkel, Naval Postgraduate School    
Peter Gutmann, University of Auckland    
Adam J. Lee, University of Pittsburgh    
June Leung, FundSERV    
Eve Maler, Sun Microsystems    
Neal McBurnett, Internet2     
Clifford Neuman, University of Southern California    
Arshad Noor, StrongAuth    
Eric Norman, University of Wisconsin    
Radia Perlman, Sun Microsystems    
Tim Polk, NIST     
Scott Rea, Dartmouth College 
Andrew Regenscheid, NIST    
John Sabo, Computer Associates    
Anil Saldhana, Red Hat 
Krishna Sankar, Cisco Systems    
Frank Siebenlist, Argonne National Lab    
Sean Smith, Dartmouth College    
Jon Solworth, University of Illinois at Chicago    
Anna Squicciarini, Pennsylvania State University    
Von Welch, NCSA    
Stephen Whitlock, Boeing    
Michael Wiener, Cryptographic Clarity    



General Chair:
Ken Klingenstein Internet2


Program Chair:
Kent Seamons
Brigham Young University


Steering Committee Chair:
Neal McBurnett
Internet2


Local Arrangements:
Sara Caswell
NIST