Program (Tentative)
Graduate Student Symposium
10th IFIP TM Conference
Time Monday
08:00-08:40 Registration &
Registration &
Registration &
Registration &
Registration &
08:40-09:00 IFIP TM Welcome
09:00-10:00 Session-1
Welcome &
Lecture Session
(Max Mühlhäuser)
Lecture Session
(Natasha Dwyer)
IFIP TM Keynote
Full Paper-2 William
Award 2016
10:00-10:10 Coffee Break
10:10-10:30 PETS Keynote
(Angela Sasse)
Goodbye Passwords,
Hello Biometrics –
Do We Understand
the Privacy Implications?
10:30-11:00 Coffee Break Coffee Break
11:00-11:10 Session-2
Graduate Student
Lecture Session
(David Ceolin)
Short Paper-1 IFIP TM 2016
11:10-11:30 Coffee Break
11:30-12:30 WiSec Keynote
(Jean-Pierre Hubaux)
The Ultimate Frontier
for Privacy and
Security: Medicine
12:30-14:00 Lunch Break
14:00-15:30 Session-3
Lecture Session
(Stephen Marsh)
Lecture Session
(Christian Jensen)
IFIP WG 11.11
Annual Meeting
Short Paper-2
15:30-16:00 Coffee Break
16:00-17:30 Session-4
Lecture Session
(Sheikh M. Habib)
Lecture Session
(Carmen Fernandez-Gago)
Full Paper-1 Special Panel
18:00-22:00 Welcome
All joint award
ceremony with dinner
and dance party in
Historical Maschinenhaus
Dinner Speech

*Location 1: Room No. 18, S3|20, Rundeturmstr. 10, 64283 Darmstadt
**Location 2: Hörsaal 122, S1|05, Historisches Maschinenhaus, Magdalenenstr. 12, 64283 Darmstadt

Keynote: Trust Enhanced Secure Role-based Access Control on Encrypted Data in Cloud

Professor Vijay Varadharajan
Department of Computing
Faculty of Science
Macquarie University NSW 2109




In this talk I will begin with a brief look at current trends in the technology scenery and some of the key security challenges that are impacting on business and society. In particular, on the one hand there have been tremendous developments in cyber technologies such as cloud, Big Data and Internet of Technologies.

Then we will consider security and trust issues in cloud services and cloud data. In this talk, we will focus on policy based access to encrypted data in the cloud. We will present a new technique, Role based Encryption (RBE), which integrates cryptographic techniques with role based access control. The RBE scheme allows policies defined by data owners to be enforced on the encrypted data stored in public clouds. The cloud provider will not be able to see the data content if the provider is not given the appropriate role by the data owner. We will present a practical secure RBE based hybrid cloud storage architecture, which allows an organisation to store data securely in a public cloud, while maintaining the sensitive information related to the organisation’s structure in a private cloud.

Then we will consider trust issues in RBE based secure cloud data systems. We will discusstwo types of trust modelsthat assist (i) the data owners/users to evaluate the trust on the roles/role managers in the system as well as (ii) the role managers to evaluate the trust on the data owners/users for when deciding on role memberships. These models will take into account the impact of role hierarchy and inheritance on the trustworthiness of the roles and users. We will also consider practical application of the trust models and illustrate how the trust evaluations can help to reduce the risks and enhance the quality of decision making by data owners and role managers of the cloud storage services.

Keynote: Transparency, Privacy and Trust – Technology for Tracking and Controlling my Data Disclosures: Does this work?

Prof. Dr. habil. Simone Fischer-Hübner
Department of Computer Science
Karlstad University, Sweden

Photo credit: Henrik M Karlsson



Transparency is a basic privacy principle and social trust factor. However, in the age of cloud computing and big data, providing transparency becomes increasingly a challenge.
I will discuss privacy requirements of the General Data Protection Regulation (GDPR) for providing ex-post transparency and present how the transparency-enhancing tool Data Track can help to technically enforce those principles. Open research challenges that remain from a Human Computer Interaction (HCI) perspective will be discussed as well.

Dinner Speech: Are we doing it right?

Stephen Marsh
Assistant Professor
Faculty of Business and Information Technology,
UOIT, Canada




It’s been more than 20 years now since Computational Trust was ‘born,’ and there has been a great deal of work done in the area – trust models galore, deep understanding of applications, attacks and defences, and continual improvements on the journey.

Sometimes, though, I look at this and wonder if we are doing it ‘right.’ How do we know that the models are working, and for whom? Testbeds aside (of which there are a few, with their own issues), how can we tell if the models make the difference we want them to? When the models fail, or are applied differently, do they do a good job, are they graceful, and who gets affected (or hurt)?

This talk is about this: Steve’s First Law of Computing (no narcissism here then!) is that all computing is for people: somewhere along the line, there will be people who are observe, use, or are directly or indirectly affected by the technology. Recently I’ve been thinking about how to take this and marry it to a few other observations about people (and other animals) to be able to think about systems that address the big question: are we doing it right?

Full Paper Session – 1
Session Chair: Max Mühlhäuser, TU Darmstadt, Germany

  • How to Use Information Theory to Mitigate Unfair Rating Attacks:
    Tim Muller, Dongxia Wang, Yang Liu, and Jie Zhang.
    Nanyang Technological University, Singapore.
  • Enhancing Business Process Models with Trustworthiness Requirements:
    Nazila Gol Mohammadi and MarittaHeisel.
    University of Duisburg-Essen, Germany.
  • A model for personalised perception of policies:
    Anirban Basu, Stephen Marsh, Mohammad Shahriar Rahman, and Shinsaku Kiyomoto.
    KDDI R&D Laboratories, Japan.
  • Full Paper Session – 2
    Session Chair: Christian Jensen, Technical University of Denmark

  • Evaluation of Privacy-ABC Technologies – A Study on the Computational Efficiency:
    Fatbardh Veseli and Jetzabel Serna.
    Goethe University Frankfurt, Germany.
  • A Trust-based Framework for Information Sharing Between Mobile Health care Applications:
    Saghar Behrooz and Stephen Marsh.
    University of Ontario Institute of Technology, Canada.
  • Supporting Coordinated Maintenance of System Trustworthiness and User Trust at Runtime:
    Torsten Bandyszak (University of Duisburg-Essen, Germany), Micha Moffie (IBM Research – Haifa, Israel), Abigail Goldsteen (IBM Research – Haifa, Israel), Panos Melas (University of Southampton, UK), Bassem I. Nasser (University of Southampton, UK), Costas Kalogiros (Athens University of Economics and Business, Greece), Gabriele Barni (Thales R&T, The Netherlands), Sandro Hartenstein (Brandenburg University of Applied Sciences, Germany), Giorgos Giotis (Athens Technology Center S.A., Athens, Greece.), Thorsten Weyer (University of Duisburg-Essen, Germany).
  • Limitations on Robust Ratings and Predictions:
    Tim Muller, Yang Liu, and Jie Zhang.
    Nanyang Technological University, Singapore.
  • Short Paper Session – 1
    Session Chair: Anirban Basu, KDDI, R&D Labs, Japan

  • I don’t trust ICT: Research challenges in cyber security:
    Felix Gomez Marmol (NEC Europe Ltd., Germany), Manuel Gil Perez, and Gregorio Martinez Perez (University of Murcia, Spain).
  • The Wisdom of Being Wise A Brief Introduction to Computational Wisdom:
    Stephen Marsh (University of Ontario Institute of Technology, Canada), Mark Dibben (University of Tasmania, Australia), and Natasha Dwyer (University of Victoria, Australia).
  • Trust It or Not? An Empirical Study of Rating Mechanism and Its Impact on Smartphone Malware Propagation
    Wenjuan Li (City University of Hong Kong, Hong Kong), Lijun Jiang (City University of Hong Kong, Hong Kong), Weizhi Meng (Institute for Infocomm Research, Singapore), and Lam-For Kwok (City University of Hong Kong, Hong Kong).
  • Short Paper Session – 2
    Session Chair: Stephen Marsh, UOIT, Canada

  • Towards Behavioural Computer Science:
    Christian Johansen, Tore Pedersen, and Audun Jøsang.
    University of Oslo, Norway.
  • Improving interpretations of trust claims:
    Marc Sel.
    Royal Holloway, University of London, UK.
  • Trust and Regulation Conceptualisation: The Foundation for User-dened Cloud Policies:
    Jörg Kebbedies, Felix Kluge, Iris Braun, and Alexander Schill
    Technische Universität Dresden, Germany.
  • A Calculus for Distrust and Mistrust:
    Giuseppe Primiero.
    Middlesex University London, United Kingdom.