5th IFIP Summer School in Nice
Image by Julian Hacker from Pixabay (modified)

Call for Papers

Privacy and Identity Management for Life

The Fifth International Summer School organised, jointly by the PrimeLife EU project in cooperation with the IFIP WG 9.2, 9.6/11.7 11.4, 11.6, will be held in Nice, France, 7th – 11th September 2009.

Background

New Internet developments pose greater and greater privacy dilemmas. In the Information Society, the need for individuals to protect their autonomy and retain control over their personal information is becoming more and more important. Today, information and communication technologies – and the people responsible for making decisions about them, designing, and implementing them – scarcely consider those requirements, thereby potentially putting individuals’ privacy at risk. The increasingly collaborative character of the Internet enables anyone to compose services and contribute and distribute information. It may become hard for individuals to manage and control information that concerns them and particularly how to eliminate outdated or unwanted personal information, thus leaving personal histories exposed permanently. These activities raise substantial new challenges for personal privacy at the technical, social, ethical, regulatory, and legal levels:

  • How can privacy in emerging Internet applications such as collaborative scenarios and virtual communities be protected?
  • What frameworks and technical tools could be utilised to maintain life-long privacy?

The theme of this Summer School held in September 2009 and co-organised by the PrimeLife EU project and the International Federation for Information Processing (IFIP) was on privacy and identity management for emerging Internet applications throughout a person’s life.

Both IFIP and PrimeLife take a holistic approach to technology and support interdisciplinary exchange. Participants’ contributions that combine technical, legal, regulatory, socio-economic, ethical, philosophical, or psychological perspectives are especially welcome.

Content of the School

We were especially inviting contributions from students who are at the stages of preparing either masters’ or doctoral theses qualifications. The school is interactive in character, and is composed of keynote lectures and seminars, tutorials and workshops with PhD student presentations. The principle is to encourage young academic and industry entrants to the privacy and identity management world to share their own ideas and to build up a collegial relationship with others. Students that actively participated, in particular those who presented a paper, can receive a course certificate which awards 3 ECTS at the PhD level. The certificate can certify the topic of the contributed paper to demonstrate its relation or non-relation to the student’s PhD thesis.

Contributions are selected based on an extended abstract review by the Summer School Programme Committee. Accepted short versions of papers are made available to all participants in the Summer School Pre-Proceedings. After the Summer School, authors will have the opportunity to submit their final full papers (which address questions and aspects raised during the Summer School) for publication in the Summer School Proceedings published by Springer. The papers to be included in the Final Proceedings published by Springer will again be reviewed and selected by the Summer School Programme Committee.

Topics of Interest

The theme of this Summer School to be held in September 2009 and co-organised by the PrimeLife EU project and the International Federation for Information Processing (IFIP) will be on privacy and identity management for emerging Internet applications throughout a person’s life.

Topics of interest include but are not limited to:

  • Privacy and Identity management (application scenarios/use cases, technologies, infrastructures, usability aspects),
  • privacy-enhancing technologies,
  • anonymity and pseudonymity,
  • transparency-enhancing tools,
  • privacy and trust policies,
  • privacy-aware web service composition,
  • semantic web security and privacy,
  • privacy metrics,
  • trust management and reputation systems,
  • assurance evaluation and control,
  • privacy in complex emerging real-life scenarios including the use of privacy-enhancing mechanisms in various application areas that are often life-long in character such as eLearning or eHealth, location-based services,
  • life-long privacy challenges and sustainable privacy and identity management,
  • privacy issues relating to social networks,
  • social network analysis,
  • profiling,
  • RFID and tracking technologies,
  • biometrics,
  • surveillance,
  • data retention,
  • availability and other legal-regulatory aspects,
  • socio-economic aspects of privacy and identity management,
  • and impact on social exclusion/digital divide/cultural aspects.

Guidelines for Workshop Presentations

For each workshop paper, we have reserved 30 minutes for presentation plus 15 minutes for discussion. Feedback to the authors should be addressed by them in their final summer school papers to be submitted for the Springer post-summer school proceedings.

After the end of the school, we will as in the previous years produce Post-Summer School proceedings to be published by Springer. We would be delighted to include your workshop papers as well as keynote papers. The entry for paper submission of Post-Summer School proceedings can be found at here. For producing the paper, please use the LNCS templates and style files (available from http:/www.springer.com/computer/lncs?SGWID=0-164-7-72377-0).

Papers with up to 16 pages should be submitted (sent to here) by the deadlines mentioned above. Editorial review comments will be sent by Mid January 2010. Final papers will have to be sent by 10th February 2010. Proceedings will appear Mid 2010.

Credit Points

The Summer School can be taken as a PhD course. Students who actively participate, in particular those who present a paper, can receive a course certificate from Karlstad University signed by Prof. Simone Fischer-Hübner as a course responsible which awards 3 ECTS at PhD Level. The certificate can certify the topic of the contributed paper to demonstrate its relation or non-relation to the student’s PhD thesis.

Please contact Simone Fischer-Hübner for further information.

Student Grants

There will be some student grants to students from Albania, Belarus, Bosnia and Herzegovina, Bulgaria, Croatia, Czech Republic, Estonia, Federal Republic of Yugoslavia, Hungary, Kosovo, Latvia, Lithuania, Macedonia, Moldova, Montenegro, Poland, Romania, Russia, Slovakia, Slovenia, Ukraine - courtesy to Microsoft Research.

Committees

General Chair:

Michele Bezzi (SAP Research/France)

Programme Committee Co-Chairs:

Penny Duquenoy (Middlesex University/ UK, IFIP WG 9.2 chair)
Simone Fischer-Hübner (Karlstad University/ Sweden, IFIP WG11.6 vice chair)
Marit Hansen (Independent Centre for Privacy Protection Schleswig-Holstein, Kiel/ Germany)

Programme Committee:

Jan Camenisch (IBM Research/ Switzerland, IFIP WP 11.4 chair)
Mark Gasson (University of Reading/ UK)
Hans Hedbom (Karlstad University/ Sweden)
Tom Keenan (University of Calgary/ Canada)
Dogan Kesdogan (Siegen University/ Germany)
Kai Kimppa (University of Turku/ Finland)
Eleni Kosta (KU Leuven/ Belgium)
Ronald Leenes (Tilburg University/ Netherlands)
Elisabeth de Leeuw (Ordina/ Netherlands, IFIP WG 11.6 chair)
Marc van Lieshout (Joint Research Centre/ Spain)
Javier Lopez (University of Malaga/ Spain)
Vaclav Matyas (Masaryk University, Brno/ Czech Republic)
Martin Meints (Independent Centre for Privacy Protection Schleswig-Holstein, Kiel/ Germany)
Jean-Christophe Pazzaglia (SAP Research/France)
Uli Pinsdorf (Europäisches Microsoft Innovations Center GmbH (EMIC)/ Germany)
Andreas Pfitzmann (TU Dresden/ Germany)
Charles Raab (University of Edinburgh/ UK)
Kai Rannenberg (Goethe University Frankfurt/ Germany, IFIP TC11 chair)
Dieter Sommer (IBM Research/ Switzerland)
Sandra Steinbrecher (TU Dresden/ Germany)
Morton Swimmer (John Jay College of Criminal Justice, CUNY/ USA)
Jozef Vyskoc (VaF/ Slovakia)
Rigo Wenning (W3C/ France)
Diane Whitehouse (The Castlegate Consultancy/ UK)
Pierangela Samarati (Milano University/ Italy)
Gregory Neven (IBM Research Zurich/ Switzerland)

Organising Committee Chair:

Jean-Christophe Pazzaglia (SAP Research/ France)

Program

Keynotes

Franck Baudot (CNIL)
Marc-Michael Bergfeld (Giesecke& Devrient)
Caspar Bowden (Chief Privacy Adviser Microsoft EMEA)
Jan Camenisch (IBM Research)
Marc Dacier (Symantec)
Sabrina De Capitani di Vimercati (University of Milano)
Eleni Kosta (KU Leuven)
Ronald Leenes (Tilburg University)
Wainer Lusoli (EU Commission/JRC)
Refik Molva (Eurecom)
Andreas Pfitzmann (TU Dresden)
Charles Raab (University of Edinburgh)
Angela Sasse (University College London)

Detailed Program

The download is also available as PDF [here]

Sunday, 6th September 2009

18:00-20:00 Early registration at Maison du seminaire and Welcome drink

Monday, 7th September 2009

Main Topic: Privacy from an Enterprise/Institutional Perspective
(The first day will take place at Eurecom in Sophia Antipolis (room: Amphitheatre Lumiere), which is the Science Park in the area of Nice).

8:30: Registration at Maison du seminaire

9:15: Bus departs from Maison du seminaire to Eurocom/Sophia Antipolis (registration desk will also open there.)

10:30: Introduction, Welcome

Keynote session I: (Chair: Jean-Christophe Pazzaglia)
10:45-11:45: Keynote speech: Refik Molva (Eurecom):
“Safebook: a privacy-preserving peer-to-peer social network application” [slides]

11:45-12:45: Keynote speech: Jan Camenisch (IBM Research)
“Privacy Enhancing Cryptography: Theory and Practice” [slides]

13:00-14:00: Lunch

Keynote session II: (Chair: Rigo Wenning)
14:00-15:00: Keynote speech: Franck Baudot (CNIL expert):
“Identity from a data protection authority perspective in 2009”

15:00-16:00: Parallel workshops

  • Workshop 1: Privacy Tools
    Slim Trabelsi and Michele Bezzi (SAP Labs) present and discuss a tool for “Data Disclosure Risk Evaluation”
  • Workshop 2: eHealth Privacy I
    by Diane Whitehouse (The Castlegate Consultancy)

16:00-16:30: Coffee

16:30-17:45: Panel Session: Privacy from an Enterprise/Institutional Perspective
Chair: Michele Bezzi
“Privacy risks and actors”
Panel participants: Jan Camenisch, Marc Darcier, Franck Baudot, Caspar Bowden, Diane Whitehouse, Wainer Lusoli

17:45: Summing up the day

18:00: Cocktails, snacks

Bus to Nice/Maison du seminaire departs at 19:15

Tuesday, 8th September 2009

Main Topic: Lifelong Privacy

Keynote session III: (Room MATISSE, Chair: Marit Hansen)
9:00-10:00: Keynote speech: Sabrina De Capitani di Vimercati (University of Milano):
“Privacy of Data”

10:00-10:30: Coffee

10:30-11:30: Keynote speech: Andreas Pfitzmann (TU Dresden):
“Lifelong Privacy”

11:45-13:00: Lunch

13:00-15:30: Parallel workshops

  • Workshop 3: Privacy and Trust Technologies (Room CHAGALL; Chair: Lothar Fritsch)
    • Stefanie Pötzsch and Katrin Borcea-Pfitzmann, “Privacy-Respecting Access Control in Collaborative Workspaces” [slides]
    • Were Oyomno, “Personal Information, Context and Privacy in Context-Aware Services”
    • Tom Kirkham, “Securing personal data in an automated placement matching community”
  • Workshop 4: eHealth Privacy II (Room BONNARD-CEZANNE, Chair: Diane Whitehouse)
    • Syed Naqvi, Gautier Dallons and Christophe Ponsard, “Assuring Privacy of Medical Records in an Open Collaborative Environment - A Case Study of Wallonia region’s eHealth Platform” [slides]
    • Diego Garcia, M. Beatriz F. Toledo, Miriam A. M. Capretz, Paul Grace and Gordon S. Blair, “A Configurable Approach to Privacy Ontology and its Application to Mobile e-Health Services” [slides]
    • Fabio Massacci, Ayda Saidane and Viet Hung Nguyen, “No Purpose, No Data: Goal-oriented Access Control for Ambient Assisted Living” [slides]

15:30-16:00: Coffee

16:00-17:40: Parallel workshops

  • Workshop 5: eGovernment Privacy and Identity Management (Room CHAGALL, Chair: Charles Raab)
    • José Formaz and Olivier Glassey, “Follow the PIG: or how to analyse the governance of population registers” [slides]
    • Pravir Chawdhry and Ioannis Vakalis, “Use of ePassport for Identity Management in Network-Centric Citizen Life Processes”
  • Workshop 6: Privacy-Respecting Biometrics (Room, BONNARD-CEZANNE, Chair: Ronald Leenes)
    • Nicolas Delvaux, “TURBINE fingerprint biometric for trusted and revocable identity: technical challenges”
    • Els Kindt, “Privacy by design ? The case of biometrics” [slides]
  • Workshop 7: Lifelong Privacy (Room MATISSE, Chair: Andreas Pfitzmann)
    • Marit Hansen, Maren Raguse, Katalin Storf and Harald Zwingelberg, “Privacy from Womb to Tomb” [slides]
    • Isabelle Oomen, “Out of Sight, Out of Mind? The influence of social network sites on personal networks”

17:40-18:00: Summing up the day (room MATISSE)

Wednesday, 9th September 2009:

Main topic: Privacy & Web 2.0

Keynote Session IV: (Room MATISSE, Chair: Simone Fischer-Hübner)

9:00-10:00: Keynote speech: Ronald Leenes (Tilburg University):
“Where the rubber meets the road: Privacy and Sociability in social network sites” [slides]

10:00-11:00: Keynote speech: Eleni Kosta (KU Leuven):
“The Freddi Staurs of Social Networking – A legal approach”

11:00-11:30: Coffee

Keynote Session V: (Room MATISSE, Chair: Ronald Leenes)

11:30-12:30: Keynote speech: Caspar Bowden (Microsoft EMEA):
“Improving the implementation of the right of data subject access”

12:30-13:30: Lunch

13:30-16:00: Parallel workshops

  • Workshop 8: Transparency (Room CHAGALL, Chair: Caspar Bowden)
    • André Deuker, “Addressing the Privacy Paradox by Expanded Privacy Awareness – The Example of Context-Aware Services” [slides]
    • Hans Hedbom, Tobias Pulls, Peter Hjärtquist and Andreas Lavén, “Adding Secure Transparency Logging to the Prime Core” [slides]
    • Stefan Köpsell and Petr Svenda, “Secure logging of retained data” [slides]
  • Workshop 9: Social Networks & Privacy (Room BONNARD-CEZANNE, Chair: Rigo Wenning)
    • Aleksandra Kuczerawy, “Facebook and its EU users - applicability of the EU data protection law to US based SNS” [slides]
    • Penny Duquenoy and Patrick Watson, “Treading a fine line: protecting children in online social networks” [slides]
    • Dominik Birk, Felix Gröbert and Christoph Wegener, “Social Network Analysis: Modeling Attacks and Visualizing Privacy”

16:00-16:20: Coffee

16:20-18:00: Parallel workshops

  • Workshop 10: HCI for PETs (Room CHAGALL; Chair: Simone Fischer-Hübner)
    • Erik Wästlund, Peter Wolkerstorfer “PET-USES” [slides]
    • Marit Hansen, Harald Zwingeberg, Erik Wästlund, Simone Fischer-Hübner, “HCI for Privacy Policy Management and Displaying”
  • Workshop 11: Privacy Violation Detection & Prediction (Room BONNARD-CEZANNE, Chair: Hans Hedbom)
    • Maike Gilliot and Rafael Accorsi, “Runtime Prediction of Policy Violations in Automated Business Processes” [slides]
    • Nils Ulltveit-Moe and Vladimir Oleshchuk, “Study of Snort Rule-set Privacy Impact” [slides]

18:00-18:15: Summing up the day (Room MATISSE)

19:30: Nissart Dinner in the Nice area

Thursday, 10th September 2009:

Main topic: Legal, Socio-Economic and Technical Aspects of Identity Management

Keynote session VI: (Room MATISSE, Chair: Penny Duquenoy)

9:00-10:00: Keynote speech: Wainer Lusoli (JRC Seville):
“Write privacy read identity: legal, technical and economic aspects of a new regulatory framework”

10:00-11:00: Keynote speech: Charles Raab (Edinburgh University):
“Privacy Principles for Identity Management” [slides]

11:00-11:30: Coffee

Keynote Session VII: (Room MATISSE, Chair: Michele Bezzi)

11:30-12:30: Marc-Michael Bergfeld (Giesecke&Devrient):
“Privacy on Mobile Devices: Present and future technologies” [slides]

12:30-13:30: Lunch

13:30-16:00: Parallel workshops

  • Workshop 12: Business and Privacy (room CHAGALL)
    • Michael Bergfeld (Giesecke&Devrient): “Can privacy be a business? How would a venture financier reflect on the topic?”
  • Workshop 13: Anonymity (Room BONNARD CEZANNE, Chair: Jean-Christophe Pazzaglia)
    • Ge Zhang, “An analysis for anonymity and linkability of SIP VoIP identity” [slides]
    • Marián Novotný and Peter Kempec, “An anonymous balloting system for evaluation of students’ comprehension of lecture” [slides]
    • Marián Novotný and Rastislav Krivoš-Belluš, “Design and analysis of a protocol for anonymous sociometric questionnaires” [slides]
  • Workshop 14: Identity Management (Room MATISSE, Chair: Erik Wästlund)
    • Arnold Roosendaal, “Digital Personae and Profiles as Representations of Individuals” [slides]
    • Benjamin Kellermann and Immanuel Scholz, “Anonymous Credentials in Web Applications – A Child’s Play with the PRIME Core” [slides]
    • Markus Hansen and Ina Schiering, “Multilateral Privacy in Clouds: Requirements for Use in Industry” [slides]

16:00-16:15: Summing up the day (room MATISSE)

17:00: Visit of the city Nice

Friday, 11th September 2009:

Main topic: Privacy Research Directions

Keynote session VIII: (Room MATISSE, Chair: Andreas Pfitzmann)

9:00-10:00: Keynote speech: Angela Sasse (University College London):
“Why less data means better business”

10:00-10:55: Parallel workshops

  • Workshop 15: Economic Aspects & Industrial Requirements (Room CHAGALL; Chair: Penny Duquenoy)
    • Lothar Fritsch, “Business risks from RFID in tracking, tracing and logistics”
  • Workshop 16 incl. the Rump Session (for late submissions/ work of progress presentations) (Room BONNARD-CEZANNE, Chair: Diane Whitehouse)
    • Vikas Kumar, “ICT Banking for the Illiterate Rural Customers” [slides]
    • Ioannis Agrafiotis, Sadie Creese, Michael Goldsmith, and Nikolaos Papanikolaou, “Reaching for Informed Revocation: Shutting Off the Tap on Personal Data” [slides]
    • … and others.

10:55-11:20: Coffee

11:20-12:40: Panel Session: Privacy Research Directions (Room MATISSE, Chair: Marit Hansen)
Panel participants: Angela Sasse, Charles Raab, Refik Molva, Caspar Bowden, Penny Duquenoy, Andreas Pfitzmann

12:45-13:00: Summing up, Closing Session

13:00-14:30: Lunch

Social Events

Monday, 7th September 2009:
18:00 Cocktails after the workshop Privacy from an enterprise/institutional perspective in the CICA (Sophia Antipolis)

Wednesday, 9th September 2009:
19:30 Nissart Dinner in the Nice area

Thursday, 10th September 2009:
17:00 Visit of the city of Nice: https:/www.nicetourisme.com/

Venue and Accommodation

Seminar Hotel

Participants who booked accommodation will have a room reserved at the seminar hotel:

La Maison du Séminaire
29 boulevard Franck Pilatte
06300 NICE
Tel : +33 (0)4 93 89 39 57
Fax : +33 (0)4 93 26 79 99
mds@maison-du-seminaire.com

  • Airport: The Nice airport (aéroport) is located right at the west side of the gulf (Baie des Anges) and it is distant 6 km from the town center.
  • Bus Maison du Seminaire: The bus 99 is going from the Airport (every 30 minutes) to the main Train Station (Nice Ville) (Timetable). In front of the Train Station, the bus 30 is going to the Maison du Séminaire (bus stop: La Réserve just after the harbor - Timetable). The bus 98 is going from the Airport (every 30 minutes) to the town center too (every 30 minutes) - (Timetable). The bus 20 and 30 are connecting the city center to la Maison du Séminaire (bus stop : La Réserve just after the harbor). Here is a link to the timetable and map of Public transport.
  • Taxi: The journey between the airport and the ‘Maison du Seminaire’ should approximately be 30 euros.
  • Running: Alternatively you may want to jog to the Maison du Seminaire, it is only 9km and you simply have to follow the sea side toward the east :)
  • Car rental: All rental companies (Avis, Hertz, Budget….) are available at the airport, however since the event will mainly take place in Nice (on Monday a bus will be organized from Nice to Sophia Antipolis), it is probably not necessary to rent a car.

Venue

The venue of the Summer School will be the seminar hotel: La Maison du Séminaire.

The first day (7th September 2009) will however be organised at CICA/Institute Eurecom,

Room Amphitheatre Lumiere,
2229, Route Crêtes,
06560 Sophia Antipolis, France.
Tel: +33 (0)4 93 00 81 00
(Thanks to the support of Eurecom.)

There will be a bus transfer leaving from La Maison du Séminaire to Sophia Antipolis on Monday morning at 9:15.

Other alternative for those who cannot catch the transferring bus: The Bus 230 (Terminal 1 - quai 5 - every 30 minutes) is connecting the Airport to Sophia Antipolis.
NB: to reach the CICA you should ask a ‘ticket correspondance’ go to “Gare Routiere - Les Messugues” and then take a Shuttle asking to go to CICA (without extra charge - 1 euro)

The remaining days (8th - 11th September 2009) will then be held at La Maison du Séminaire.

Driving a car in France

WARNING: We strongly recommend to respect scrupulously the road legislation and especially the speed limitation since they are strongly enforced by automated speed traps and the fines start at 68 euros (from +5kmh to +20kmh) and can reach up to 750 euros.

Climate

The temperature is usually still warm at the beginning of September (~25 C). However, the evenings can eventually be fresh (in the event of rainstorm).

Best Paper Award

Aleksandra Kuczerawy (KU Leuven) was honored with the Best Student Paper Award (donated by IFIP WG 11.4) for her paper and presentation on “Facebook and its EU users – applicability of the EU data protection law to US based SNS”.

Organizers

In Cooperation with

IFIP PrimeLife