7th IFIP Summer School in Trento
Picture by Giovanni Russello

Call for Papers

Privacy and Identity Management for Life

The Seventh International Summer School, organised jointly by the IFIP Working Groups 9.2, 9.6/11.7, 11.4, 11.6, will be held at the University of Trento, Italy, on 5-9 September 2011, in cooperation with EU funded projects: PrimeLife, ABC4Trust, Endorse, NESSOS, TAS3, the Norwegian PETweb II and e-Me, and Swedish U-PrIM (in cooperation with HumanIT) projects

Background

Internet applications, such as Web 2.0 applications and cloud computing, increasingly pose privacy dilemmas. When they communicate over the Internet, individuals leave trails of personal data which may be stored for many years to come. These developments raise substantial new challenges for personal privacy at the technical, social, ethical, regulatory, and legal levels: How can privacy be protected in emerging Internet applications such as collaborative scenarios and virtual communities? What frameworks and tools could be used to gain, regain and maintain informational self-determination and lifelong privacy?

These questions will be addressed by this year’s IFIP Summer School on Privacy and Identity Management for Emerging Internet Applications throughout a person’s lifetime. After the success of the 2009 and 2010 PrimeLife/IFIP Summer Schools, IFIP (International Federation for Information Processing), Working Groups 9.2, 9.6/11.7 11.4, 11.6 will in cooperation with the PrimeLife project consortium and the projects ABC4Trust, e-Me, Endorse, NESSOS, TAS3, PETweb II, U-PrIm (in cooperation with HumanIT) jointly hold a multidisciplinary summer school. A special focus of the 2011 IFIP Summer School will be on application scenarios and use cases to assess the extent to which the PrimeLife project outcomes and other research results can be practically applied.

We are especially inviting contributions from students who are at the stage of preparing their doctoral or masters’ theses qualifications. The school is interactive in character, and is composed of keynote lectures and seminars, tutorials and workshops with PhD student presentations. The principle is to encourage young academic and industry entrants to the privacy and identity management world to share their own ideas and to build up collegial relationships with others. Students that actively participate, in particular those who present a paper, can receive a course certificate which awards 3 ECTS at the PhD level. The certificate can certify the topic of the contributed paper and demonstrate its relationship to the student’s masters’/PhD thesis (or indicate in what way it is a separate piece of work).

Basic elements of the school

Tutorials and workshops held during the summer school week are targeted at optimising student involvement. They are aimed at giving the most effective feedback possible to students on their work. They are not intended for submissions by established researchers or industrialists.

Related European, national, or regional/community research projects as well as other senior researchers are, however, also very welcome to present papers or to organise workshops as part of the Summer School.

An award for best student paper submitted and presented will be organised, which will be handed out during the summer school week. The paper should be written by the masters or the PhD student herself or himself. Any contribution to the paper by other researchers should be made clear.

Content of the school

Topics of interest include, but are not limited to: privacy in complex emerging real-life scenarios including the use of privacy-enhancing mechanisms in various application areas that are often lifelong in character (such as eCare, eHealth, eGovernment, eLearning, and public transportation), lifelong privacy challenges and sustainable privacy and identity management, issues arising at the beginning (birth) and at the end (death) of lifetimes, privacy issues relating to social networks, social network analysis, impact on social exclusion/digital divide/cultural aspects, privacy and identity management related open source and standardisation initiatives, privacy and identity management (technologies, infrastructures, usability aspects, legal and socio-economic aspects), privacy-enhancing technologies (PETs), transparency-enhancing technologies (TETs), multilateral security, anonymity and pseudonymity, transparency-enhancing tools, privacy and trust policies, privacy-aware web service composition, semantic web security and privacy, privacy and identity management in cloud computing and in relation to critical infrastructures, privacy metrics, trust management and reputation systems, assurance evaluation and control, profiling, tracking technologies, biometrics, surveillance, data retention, availability and other legal-regulatory aspects.

Contributions and deadlines

We welcome: research papers from all disciplines (e.g., computer science, economics, law, psychology, sociology and other social sciences); contributions on application scenarios, use cases, and good practices; research with an empirical focus; and inter-disciplinary work. Contributions will be selected based on an extended abstract review by the Summer School Programme Committee. They should contain a clear problem statement; an outline; and clear messages (they should not be about work “to be done”. Accepted short versions of papers will be made available to all participants in the Summer School Pre- Proceedings. After the Summer School, authors will have the opportunity to submit their final full papers which will be extended to 8 pages in length (and which address questions and aspects raised during the Summer School) for publication in the Summer School Proceedings published by the official IFIP publisher (Springer). The papers to be included in the Final Proceedings will again be reviewed and selected by the Summer School Programme Committee.

To submit an extended abstract (4-6 pages in length) please go to the Submission page. Authors should use the Springer LNCS template and submit the abstract in PDF format.

Presentation Guidelines

For each workshop paper, we have reserved 30 minutes for presentation plus 15 minutes for discussion. Feedback to the authors should be addressed by them in their final summer school papers to be submitted for the Springer post-summer school proceedings.

Committees

General Summer School Chair:

Bruno Crispo (University of Trento - Italy)
Marc van Lieshout (TNO - Netherlands)

Programme Committee co-Chairs:

Jan Camenisch (IBM Research - Switzerland)
Simone Fischer-Huebner (Karlstad University - Sweden)
Ronald Leenes (Tilburg University - Netherlands)

Organising Committee Chair:

Giovanni Russello (Create-Net - Italy)

Programme Committee:

Bibi van der Berg (Tilburg University - Netherlands)
Michele Bezzi (SAP Research - France)
Gabriela Bodea (TNO - The Netherlands)
Katrin Borcea-Pfitzmann (TU Dresden - Germany)
Pedro Bueso (University of Zaragoza - Spain)
Changyu Dong (Strathclyde University - UK)
Penny Duquenoy (Middlesex University - UK)
Pierfranco Ferronato (Soluta.net - Italy)
Lothar Fritsch (Norwegian Computer Center - Norway)
Mark Gasson (University of Reading - UK)
Marit Hansen (UDL - Germany)
Hans Hedbom (Karlstad University - Sweden)
Thomas Heistracher (SUAS - Austria)
Jaap-Henk Hoepman (TNO - The Netherlands)
Tom Keenan (University of Calgary - Canada)
Dogan Kesdogan (Siegen University - Germany)
Kai Kimppa (University of Turku - Finland)
Linda Kool (TNO - The Netherlands)
Eleni Kosta (KU Leuven - Belgium)
Paul Malone (Waterford Institute of Technology - Ireland)
Leonardo Martucci (CASED - Germany)
Vaclav Matyas (Masaryk University, Brno - Czech Republic)
Gregory Neven (IBM Research - Switzerland)
Stefano Paraboschi (University of Bergamo - Italy)
Uli Pinsdorf (EMIC - Germany)
Charles Raab (University of Edinburgh - UK)
Kai Rannenberg (Goethe University Frankfurt - Germany)
Norberto Patrignani (Catholic University of Milano - Italy)
Pierangela Samarati (Milano University - Italy)
Einar Arthur Snekkenes (Gjovik University College - Norway)
Dieter Sommer (IBM Research - Switzerland)
Morton Swimmer (Trend Micro - USA)
Jozef Vyskoc (VaF - Slovakia)
Rigo Wenning (W3C - France)
Diane Whitehouse (The Castlegate Consultancy - UK)
Erik Westlund (Karlstad University - Sweden)

Program

Keynote Speaker List

Allessandro Armando, FBK, Italy
David Chadwick, University of Kent, UK
Andrea Di Nicola, University of Trento, Italy
Peter Gullberg, Gemalto, Sweden
Marit Hansen, ULD / Vice Data Protection Commissioner, Germany
Riitta Hellman, Karde AS / Norwegian Computing Center, Norway
Thomas Patrick Keenan, University of Calgary, Canada
Eleni Kosta, KU Keuven, Belgium
Gregory Neven, IBM Research Zurich, Switzerland
Charles Raab, Edinburgh University, UK
Jean-Pierre Seifert, TU Berlin, Germany
Sarah Spiekerman, WU Vienna, Austria

Detailed Program

Sunday, 4th September

19:00: Welcome reception

Monday, 5th September

9:00 - Room 204: Opening
Welcome message by Bruno Crispo and Simone Fischer-Hubner

9:15 - Room 204: Keynote I (Chair: Simone Fischer-Hubner):
Charles Raab (Edinburgh University): Lifelong Privacy: The Right to be Forgotten?

10:15-10:45: Coffee

10:45 - Room 204: Keynote II (Chair: Simone Fischer-Hubner):
Riitta Hellman (Karde AS / Norwegian Computing Center): Inclusive Identity Management in new Social Media

11:45 - Room 204: Keynote III (Chair: Simone Fischer-Hubner):
David Chadwick (University of Kent): Sticky Policies

12:45-14:00: Lunch

14:00-15:40: Parallel workshops:

  • Workshop I - Room 204: Contextual Integrity: a Means to Manage Privacy (Katrin Borcea-Pfitzmann, Marit Hansen)
  • Workshop II - Room 219: Privacy Metrics (Ina Schiering)
    • Ebenezer Paintsil. Towards Automating Identity Management System Privacy Risk Assessment with Petri Nets
    • Lisa Rajbhandari and Ebenezer Paintsil. Analysis of Privacy Scenarios In User-Centric Identity Management Systems with Game Theory
  • Workshop III - Room 220: Privacy for eHealth Applications (Diane Whitehouse)
    • Milica Milutinovic, Koen Decroix, Vincent Naessens and Bart De Decker. Privacy preserving mechanisms for a pervasive eHealth system
    • Ioannis Agrafiotis, Sadie Creese and Michael Goldsmith. Formalising Requirements for a Biobank Scenario using a Logic for Consent and Revocation

15:40-16:10: Coffee

16:10-17:50: Parallel Workshops:

  • Workshop I - Room 204: Contextual Integrity: A Means to Manage Privacy (cont.)
  • Workshop IV - Room 219: Privacy Metrics and Comparision (Erik Wastlund)
    • Ioannis Agrafiotis, Sadie Creese and Michael Goldsmith. Developing a Strategy for Automated Privacy Testing Suites
    • Philip Schutz. Data protection authorities in a comparative perspective
  • Workshop V - Room 220: Personalization and privacy issues for persons with intellectual disability. Case: ICT for persons with dementia (Riitta Hellman)

17:50-18:20 - Room 204: Summing up day 1 (Simone Fischer-Hubner)

Tuesday, 6th September:

9:00 - Room 204: Keynote IV (Chair: Marit Hansen):
Gregory Neven (IBM Research): Privacy-preserving attribute credentials

10:00 - 10:30: Coffee

10:30 - Room 204: Keynote V (Chair: Marit Hansen):
Sarah Spiekermann (WU Vienna): Privacy Impact Assessments and Privacy by Design - Ways to go forward

11:30-13:00: Lunch

13:00-17:00: Parallel workshops (Coffee at 15:40)

  • Workshop VI - Room 204: Addressing Ethical Issues using Scenarios in European Technology Development Projects (Aygen Kurt and Penny Duquenoy)
  • Workshop VII - Room 219: Policies (Gregory Neven)
    • Kaniz Fatema, David Chadwick and Brendan Alsenoy. Legal policies to protect privacy
    • Sandra Olislaegers. Early Lessons Learned in the ENDORSE Project: Legal issues in developing data protection compliance tools
    • Joerg Abendroth. Drafting Release Policies without Expert Knowledge
  • Workshop VIII - Room 220: Privacy and Transparency in the Age of Cloud Computing (Giovanni Russello)
    • Ina Schiering and Jan Kretschmer. Investigation of the Infrastructure Level of Cloud Computing - Realising a Basis for Privacy and Security of Software Services
    • Tobias Pulls. (More) Side Channels in Cloud Storage
    • Sebastian Labitzke. To whom flew all my personal data? Enabling users to monitor the proliferation of shared personally identifiable information

17:00-17:30 - Room 204: Summing up day 2 (Marit Hansen)

18:00: Social event

Wednesday, 7th September:

9:00 - Room 204: Keynote VI (Chair: Jan Camenisch):
Peter Gullberg (Gemalto): Usable Privacy-enhanced mobile Identity Management

10:00 - 10:30: Coffee

10:30 - Room 204: Keynote VII (Chair: Jan Camenisch):
Jean-Pierre Seifert (TU Berlin): Privacy and Security for Mobile Phones

11:30: Keynote VII (Chair: Jan Camenisch):
Marit Hansen (Vice Data Protection Commissioner/ULD): Privacy Protection Goals and Top 10 Mistakes in System Design from a Privacy Perspective

12:30- 14:00: Lunch

14:00-15:40: Parallel workshops

  • Workshop IX - Room 204: Social Implications for Privacy for Life (Marc van Lieshout, Diane Whitehouse et al.)
    • Sarah Spiekermann (WU Vienna, A). A short introduction to privacy behaviour - followed by an exercise
    • Linda Kool (TNO, NL): Perceptions of Privacy by Design
  • Workshop X - Room 219: Privacy for Mobile Applications I (Lothar Fritsch)
    • Martin Pekarek. Calling at all stations? Exploring privacy-friendly e-ticketing using smartphones
    • Julio Angulo and Erik W�stlund. Exploring Touch Screen Dynamics for User Identification on Smart Phones
  • Workshop XI - Room 220: Crypto for Privacy (Jan Camenisch and Gregory Neven)

15:40-16:10: Coffee

16:10-17:50: Parallel workshops

  • Workshop IX - Room 204 (cont.): Social Implications for Privacy for Life (Marc van Lieshout, Diane Whitehouse et al.)
    • Norberto Patrignani (Politecnico di Torino, IT): Computer Professionals and Privacy by Design: their role in shaping the future society. The contribution of EGAIS, a European project
    • Aygen Kurt (Middlesex University, UK): Questioning ethics, technology and governance beyond the system
    • Catherine Flick (Middlesex University, UK). The Social Impact of Privacy for Life: Bitcoin and the Dual-Use Dilemma
  • Workshop XII - Room 219: Privacy for Mobile Applications II (David Chatwick)
    • Luigi Grillo, Vincenzo Cutello and Giuseppe Morelli. Secure Multi-Party Computation: formalization of privacy in Location Based Mobile Services (LBMS)
    • Faysal Boukayoua, Jan Vossaert, Bart De Decker and Vincent Naessens. Using a Smartphone to Access Personalized Web Services on a Workstation
  • Workshop XI - Room 220 (cont.): Crypto for Privacy (Jan Camenisch and Gregory Neven)

17:50-18:20 - Room 204: Summing up day 3 (Jan Camenisch)

Thursday, 8th September:

9:00 - Room 204: Keynote VIII (Chair: Ronald Leenes):
Tom Keenan (University of Calgary): Are They Making Our Privates Public? - Emerging Risks of Governmental Open Data Initiatives

10:00-10:30: Coffee

10:30 - Room 204: Keynote IX (Chair: Ronald Leenes):
Eleni Kosta (KU Leuven): Tracking trends: Location Tracking and Do Not Track

11:30 - Room 204: Keynote X (Chair: Ronald Leenes):
Andrea De Nicola (University of Trento): Identity Thefts and Identity Managment: Criminological and Legal Aspects

12:30-13:30: Lunch

13:30-16:30: Parallel workshops (Coffee at 15:10)

  • Workshop XIII - Room 204: Consumer Privacy (Giovanni Russello)
    • Ulrich Konig and Marit Hansen. Extending comparison shopping sites by privacy criteria
    • Martin Beck and Michael Marhoefer. Do-Not-Track techniques for browsers and its implications for consumers
    • Marcello Paolo Scipioni. Towards Privacy-Aware Location-Based Recommender Systems
  • Workshop XIV - Room 219: Privacy for Online Communities (Ronald Leenes)
    • Michael Dowd. Privacy Attitudes in Interest-Driven Online Communities: The Case of Last.fm
    • Oleksandr Bodriagov and Sonja Buchegger. P2P Social Networks With Broadcast Encryption Protected Privacy
    • Mohammad Badiul Islam and Renato Iannella. Privacy by Design: Does it matter for Social Networks?
  • Workshop XV - Room 220: Privacy Attacks and Problems (Bruno Crispo)
    • Gergely Alpar and Jaap-Henk Hoepman. Avoiding Man-in-the-Middle Attacks When Verifying Public Terminals
    • Arnold Roosendaal. Massive Data Collection by Mistake?
    • Patrizia Bertini. The power of focus groups: unveiling meanings

16:30-17:00 - Room 204: Summing up day 4 (Ronald Leenes)

17:00: Social event

Friday, 9th September:

9:00 - Room 204: Keynote XI (Chair: Bruno Crispo):
Allessandro Armando (FBK): Security and Privacy of Web-based Single Sign-On Protocols: Pitfalls and Solutions

10:00-10:30: Coffee

10:30 - 12:10: Parallel Workshops:

  • Workshop XVI - Room 204: Rump Session (Giovanni Russello)
  • Workshop XVII - Room 219: Incorporating Privacy (Penny Duquenoy)
    • Koen Decroix, Bart De Decker and Vincent Naessens. Designing privacy-enhancing mobile applications
    • Catherine Flick and Penny Duquenoy. Developing for Privacy in Sensitive Domains: Lessons from the Isis Project
  • Workshop XVIII - Room 220: Privacy for Governmental Identity Management Systems (Eleni Kosta)
    • Joseph Adjei. Implementing a Successful Privacy-enhancing Identity Management Systems
    • Harald Zwingelberg and Marit Hansen. Privacy Protection Goals and Their Application to eID Systems

12:10 - 13:10 - Room 204: Panel on Future Research Challenges (Simone Fischer-Hubner) Panelists: Alessandro Armando, David Chadwick, Marit Hansen, Riitta Hellman, Eleni Kosta, Gregory Neven, and Charles Raab

13:10 - Room 204: Summing up, Best Student Paper Award and Closing Session

Venue

In this part of the page you will find information about accommmodation, venue location and travel info.

Coach Service

The school will provide to the partecipants a dedicated coach service between Villa Madruzzo and the Polo scientifico e tecnologico ‘‘Fabio Ferrari’’. In the morning, the coaches will leave the hotel around 8.00 AM and will take the partecipants back at the hotel after the end of the day activities. You can download the timetable from here.

Accommodation

The participants of the summer school can find accommodation at Villa Madruzzo, an hotel in the surroundings of Trento and close to the location of the school.

Thanks to an agreement between the University of Trento and the hotel, partecipants can take advantage of special rates: 65,00 Euros for a single room and 75,00 Euros for a double room single use (breakfast included). The reservation will be made by the organizational secretary, while the payment is to be made by every participant directly at the hotel. Information about your arrival and departure, cancellation, and any other changes must be communicated to the organizational secretary (convegni@unitn.it), using this form.

You can use Bus number 9 to go from the hotel to downton and viceversa.

Here below you can find the hotel contacts:

HOTEL VILLA MADRUZZO
Localita’ Ponte Alto, 26
38121 - Cognola, Trento (Italy)
T. +39 0461 986220
http://www.villamadruzzo.it/
http://maps.google.com/maps?q=villa+madruzzo+trento&hl=en&z=13

Summer School Venue Location

The school will take place at the Polo scientifico e tecnologico ‘‘Fabio Ferrari’’ that hosts the Department of Information Engineering and Computer Science (DISI). DISI is located in Povo, a beautiful spot on the Eastern slopes of Trento.

Find your Way to DISI

The best way to reach DISI is via the local bus system. Bus Number 5 is the quickest route up the hill from the city center. The trip takes about 10 minutes. Board at the “Piazza Dante” stop in front of the train station or at the “Piazza Venezia” stop. Get off at the “Povo - Facolta’ di Scienze” stop just after the blue sign for “Povo”. Route times are displayed at every stop. The stop names are shown on bus stop placards. Tickets can be purchased at newsstands. Get them before boarding. As an alternative, you can use Bus Number 13. Getting to DISI from the city center takes much more time on this bus, but it might be useful if you are in the southern area of the city. Get off at the “Povo - Piazza Manci” stop and walk down the hill to get to the Department. Route times are displayed at every stop. The stop names are shown on stop placards. Tickets can be purchased at newsstands. Get them before boarding. Times and fares are available at the Trentino Trasporti web site.

How to Reach Trento

By car

You can reach Trento on the following roads: Strada Statale dell’Abetone e del Brennero; Autostrada del Brennero - A22 motorway, phone no. (+39) 0461 980085; Superstrada della Valsugana for those coming from Venice, and Strada Statale 45 bis (Gardesana Occidentale), for those coming from Brescia.

By train

Two main lines reach Trento: the Brennero line (connecting to Rome to the south, and Innsbruck and northern Europe to the north) and the Valsugana line to Venice. A local train line connects Trento with Valle di Non.

By plane

The following airports are the closest to Trento:

  • Verona Catullo Airport
  • Venezia Marco Polo
  • Milano Linate
  • Milano Malpensa
  • Brescia Montichiari
  • Bergamo Orio al Serio
  • Bolzano

Trento is connected with the main airports by the A22 Brennero Motorway and by the railway. A shuttle service to reach the centre of Milan is guaranteed for travellers arriving in Malpensa and Linate. Buses leave every 20-30 minutes 24 hours a day. For those arriving in Verona (Valerio Catullo airport) or Brescia (Montichiari Airport) there is a shuttle bus service to Verona railway station every day, leaving every 20 minutes from 6.30 in the morning until 11.35 p.m. For those arriving in Bergamo (Orio al Serio airport) there is a shuttle bus service to Bergamo railway station, leaving every 15 minutes from 6.05 to 00.15; to Milano Centrale railway station leaving every 20 minutes from 04.30 to 01.00 and to Brescia railway station. For those arriving in Venice (Marco Polo Airport) there are buses to Venezia-Santa Lucia and Mestre-Venezia railways stations

Credit Points

We are especially inviting contributions from students who are at the stage of preparing either masters’ or doctoral theses qualifications. The school is interactive in character, and is composed of keynote lectures and seminars, tutorials and workshops with PhD student presentations. The principle is to encourage young academic and industry entrants to the privacy and identity management world to share their own ideas and to build up a collegial relationship with others. Students that actively participate, in particular those who present a paper, can receive a course certificate which awards 3 ECTS at the PhD level. The certificate can certify the topic of the contributed paper to demonstrate its relation or non-relation to the student’s masters’/PhD thesis.

Related European, national, or regional/community research projects are also very welcome to present papers or to organise workshops as part of the Summer School.

Registration

Below you can find the fees for registering to the Summer School.

  • Early Registration Fee: Before August 20: 300 Euros
  • Late Registration Fee: After August 20: 370 Euros

Social Events

The summer school includes several social events.

  • On Sunday 4th September, a welcome reception is held in Trento downtown. The reception will be held in an archeological area called “La Cave des Artistes”. The address is via Belenzani 37. After the reception, there will be a shuttle service to take the participants back to Villa Madruzzo.
  • On Tuesday 6th, we have organised a tour to Riva del Garda, a small town on the Northern shore of the Garda lake. After the visit at Riva del Garda, we will have a gala dinner at the picturesque Castel Toblino.
  • On Thursday 8th, there is a guided city tour in Trento.

Important Dates

  • Submission deadline: May 31st, 2011 (extended)
  • Notification of acceptance: June 30th, 2011(extended)
  • Short paper (up to 8 pages) for the Pre-Proceedings: August 15th, 2011(extended)

The Post-Summer School Proceedings will be published by Springer. Full papers are limited to a maximum of 14 pages. The authors of the papers should take into account the comments and discussions made during the summer school.

  • Workshop Paper Submission: 15th November 2011
  • Keynote Paper Submission: 1st December 2011
  • Author Notification: 15th January 2012
  • Final Paper: 15th of February 2012
  • Proceedings Publishing Date: Mid 2012

Organizers

Organized by

University of Trento

In Cooperation with

IFIP PrimeLife Create-NET

Supported By

ABC4Trust ENDORSE e-Me PETweb II TAS UPRIM