1st International Workshop on Security and Privacy in Models and Data

TRIDENT-securiTy pRivacy In moDEls aNd daTa

INTRODUCTION

Nowadays, Security and Privacy are two relevant aspects for every system relying on software, constantly gaining momentum in an overwhelming set of domains. such as healthcare. Several domains are increasingly adopting cloud-based applications as core business, becoming more and more complex generating federated architectures. In this sense, several technological challenges related to security and privacy are stemming from these domains; while some of these challenges have been discovered and solved, others are evolving, such as the traditional securing applications [1], the insider threat problem [2], or new legislations.

From a software development point of view, new approaches such as Privacy-By-Design [3] or blockchains are gaining momentum, providing benefits, but also implying trade-offs. Along these lines, the analysis on how these technologies are solving specific issues and the benefits that they provide is an ongoing debate at research level.

From a legal point of view, legislations are seen as optional by several software developers, even though their business impact is increasing.

This TRIDENT workshop is focused on Security and Privacy in Models and Data, and the overall aim of this workshop is to address a broad range of issues related to Security and Privacy issues within Models and Data in a broad range of domains. Therefore, the topics covered by this workshop are the following (but not limited to) topics related to security and privacy:

· Secure practices in software development (e.g. Privacy-By-Design);

· Security and Privacy tools;

· Privacy considerations during software development;

· Software development considerations for data protection and management;

· End-to-end security mechanisms including data and models;

· Security Information and Event Management systems;

· Blockchain-based approaches and their implications in software development and industry standards;

· Legal aspects applied to software development activities.

· Case studies, experience reports, benchmarking and best practices

Important dates

Full paper submission: July 5th (hard deadline)

Acceptance notification: July 15, 2019

Final camera-ready version due: July 31, 2019

Workshop: October 28, 2018

AGENDA - October 28th 2019

14:00 – 14:30

Modelling compliance threats and security analysis of cross border health data Exchange

Mike Surridge, Ken Meacham, Juri Papay, Stephen Phillips, Brian Pickering, Ardavan Shafiee and Toby Wilkinson.

14:30 – 15:00

Towards Pro-Active Security and Privacy by Distribution, Obfuscation and Verification

Klaus-Dieter Schewe, Flavio Ferrarotti and Senén González

15:00 – 15:30

Resolving Stakeholder Tussles in Healthcare Systems: ethical challenges to data protection

Brian Pickering, Giuliana Faiella and Fabrizio Clemente

16:00 – 16:30

Multi-Value Classification of Ambiguous Personal Data

Sigal Assaf, Ariel Farkash and Micha Moffie.

16:30 – 17:00

Forgotten @ Scale: A Practical Solution for Implementing the Right To Be Forgotten in Large-Scale Systems

Abigail Goldsteen, Tomer Douek, Yaniv Cohen, Igor Gokhman, Ofir Keren-Ackerman, Gadi Katsovich, Grisha Weintraub, and Doron Ben-Ari.

!7:30 - 18:00

Semi-real-time hash comparison for detecting intrusions using Blockchain

Santiago de Diego, Oscar Lage, Xabier Larrucea and Iñaki Seco.

Submissions

This workshop solicits two types of submissions:

1. Regular paper submissions about original work not exceeding 12 pages.
2. Short paper submissions not exceeding 6 pages.

Papers must be submitted electronically through the Easychair https://easychair.org/conferences/?conf=trident2019

Proceedings will be published in Communications in Computer and Information Science (CCIS web page http://www.springer.com/series/7899) a Springer publication.

Submissions must conform to Springer's LNCS style and should not exceed 12 pages. Submitted papers will be carefully evaluated based on originality, significance, technical soundness, and clarity of exposition

Papers submitted to TRIDENT 2019 must not have been published elsewhere and must not be under review or submitted for review elsewhere when being considered for TRIDENT 2019

Best papers will be invited for submission to an special issue of the Journal of Universal Computer Science (J.UCS).

A (tentative) list of PC members for the workshop

• Cristina Alcaraz, University of Malaga
• Alberto Berreteaga, Tecnalia
• Ilio Catallo FCSR
• Andrea Micheletti OSR
• Matthias Pocs Stelar
• Chris Miles Metrarc
• Klaus McDonald-Maier Metrarc
• Gareth Howells Metrarc
• Xabier Larrucea Tecnalia
• Eunate Arana Biocruces
• Borja López Biocruces
• Tony Schaffel Lancs
• Muhammad Barham IBM
• Ed Conley AIMES
• Mike Surridge IT Innovation
• Juri Papay IT Innovation
• Brian Pickering IT Innovation

Workshop organisers:

Xabier Larrucea . Tecnalia . xabier.larrucea@tecnalia.com

Muhammad Barham . IBM . muhammad@il.ibm.com

References

[1] U. P. Domains, “Securing Your Applications,” in Creating Mobile Games, no. Cdc, C. Hamer, Ed. Apress, 2007, pp. 305–316.

[2] W. R. Claycomb and A. Nicoll, “Insider Threats to Cloud Computing: Directions for New Research Challenges,” 2012 IEEE 36th Annu. Comput. Softw. Appl. Conf., pp. 387–394, Jul. 2012.

[3] D. Klitou, “A Solution , But Not a Panacea for Defending Privacy : The Challenges , Criticism and Limitations of Privacy by Design The Growing Need for PBD Legislation,” pp. 86–110, 2014.