DIMACS Workshop on Security of Web Services and E-Commerce
Linda Casals
lindac at dimacs.rutgers.edu
Tue Apr 5 09:44:24 EDT 2005
*********Pre-registration deadline: April 28, 2005*************
***************************************************************
DIMACS Workshop on Security of Web Services and E-Commerce
May 5 - 6, 2005
DIMACS Center, Rutgers University, Piscataway, NJ
Organizer:
Brian LaMacchia, Microsoft, bal at microsoft.com
Presented under the auspices of the Special Focus on Communication
Security and Information Privacy.
************************************************
The growth of Web Services, and in particular electronic commerce
activities based on them, is quickly being followed by work on Web
Services security protocols. While core XML security standards like
XMLDSIG, XMLENC and WS-Security have been completed, they only provide
the basic building blocks of authentication, integrity protection and
confidentiality for Web Services. Additional Web Services standards
and protocols are required to provide higher-order operations such as
trust management, delegation, and federation. At the same time, the
sharp rise in "phishing" attacks and other forms of on-line fraud
simply confirms that all our work on security protocols is for naught
if we cannot make it both possible and easy for the average user to
discover when a security property has failed during a
transaction. This workshop aims to explore these areas as well as
other current and future security and privacy challenges for Web
Services applications and e-commerce.
**************************************************************
Workshop Program:
This is a preliminary program subject to change.
Thursday, May 5, 2005
8:00 - 9:00 Breakfast and Registration
9:00 - 9:15 Welcome & Opening Remarks
9:15 - 9:45 On the relation between Web Services Security and traditional protocols
Eldar Kleiner and A.W. Roscoe, Oxford University Computing Laboratory, UK
9:45 - 10:15 Verification Tools for Web Services Security
Cédric Fournet, Microsoft Research -- Cambridge, UK
10:15 - 10:30 Break
10:30 - 11:00 Flexible Regulation of Virtual Enterprises
Naftaly Minsky, Rutgers University
11:00 - 11:30 Negotiated Security and Privacy Policies for Web Services
George Yee, National Research Council
11:30 - 12:00 Regulating Synchronous Communication, and its Applications to Web-Services
Constantin Serban, Rutgers University
12:00 - 1:30 Lunch
1:30 - 2:00 Scalable Configuration Management For Secure Web Services Infrastructure
Sanjai Narain, Telcordia Technologies, Inc., USA
2:00 - 2:30 Automating Deployment Configuration of Web Services Security
J. Micallef, B. Falchuk and C. Chung, Telcordia Technologies, Inc., USA
2:30 - 3:00 Software Based Acceleration Methods for XML Signature
Youjin Song and Yuliang Zheng, UNC-Charlotte, USA
3:00 - 3:30 Analysis of aspects of XML & WS-* that make
hardware optimizations harder or easier
Eugene Kuznetsov, DataPower Technology, Inc., USA
3:30 - 3:45 Break
3:45 - 4:15 XACML and role-based access control
Jason Crampton, Royal Holloway, University of London, UK
4:15 - 4:45 Use of REL Tokens for Higher-order Operations
Thomas DeMartini, ContentGuard, USA
4:45 - 5:15 Electronic Document Authorization: A Case for
Practical, Secure Delegation and Authorization
Young H. Etheridge
Friday, May 6, 2005
8:00 - 9:00 Breakfast & Registration
9:00 - 9:30 Towards Decentralized and Secure Electronic Marketplace
Yingying Chen, Constantin Serban, Wenxuan Zhang and
Naftaly Minsky, Rutgers University
9:30 - 10:00 A Negotiation-based Access Control Model for Web Services
Elisa Bertino, Purdue University , A. C. Squicciarini and
L. Martino, University of Milano, Italy
10:00 - 10:30 Using Certified Policies to Regulate E-Commerce
Victoria Ungureanu, Rutgers University
10:30 - 10:45 Break
10:45 - 11:15 Active Intermediaries in Web Service and E-Commerce Environments
John Linn, RSA Laboratories
11:15 - 11:45 Web services and Federated Identity Management
Birgit Pfitzmann, IBM Zurich Research Lab, Switzerland
11:45 - 12:15 Web Services Architecture and the Old World
Philip Hallam-Baker
12:15 - 1:45 Lunch
1:45 - 2:15 On-line Certificate Validation via LDAP Component Matching
Jong Hyuk Choi, Sang Seok Lim, IBM T. J. Watson Research Center, and
Kurt D. Zeilenga, IBM Linux Technology Center
2:15 - 2:45 A Convenient Method for Securely Managing Passwords
Brent Waters, Stanford University, Alex Halderman, and
Ed Felten, Princeton University
2:45 - 3:00 Break
3:00 - 3:30 Identifying Malicious Web Requests through Changes
in Locality and Temporal Sequence
Li-Chiou Chen, Pace University
3:30 - 4:00 Tamper-Evident Digital Signatures: Protecting
Certification Authorities Against Malware
Jong Youl Choi, Markus Jakobsson, Indiana University and
Philippe Golle, Palo Alto Research Center
*********************************************************************
Registration:
Pre-registration deadline: April 28, 2005
Please see website for complete registration information:
http://dimacs.rutgers.edu/Workshops/Commerce/
*********************************************************************
Information on participation, registration, accomodations, and travel
can be found at:
http://dimacs.rutgers.edu/Workshops/Commerce/
**PLEASE BE SURE TO PRE-REGISTER EARLY**
********************************************************************
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list