International Workshop on Security and Trust in Decentralized/Distributed Data Structures (STD3S)

in conjuction with the 22nd International Conference on Data Engineering (ICDE'06), April 3-7, 2006, Atlanta, GA, USA

General Information

Decentralized/distributed data structures (D3S) have recently received a lot of attention with the successful introduction of peer-to-peer systems, Web services, Grids, and ubiquitous computing systems as specific examples of D3S. The "persuasive" arguments in favor of these systems are that they try to avoid centralization as a performance bottleneck, to decrease infrastructure costs and to increase performance by using available distributed resources, and are relatively easy to deploy and maintain due to inherent self-organization properties.

Distribution, decentralization and self-organization as the basic underlying concepts to enable these advantages, however, introduce new problems in terms of security and trust into these systems. Most existing approaches perform well in cooperative scenarios, but are doomed if this assumption does not hold. Also, the large number of participants in these systems raises new questions, such as whom to trust and cooperate with or how to ensure basic security properties such as confidentiality, authenticity or non-repudiation, and how to support these functionalities without introducing centralization again for being able to meet these requirements.

In this workshop we put the focus specifically on the issues of security (attacks, confidentiality, access control, authentication, etc.) and trust (trust assessment, reputation management, etc.) in the context of D3S to identify new problems, discuss possible solutions for existing problems and raise awareness for these issues as they constitute a major success factor in practical settings.

Topics

We encourage submissions in the areas of peer-to-peer systems, Web services, Grids, and ubiquitous computing systems which address security and trust problems in D3S. Topics of interest include, but are not limited to:

Attacks to D3S and their prevention
Supporting trust and security in D3S
Providing trust and security by the application of D3S
Privacy, traceability, and anonymity in D3S
High data availability in D3S
Trust and reputation in self-organizing environments
Anonymity in (self-organizing) D3S data stores
Anonymity and privacy vs. accountability
Access control and capability delegation in D3S
Self-organization vs. security and trust
Consistency of D3S data stores
Statistical models for trust in D3S
Case studies

Committees

Program Chairs

Manfred Hauswirth, EPFL, Switzerland
Andreas Wombacher, University of Twente, The Netherlands

Program Committee

Klemens Böhm, University of Karlsruhe, Germany
Ruth Breu, University of Innsbruck, Austria
Sonja Buchegger, UC Berkeley, USA
Germano Caronni, Sun Microsystems Laboratory, USA
David Chadwick, University of Kent, UK
Anwitaman Datta, EPFL, Switzerland
Sabrina De Capitani di Vimercati, Universita degli Studi di Milano, Italiy
Zoran Despotovic, DoCoMo Euro-Labs, Germany
Schahram Dustdar, Technical University of Vienna, Austria
Patrick C. K. Hung, University of Ontario Institute of Technology (UOIT), Canada
Mark Jelasity, University of Bologna, Italy
Wim Jonker, Philips Research, The Netherlands
Ling Liu, Georgia Tech, USA
Sanjay Kumar Madria, University of Missouri-Rolla, USA
Alberto Montresor, University of Trento, Italy
Evaggelia Pitoura, University of Ioannina, Greece
Thomas Risse, Fraunhofer IPSI, Germany
Pierangela Samarati, Universita degli Studi di Milano, Italy
Kai-Uwe Sattler, TU Ilmenau, Germany
Andreas Schaad, SAP Labs, France
Anna Squicciarini, University of Milan, Italy
Can Türker, ETHZ, Switzerland
Lingyu Wang, George Mason University, USA

Program committee web page

Format of the Workshop

The workshop solicits formal papers that address security and trust problems specific to D3S. Additionally, position papers outlining interesting new research domains and approaches are welcome. The selection of papers is based primarily on their potential to influence future research. This influence can be exercised in many ways, exemplified by but not limited to the following:

Articulating a new perspective on security and trust problems specific to D3S
Describing new problems regarding security and trust that arise from the specific domain of D3S environments and how to address them
Describing a novel approach to an existing problem that promises to influence future research specifically
Describing a new problem that requires our attention
Debunking an old perspective about security and trust

Paper Submission

Papers should not exceed 10 pages double column (plus 2 additional pages at $100 per page) including figures and tables and MUST be formatted according to standard IEEE 8.5x11 proceedings format (LaTeX formatting macros, Word format). Papers have to present original, English-language research contributions not concurrently submitted elsewhere. The paper abstract should contain title, author name(s), and keywords. Papers have to be submitted electronically in printable PDF format (other formats will be rejected) via the submission web page.

Proceedings

The workshop proceedings will be published by the IEEE Computer Society.

Camera-ready papers have to follow the format requirement given above!

Program

Time	Topic
09:00	Opening address by the PC chairs
09:15	Invited talk: Security and Trust in Peer to Peer Systems: Opportunity and Challenges Ling Liu, Georgia Institute of Technology Abstract: P2P computing is commonly perceived as an infrastructure offering both opportunities and threats. One way to minimize threats in P2P systems is to understand the potential threats and the level of damages they may cause to a P2P system and to increase the system's ability to defend itself from malicious intents, malicious behaviors, and potential threats incurred by known attacks or unpredicted attacks. Attacks on a general P2P system can be targeted at three layers: the network layer (say, TCP/IP), the overlay network layer (say, lookup protocols) and the application layer. There are marked differences in the security issues concerned at each of these layers. Furthermore, the algorithms used at the higher layers largely depend on the guarantees provided by the lower layers. Breaking any of these guarantees provided by a lower level layer to a higher-level layer can disrupt the entire security infrastructure. This invited presentation will provide an overview of various vulnerabilities and the recent research results on security and trust management in decentralized P2P overlay systems, focusing on challenges and opportunity for developing a secure and trusted infrastructure for massively distributed network computing systems and applications. An open discussion will be provided, surrounding the various p2p security applications.
10:15	Break
11:00	Paper session 1 (25 min + 5 min questions) Thomas Schwarz, Peter Tsui and Witold Litwin An Encrypted, Searchable Database Jochen Haller A Stochastic Approach for Trust Management Stephan Schosser, Klemens Böhm, Rainer Schmidt and Bodo Vogt Strategic Properties of Peer-to-Peer Data Structures and Behavior of Human Peers in Economic Experiments
12:30	Lunch break
14:00	Paper session 2 (25 min + 5 min questions) Lars Olson, Marianne Winslett, Gianluca Tonti, Nathan Seeley, Andrzej Uszok and Jeffrey Bradshaw TrustBuilder as an Authorization Service for Web Services Anurag Garg, Alberto Montresor and Roberto Battiti Reputation Lending for Virtual Communities Muthuramakrishnan Venkitasubramaniam, Ashwin Machanavajjhala, David Martin and Johannes Gehrke Trusted CVS
15:30	Break
16:00	Discussion session
17:00	End of workshop

Important Dates

Paper submission:	November 13, 2005 (extended deadline)
Notification:	December 16, 2005
Camera-ready papers:	January 11, 2006
Workshop date:	April 8, 2006

Manfred Hauswirth, last updated: $Date: 2006/04/04 14:49:03 $