2016 Proceeding- General Chair:
- X. Sean Wang,
- Program Chairs:
- Lujo Bauer,
- Florian Kerschbaum
It is our great pleasure to welcome you to the ACM Symposium on Access Control Models and Technologies (SACMAT 2016), taking place in Shanghai, China, on June 6-8, 2016. This is the 21st edition of the symposium series, continuing the tradition of being the premier forum for presentation of research results and experience reports on leading edge issues of access control in terms of models, systems, applications, and theory. The symposium aims to share novel access control solutions that fulfill the needs of heterogeneous applications and environments, and to identify new directions for future research and development. SACMAT provides researchers and practitioners with a unique opportunity to share their perspectives with others interested in the various aspects of access control, aside from visiting the various attractions offered by the big international metropolis Shanghai.
This year, 55 abstracts and papers were submitted from a variety of countries around the world. Submissions were anonymous; each paper has been reviewed by at least three reviewers who are experts in the field. Extensive online discussions took place to make the selections for the symposium. The program committee finally accepted 18 papers as full papers and 3 papers as short ones for presentation at the symposium. The topics covered include network and mobile access control, access control in applications, policy engineering, access control specification and access control enforcement.
In addition to the main research paper sessions, the symposium offers a panel discussion session entitled "Security and privacy in the era of Internet of Things: research opportunities and challenges", and a poster session. Above all, the conference proudly presents three exciting keynote talks by Virgil Gligor of Carnegie Mellon University, Bhavani Thuraisingham of University of Texas at Dallas, and Robert Deng of Singapore Management University, respectively.
Proceeding Downloads
State-aware Network Access Management for Software-Defined Networks
OpenFlow, as the prevailing technique for Software-Defined Networks (SDNs), introduces significant programmability, granularity, and flexibility for many network applications to effectively manage and process network flows. However, because OpenFlow ...
An Empirical Study on User Access Control in Online Social Networks
In recent years, access control in online social networks has attracted academia a considerable amount of attention. Previously, researchers mainly studied this topic from a formal perspective. On the other hand, how users actually use access control in ...
An Application Restriction System for Bring-Your-Own-Device Scenarios
Different containerization techniques have been developed to ensure the separation of enterprise content and personal data on an end-user's device. Although the enterprise manages the environment in which work-related activities are conducted, referred ...
Tri-Modularization of Firewall Policies
Firewall policies are notorious for having misconfiguration errors which can defeat its intended purpose of protecting hosts in the network from malicious users. We believe this is because today's firewall policies are mostly monolithic. Inspired by ...
Panel Security and Privacy in the Age of Internet of Things: Opportunities and Challenges
In response to the new security and privacy concerns raised by emerging Internet of Things (IoT) technology, this panel discusses the current efforts and challenges to secure the IoT devices and to protect the integrity and privacy of users' data.
Enabling Dynamic Access Control for Controller Applications in Software-Defined Networks
Recent findings have shown that network and system attacks in Software-Defined Networks (SDNs) have been caused by malicious network applications that misuse APIs in an SDN controller. Such attacks can both crash the controller and change the internal ...
A Context-Aware System to Secure Enterprise Content
In this paper, we present an architecture and implementation of a secure, automated, proximity-based access control that we refer to as Context-Aware System to Secure Enterprise Content (CASSEC). Using the pervasive WiFi and Bluetooth wireless devices ...
Detecting Privilege Escalation Attacks through Instrumenting Web Application Source Code
Privilege Escalation is a common and serious type of security attack. Although experience shows that many applications are vulnerable to such attacks, attackers rarely succeed upon first trial. Their initial probing attempts often fail before a ...
Data-Centric Access Control for Cloud Computing
The usual approach to security for cloud-hosted applications is strong separation. However, it is often the case that the same data is used by different applications, particularly given the increase in data-driven (`big data' and IoT) applications. We ...
Modular Synthesis of Enforcement Mechanisms for the Workflow Satisfiability Problem: Scalability and Reusability
Modularity is an important concept in the design and enactment of workflows. However, supporting the specification and enforcement of authorization in this setting is not straightforward. In this paper, we introduce a notion of component and a ...
Resiliency Policies in Access Control Revisited
Resiliency is a relatively new topic in the context of access control. Informally, it refers to the extent to which a multi-user computer system, subject to an authorization policy, is able to continue functioning if a number of authorized users are ...
Start Here: Engineering Scalable Access Control Systems
Role-based Access Control (RBAC) is a popular solution for implementing information security however there is no pervasive methodology used to produce scalable access control systems for large organizations with hundreds or thousands of employees. As a ...
Policy Negotiation for Co-owned Resources in Relationship-Based Access Control
The collaborative nature of content development has given rise to the novel problem of multiple ownership in access control, such that a shared resource is administrated simultaneously by co-owners who may have conflicting privacy preferences and/or ...
Automated Fault Localization of XACML Policies
Access control policies in distributed systems, particularly implemented in the XACML standard language, are increasingly complex. Faults may exist in complex policies for various reasons such as misunderstanding of the access control requirements, ...
On Completeness in Languages for Attribute-Based Access Control
Attribute-based access control (ABAC) has attracted considerable interest in recent years, resulting in an extensive literature on the subject, including the standardized XML-based language XACML. ABAC policies written in languages like XACML have a ...
Extended ReBAC Administrative Models with Cascading Revocation and Provenance Support
Relationship-based access control (ReBAC) has been widely studied and applied in the domain of online social networks, and has since been extended to domains beyond social. Using ReBAC itself to manage ReBAC also becomes a natural research frontier, ...
Formal Comparison of an Attribute Based Access Control Language for RESTful Services with XACML
This work introduces RestACL - an access control language for RESTful Services - and compares it with XACML using formal methods. XACML is a generic approach that targets Attribute Based Access Control (ABAC) in general. RestACL is founded on the ideas ...
GemRBAC-DSL: A High-level Specification Language for Role-based Access Control Policies
A role-based access control (RBAC) policy restricts a user to perform operations based on her role within an organization. Several RBAC models have been proposed to represent different types of RBAC policies. However, the expressiveness of these models ...
A Space-Efficient Data Structure for Fast Access Control in ECM Systems
An Enterprise Content Management (ECM) system must withstand many queries to its access control subsystem in order to check permissions in support of browsing-oriented operations. This leads us to choose a subject-oriented representation for access ...
Boosting GSHADE Capabilities: New Applications and Security in Malicious Setting
The secure two-party computation (S2PC) protocols SHADE and GSHADE have been introduced by Bringer et al. in the last two years. The protocol GSHADE permits to compute different distances (Hamming, Euclidean, Mahalanobis) quite efficiently and is one of ...
A Framework of Multi-Authority Attribute-Based Encryption with Outsourcing and Revocation
Attribute-based encryption (ABE) is a cryptographic tool for fine-grained data access control. For practical needs, an ABE scheme should support multiple authority and revocation. Furthermore, decryption should also be outsourced for higher efficiency. ...
PolyStream: Cryptographically Enforced Access Controls for Outsourced Data Stream Processing
With data becoming available in larger quantities and at higher rates, new data processing paradigms have been proposed to handle high-volume, fast-moving data. Data Stream Processing is one such paradigm wherein transient data streams flow through sets ...
Cited By
-
Zhang S and Liu J (2022). An Online Recurring Concept Meta-learning For Evolving Streams 2022 International Joint Conference on Neural Networks (IJCNN), 10.1109/IJCNN55064.2022.9892467, 978-1-7281-8671-9, (1-7)
-
Fokkens T, Xu Z, Hoseini Izadi O and Hwang C (2021). Machine Learning Voice Synthesis for Intention Electromagnetic Interference Injection in Smart Speaker Devices 2021 IEEE International Joint EMC/SI/PI and EMC Europe Symposium, 10.1109/EMC/SI/PI/EMCEurope52599.2021.9559146, 978-1-6654-4888-8, (673-677)
-
Mine T, Hirokawa S and Suzuki T (2019). Does Crime Activity Report Reveal Regional Characteristics? Proceedings of the 13th International Conference on Ubiquitous Information Management and Communication (IMCOM) 2019, 10.1007/978-3-030-19063-7_46, (582-598),
-
Betke E and Kunkel J (2018). Benefit of DDN’s IME-FUSE for I/O Intensive HPC Applications High Performance Computing, 10.1007/978-3-030-02465-9_9, (131-144),
Index Terms
- Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies
Recommendations
Acceptance Rates
| Year | Submitted | Accepted | Rate |
|---|---|---|---|
| SACMAT '19 | 52 | 12 | 23% |
| SACMAT '18 | 50 | 14 | 28% |
| SACMAT '17 Abstracts | 50 | 14 | 28% |
| SACMAT '16 | 55 | 18 | 33% |
| SACMAT '15 | 59 | 17 | 29% |
| SACMAT '14 | 58 | 17 | 29% |
| SACMAT '13 | 62 | 19 | 31% |
| SACMAT '12 | 73 | 19 | 26% |
| SACMAT '09 | 75 | 24 | 32% |
| SACMAT '03 | 63 | 23 | 37% |
| Overall | 597 | 177 | 30% |