9th Symposium on Identity and Trust on the Internet (IDtrust 2010)
April 13-15, 2010
NIST - Gaithersburg, Maryland

Submission Deadline:  November 22, 2009

Theme: Secure and convenient access control

IDtrust is looking for papers related to all parts of the public-key
mediated authentication and access control problem.

All software systems, from enterprise data centers to small businesses
and consumer-facing applications, must make access control decisions
for protected data. IDtrust is a venue for the discussion of the
complete access control process (authentication, authorization,
provisioning and security decision workflow), addressing questions
such as: "What are the authorization strategies that will succeed in
the next decade?" "What technologies exist to address complex
requirements today?" "What research is academia and industry pursuing
to solve the problems likely to show up in the next few years?"

Identity as used here refers to not just the principal identifier, but
also to attributes and claims.

Call for Papers

We solicit technical papers and panel proposals from researchers,
systems architects, vendor engineers, and users. Suggested topics
include but are not limited to:

    * Analysis of existing identity management protocols and
      ceremonies (SAML, Liberty, CardSpace, OpenID, and PKI-related

    * Analysis or extension of identity metasystems, frameworks, and
      systems (Shibboleth, Higgins, etc.)

    * Design and analysis of new access control protocols and ceremonies
    * Cloud/grid computing implications on authorization and authentication

    * Assembly of requirements for access control protocols and
      ceremonies involving strong identity establishment

    * Reports of real-world experience with the use and deployment of
      identity and trust applications for broad use on the Internet (where
      the population of users is diverse) and within enterprises who use the
      Internet (where the population of users may be more limited), how best
      to integrate such usage into legacy systems, and future research
      directions. Reports may include use cases, business case scenarios,
      requirements, best practices, implementation and interoperability
      reports, usage experience, etc.

    * User-centric identity, delegation, reputation

    * Identity and Web 2.0, secure mash-ups, social networking, trust
      fabric and mechanisms of "invited networks"

    * Identity management of devices from RFID tags to cell phones;
      Host Identity Protocol (HIP)

    * Federated approaches to trust

    * Standards related to identity and trust, including X.509,
      S/MIME, PGP, SPKI/SDSI, XKMS, XACML, XRML, and XML signatures

    * Intersection of policy-based systems, identity, and trust;
      identity and trust policy enforcement, policy and attribute mapping
      and standardization

    * Attribute management, attribute-based access control

    * Trust path building and certificate validation in open and
      closed environments

    * Analysis and improvements to the usability of identity and trust
      systems for users and administrators, including usability design for
      authorization and policy management, naming, signing, verification,
      encryption, use of multiple private keys, and selective disclosure

    * Identity and privacy
    * Levels of trust and assurance

    * Trust infrastructure issues of scalability, performance,
      adoption, discovery, and interoperability

    * Use of PKI in emerging technologies (e.g., sensor networks,
      disaggregated computers, etc.)

    * Application domain requirements: web services, grid
      technologies, document signatures, (including signature validity over
       time), data privacy, etc.

Important Dates

Papers due:
    Nov 22, 2009
Notification to authors:
    Jan 15, 2010
Panel proposals due:
    Jan 24, 2010
Final papers due:
    Feb 21, 2010
Registration deadline:
    Apr 5, 2010
    Apr 13-15, 2010


Submissions should be provided electronically, in PDF, for standard US
letter-size paper (8.5 x 11 inches). Paper submissions must not exceed
15 pages (single space, two column format with 1" margins using a 10
pt or larger font) and should adhere to the ACM SIG proceedings
template at http://www.acm.org/sigs/pubs/proceed/template.html (LaTeX
users should use template Option 2). Successful technical papers
should clearly describe the contribution to the field and cite related
work. Submissions of papers must not substantially duplicate work that
any of the authors have published elsewhere or have submitted in
parallel to any other conferences or journals. Proposals for panels
should be no longer than five pages and include possible panelists and
an indication of which panelists have confirmed participation.

Detailed submission instructions can be found at our submissions
page. All submissions will be acknowledged.

Accepted papers will be published in a conference proceedings at the
symposium. Accepted papers will also appear in the ACM Digital Library
as part of the ACM International Conference Proceedings Series.