STM 2005 - First ERCIM Workshop on Security and Trust Management
by Sjouke Mauw
The ERCIM Working Group Security and Trust Management (STM) organized a successful workshop in Milan, Italy on 15 September 2005. The initiative for this workshop was taken at the founding meeting of the STM Working Group in January 2005 in order to fulfil some of the groups goals; in particular to bring researchers together and stimulate scientific discussion.
The organization of the workshop, co-located with ESORICS'05, was in the hands of Fabio Martinelli, Pierangela Samarati (general co-chairs), Valerie Issarny, Sjouke Mauw (Programme Committee co-chairs) and Cas Cremers (vice-chair). Due to the high number of submissions (36) the programme committee selected nine papers of high quality, which were presented at the workshop and will appear in a special issue of ENTCS.
The workshop had a broad scope, ranging from cryptography and formal methods to physical security. The link between the major topics, security and trust, was made by keynote speaker Prof. Dieter Gollmann, who challenged the audience with his presentation entitled Why Trust is Bad for Security. He argued that the notion of trust has many different (often conflicting) interpretations, and there is a need for clarity and precision.
The first session of the workshop covered smart-dust security, a formal approach to multiparty contract signing and the development of security models for mobile agent security. In the second session, the notions of credit and responsibility were formalized, a new scheme for trapdoor hash functions was presented, and access-control mechanisms based on trust were studied. The third and final session was completely dedicated to trust management. It covered the extension of role-based trust management languages with non-monotonicity, assigning trust values to metadata, and a new authorization strategy for distributed environments.
Given the success of this first STM workshop and the interest it generated, we believe that this will be the first of a series of successful workshops.
Sjouke Mauw, Eindhoven University of Technology and Centre for
Mathematics and Computer Science, Amsterdam, The Netherlands
Fabio Martinelli, IIT-CNR, Italy