As I know that access control and related policies are high on our agendas, the attached may be of interest. Securely yours and Happy Holidays, Frank. --- Call for Presentations Ottawa Workshop on: "New Challenges for Access Control" Present day information technology architectures can enable new business models and reduce the cost of doing business. However, legislative and regulatory pressures impose severe penalties on those who exploit these architectures without due consideration to privacy and integrity. Unfortunately, current technology is insufficient for addressing the new access control challenges and this has led to a renewed interest in effective approaches for addressing these challenges. The information security community is seeking new, innovative techniques to help it navigate this minefield with cost-effective tools for managing access control and privacy policies and enforcing them consistently across a broad range of applications, including email, file transfer, the Web and Web services, removable media, instant messaging, databases and repositories. Recent developments in access control and privacy include the development of a standard model for role-based access control, standard expression languages for specifying access control policies and the application of access control methods to structured resources, such as • XML documents, • personally-identifiable information, • digital rights, • interfaces in a service-oriented architecture, • delegation of permissions, • role-based access control, • networks and computers and • business-process workflow. The Ottawa Centre for Research and Innovation, in collaboration with Entrust Inc., the Université du Québec en Outaouais and the University of Ottawa is holding a one-day workshop entitled “New Challenges for Access Control” in Ottawa on 27th April 2005. The workshop will provide an opportunity for practitioners and researchers to share their ideas and experiences on such topics as: • Access control requirements, • Access control models, • Access control policy expression languages, • Access control and privacy policies • Access control architectures, • Policy management architectures and • Tools for developing and analyzing access control and privacy policies. Proposals covering any of the following aspects are encouraged. • Research, • Implementation experience, • Applications and • Case studies. Tutorial and review presentations are also welcome. The program committee invites you to submit a proposal for a presentation or panel discussion that addresses one or more of the above topics. The program committee may adapt or restructure proposals submitted in order to ensure an interesting and technically compelling program. The main selection criterion will be that the abstract provides a clear and complete presentation of some important aspect of the workshop topics. Presentations will be 30 minutes in duration, including question and answer time. Panel sessions will be 50 minutes in duration. Proposals for panels should include the title, 3 to 4 potential panelists (name and/or role) and proposed format (e.g. Q&A, short presentations, etc.). The organizers will publish proceedings of the workshop. Authors should arrange for any necessary releases for publication prior to submission of their proposal. To submit a proposal, please send the following information by email to ncac05@entrust.com: • The full contact details (name, affiliation, email, phone, postal address) of one presenter who will act as the primary contact for the presentation or panel discussion, • The full list of authors, • A 1-page abstract outlining the subject and key points of your presentation or panel discussion or • A short slide presentation on the topic. All submissions will be acknowledged. Important dates: Abstract deadline 4 Feb 2005 Presenter notification 3 Mar 2005 Slides deadline 14 Apr 2005 Workshop 27 Apr 2005 The program committee consists of the following • Carlisle Adams (U of O) • Kamel Adi (UQO) • Anne Anderson (Sun Microsystems) • Eugen Bacic (Cinnabar) • Dan Craigen (ORA) • Petre Dini (CISCO) • Ramiro Liscano (U of O) • Luigi Logrippo (UQO) • Tim Moses (Entrust) • Seth Proctor (Sun Microsystems) • Steve Zeber (DRDC) -- Frank Siebenlist franks@mcs.anl.gov The Globus Alliance - Argonne National Laboratory