Theme: Secure and convenient access control

All software systems, from enterprise data centers to small businesses and consumer-facing applications, must make access control decisions for protected data. IDtrust is a venue for the discussion of the complete access control process (authentication, authorization, provisioning and security decision workflow), addressing questions such as: "What are the authorization strategies that will succeed in the next decade?" "What technologies exist to address complex requirements today?" "What research is academia and industry pursuing to solve the problems likely to show up in the next few years?"

Identity as used here refers to not just the principal identifier, but also to attributes and claims.

We solicit technical papers and panel proposals from researchers, systems architects, vendor engineers, and users. Suggested topics include but are not limited to:

• Analysis of existing identity management protocols and ceremonies (SAML, Liberty, CardSpace, OpenID, and PKI-related protocols)
• Analysis or extension of identity metasystems, frameworks, and systems (Shibboleth, Higgins, etc.)
  
• Design and analysis of new access control protocols and ceremonies
  
• Cloud/grid computing implications on authorization and authentication
  
• Assembly of requirements for access control protocols and ceremonies involving strong identity establishment
  
• Reports of real-world experience with the use and deployment of identity and trust applications for broad use on the Internet (where the population of users is diverse) and within enterprises who use the Internet (where the population of users may be more limited), how best to integrate such usage into legacy systems, and future research directions. Reports may include use cases, business case scenarios, requirements, best practices, implementation and interoperability reports, usage experience, etc.
  
• User-centric identity, delegation, reputation
• Identity and Web 2.0, secure mash-ups, social networking, trust fabric and mechanisms of ?invited networks?
• Identity management of devices from RFID tags to cell phones; Host Identity Protocol (HIP)
• Federated approaches to trust
• Standards related to identity and trust, including X.509, S/MIME, PGP, SPKI/SDSI, XKMS, XACML, XRML, and XML signatures
• Intersection of policy-based systems, identity, and trust; identity and trust policy enforcement, policy and attribute mapping and standardization
• Attribute management, attribute-based access control
• Trust path building and certificate validation in open and closed environments
• Analysis and improvements to the usability of identity and trust systems for users and administrators, including usability design for authorization and policy management, naming, signing, verification, encryption, use of multiple private keys, and selective disclosure
• Identity and privacy
• Levels of trust and assurance
• Trust infrastructure issues of scalability, performance, adoption, discovery, and interoperability
• Use of PKI in emerging technologies (e.g., sensor networks, disaggregated computers, etc.)
• Application domain requirements: web services, grid technologies, document signatures, (including signature validity over time), data privacy, etc.
  
  A number of panels are also scheduled to be presented. Details will be posted on the conference website as they become available.

William Polk, NIST, Gaithersburg, MD, phone: 301/975-3348, fax: 301/975-8670, email: william.polk@nist.gov

A block of rooms has been reserved for the nights of April 12-14 at the Holiday Inn Gaithersburg, Two Montgomery Village Avenue, Gaithersburg, MD 20879. The special rate is $113.00 per night plus 13% tax.To make your reservation, please contact the hotel directly at 301/948-8900 by March 22, 2010, and mention that you are attending the "IDtrust 2010".