The 3rd Workshop on Security, Privacy, and Identity Management in the Cloud

to be held in conjunction with the ARES EU Projects Symposium 2018, held at ARES 2018
(ARES 2018 – )

August 27 – August 30, 2018, Hamburg , Germany
ARES EU Projects Symposium: August 27, 2018

The DPSP Cluster brings together more than 20 European research and innovation projects in the area of data protection, security, and privacy in the cloud. It aims at joining forces to maximize efficiency, visibility, and impact of the member projects. Special thanks goes to MUSA and SWITCH for their contribution to this year’s SECPID workshop.



The ambition of PRISMACLOUD is to develop and show-case cryptographic tools that protect the security and privacy of user data during its lifecycle in the cloud. In particular, the project focuses on the development of (information theoretically) secure storage solutions as well as efficient, privacy preserving yet verifiable computing on authenticated data.

Complementary to this, CREDENTIAL aims at developing privacy friendly means for storing and sharing personal data in the cloud, and at realizing an “identity and access management as a service” system supporting publicly certified identity data.


Over the last years, the computing paradigm has experienced a massive shift from local to cloud-based applications. As a result, users and organizations do no longer have full control over their data and services, but they rely on third-party cloud providers.

This development poses various challenges concerning the integrity and confidentiality of data as well as the privacy of users of such systems. Currently, no satisfactory solutions to these challenges exist, which is a roadblock for the large-scale deployment of cloud-based applications handling sensitive data such as electronic health records.

The aim of this symposium is to provide a platform to discuss innovative ideas related to the following questions: How can cloud services be made more trustworthy? How can we build distributed systems without single point of failure or trust? How to design end-to-end secure services in an untrusted environment? Which methodologies and technologies are required to integrate security and privacy by design? Is it possible to give back users full control over which data they want to reveal when and to whom?

Topics of interest comprise but are not limited to:

  • Malleable signatures
  • Privacy-preserving authentication
  • Proxy cryptography
  • Format preserving encryption
  • Order preserving encryption
  • Secret sharing
  • Cloud cryptography
  • Secure distributed systems
  • Secure outsourced data processing
  • Security for federated cloud environments
  • Security and privacy in web services
  • Security and privacy in cloud scenarios
  • Fault tolerance in distributed systems
  • Auditing of cloud based systems
  • Transparency-enhancing technologies
  • Identity management
  • Authentication and authorization
  • Application areas (smart cities, etc.)
  • Integrity and verifiability of outsourced computation
Important dates:
Submission Deadline May 2, 2018
Author Notification June 1, 2018
Proceedings Version June 29, 2018
ARES EU Symposium August 27, 2018
Conference August 27 – August 30, 2018
Workshop Chair

Stephan Krenn
AIT Austrian Institute of Technology GmbH, Austria

Thomas Lorünser
AIT Austrian Institute of Technology GmbH, Austria

Erkuden Rios Velasco
Fundación Tecnalia Research & Innovation, Spain

Program Committee

Manuel Barbosa (HASLab – INESC TEC and FCUP, Portugal)
Jan Camenisch (IBM Research – Zurich, Switzerland)
Sherman S. M. Chow (The Chinese University of Hong Kong, Hong Kong)
Simone Fischer-Hübner (Karlstad University, Sweden)
Thomas Gross (University of Newcastle upon Tyne, United Kingdom)
Reto Koenig (Bern University of Applied Sciences, Switzerland)
Andreas Mauthe (Lancaster University, United Kingdom)
Henrich C. Pöhls (University of Passau, Germany)
Jetzabel Serna (Goethe University Frankfurt, Germany)
Octavian Fratu (University Politehnica of Bucharest, Romania)
Alexandru Vulpe (University Politehnica of Bucharest, Romania)


The submission guidelines valid for the SECPID workshop are the same as for the ARES conference. It is necessary that all papers submitted to EasyChair are anonymized (no names or affiliations of authors should be visible in the paper) . They can be found >>here<<.


If you have any questions, please contact Stephan Krenn <stephan.krenn[at]>.