IEEE S & P Workshops

4th International Workshop on Data Usage Management

An IEEE CS Security & Privacy Workshop (SPW 2013)

co-located with the IEEE Symposium on Security and Privacy (SP)

Thursday, May 23, 2013

San Francisco, CA, USA


Data usage control generalizes access control to what happens to data in the future and after it has been given away (accessed). Spanning the domains of privacy, the protection of intellectual property and compliance, typical current requirements include ”delete after thirty days”, ”don’t delete within five years”, ”notify whenever data is given away”, and ”don’t print”. However, in the near future more general requirements may include ”do not use for employment purposes”, ”do not use for tracking”, as well as ”do not use to harm me in any way”. Major challenges in this field include policies, the relationship between end user actions and technical events, tracking data across layers of abstraction and logical as well as physical systems, policy enforcement, protection of the enforcement mechanisms and guarantees.

Following three successful events - the Dagstuhl Seminar on Distributed Usage Control, the W3C Privacy and Data Usage Control Workshop, and the WWW 2012 Workshop on Data Usage Management on the Web - the goal of the 4th International Workshop on Data Usage Management is to discuss current technical developments in usage control and, in particular, foster collaboration in the area of usage representation (policies is one mechanism), provenance tracking, misuse identification, and distributed usage enforcement. Though enabling privacy through careful and controlled dissemination of sensitive information is an obvious fallout of usage control, this workshop is interested in understanding data usage control as a whole. The workshop is also interested in discussing domain-specific solutions (which typically exist in semi-controlled environments) and their generalization to more open environments such as the Web.

Topics and Themes

The topics of interest include but are not limited to
  • social (i.e. reputation systems) or economical (incentive based) approaches to usage control
  • provenance generation
  • provenance tracking
  • accountability
  • usage enforcement
  • usage policies
  • privacy
  • mis-use detection
  • different perspectives to usage management
  • domain-specific solutions to usage control


We solicit short position (upto 5 pages) and long technical (upto 8 pages) papers in IEEE Proceedings format on all dimensions of the above problem domain. Papers accepted by the workshop will be published by the IEEE Computer Society Press. Digital version of the proceedings will be made available to attendees.

All papers must be submitted via EasyChair at

Important Dates

Papers due: February 11, 2013
Author notification: March 5, 2013
Camera ready and early registration deadline: April 1, 2013
Workshop Date: May 23rd, 2013

Program Committee

Stefan Katzenbeisser, U Darmstadt
Jaehong Park, University of Texas at San Antonio
Renato Iannella, Semantic Identity
David Chadwick, University of Kent
Fabio Martinelli, IIT-CNR
Anupam Datta, CMU
Guenter Karjoth, IBM
David Basin, ETH Zurich
Sandro Etalle, T.U. Eindhoven and University of Twente
Stephan Micklitz, Google
Tim Finin, UMBC
Helen Nissenbaum, NYU


09:00-09:10 Welcome
09:10-10:10 Keynote
Alan Davidson, Visiting Scholar, Technology and Policy Program MIT, former head of U.S. public policy for Google
10:40-12:10 Research Paper Presentations (30 mins each)
10:40-11:10: Log Design for Accountability, Denis Butin, Marcos Chicote and Daniel Le Métayer
11:10-11:40: An Integrated Formal Approach to Usage Control, Piero Bonatti, Luigi Sauro, Marco Faella and Clemente Galdi
11:40-12:10: How Usage Control and Provenance Tracking Get Together - A Data Protection Perspective, Christoph Bier
12:15-13:30 Lunch
13:30 - 15:15 Position Paper Presentations (20 mins each)
13:30-13:50: The Cloud Needs Cross-Layer Data Handling Annotations, Martin Henze, René Hummen and Klaus Wehrle
13:50-14:10: Privacy Preserving Data Analytics for Smart Homes, Antorweep Chakravorty, Tomasz Wlodarczyk and Chunming Rong
14:10-14:30: "I hereby leave my email to...": Data Usage Control and the Digital Estate, Stephan Micklitz, Martin Ortlieb and Jessica Staddon
14:30-15:00: The Probabilistic Provenance Graph, Nwokedi Idika, Mayank Varia and Harry Phan
15:15-15:45 Coffee
15:45-16:05 Position paper: Toward Inference Control Mechanisms, Rafael Accorsi
16:05-17:30 Panel: Data usage management - technology versus regulation ?
The panel will address these following questions and more ...
  • do/should users care about usage management
  • should corporations and governments care
  • should the research community care
  • is this something that only regulation will solve
  • proposed technical solutions
  • proposed regulatory solutions
  • hybrid solutions
Carl Gunter, University of Illinois
Günter Karjoth, IBM Research GmbH
Fabio Martinelli, Istituto di Informatica e Telematica - IIT, National Research Council - C.N.R.
Ravi Sandhu,University of Texas at San Antonio
Daniel Weitzner, Massachusetts Institute of Technology
17:30-17:45 Thanks and wrap-up



The proceedings are available in IEEE eXplore ISBN 978-0-7695-5017-6

Our Supporters

MSR         MSR         nesso         SOICCenter for Security Informatics
$Date: 2013-10-25 11:20:46 -0400 (Fri, 25 Oct 2013) $