WWW logo

Data Usage Management on the Web

Held in conjunction with WWW 2012
Lyon, France
April 16th, 2012


Workshop proceedings

Workshop proceedings are now available

Workshop Program

09:00-09:15 Opening address and keynote speaker introduction
09:15-10:30 Invited talk
Ravi Sandhu - Grand Challenges in Data Usage Control
10:30-11:00 Break
11:00-12:30 Research Paper Presentations
12:30-02:00 Lunch break
02:00-03:30 Research Paper Presentations
03:30-04:00 Break
04:00-04:30 Research Paper Presentations
04:30-05:30 Panel: Is data usage management on the Web possible and/or desirable ?
05:30-05:45 Closing remarks


The keynote will be given by Ravi Sandhu, professor at the University of Texas at San Antonio.

Grand Challenges in Data Usage Control
This talk will give a personal perspective on data usage control models and mechanisms. The concept of data usage control has been formally articulated only relatively recently. It unifies a number of privacy, confidentiality and intellectual property protection requirements that have been present in the literature since the earliest days of cyber security. In my perspective, usage control is concerned with handling of data before, during and after access, and it has been widely practiced on the web at least in rudimentary form. In future it will require additional sophistication in models as well as in technical and non-technical enforcement. The talk will speculate on some of the tough and grand challenges in this arena.


The current abundance of digital data requires societal, legal, economical, and technical approaches to ensure appropriate use of this vast amount of data. Following two successful events - the Dagstuhl Seminar on Distributed Usage Control and the W3C Privacy and Data Usage Control Workshop, the goal of this workshop is to discuss current developments in usage management and to identify interesting areas of future research. Data usage control generalizes access control in order to address what happens to data in the future and after it has been shared or accessed. Spanning the domains of privacy, the protection of intellectual property and compliance, typical requirements include "delete after thirty days", "delete within five years", "notify whenever data is given away", and "don't share". However, in the near future, more general requirements may include "do not use for employment purposes", "do not use for tracking", as well as "do not use to harm me in any way". Major challenges in this field include policies, the relationship between end user actions and technical events, tracking data across layers of abstraction as well as logical and physical systems, policy enforcement, protection of the enforcement mechanisms, and guarantees.

In the workshop, we will discuss the state of the art in different approaches including preventive (such as DRM systems) and forensic (such as accountability) approaches and discuss open problems. Besides this technical perspective, we want to provide a forum for discussions on the requirements (societal, individual, technical), the guarantees that can be provided in different contexts (e.g., inadvertent vs. malicious abuse of data) and business models for developing and deploying data usage control technology.

Topics and Themes

The topics of interest include but are not limited to


We solicit short position (upto 5 pages) and long technical (upto 8 pages) papers in ACM SIG Proceedings format on all dimensions of the above problem domain. Proceedings will be published as an MIT/KIT technical report.

For formatting instructions and templates, please see ACM SIG Proceedings Templates.

All papers must be submitted via EasyChair at DUMW2012.

Important Dates

Papers Due: February 3rd, 2012
Author Notification: February 27th, 2012
Camera ready deadline: March 2nd, 2012
Workshop Date: April 16th, 2012

Program Committee


Template Design by Derby Web Design

Valid XHTML 1.1!