From Asset
Jump to: navigation, search

International Workshop on Adaptive Security & Privacy Management for the Internet of Things (ASPI 2013)

 Workshop Website:

Time and Location: September 8th (Sunday) 2013, Zurich, Switzerland

Co-located with the 15th ACM International Conference on Ubiquitous Computing (UbiComp2013),




Sept. 8 (Sunday)





Welcome & Introduction to the Workshop (S. Poslad)

Keynote speech
Let us Develop a Secure IoT Environment, Peter Mueller, IBM Zurich


Session 1

Resilient & Transparent Security Schemes for the IoT

  • 6LoWPAN Security: Adding Compromise Resilience to the 802.15.4 Security Sublayer (K-F Krentz)
  • Delay Sensitive Distributed Sensor Data Exchange for an IoT (R. Tao, S. Poslad)



Coffee Break

Keynote speech
Towards Adaptive Risk Management for the IoT, Mohamed Hamdi, Sup'Com


Session 2

Trust, Metrics and Adaptive Security Approaches for the IoT

  • Trusted Tiny Things: Making Internet of Things More Transparent to Users (E. Pignotti, P. Edwards)  
  • Metrics-Driven Security Objective Decomposition for an E-Health Application with Adaptive Security Management (R. Savola, H. Abie)                                          




Session 3

Security implementation issues in the IoT

  • Lightweight Security Vehicle Tracking System Using CoAP (A. Ukil, S. Bandyopadhyay, A. Bhattacharyya, A. Pal)
  • Secure Cooperative Physical-layer Coding for the Internet of Things (M. Hamdi)                                                        
  • A Testbed for Adaptive Security for IoT in eHealth (Y. B. Woldegeorgis, H. Abie, M. Hamdi)
  • Closing remarks and discussion (S. Poslad)



International Workshop on Adaptive Security & Privacy management for the Internet of Things (ASPI 2013)

held in conjunction with UbiComp 2013, September 8-12, 2013, in Zurich, Switzerland.

For Registration:

Please refer to conference Website and use the workshop code: W0?‐ASPI

Registration link:

Workshop Description

The Internet of Things (IoT) denotes the interconnection of highly heterogeneous networked entities and networks following a number of communication patterns such as: human-to-human (H2H), human-to-thing (H2T), thing-to-thing (T2T), or thing-to-things (T2Ts). Nowadays, the IoT presents a strong focus of research with various initiatives working on the (re)design, application, and use of existing and new Internet technology for the IoT. Several significant challenges should be addressed to fulfil the IoT vision, including security and privacy. The Internet is already under continuous threats and the addition of many additional types of devices and interaction will open new security breaches so as to spark new malicious actions. Security and privacy management for the IoT remains a core challenge.

Many IoT devices may have zero or minimal security by design because they are low resource, low power devices, designed to work as closed vertical services. Security threats and risks may be higher because devices are unattended, use local wireless communication that have no or weak encryption making them more susceptible to eavesdropping and because users find security too unusable to setup and operate and hence leave devices relatively unsecure. It may be easier to reproduce and fake data sources, access nodes and data sinks that interact with IoT devices in order to attack devices or the services they access. Devices can be moved between or removed from private, communal, public and hostile physical spaces with differing levels of infrastructural security and privacy.  There is a higher risk of a loss of privacy for human users and organisations because of an increased ability to eavesdrop, because of wireless networks with soft boundaries, and because embedded environment devices can sense smaller amounts of physical trails with a greater degree of sensitivity and accuracy.  A specific focus is on the need for IoT security and privacy to adapt to changing contexts. The adaptation has multiple dimensions. We can adapt existing conventional security models to more effectively secure an IoT. We can adapt security pre-planned and unplanned context changes such as different moving around in different physical spaces. IoT systems can be designed to self-adapt. IoT systems can adapt to the active (re) configuration and maintenance of IoT devices and systems of devices by users and by artificial agents.

The proposed workshop intends to bring together researchers and practitioners from relevant fields to present and disseminate ongoing research for vision for the security and privacy models, protocols, algorithms, context-awareness for security, and devices that can be implemented in the Internet of Things and to relate these to ubiquitous computing. It aims to facilitate knowledge transfer and synergy, bridge gaps between the IoT and UbiComp research communities and related groups for mutual benefit, to help identify opportunities and challenges for interested researchers, system developers and innovators.

It will cover topics at both theoretical and applied aspects in this multi-disciplinary research area. The workshop will be organised in a proactive and encompassing format, i.e., containing a mixture of invited talks, oral presentations and an open panel discussion. The organisers fully believe that the themes of the workshop will have a significant impact to develop secure ubiquitous computing services based on the Internet of Things, and have the determination to organise the same workshop in the coming years. Through the workshop it is expected that a core research community in this area can be formed that nurtures relevant research and facilitates dissemination of results and will feed these into UbiComp. The workshop will include a programme committee consisting of high profile researchers in relevant research areas and a specific plan to promote it. In addition to publication in ACM digital library, selected accepted papers will be published in an international Journal and potentially a book - refer to the publication section below.

Topics of Interest

Workshop topics include, but are not limited to:

  • Methods for adaptive security and privacy for IoTs
  • Context reasoning, fusion, transformation, and inference and context-aware actuators for adaptive security and privacy
  • Identity management issues for the Internet of Things including biometrics and behavioral analysis.
  • Privacy Management safeguards based upon Privacy Enhanced Technologies (PET) and reducing the effect of Privacy-Invasive Technologies (PIT)
  • Legislative Approaches to Privacy based upon opt-in and opt-out
  • User surveillance via smart environment devices.
  • Lightweight and low energy cryptosystems for secure ubiquitous computing
  • Protecting unattended devices to be tamper-proof, tamper-resistant or tamper-evident
  • Implementing practical testbeds that allow the analysis of the security performance of BANs
  • User-centered security, privacy and safety management
  • Vulnerabilities and threats for the Internet of Things
  • Security monitoring for ubiquitous computing
  • Trust and governance models for the IoT
  • Fault-tolerant IoT architectures
  • Risk-based adaptive security for IoT
  • Analytics and predictive models for adaptive security in IoT
  • Adaptive risk management models for security in IoT
  • Adaptive security decision-making models for IoT
  • Self-adaptive security approaches
  • Evaluation and Validation models for adaptive security


The workshop aims to attract researchers and practitioners from cross-disciplinary and relevant research communities involved in IoT security and privacy including those that work in next generation internets including sensor networks, mobile device networks, distributed, mobile and autonomous systems and services, context-aware systems, distributed AI and HCI.  The audience encompasses those with a wide range of expertise in modelling complex systems, developing methodologies, systems and infrastructures, application developers and users with expertise and experience in user requirements, system implementation and evaluation of IoT systems that support enhanced security and privacy. For researchers this workshop opens up application opportunities and technological challenges. For solution developers and providers of specific application domain, this workshop provides an opportunity for them to convey their needs and requirements, and also obtain first-hand information on the latest advances in technologies, prototypes, and application exemplars. We encourage participation from both academia and industry with its emphasis on technological innovation and practical applications.


Submitted papers will be peer-reviewed by a program committee and selected for publication and presentation on the basis of originality, significance of the contribution to the field, quality of research, quality of writing, and technical correctness.

All accepted workshop papers will be included in the ACM digital library and the supplemental proceedings. In addition, it is planned that selected high-quality papers will be invited to be revised and extended to be published in a special issue of an appropriate journal, e.g., International Journal of Pervasive computing and Communications (IJPCC). In addition, if a sufficient number of high-quality submissions are received, it is intended that a dedicated book will be edited for the Book Series: Atlantis Ambient and Pervasive Intelligence published by Springer.

Submission and Formatting

We invite two types of submissions for this workshop: Full Technical Papers and Short Position Papers. A Full Paper should provide solid conceptual and theoretical foundation and substantial support for its results and conclusions as a significant contribution to the field. Successful submissions typically represent a major advance for the proposed topics. As such, Full Papers should include a survey of related work; a detailed and understandable explanation of a system, study, theory or method; and an implementation and evaluation of the work.

A Position Paper could be a miniaturised Full Paper, i.e., it reports new results that provide a novel and valuable contribution to the field, albeit for a shorter contribution. In this case, the paper should still state how they fit with respect to related work, and provide a compelling explanation and validation. A Position Paper could also be ‘work in progress’, i.e., it reports the latest emerged ideas, approaches, methodologies, systems and application scenarios but have not yet been fully implemented and/or undergone extensive evaluation. In this case, the paper must present ground-breaking work that has not been explored before and /or the latest development in some area of the proposed topics that is totally new.

Papers can report on completed or work in progress in any of the topics of interests of the workshop (but not limited to them), including use-cases and descriptions of demonstrations. Format requirements for submissions of papers are:

  • Maximum 10 pages, including the abstract (no more than 150 words), all figures and references for Full Technical papers.
  • Maximum 5 pages, including the abstract (no more than 150 words), all figures and references for Short Position Papers.
  • All submissions should be formatted according to the Ubicomp ACM Word or Latex Template. Please download and use the required templates to prepare your submission.
  • All papers must be submitted in PDF format and conform to the guidelines specified in this call.
  • All submissions must be directly sent in PDF format via email to the organizers Stefan Poslad ( or Mohamed Hamdi ( or Habtamu Abie (

Important Dates (due to a strong demand, we extended the deadline)

  • Paper Submission Deadline:    15 July, 2013  31 July, 2013
  • Acceptance Notification:          26 July, 2013  08 Aug, 2013
  • Camera Ready Version:           31 July, 2013  12 Aug, 2013
  • Workshop:                              8 September, 2013

Meeting Agenda  

Given that the workshop covers a wide range of research topics in a diversity of research areas, we expect that it will attract substantial submissions. It is required that at least one author of an accepted paper registers for the workshop and present the paper at the workshop. We also expect that many attendees for the main conference will participate in this workshop. As such, the workshop is planned to be a full-day meeting, which will consist of:

  • An opening session to introduce the workshop topics, goals, participants, and expected outcomes.
  • One or two invited talks from academia and industry respectively, carefully intermixed with presentation of contributed papers:  one will be from a leading researcher to give an in depth analysis of near term IoT and another to highlight the research and experience from successful deployment.
  • Technical presentation in a mixture of technical papers and short position papers. Full Papers will be allocated longer presentation time slots at the workshop than short position papers.
  • A panel discussion about open problems and future research directions.
  • A wrap-up session summarizing the workshop (including formal or informal discussions).

To facilitate discussion among workshop participants, presentations will be arranged in a way such that ample Q&A time is provided. For the panel discussion, panel members will be formed from high profile researchers from the attendees of the conference, the organisers and the invited speakers.

Contact / Organizers

Stefan Poslad
Queen Mary University of London

Mohamed Hamdi
School of Communication Engineering, Tunisia

Habtamu Abie
Norwegian Computing Center

Program Committee

· Jemal Abawajy, Deakin University, Australia

· Manel Abdelkader, Tunis Business School, Tunisia

· Yasir Alfadhl, Queen Mary University of London, UK

· Evesti Antti, VTT Technical Research Centre of Finland, Finland

· Ilangko Balasingham, Oslo University Hospital, Norway

· John Bigham, Queen Mary University of London, UK

· Eliane Bodanese, Queen Mary University of London, UK

· Jim Clarke, Waterford Institute of Technology - TSSG, Ireland

· Theo Dimitrakos, BT Research & Technology, UK

· Soufiene Djahel, University College Dublin, Ireland

· Ilesh Dattani, Digital Ecosystem, UK

· Pål Anders Floor, University of Oslo, Norway

· Lothar Fritsch, Norwegian Computing Center, Norway

· Dieter Gollmann, Hamburg University of Technology, Germany

· Tai-Hoon Kim, School of Computing & Information Science, University of Tasmania, Australia

· Hristo Koshutansky, University of Malaga, Spain

· Marina Krotofil, Hamburg University of Technology, Germany

· Wolfgang Leister, Norwegian Computing Center, Norway

· Shiguo Lian, France Telecom R&D, China

· Javier Lopez, University of Malaga, Spain

· Antonio Mana, University of Malaga, Spain

· Paolo Masci, Queen Mary University of London, UK

· Amel Meddeb-Makhlouf, ISECS, Tunisia

· Mohamed Mejri, University of Laval, Canada

· Edmundo Monteiro, University of Coimbra, Portugal

· Mohammad Mozumdar, California State University, Long Beach, USA

· Peter Mueller, IBM Zurich Research Laboratory, Switzerland

· Eiji Okamoto, University of Tsukuba, Japan

· Ebenezer Paintsil, Norwegian Computing Center, Norway

· Rodrigo Roman, Institute for Infocomm Research, Singapore

· Domenico Rotondi, TXT e-solutions, Italy

· Hossein Sarrafzadeh, Unitech, New-Zealand

· Reijo Savola, VTT Technical Research Centre of Finland, Finland

· Pekka Savolainen, VTT Technical Research Centre of Finland, Finland

· Åsmund Skomedal, Norwegian Computing Center, Norway

· Einar Snekkenes, Gjøvik University College, Norway

· Srinivas Srivathsanagopalan, CTS/VISA, USA

· Denis Treck, University of Ljubljana, Slovenia

· Jari Veijalainen, University of Jyväskylä, Finland