The 2nd Workshop on Security, Privacy, and Identity Management in the Cloud

to be held in conjunction with the ARES EU Projects Symposium 2017, held at ARES 2017
(ARES 2017 – )

August 29 – September 1, 2017, Reggio Calabria, Italy
ARES EU Projects Symposium: August 29, 2017

The DPSP Cluster brings together more than 20 European research and innovation projects in the area of data protection, security, and privacy in the cloud. It aims at joining forces to maximize efficiency, visibility, and impact of the member projects. SECPID 2017 will in particular be supported by , MUSA , PaaSword , SERECA , SecureCloud and WITDOM .



The ambition of PRISMACLOUD is to develop and show-case cryptographic tools that protect the security and privacy of user data during its lifecycle in the cloud. In particular, the project focuses on the development of (information theoretically) secure storage solutions as well as efficient, privacy preserving yet verifiable computing on authenticated data.

Complementary to this, CREDENTIAL aims at developing privacy friendly means for storing and sharing personal data in the cloud, and at realizing an “identity and access management as a service” system supporting publicly certified identity data.


Over the last years, the computing paradigm has experienced a massive shift from local to cloud-based applications. As a result, users and organizations do no longer have full control over their data and services, but they rely on third-party cloud providers.

This development poses various challenges concerning the integrity and confidentiality of data as well as the privacy of users of such systems. Currently, no satisfactory solutions to these challenges exist, which is a roadblock for the large-scale deployment of cloud-based applications handling sensitive data such as electronic health records.

The aim of this symposium is to provide a platform to discuss innovative ideas related to the following questions: How can cloud services be made more trustworthy? How can we build distributed systems without single point of failure or trust? How to design end-to-end secure services in an untrusted environment? Which methodologies and technologies are required to integrate security and privacy by design? Is it possible to give back users full control over which data they want to reveal when and to whom?

This year’s invited talk will be given by the H2020 project ReCRED .

Topics of interest comprise but are not limited to:
Malleable signatures