Risk-Based Security Decisions Under Uncertainty

The proceedings contain 31 papers. The topics discussed include: secure and efficient proof of storage with deduplication; measuring query privacy in location-based services; deriving implementation-level policies for usage control enforcement; discovering access-control misconfigurations: new approaches and evaluation methodologies; comparison-based encryption for fine-grained access control in clouds; relationship-based access control: its expression and enforcement through hybrid logic; bounding trust in reputation systems with incomplete information; cookie-based privacy issues on Google services; refinement-based design of a group-centric secure information sharing model; risk-based security decisions under uncertainty; quantitative access control with partially-observable Markov decision processes; role engineering: from theory to practice; and privacy streamliner: a two-stage approach to improving algorithm efficiency.