14:00-14:30

Registration

14:30-14:40

Welcome/Opening Remarks

14:40-15:00

Silvio Ranise.
An Overview of Research and Innovation Activities of "Security&Trust"

15:00-15:45

Johan Peeters.
OAuth is DAC. What do you do for MAC? [pdf] [slides]

15:45-16:30

Dave Tonge.
Decoupled Flows in OAuth 2.0 [pdf][slides]

16:30-16:45

Coffee Break

16:45-17:30

Vittorio Bertola and Marcos Sanz Grossón.
A fully distributed OpenID Connect deployment based on domain names: id4me - Challenges, lessons-learned and take-aways [pdf][slides]

9:00-9:30

Welcome

9:30-10.30

Invited Talk:
Alastair Reid, ARM Limited.
Creating Specifications of Real World Artifacts [slides]

10:30-10:45

Coffee Break

10:45-11:30

Oliver Yu and John Graham-Cumming (Speaker: David Kitchen).
Cloudflare Access: Transparent Authentication for Web Applications [pdf][slides]

11:30-12:15

Karthikeyan Bhargavan, Abhishek Bichhawat, Quoc Huy Do, Daniel Fett, Ralf Kuesters and Guido Schmitz.
Status Report: Formal Analysis of Web Security [pdf][slides]

12:15-13:45

Lunch

13:45-14:30

Raman Kazhamiakin.
Experiences Using OAuth 2.0 in Federated and Multichannel Open Service Platforms [pdf][slides]

14:30-15:15

Michael Jones and Brock Allen.
What Does Logout Mean? [pdf][slides][notes][other info]

15:15-15:30

Coffee Break

15:30-16:15

George Fletcher and Nat Sakimura.
Native SSO for Mobile Apps [pdf][slides]

16:15-17:30

General Discussion and Business Meeting

...

20:00

Dinner at Forst Restaurant Trento (Via Oss-Mazzurana 38, Trento)

8:45-9:15

Welcome

9:15-10:15

Invited Talk:
Carlos Gómez Muñoz. European Commission, DG CONNECT H4, eGovernment & Trust Unit
eID under eIDAS: Building Trust in a Digital Society [slides]

10:15-11:00

Hannes Tschofenig.
Analyzing the IETF ACE-OAuth Protocol [pdf][slides]

11:00-11:15

Coffee Break

11:15-12:00

Neil Madden.
Misuse-resistant cryptography for JOSE/JWT [pdf][slides]

12:00-12:45

Torsten Lodderstedt.
OAuth for Financial APIs - The OAuth mode of Berlin Group's PSD2 API [slides]

12:45

Lunch