Proceedings of the 8th Symposium on Identity and Trust on the Internet

Welcome to the 8th Symposium on Identity and Trust on the Internet (IDtrust 2009). This symposium brings together academia, government, and industry to explore all aspects of identity and trust. IDtrust is devoted to research and deployment experience related to making good security decisions based on identity information, especially when public key cryptography is used and the human elements of usability are considered. We aim to get practitioners in different sectors together to apply the lessons of real-world deployments to the latest research and ideas on the horizon. The technical program includes 10 peer-reviewed papers that were accepted from 30 submissions, giving an acceptance rate of 33%. Each paper received an average of 4 reviews by members of the program committee. We especially thank members of the program committee that shepherded several papers during final revisions, continuing our tradition of quality peer review. In addition to the technical papers, the program also includes invited talks, panels, and a work-in-progress (RUMP) session. The topics in this year's program cover a wide range of timely issues. Federations present challenging identity and trust issues, and we will explore high-level policy creation between organizations, usable technical approaches, and real-world use cases in incident response. We will also explore scalability issues in federations. Panel presentations will include lively discussions that compare alternative approaches to authentication and authorization. We will also explore strategies for designing systems that resist vulnerabilities in the underlying cryptography primitives. The browser has become the de facto client platform, and advances in browser security will be explored.