Research
People
- Leadership
- People
- Jobs
- Awards
- Blogs
About
- About
- Worldwide Sites

Marco Casassa Mont - Web Page - HP Labs

Senior Researcher
Cloud & Security Lab
Bristol, UK

Biography

Related links
- »HP Labs Palo Alto

My links
- »Detailed Biography
- »Projects
- »Publications
- »Inventions
- »Professional Activity
- »Previous Work and Education
- »Blogs and Other Links
- »My Personal web Page
- »My Contacts

I am a Senior Research Scientist at the Hewlett Packard Laboratories in Bristol, UK - Cloud & Security Lab (CSL). This web page contains public information about my R&D work, inventions, publications, technical reports and professional activity. Additional information is available about my biography (CV) and education.

My expertise and current R&D interests are in the following areas:

Security & Security Management
Security & Identity Analytics
Situational Awareness, Event Management, SIM/SEM
Cloud Computing
Identity and Access Management Technologies and Solutions
Risk Management, IT & Data Governance and Compliance
Trust, Security and Privacy Technologies for People, Enterprises and Web environments
Web Services, Internet and Web 2.0 technologies
Adaptive Systems, Automation and Policy Management

I am the technical lead in the areas of Identity & Security Analytics; IAM; UK TSB EnCoRe Privacy project. I recently become the UK EnCoRe Project Coordinator. I am also the lead of the EnCoRe Work Package 2, in charge of defining architectural and design solutions.

During my 15 years at HP Labs, I have been the lead in a variety of R&D programs including collaborations with and technology transfers to HP business units and international projects (in the security, identity management and privacy areas), such as the EU F6 PRIME project (Privacy and Identity Management for Europe) and UK TSB EnCoRe project (Ensuring Consent and Revocation).

I am collaborating with HP Enterprise Security Solutions and contributing to their Security Analytics and Security Innovation offerings, in particular in providing risk assessment and strategic decision support capabilities in the Security, Incident Management and IAM areas.

I am active on the publication and patenting front. I am part of various (IEEE, ACM, etc.) conference Program Committees. I am a Senior Member of IEEE. I am also an IISP member. I have more than 45 patents filed (about 80, considering patents filed in multiple countries) and 11 patents granted.

I run a blog on "Research on Security and Innovation in the Cloud" to share ideas and opinions on future R&D security and Cloud areas.

Recent Work and News

IEEE CloudCom 2011	IEEE CloudCom 2011 [November 2011]: Siani Pearson, Marco Casassa Mont, Liqun Chen, Archie Reed, End-to-end Policy-based Encryption and Management of Data in the Cloud, 29 November - 1 December 2011, Athens, Greece.
UK EnCoRe Project	EnCoRe Technical Architecture [November 2011]: The EnCoRe third Technical Architecture has been released and is available online. It specifically focuses on the third case study involving UK Cabinet Office/Identity Assurance scenarios.
IEEE Computer Magazine	IEEE Computer Magazine [September 2011]: article published by IEEE Computer Magazine: Siani Pearson, Marco Casassa Mont - Sticky Policies: An Approach for Managing Privacy across Multiple Parties, Volume 44, Number 9, September 2011, 2011.
EnCoRe Engagement with UK Cabinet Office	EnCoRe Engagement with the UK Cabinet Office [August/September 2011]: I am continuing to coordinate the UK collaborative EnCoRe Project. Specifically, we managed to successfully engage with the UK Cabinet Office/Identity Assurance (IdA) Programme to transfer EnCoRe capabilities for privacy and consent management. This is part of the ongoing EnCoRe exploitation plan.
Security Analytics	Security Analytics Case Study with Major HP Customer [August 2011]: I successfully delivered a Security Analytics case study in the space of Incident and Remediation Management Processes, jointly carried out with a major HP customer in UK. This work will form the basis for HP ESS's Security Analytics offerings in the space of Incident and Remediation Management.
IEEE Policy 2011 Symposium	IEEE Policy 2011 Symposium [June 2011]: paper presented at the IEEE Policy 2011 Symposium: Marco Casassa Mont, Richard Brown - Risk Assessment and Decision Support for Security Policies and Related Enterprise Operational Processes, 6-8 June 2011, Pisa, Italy. The presentation is available online.
UK Collaborative EnCoRe Project	UK Collaborative EnCoRe Project [May 2011]: I have recently become the Project Coordinator of the UK TSB EnCoRe project. I am also the lead of the EnCoRe WP2 package, in charge of producing architectural and design solutions for EnCoRe.
Program Committees	Serving in Program Committees [May 2011]: I am serving as a member of the TrustBus 2011 and PriMo 2011 Program Committees
WEIS 2011	Papers accepted at WEIS 2011 [May 2011]: paper accepted at the 10th Workshop on economics of Information Security, WEIS 2011: Simon Shiu, Adrian Baldwin, Yolanta Beres, Marco Casassa Mont, Geoff Duggan - Economic Methods and Decision Making by Security Professionals, WEIS 2011, George Mason University, 14-15 June 2011, US
Papers accepted at STAVE 2011	Papers accepted at STAVE and eChallenges 2011 [April - May 2011]: various papers accepted at STAVE and eChallenges 2011 Conferences: Siani Pearson, Marco Casassa Mont and Gina Kounga, �Enhancing Accountability in the Cloud via Sticky Policies�, STAVE, Springer, June 2011. Nick Papanikalaou, Siani Pearson and Marco Casassa Mont, �Towards Natural-Language Understanding and Automated Enforcement of Privacy Rules and Regulations in the Cloud: Survey and Bibliography�, STAVE, Springer, June 2011.
Centre for Cybercrime and Computer Security Conference 2011	CCCS 2011 [March 2011]: I have been invited to attend and present at the Centre for Cybercrime and Computer Security Conference 2011, Newcastle, UK, as an HP Labs representative. My presentation, available online, focused on "Risk Exposure to Social Networks in Enterproses"
UK Cyber Security Challenge 2011	UK Cyber Security Challenge 2011 [March 2011]: I have been involved in the first UK Cyber Security Challenge, as an HP Labs representative
Program Committees	Serving in Program Committees [March 2011]: I am serving as a member of the ICST Mobisec 2011 and ICETE SECRYPT 2011 Program Committees
IEEE Policy 2011 Symposium	IEEE Policy 2011 Symposium [February 2011]: paper accepted at the IEEE Policy 2011 Symposium: Marco Casassa Mont, Richard - Risk Assessment and Decision Support for Security Policies and Related Enterprise Operational Processes, 6-8 June 2011, Pisa, Italy
	New HP Labs Technical Report [January 2011]: Marco Casassa Mont, Richard, Risk Assessment and Decision Support for Security Policies and Related Enterprise Operational Processes - HPL-2011-12
	IEEE Computer Magazine [January 2011]: article published by IEEE Computer Magazine: Anna Squicciarini, Sathya Dev Rajasekaran, Marco Casassa Mont - Using Modelling and Simulation to Evaluate Enterprises' Risk Exposure to Social Networks, Volume 44, Number 1, January 2011, 2011.
HP Information Security	Launch of HP Information Security [December 2010]: HP Information Security (previously known as Vistorm) has been officially launched. I actively contributed (and I am contributing) to their Security Analytics and Security Innovation offering, in particular in providing risk assessment and strategic decision support capabilities in the IAM area.
	New HP Labs Technical Report [December 2010]: Gina Kounga, Marco Casassa Mont, Pete Bramhall, Privacy Preserving Management of Personal Data for Assisted Living Applications - HPL-2010-200
secIoT 2010	1st International Workshop on the Security of Internet of Things [November 2010]: paper accepted at secIoT 2010 - Gina Kounga, Marco Casassa Mont, Pete Bramhall, Privacy Preserving Management of Personal Data for Assisted Living Applications
CloudComp 2010	2nd ICST International Conference on Cloud Computing 2010 [October 2010]: given presentation at CloudComp 2010: David Pym, Martin Sadler, Simon Shiu, Marco Casassa Mont - Information Stewardship in the Cloud: A Model-based Approach. Presentation slideset available here.
RAND EUROPE Event	Presentation and Panel at RAND EUROPE Event - EC Commission [September 2010]: I gave a presentation and took part at a Panel discussion at the RAND EUROPE Event on "The Cloud: Understanding the security, privacy and trust aspects", in the context of a related study commissioned by the EU Commission. This presentation, available online, provided an Industrial and R&D perspective and focused on "Cloud Computing: Security, Privacy and Trust Aspects across Public and Private Sectors"
HP Labs Identity Analytics	Update on HP Labs Identity Analytics [August 2010]: IAM Case Study successfully delivered to major HP customer (Identity Analytics, Security Analytics initiative). More details about HP Labs Identity Analytics also available in my Blog site.
Program Committees	Serving in Program Committees [July 2010]: I am serving as a member of the ACM DIM 2010 Program Committee.
HP Labs Identity Analytics	Update on HP Labs Identity Analytics [July 2010]: major progress in the area of Identity Analytics (Security Analytics initiative). More details about HP Labs Identity Analytics also available in my Blog site.
	Journal of Computer Security [July 2010]: article published by Journal of Computer Security: Adrian Baldwin, Marco Casassa Mont, Yolanta Beres, Simon Shiu - Assurance for Federated Identity Management, Volume 18, Number 4/2010, 2010.
SECRYPT 2010	IEEE and ACM International Conference on Security and Cryptography [July 2010]: paper accepted at SECRYPT 2010 - Nick Papanikolau, Sadie Creese, Michael Goldsmith, Marco Casassa Mont, Siani Pearson, EnCoRe: Towards a Holistic Approach to Privacy
	New HP Labs Technical Report [July 2010]: Nick Papanikolau, Sadie Creese, Michael Goldsmith, Marco Casassa Mont, Siani Pearson - EnCoRe: Towards a Holistic Approach to Privacy - HPL-2010-83
	New HP Labs Technical Report [July 2010]: Marco Casassa Mont, Siani Pearson, Sadie Creese, Michael Goldsmith, Nick Papanikolau - Towards a Conceptual Model for Privacy Policies - HPL-2010-82
IEEE i-Society 2010	Keynote speech at IEEE i-Society 2010 [June 2010]: I gave a Keynote speech at i-Society 2010, on the following topic: "On the Future of Information Society: Emerging Trends, Security Threats and Opportunities"
TrustBus 2010	7th International Conference on Trust, Privacy & Security in Digital Business [ June 2010]: paper accepted at TrustBus 2010 - Gina Kounga, Marco Casassa Mont, Pete Bramhall, Extending XACML Access Control Architecture for Allowing Preference-Based Authorization
EnCoRe Press Event	EnCoRe Press Event [June 2010]: I attended the collaborative UK EnCoRe (Ensuring Consent and Revocation) Project Press Event. My work on the design and definition of the EnCoRe Architecture and approach has been covered. Very good press coverage.
Program Committees	Serving in Program Committees [May 2010]: I am serving as a member of the IEEE ICSC 2010, TrustBus 2010 and IEEE NSS 2010 Program Committees.
IFIP/IEEE BDIM 2010	5th IFIP/IEEE International Workshop on Business-driven IT Management 2010 [April 2010]: given (remote) presentation at BDIM 2010: Marco Casassa Mont, Yolanta Beres, David Pym, Simon Shiu - Economics of Identity and Access Management: Providing Decision Support for Investments. Presentation slideset available here.
Journal Article Reviews	Review of Journal Articles [March-April 2010]: I reviewed articles for the following Journals: Journal of Systems and Software (JSS), ACM Transactions on the Web (TWEB) and Identity in the Information Society (IDIS).
Program Committees	Serving in Program Committees [March-April 2010]: I am serving as a member of the IEEE Policy 2010, SECRYPT 2010 and MobiSec 2010 Program Committees.
EnCoRe Architecture Document Release	EnCoRe Architecture Release [March 2010]: The first release of the EnCoRe Project (Ensuring Consent and Revocation) Architecture has been released. I contributed as one of the key authors.
	New HP Labs Technical Report [March 2010]: Marco Casassa Mont, Adrian Baldwin, Simon Shiu, Paul Collins - Job Design: Providing Strategic Decision Support for Risk Analysis and Policy Definitions - HPL-2010-35
IFIP/IEEE BDIM 2010	5th IFIP/IEEE International Workshop on Business-driven IT Management 2010 [February 2010]: full paper accepted at BDIM 2010 - Marco Casassa Mont, Yolanta Beres, David Pym, Simon Shiu - Economics of Identity and Access Management: Providing Decision Support for Investments
	New HP Labs Technical Report [February 2010]: Marco Casassa Mont, Yolanta Beres, David Pym, Simon Shiu - Economics of Identity and Access Management: A Case Study on Enterprise Business Services - HPL-2010-12
	New HP Labs Technical Report [February 2010]: Marco Casassa Mont, Yolanta Beres, David Pym, Simon Shiu - Economics of Identity and Access Management: Providing Decision Support for Investments - HPL-2010-11
Program Committees	Serving in Program Committees [January-February2010]: I am serving as a member of the IEEE FutureTech 2010 and ICIMP 2010 Program Committees.
Program Committees	Serving in Program Committees [December 2009]: I am serving as a member of the WISTP 2010 Program Committee - Workshop on Information Security Theory and Practices.
	New HP Labs Technical Report [November 2009]: Kounga, Gina, Marco Casassa Mont, Pete Bramhall - Extending XACML Access Control Architecture for Allowing Preference-Based Authorization - HPL-2009-361
W3C Access Control Workshop 2009	W3C Workshop on Access Control Application Scenarios 2009 [November 2009]: position paper accepted at W3C Workshop on Access Control Application Scenarios: Marco Casassa Mont, Siani Pearson, Sadie Creese, Michael Goldsmith, Nick Papanikolaou - Towards an Integrated Approach to the Management, Specification and Enforcement of Privacy Policies.
Program Committees	Serving in Program Committees [October 2009]: I am serving as a member of the W3C Access Control Workshop 2009 Program Committee.
HP Labs Security and Identity Management Blog	Research on Security and Identity Management [October 2009]: I extended the topics covered in my HP Labs Blog, reflecting my R&D interests in the areas of Security and Identity Management - "Research on Security and Identity Management"
	New HP Labs Technical Report [August 2009]: Marco Casassa Mont, Patrick Goldsack - Secure Delivery of Services: The HP Labs Vision and Framework (abstract) - HPL-2009-191
IEEE MetriSec 2009	IEEE MetriSec 2009 [August 2009]: paper accepted at IEEE MetriSec 2009: Yolanta Beres, Marco Casassa Mont, Jonathan Griffin, Simon Shiu - Using Security Metrics Coupled with Predictive Modelling and Simulation to assess Security Processes.
Program Committees	Serving in Program Committees [August 2009]: I am serving as a member of the following Program Committees: ACSAC 2009, IEEE BIDS 2009 and IEEE InSpec 2009.
	New HP Labs Technical Report [July 2009]: Adrian Baldwin, Marco Casassa Mont, David Pym, Simon Shiu - System Modelling for Economic Analysis of Security Investments: A Case Study in Identity and Access Management - HPL-2009-173
IEEE Policy 2009 Symposium	IEEE Policy 2009 Symposium [July 2009]: paper presented at the IEEE Policy 2009 Symposium: Adrian Baldwin, Marco Casassa Mont, Simon Shiu - Using Modelling and Simulation for Policy Decision Support in Identity Management. My presentation is available here.
EEMA e-Identity Conference	EEMA e-Identity Conference [June 2009]: I gave a presentation on "The Future of Identity in The Cloud: Requirements, Risks and Opportunities"
	New HP Labs Technical Report [June 2009]: Yolanta Beres, Marco Casassa Mont, Jonathan Griffin, Simon Shiu - Using Security Metrics Coupled with Predictive Modelling and Simulation to Assess Security Processes - HPL-2009-142
	New HP Labs Technical Report [June 2009]: Anna Squicciarini, Marco Casassa Mont, Sathya Dev Rajasekaran - Towards an Analytics Approach to Evaluate Enterprises' Risk Exposure to Social Networks - HPL-2009-138
IEEE Policy 2009 Symposium	IEEE Policy 2009 Symposium [May 2009]: paper accepted at the IEEE Policy 2009 Symposium: Adrian Baldwin, Marco Casassa Mont, Simon Shiu - Using Modelling and Simulation for Policy Decision Support in Identity Management.
Program Committees	Serving in Program Committees [April 2009]: I am serving as a member of the following Program Committees: ACM DIM 2009 and IEEE ICSC 2009.
	2nd Open Group Security Practitioners Conference [April 2009]: I gave a presentation on "The Future of Identity in The Cloud: Requirements, Risks and Opportunities"
	New HP Labs Technical Report [March 2009]: Marco Casassa Mont, Adrian Baldwin, Simon Shiu - Identity Analytics - User Provisioning Case Study: Using Modelling and Simulation for Policy Decision Support - HPL-2009-57
	New HP Labs Technical Report [March 2009]: Adrian Baldwin, Marco Casassa Mont, Simon Shiu - Using Modelling and Simulation for Policy Decision Support in Identity Management - HPL-2009-56
	New HP Labs Technical Report [March 2009]: Marco Casassa Mont, Siani Pearson, Gina Kounga, Yun Shen, Pete Bramhall - On the Management of Consent and Revocation in Enterprises: Setting the Context - HPL-2009-49
Program Committees	Serving in Program Committees [February 2009]: I am serving as a member of the following Program Committees: TrustBus 2009 and ICIMP 2009.
10th IEEE Symposium Policy 2009	IEEE Symposium Policy 2009 [January 2009]: I am serving as the General Chair of IEEE Policy 2009. Please consider submitting a paper.
	UK TSB EnCoRe Project - Ensuring Consent and Revocation [November 2008]: I am a member of the EnCoRe Project researching on aspects of consent and revocation.
	New HP Labs Technical Report [November 2008]: Marco Casassa Mont, Adrian Baldwin, Jonathan Griffin, Simon Shiu - Identity Analytics: Using Modelling and Simulation to Improve Data Security Decision Making - HPL-2008-188
	New HP Labs Technical Report [October 2008]: Marco Casassa Mont, Adrian Baldwin, Jonathan Griffin, Simon Shiu - Towards Identity Analytics in Enterprises - HPL-2008-186
	PrivacyOS Conferences [October 2008]: I have attended and presented at the PrivacyOS Conference. My presentation was on "Enabling Privacy-aware Information Lifecycle Management in Enterprises"
	IEEE Senior Member [August 2008]: I have been elevated to Senior Member of IEEE.
	New HP Labs Technical Report [July 2008]: Marco Casassa Mont, Adrian Baldwin, Simon Shiu - On Identity Analytics: Setting the Context - HPL-2008-84
9th IEEE Policy 2008	IEEE Policy 2008 [June 2008]: paper accepted at IEEE Policy 2008 - Anna Squicciarini, Marco Casassa Mont, Abhilasha Bhargav-Spantzel, Elisa Bertino - Automatic Compliance Verification of Privacy Policies in Federated Digital Identity Management
	New HP Labs Technical Report [April 2008]: Marco Casassa Mont, Boris Balacheff, Jason Rouault, Daniel Drozdzewski - On Identity-aware Devices: Putting Users in Control across Federated Services - HPL-2008-26
	New HP Labs Technical Report [March 2008]: Adrian Baldwin, Marco Casassa Mont, Yolanda Beres, Simon Shiu - Assurance for Federated Identity Management - HPL-2008-25
	Article published on IEEE Security & Privacy Magazine [February 2008]: Siani Pearson, Marco Casassa Mont, Manny Novoa - Securing Information Transfer in Distributed Computing Environments, pp. 34-42, January/February 2008
ACM DIM 2008	ACM DIM 2008 [February 2008]: I am serving as a member of the Program Committee of the 4th ACM Workshop on Digital Identity Management 2008 (colocated with ACM CCS 2008), TrustBus 2008. Please consider submitting a paper. More information on this conference can be found here.
	New HP Labs Technical Report [February 2008]: Anna Squicciarini (Purdue University), Marco Casassa Mont, Abhilasha Barghav-Spantzel (Purdue University), Elisa Bertino (Purdue University) - Automatic Compliance of Privacy Policies in Federated Digital Identity Management - HPL-2008-8
	TrustBus 2008 [February 2008]: I am serving as a member of the Program Committee of the 5th International Conference on Trust, Privacy and Security for Digital Businesses 2008, TrustBus 2008. Please consider submitting a paper. More information on this conference can be found here.
	Journal of Computer Security [January 2008]: article published by Journal of Computer Security: Marco Casassa Mont, Robert Thyne - Privacy Policy Enforcement in Enterprises with Identity Management Solutions, Volume 16, Number 2/2008, 2008.
	Sarbanes-Oxley Compliance Journal [January 2008]: article published by Sarbanes-Oxley Compliance Journal: Phil Hunt (Oracle), Marco Casassa Mont - Identity Governance Framework: Liberty Alliance's Initiative Addressing Privacy and SOX, 2008.
	ACM DIM 2007 [November 2007]: paper accepted at the ACM CCS2007 Workshop on Digital Identity Management (DIM) 2007: Adrian Baldwin, Marco Casassa Mont, Yolanta Beres, Simon Shiu - On Identity Assurance in the Presence of Federated Identity Management Systems (the entire DIM 2007 program and related presentations are available here).
9th IEEE Policy 2008	IEEE Policy 2008 [October 2007]: I am serving as a member of the Program Committee of the 9th IEEE Workshop on Policies for Distributed Systems and Networks. Please consider submitting a paper. More information on this workshop can be found here.
23rd IFIP SEC 2008	IFIP SEC 2008 [October 2007]: I am serving as a member of the Program Committee of the 23rd IFIP International Information Security Conference. Please consider submitting a paper. More information on this workshop can be found here.
W3C PLING Interest Group	New W3C Policy Languages Interest Group (PLING) [October 2007]: A new Interest Group - PLING - has just been announced by W3C. It is going to be chaired by Marco Casassa Mont (HP Labs) and Renato Iannella (NICTA). This group is open to the public and is chartered to discuss interoperability, requirements and related needs for integrating and computing the results when different policy languages are used together, for example, OASIS XACML, IETF Common Policy, and P3P, etc. A PLING Charter and a PLING Mailing List are available.
TrustBus 2007	TrustBus 2007 [September 2007]: paper presented at the 4th International Conference TrustBus 2007: Marco Casassa Mont, Boris Balacheff - On Device-based Identity Management in Enterprises (my .ppt presentation is available here). I have been invited and I have given a presentation at a TrustBus Panel, focusing on the topic: "Managing Digital Identities: Challenges and Opportunities". My presentation, along with a list of top challenges and opportunities, can be found here. I also chaired a session on "Policy Management".
Blogging	Blog on "Research on Identity Management" [August 2007]: I created a mirror site of my blog on "Research on Identity Management" to allow readers to anonymously post their comments. This mirror blog is available here.
	Identity Governance Framework (IGF) [July 2007]: a new document is available in the Liberty Alliance site, about Identity Governance Framework, titled "Id Governance - Privacy and Access Policies Market Requirements". This document can be downloaded here. On behalf of HP/HP Labs I contributed to the definition of requirements, use cases and terminology.
	IEEE Policy 2007 [June 2007]: paper presented at IEEE Policy 2007 - Marco Casassa Mont, Filipe Beato - On Parametric Obligation Policies: Enabling Privacy-aware Information Lifecycle Management in Enterprise (presentation .ppt). I have also been involved in a panel on "Business-driven IT Management" and impact research on policies can have in this space. Here is my presentation (.ppt) highlighting my vision.
	New HP Labs Technical Report [May 2007]: Siani Pearson, Marco Casassa Mont, Manny Novoa - Securing Information Transfer within Distributed Computing Environments - HPL-2007-70
	New HP Labs Technical Report [May 2007]: Marco Casassa Mont, Boris Balacheff - On Device-based Identity Management in Enterprises - HPL-2007-53
	Article published by DIGMA Magazine [April 2007]: An article on "Automation of Privacy Management" (author: Marco Casassa Mont) has been published by the DIGMA Magazine - end-of March Issue, 2007.
1st IEEE International Conference on Semantic Computing	ICSC 2007 [April 2007]: I am serving as a member of the Program Committee of the 1st International Conference on Semantic Computing. Among other things, of particular interest is the focus on aspects of semantic computing for security, trust, identity management and privacy. Please consider submitting a paper.
	New HP Labs Technical Report [April 2007]: Adrian Baldwin, Marco Casassa Mont, Simon Shiu - On Identity Assurance in the Presence of Federated Identity Management Systems - HPL-2007-47
	New HP Labs Technical Report [April 2007]: Siani Pearson, Marco Casassa Mont - A System for Privacy-Aware Resource Allocation and Data Processing in Dynamic Environments - HPL-2006-185
RSA 2007	RSA 2007 [February 2007]: I have been involved in the R&D phase of an Identity Management pilot - jointly developed with Intel, BT and HP Software - in the context of the Liberty Alliance Project. This pilot has been presented at a workshop at RSA 2007. It shows how "identity tokens/credentials" can be securely and privately provisioned to advanced identity-capable devices (e.g. smartphones, PDAs, laptops, etc.) to enable users' simplified single-sign-on interactions in federated identity management contexts. There devices can leverage trusted computing capabilities (e.g. Trusted Platforms Modules) to store and protect identity tokens. More information is available here.
TrustBus 2007	TrustBus 2007 [February 2007]: I am serving as a member of the Program Committee of the 4th International Conference on Trust, Security and Privacy in Digital Business. Please consider submitting a paper.
ICGD&BC 2007	ICGD&BC 2007 [February 2007]: I am serving as Co-Chair and a member of the Program Committee of the 1st International Conference on Global Defence and Business Continuity, Please consider submitting a paper.
	New HP Labs Technical Report [January 2007]: Marco Casassa Mont, Filipe Beato - On Parametric Obligation Policies: Enabling Privacy-aware Information Lifecycle Management in Enterprises - HPL-2007-7
8th IEEE Policy 2007 Workshop	IEEE Policy 2007 [January 2007]: I served as a member of the Program Committee of the 8th IEEE Workshop on Policies for Distributed Systems and Networks. More information on this workshop can be found here.

Past Work and News

	Paper Presented at PST 2006 - 4th International Conference on Privacy, Security and Trust [30 October - 1 November 2006]: Marco Casassa Mont, Robert Thyne - Privacy Policy Enforcement in Enterprises with Identity Management Solutions - Conference Presentation: slides (MS .ppt) I served as a member of the Program Committee. I also chaired a session at PST 2006 on "Privacy and Security Issues".
W3C Privacy Workshop	Position Paper Presented at the W3C Workshop on Languages for Privacy Policy Negotiation and Semantic-driven Enforcement [October 2006]: Marco Casassa Mont - On the Need to Explicitly Manage Privacy Obligation Policies as Part of Good Data Handling Practices - Workshop Presentation: slides (MS .ppt) I also served as a member of the Program Committee. The Workshop Agenda and the complete list of submitted Position Papers can be found here
	Paper Presented at ISSE 2006 - The Independent European ICT Security Conference and Exhibition [10-12 October 2006]: Marco Casassa Mont - Privacy-aware Information Lifecycle Management in Enterprises: Setting the Context - Conference Presentation: slides (MS .ppt)
	Two Papers Presented at TrustBus 2006 [September 2006]: Marco Casassa Mont - Towards Scalable Management of Privacy Obligations in Enterprises - Conference Presentation: slides (MS .ppt) Marco Casassa Mont, Siani Pearson, Robert Thyne - A Systematic Approach to Privacy Enforcement and Policy Compliance Checking in Enterprises - Conference Presentation: slides (MS .ppt) I also served as a member of the Program Committee and chaired a session on "Security requirements and Development".
	New HP Labs Technical Report [August 2006]: Marco Casassa Mont - On Privacy-aware Information Lifecycle Management in Enterprises: Setting the Context - HPL-2006-109
PRIME Std. Workshop	Presentation at PRIME Standardisation Workshop [July 2006]: Marco Casassa Mont, Siani Pearson, Tariq EE, Stephen Crane - HPL Privacy Policies for PRIME: Obligations, Trust Establishment and Compliance (presentation .ppt) I have also served as a member of the Program Committee
PET 2006	Paper presented at 6th Workshop on Privacy Enhancing Technologies PET2006 [June 2006]: Marco Casassa Mont, Robert Thyne - A Systemic Approach to Automate Privacy Policy Enforcement in Enterprises (presentation .ppt, pre-proceedings paper)
	Paper presented at 21st International Conference SEC2006 - I-NetSec06 Workshop on Privacy and Anonymity Issues in Networked and Distributed Systems [May 2006]: Siani Pearson, Marco Casassa Mont - A System for Privacy-aware Resource Allocation and Data Processing in Dynamic Environments (presentation .ppt)
	New HP Labs Technical Report [May 2006]: Marco Casassa Mont, Robert Thyne - Privacy Policy Enforcement in Enterprises with Identity Management Solutions - HPL-2006-72
	New HP Labs Technical Report [April 2006]: Marco Casassa Mont, Stephen Crane - A Customizable Privacy Assurance System based on Active Feedback - HPL-2006-56
	New HP Labs Technical Report [April 2006]: Marco Casassa Mont, Robert Thyne - A Systemic Approach to Automate Privacy Policy Enforcement in Enterprises - HPL-2006-51
	New HP Labs Technical Report [March 2006]: Marco Casassa Mont - Towards Scalable Management of Privacy Obligations in Enterprises - HPL-2006-45
	New HP Labs Technical Report [March 2006]: Marco Casassa Mont, Siani Pearson, Robert Thyne - A Systemic Approach to Privacy Enforcement and Policy Compliance Checking in Enterprises - HPL-2006-44
	Paper published on International Journal of Computer Systems Science & Engineering - CSSE [January 2006]: Marco Casassa Mont - Handling Privacy Obligations in Enterprises: Important Aspects and Technical Approaches - CSSE Vol. 20, Number 6, November 2005
i-Trust 2006	Paper accepted at 4th International Conference on Trust Management i-Trust 2006 [January 2006]: Siani Pearson, Marco Casassa Mont - Provision of Trusted Identity Management using Trusted Credentials
	Paper accepted at 21st International Conference SEC2006 - I-NetSec06 Workshop on Privacy and Anonymity Issues in Networked and Distributed Systems [January 2006]: Siani Pearson, Marco Casassa Mont - A System for Privacy-aware Resource Allocation and Data Processing in Dynamic Environments
HP Software Universe 2005	HP Software Universe 2005 - Press Event and Technical Presentation [December 2005]: Presentation at the Press Event: Marco Casassa Mont - HP Labs Privacy Management: Vision, Research and Work (presentation .ppt) Presentation at a Technical Session: Archie Reed, Marco Casassa Mont - Privacy Management with HP OpenView Identity Management (presentation .ppt)
	TrustBus 2006 - I joined the Program Committee of the 3rd International Conference on Trust, Privacy and Security on Digital Businesses 2006 [December 2005]: Conference details and Call for Papers available at http://www.icsd.aegean.gr/trustbus06/
	PST 2006 - I joined the Program Committee of the 4th International Conference on Privacy, Security and Trust 2006 [November 2005]: Conference details and Call for Papers available at http://www.businessandit.uoit.ca/pst2006/
	New HP Labs Technical Report [November 2005]: Marco Casassa Mont - A System to Handle Privacy Obligations in Enterprises - HPL-2005-180
	Paper Presented at HP Technology Forum 2005 [October 2005]: Marco Casassa Mont, Robert Thyne, Pete Bramhall - Privacy Management in Enterprises for IT Governance - Conference Presentation: slides (MS .ppt)
	Paper Presented at ISSE 2005 [September 2005]: Marco Casassa Mont, Robert Thyne, Pete Bramhall, Kwok-Nga Chan - Privacy Policy Enforcement in Enterprises: Addressing Regolatory Compliance and Governance Needs - Conference Presentation: slides (MS .ppt)
	Article Published by Information Security Bulleting (ISB) Magazine [September 2005]: Marco Casassa Mont, Kwok-Nga (Annie) Chan, Pete Bramhall - Management and Enforcement of Privacy Obligations in Enterprises - Information Security Bulletin
	Two Papers Presented at TrustBus 2005 [August 2005]: Marco Casassa Mont, Robert Thyne, Pete Bramhall - Privacy Enforcement for IT Governance: Doing it for Real - Conference Presentation: slides (MS .ppt) Marco Casassa Mont, Siani Pearson - An Adaptive Privacy Management System for Data Repositories - Conference Presentation: slides (MS .ppt) I also served as a member of the Program Committee.
	New HP Labs Technical Report [June 2005]: Marco Casassa Mont, Robert Thyne, Kwok Chan, Pete Bramhall - Extending HP Identity Management Solutions to Enforce Privacy Policies and Obligations for Regulatory Compliance by Enterprises - HPL-2005-110
	HP Software Forum 2005 [June 2005]: Marco Casassa Mont - Presentation at HP Software Forum 2005 on "Managing and Enforcing Privacy with HP OpenView Identity Management Solutions"
	DIDW 2005 [May 2005]: Marco Casassa Mont - Presentation and Demonstration of HPL Technology at the HP booth - Privacy Management for IT Governance: Privacy Enforcement and Privacy Obligation Management
	New HP Labs Technical Reports [March 2005]: In the context of the EU PRIME project, three new HPL Technical Reports have been written to address Trust, Privacy, Assurance and Usability aspects when dealing with Personal Data: Stephen Crane, Marco Casassa Mont, Siani Pearson - On Helping Individuals to Manage Privacy and Trust - HPL-2005-53 Marco Casassa Mont, Stephen Crane, Siani Pearson - Handling Privacy Obligations and Constraints to Underpin Trust and Assurance - HPL-2005-54 Siani Pearson, Marco Casassa Mont, Stephen Crane - Analysis of Trust Properties and Related Impact of Trusted Platforms - HPL-2005-55
RSA 2005	RSA 2005 [14-18 February 2005]: Marco Casassa Mont, Robert Thyne - Presentation and Demonstration of HPL Technology at the HP booth - Privacy Management for IT Governance: Privacy Enforcement and Privacy Obligation Management. Document (.pdf) with more details.
	New HP Labs Technical Report [21 January 2005]: Marco Casassa Mont, Robert Thyne, Pete Bramhall - Privacy Enforcement with HP Select Access for Regulatory Compliance - HPL-2005-10
	New HP Labs Technical Report [18 November 2004]: Marco Casassa Mont, Siani Pearson, Pete Bramhall - An Adaptive Privacy Management System For Data Repositories - HPL-2004-211
	Paper at ISSE 2004 [28/09-30/09/2004]: Marco Casassa Mont - Dealing with Privacy Obligations in Enterprises - Conference Presentation: slides (MS .ppt)
	Paper at TrustBus 2004 [30/08-01/09/2004]: Marco Casassa Mont - Dealing with Privacy Obligations: Important Aspects and Technical Approaches - Conference Presentation: slides (MS .ppt)
	New HP Labs Technical Report [30 June 2004]: Marco Casassa Mont - Dealing with Privacy Obligations in Enterprises - HPL-2004-109
	EPAL Workshop 2004: [13-14 May 2004]: Presentation on "EPAL and Management of Privacy Obligations" - Link to EPAL Workshop 2004
	EU PRIME Project 2004 [March 2004] - I am involved in the EU PRIME project (Privacy and Identity Management for Europe) along with other HP Labs/TSL people.
	HP Labs Technical Report [08 March 2004]: Marco Casassa Mont - Dealing with Privacy Obligations: Important Aspects and Technical Approaches - HPL-2004-34
	HP Labs Technical Report [24 February 2004]: Marco Casassa Mont - Identity Management: On the "Identity=Data+Policies" Model - HPL-2004-14
	AA Terena Workshop [20 November 2003]: Presentation on "Privacy Management for Identity Information: It is Not Just a Matter of Authorization"
	Liberty Alliance Meeting [19 November 2003]: Presentation on "Privacy Management - Focusing on the Real Issues: Enforcement and Accountability"
	Paper on the External HP Labs Web Site- Reference to IEEE publication: "A flexible role-based Secure Messaging Service"
	Paper at ESORICS 2003: Marco Casassa Mont, Siani Pearson, Pete Bramhall - Towards Accountable Management of Privacy and Identity Management - Conference Presentation: slides (MS .ppt)
	Adaptive Identity Management (vision): paper and presentation