IT devices are day-by-day becoming more pervasive in several application fields and in the everyday life.
The major driving factors are the ever increasing coverage of the Internet connectivity, the extreme popularity and capillarity of smartphones, tablets and wearables, together with the consolidation of the Internet of Things (IoT) paradigm.
As a matter of fact, interconnected devices directly control and take decisions on industrial processes, regulate infrastructures and services in smart-cities, and manage quality-of-life and safety in smart-homes, taking decisions with user interactions or even autonomously.
The involvement of these devices in so many applications, unfortunately introduces a set of unavoidable security and safety implications, related to both the criticality of the aforementioned applications and to the privacy of sensitive information produced and exploited in the process.
To address these and other related issues, there is an increasing need of instruments to control the access and the right to perform specific actions on devices or data.
These instruments need to be able to cope with the high complexity of the considered applications and environments, being flexible and adaptable to different contexts and architectures, from centralized to fully-distributed, able to handle a high amount of information as well as taking into account non-conventional trust assumptions. The considered technologies should regulate the actions of both human users and autonomous devices, being effective in enforcing security policies, still without introducing noticeable overhead, both on the side of performance and user experience. Hence, the design of secure and efficient mechanisms for continuous authentication, requiring limited-to-no active interaction is solicited.

The ETAA workshop aims at being a forum for researchers and practitioners of security active in the field of new technologies for authenticating users and devices, and enforce security policies in new and emerging applications related to mobile/wearable devices and IoT. It aims to attract original research work covering both theoretical and practical aspects of authentication and authorization.

TOPICS:
· Behavioral Authentication Mechanisms
· Emerging Technologies for Biometric Authentication
· Novel Privacy challenges in Biometric Authentication
· Context-based evolutionary policies.
· Access and Usage Control in Mobile and Distributed Systems
· Access and Usage Control in IoT
· Social, Ethic and Legal Aspects of Biometric and Behavioral Authentication
· Novel schemes for Trust and Reputation in Distributed Environments
· Policy languages for advanced Access and Usage Control
· Enforcement for Seamless and Continuous Authentication
· Advanced authentication and authorization techniques for protecting Critical Infrastructures
· Authentication protocols and Cryptography for IoT and Critical Infrastructure
· Application of advanced authentication and authorization techniques to specific scenarios