Daniela Seabra Oliveira

Daniela Seabra Oliveira is a member of the University of Florida Warren B. Nelms Institute for the Connected World. Her main research interest is interdisciplinary computer security, where she employs successful ideas from other fields to make computer systems more secure. Her current research interests include (i) human factors in security (cyber deception, phishing, developer’s blind spots) and (ii) systems/IoT security, especially the application of dynamic information flow to thwart attacks. She is the Diversity Director of the Florida Institute for Cyber Security (FICS) at the University of Florida, which she joined in 2014 as part of the UF Rising to Preeminence Hiring Program (Electrical and Computer Engineering Department).

Talk: Cyber Deception and Social Engineering: Why These Attacks Will be the Most Devastating of the Next Decade

Online deception and social engineering are becoming more common, as individuals increasingly navigate through a digitally connected world. Technological advances and the diversifications of means of communication online are opening up multiple avenues for all types of online fraud, scams, and attacks. Attacks involving social engineering and deception attempt to influence an Internet user (corporate or end user) into performing an action that will go against his, his institution’s, or even his country’s best interests. When influenced, individuals can click on malicious links or open malicious attachments that install malware into their computers or can visit phishing webpages that can steal their credentials. In this talk I will discuss strategies of influence that attackers leverage in such attackers and the serious implications of such attacks for corporate cyber security, individuals’ financial and emotional well-being, and nation states’ democracies. I will also discuss how certain demographics are more susceptible to deception and will advocate an interdisciplinary research agenda to combat such attacks, combining usable security, psychology, and neuroscience.

Natalie Silvanovich

Natalie Silvanovich is a security researcher on Google Project Zero. Her current focus is on script engines, particularly understanding the subtleties of the scripting languages they implement and how they lead to vulnerabilities. She is a prolific finder of vulnerabilities in this area, reporting over a hundred vulnerabilities in Adobe Flash in the last year. Previously, she worked in mobile security on the Android Security Team at Google and as a team lead of the Security Research Group at BlackBerry, where her work included finding security issues in mobile software and improving the security of mobile platforms. Outside of work, Natalie enjoys applying her hacking and reverse engineering skills to unusual targets and has spoken at several conferences on the subject of Tamagotchi hacking.

Talk: The Security of Recent Browser Features

A number of new features have been added to browsers in the last few years, including Web Assembly, WebRTC and JavaScript additions. This presentation describes Project Zero’s analysis of these features. It explains our techniques for finding bugs in these targets and gives an overview of the vulnerabilities found.


Identity Management can be understood as the set of processes and technologies used to guarantee the identity of an entity, the quality of the information of an identity (identifiers, credentials and attributes) and to use those guarantees in procedures of authentication, authorization, and auditing (AAA). The VIII Workshop on Digital Identity Management (WGID) aims to be a forum for discussions and technical presentations of works around the state of the art of technologies related to identity management. In addition, it also seeks to identify new research challenges and encourage discussions among researchers in the field. The novelties this edition are the lighting talks which are talks of 5 minutes for presenting new ideas to the community and the possibility of indicating that any of your submissions as "Experience" which can be anything related as the result of a project in the area.

Topics of Interest: Identity and Access Management in IoT, Identity and Access Management in emerging technologies (eg NFV, SDN, Cloud, Fog Computing etc), Identity Management in Networks, Identity Management in Applications (social networks, digital TV , e-banking, smart grids, e-gov etc), Access Control Models (ABAC, RBAC etc), Attributes Management (aggregation, mapping, certification), Reference and Framework Architectures for Identity Management (IdM), Authentication and authorization protocols, New authentication approaches and authorization, Privacy and anonymity in IdM systems, Digital certification, Digital identity life cycle (provisioning and administration), Scalability in IdM systems, Tools for federation management / monitoring, Trust management in system IdM, Federated Identity Management, Interoperability between IdM systems, Level of Assurance in IdM, Fraud prevention and identity theft techniques, Usability in Identity Management technologies, Audit and accountability in identity management and access.