Access Control in and Around the Browser
We conduct an analysis of access control mechanisms in the
browser and note that support for mashups and defences against cross-
site scripting attacks are both moving from ad-hoc measures towards
solutions where the browser enforces access control policies obtained from
a host (CORS and CSP respectively). We also point out the degree of
trust these solutions have to take for granted.
Prof. Dieter Gollmann received his Dipl.-Ing. in Engineering Mathematics (1979) and Dr.tech. (1984) from the University of Linz, Austria, where he was a research assistant in the Department for System Science.
He was a Lecturer in Computer Science at Royal Holloway, University of London, and later a scientific assistant at the University of Karlsruhe, Germany, where he was awarded the 'venia legendi' for Computer Science in 1991. He rejoined Royal Holloway in 1990, where he was the first Course Director of the MSc in Information Security. He moved to Microsoft Research in Cambridge in 1998. In 2003, he took the chair for Security in Distributed Applications at Hamburg University of Technology, Germany.
Dieter Gollmann is an editor-in-chief of the International Journal of Information Security and an associate editor of the IEEE Security & Privacy Magazine. His textbook on 'Computer Security' has appeared in its third edition.
Improving Thomlinson-Walker’s Software Patching Scheme Using Standard Cryptographic and Statistical Tools
This talk will illustrate how standard cryptographic techniques can be applied to real-
life security products and services. This article presents in detail one of the examples given in
the talk. It is intended to help the audience follow that part of our presentation. We chose as a
characteristic example a little noticed yet ingenious Microsoft patent by Thomlinson and Walker.
The Thomlinson-Walker system distributes encrypted patches to avoid reverse engineering by op-
ponents (who would then be able to launch attacks on unpatched users). When the proportion of
users who downloaded the encrypted patch becomes big enough, the decryption key is disclosed
and all users install the patch.
David Naccache is a member of the ENS's cryptography group and a professor at the University of Paris II. Before joining academia David managed Gemplus' Applied Research & Security Centre (over 100 researchers). He holds 140 patent families, published more than 120 scientific papers and served in more than 80 programme committees, all in cryptography and security. He is a Forensic Scientist by the Court of Appeal Paris. His interests are embedded electronics, cryptography and security.
Enhanced Certificate Transparency and End-to-end Encrypted Mail
The certificate authority model for authenticating public keys of
websites has been attacked in recent years, and several proposals have
been made to reinforce it. We develop and extend such a proposal,
called "certificate transparency", so that it efficiently handles
certificate revocation. We show how this extension can be used to
build a secure end-to-end email or messaging system using PKI with no
requirement to trust certificate authorities, or to rely on complex
peer-to-peer key-signing arrangements such as PGP. This makes
end-to-end encrypted mail possible, with apparently few additional
usability issues compared to unencrypted mail (specifically, users do
not need to understand or concern themselves with keys or
certificates). Underlying these ideas is a new attacker model
appropriate for cloud computing, which we call "malicious-but-cautious:.
Mark Ryan is Professor of Computer Security at the University of
Birmingham, and director of the GCHQ Academic Centre of Excellence in
Cybersecurity Research at Birmingham. He leads the computer security
research group in Birmingham, and is an EPSRC Leadership Fellow
(2010-2015). He has worked in protocol verification analysis,
electronic voting, access control, cloud computing security,
verification of the trusted platform module (TPM), privacy analysis,
and process calculus. In 2008 Mark spent seven months at Hewlett
Packard, on a secondment from the University funded by the Royal
Academy of Engineering. Mark currently holds research grants valued at
£2.5 million, from the UK EPSRC, the EU and from industry.
Preserving Receiver-Location Privacy in WSNs
The unattended nature of Wireless Sensor Networks (WSNs) together with the hardware limitation of sensor nodes make them susceptible to various types of attacks. Since the base station is the destination of all communications, the most rewarding attack is to compromise or destroy this critical device. This talk discusses the importance of receiver-location privacy for the survivability of the network, illustrating the particular features that originate the problem and the strategies followed by a typical adversary. A solution will be presented that is capable of thwarting the most common attacks with a computationally lightweight mechanism. However, the success of this solution is dependent on whether the adversary is capable of capturing and analysing the contents of a subset of sensor nodes. Then, we will explore some intuitive solutions that fail to provide sufficient protection against such adversaries and finally introduce an evolutionary algorithm that provides some means of protection at the expense of increased overhead. The talk will conclude by presenting some open issues.
Prof. Javier Lopez is Full Professor and Head of the Computer Science Department at the University of Malaga. His research activities are mainly focused on network security, security protocols and critical information infrastructures, leading a number of national and international research projects in those areas, including projects in FP5, FP6 and FP7 European Programmes. Prof. Lopez is the Spanish representative in the IFIP Technical Committee 11 on Security and Protection in Information Systems, as well as the Spanish coordinator of ISO/IEC JTC1/SC27 WG5 on Identity management and privacy technologies.
He is Co-Editor in Chief of International Journal of Information Security (IJIS), and a member of the Editorial Boards of, amongst others, IEEE Wireless Communications, Computers & Security, IEEE Internet of Things Journal, Journal of Computer Security, IET Information Security, and International Journal on Critical Infrastructure Protection. In the past, he was Chair of the IFIP Working Group 11.11 on Trust Management and Chair of the ERCIM Working Group on Security and Trust Management.
Data Security and Privacy in the Cloud
The rapid advancements in Information and Communication Technologies
(ICTs) have enabled the emerging of the "cloud" as a successful
paradigm for conveniently storing, accessing, processing, and sharing
information. With its significant benefits of scalability and
elasticity, the cloud paradigm has appealed companies and users, which
are more and more resorting to the multitude of available providers
for storing and processing data. Unfortunately, such a convenience
comes at a price of loss of control over these data and consequent new
security threats that can limit the potential widespread adoption and
acceptance of the cloud computing paradigm. In this talk I will
illustrate some security and privacy issues arising in the cloud
scenario, focusing in particular on the problem of guaranteeing
confidentiality and integrity of data stored or processed by external
Pierangela Samarati is a Professor at the Department of Computer
Science of the Università degli Studi di Milano. Her main research
interests are: data security and privacy; access control policies,
models and systems; information system security; and information
protection in general. She has participated in several projects
involving different aspects of information protection. On these topics
she has published more than 230 peer-reviewed articles in
international journals, conference proceedings, and book chapters.
She has been Computer Scientist in the Computer Science Laboratory at
SRI, CA (USA). She has been a visiting researcher at the Computer
Science Department of Stanford University, CA (USA), and at the Center
Center for Secure Information System of George Mason University, VA (USA).
She is the chair of the IEEE Systems Council Technical Committee on
Security and Privacy in Complex Information Systems (TCSPCIS), of the
Steering Committees of the European Symposium on Research in Computer
Security (ESORICS), and of the ACM Workshop on Privacy in the
Electronic Society (WPES). She is member of several steering
committees. She is ACM Distinguished Scientist (named 2009) and IEEE
Fellow (named 2012). She has been awarded the IFIP TC11 Kristian
Beckman award (2008) and the IFIP WG 11.3 Outstanding Research
Contributions Award (2012)
Classifying Big Internet Traffic Data
With the arrival of Big Data Era, properly utilizing the power of big data is becoming essential for the strength and competitiveness of businesses and organizations. We are facing grand challenges from big data from different perspectives, such as processing, communication, security, and privacy. In this talk, we will look at the big data problems from a unique perspective from the network level. We will discuss the challenges in classifying big network traffic data and our solutions to the challenges. The significance of the research lies in the fact that the exponentially increasing Internet traffic has become an extremely difficult big data analytic problem. In this talk, we propose a series of novel approaches for traffic classification, which can improve the classification performance effectively by incorporating correlated information into the classification process. We analyze the new classification approaches and their performance benefit from both theoretical and empirical perspectives.
Professor Yang Xiang received his PhD in Computer Science from Deakin University, Australia. He is currently a full professor at School of Information Technology, Deakin University. He is the Director of the Network Security and Computing Lab (NSCLab). His research interests include network and system security, distributed systems, and networking. In particular, he is currently leading his team developing active defense systems against large-scale distributed network attacks. He is the Chief Investigator of several projects in network and system security, funded by the Australian Research Council (ARC). He has published more than 150 research papers in many international journals and conferences, such as IEEE Transactions on Computers, IEEE Transactions on Parallel and Distributed Systems, IEEE Transactions on Information Security and Forensics, and IEEE Journal on Selected Areas in Communications. Two of his papers were selected as the featured articles in the April 2009 and the July 2013 issues of IEEE Transactions on Parallel and Distributed Systems. He has published two books, Software Similarity and Classification (Springer) and Dynamic and Advanced Data Mining for Progressing Technological Development (IGI-Global). He has served as the Program/General Chair for many international conferences such as ICA3PP 12/11, IEEE/IFIP EUC 11, IEEE TrustCom 13/11, IEEE HPCC 10/09, IEEE ICPADS 08, NSS 11/10/09/08/07. He has been the PC member for more than 60 international conferences in distributed systems, networking, and security. He serves as the Associate Editor of IEEE Transactions on Computers, IEEE Transactions on Parallel and Distributed Systems, Security and Communication Networks (Wiley), and the Editor of Journal of Network and Computer Applications. He is the Coordinator, Asia for IEEE Computer Society Technical Committee on Distributed Processing (TCDP). He is a Senior Member of the IEEE.
Forbidden City Model – towards an efficient framework for designing secure electronic identity documents
Designing protocols for an interaction with electronic identity documents is a challenging task
even for relatively simple application scenarios.
The usual approach is to design a protocol having in mind some simple attack scenarios. This produces clean designs
and clean security proofs, but a rich variety of potential security problems might be ignored.
This is a severe problem, since a replacement of flawed ID documents is a desperate step with
extremely high overall costs.
Over the past years the development in this area was a sequence of steps: many protocols have been
proposed, but quite frequently they are broken not by showing flaws in the security proofs
but by presenting realistic attack situations not covered by the original security model.
In many cases the security requirements have been refined.
The resulting situation is an abundance of models, which are less and less intuitive, hard to compare
and to understand. Seemingly, only a handful of people really keeps track on the situation.
Due to many reasons this may lead
to design errors and exclude an effective reviewing process by the research community.
Moreover, a majority of models ignores the fact that executing a protocol
with a smart card is not really a two party protocol; in particular, the interaction between diverse components
of the card has to be taken into account.
Our goal is to provide a simple and intuitive model that would help us to capture the key properties
of real world architectures and attack scenarios. Moreover, in order to save the work it should be easy
to refine the model in order to express the emerging threat scenarios.
The main idea is to describe the architecture of the system in the way that resembles the courts
of the Emperor's Palace in the ancient China. There are many internal courts and strict rules how to cross the boundaries
between these separate areas. In some sense, a good cryptographic smart card is designed in the same way: there are strict limitations
for interaction between diverse components of a smart card and the outside world and the components are encapsulated like in the Emperor's Palace.
Moreover, the interactions in the outside world can be defined in the same way - with a number of Palaces modeling security areas.
The modular architecture of the model and the possibility to treat the components one by one make may
reduce the burden of creating a security proof and make the proof transparent to a laymen.
So the system engineers get a real opportunity to provide a valuable security feedback.
It is hardly possible for the classical models, which are on a high level of abstraction accessible
for nobody but a group of cryptographers.
Miroslaw Kutylowski is a full professor at Wroclaw University of Technology in south-west Poland.
He is also a member of Scientific Board of Institute of Computer Science, Wroclaw University of Technology. In 2012 he was elected to the Central Committee for Academic Degrees and Titles in Poland, where he is responsible for computer science.
In the past he was awarded Alexander-von-Humboldt Fellowship. During his academic career he spent
many years at Technical University of Darmstadt and Heinz Nixdorf Institute at Paderborn University. Since 2000 he holds a position at Faculty of Fundamental Problems of Technology at Wroclaw University of Technology, where he established a research group working on distributed algorithms, privacy, security and cryptography. Recently he was awarded by a MISTRZ Prize by Foundation for Polish Science
and IBM Faculty Award for achievements in cyber security.
Particular recent research interests of Prof. Kutylowski in the field of security are anonymous communication protocols, e-voting, and protocols for personal identity documents as well as legal issues of security in information and communication technology. Recently, he was involved deeply in the legal and technical part of e-voting and e-court projects in Poland. In his team he pursues the goal of developing a new
generation of authentication and signature systems based on electronic identity documents.