Spring 2005

 
Date
Speaker
Title
1.
Jan 14
Dave Keener
The Future of Information Security
2.
Jan 28
Pete Lindstrom
Got Discipline? The Four Disciplines of Security Management
3.
Feb 18
Peng Liu
Defending against Internet Worm Attacks
4.
Mar 18
Lance J. Hoffman
Information Policy Issues in the Post-attack Age
5.
Mar 25
Kannan Srinivasan
A Lightweight Security Protocol for Wireless Communications
6.
Apr 1
David Ferraiolo
Evolution of Access Control in Commercial Products
7.
Apr 8
Gene Kim
Auditable Controls Of Best In Class IT Operations and Security Organizations
8.
Apr 22
Susan M. Koski
Considerations for Security Outsourcing

January 14, 2005

Speaker: Dave Keener

Chief Security Officer, Vigilant Minds Inc.,
4736 Penn Avenue, Pittsburgh, PA 15224

Title

The Future of Information Security

Abstract:

The dream of every security manager is to have enterprise-quality Perimeter Security without the need to install, maintain, and support the security-specific hardware and software. In this session, information security expert and VigilantMinds Chief Security Officer, Dave Keener, will discuss the cutting edge of perimeter defense technology, virtual patching, and strategies for managing your security lifecycles. Mr. Keener will focus on the latest technology: installationless perimeter security. This “security made simple” process provides full IDS, IPS, firewalling, content filtering, and web application security – without the need to install hardware or software.

Biography

Dave Keener has been on the frontlines of Information Systems security for over 12 years. Experienced in all the tools and technologies of Information Systems security, Dave also includes best practices and process-driven methodologies in his repertoire.

Prior to co-founding VigilantMinds, Dave was Practice Manager of the Security Solutions group for marchFIRST where he developed, managed, and implemented information security solutions. Dave previously held various key management and engineering positions, ensuring the integrity of information systems and preventing compromises to proprietary information.

Dave began his security career serving his country in the United States Air Force, where he was responsible for engineering secure, reliable network connectivity anywhere in the world. Having the distinct honor of being personally recognized for his engineering accomplishments by the United States Joint Chiefs of Staff, Dave spoke to top Department of Defense officials in Washington D.C. after the first successful field implementation of a deployable network control center.

Back to top ↑


January 28, 2005

Speaker: Pete Lindstrom

Research Director, Spire Security, LLC
Malvern, PA

Title

Got Discipline? The Four Disciplines of Security Management

Abstract:

Information security management is about discipline - the notion of having a fundamental approach to security that allows you to stay the course and not be distracted by the "latest and greatest" threats. This session outlines the "Four Disciplines of Security Management," a strategic information security model that includes Identity Management, Vulnerability Management, Trust Management, and Threat Management. The goal of the model (and the session) is to provide insight into specific control objectives and the activities surrounding the proper security of an enterprise.

Biography

Pete Lindstrom is Research Director for Spire Security, an industry analyst firm providing analysis and research in the information security field. Pete has held previous positions as a security architect and auditor at Fortune 500 companies, a public accounting firm, and the United States Marine Corps. He is a frequent speaker and writer, and has developed a comprehensive reference model for information security called the Four Disciplines of Security Management. He is a graduate of the University of Notre Dame and is a Certified Information Systems Security Professional (CISSP).

Back to top ↑


February 18, 2005

Speaker: Peng Liu

Assistant Professor, School of Information Sciences and Technology
Director, Cyber Security Lab
Penn State University

Title

Defending against Internet Worm Attacks

Abstract:

Worms are nowadays a major security threat to the Internet; and defending against worm attacks faces several tough challenges and involves a number of exciting research issues. In this talk, first, the unique propagation characteristics of various types of worms will be discussed. Second, the defenses against worms will be surveyed in four perspectives: worm prevention, worm detection, worm throttling, and worm recovery. Third, a specific worm containment scheme being developed at Penn State will be proposed. Fourth, several issues about worm research test-beds will be discussed and some worm experiments performed on the DETER test-bed will be illustrated.

Biography

Peng Liu is an assistant professor of Information Sciences and Technology, director of the Cyber Security Lab, and research director of the Center for Information Assurance at Penn State University. He received his B.S. and M.S. degrees from the University of Science and Technology of China, and his Ph.D. degree from George Mason University.

Dr. Liu’s research interests are in the field of computer and network security, especially in attack resilient systems, database and web security, attacker behavior modeling, and worm containment. Dr. Liu is the founding program co-chair of the ACM Workshop on Survivable and Self-Regenerative Systems, the proceedings chair of the 2003 and 2004 ACM International Conference on Computer and Communications Security.

He is a program committee member of several international conferences, including the 2001-2003 ACM International Conference on Computer and Communications Security and the 2004-2005 International Conference on World Wide Web. He is a referee for several international journals, including ACM Transactions on Information and Systems Security, IEEE Internet Computing, and Journal of Computer Security.

Dr. Liu has published a book and about 50 referred technical papers. His research is sponsored by DARPA, NSF, DHS, DOE, AFRL, Cisco, NSA, DoD, HP and Penn State. Dr. Liu is a recipient of the DOE Early CAREER PI Award.

Back to top ↑


March 18, 2005

Speaker: Lance J. Hoffman

Professor, Computer Science Department,
George Washington University

Title

Information Policy Issues in the Post-attack Age

Abstract:

There are many law and policy issues that computer scientists should know something about, but often don't. Especially in areas of privacy and intellectual property protection, the rules are constantly changing and computer code sometimes doesn't match up with legal code. Avoiding these situations is desirable but sometimes difficult to impossible.

This talk will touch on a number of topics: various perceptions of privacy, what can be monitored and by whom (today and in the future), the push for single sign-on identity checking, privacy-enhancing technologies, and privacy-invading technologies. We'll also discuss the pros and cons of Internet voting.

We will end with a few thoughts on how computer science students and professionals can play a role in influencing policy.

Biography

Lance J. Hoffman established the computer security program and led The George Washington University (GW) in Washington, D. C. to national recognition as a Center of Academic Excellence in Information Assurance Education. Distinguished Research Professor of Computer Science there, he is the author or editor of numerous articles and five books on computer security and privacy; the first book (published in 1973) was used in what may have been the first university course entirely devoted to computer security, which he initiated at the University of California, Berkeley. His teaching innovations thirty-four years later include multidisciplinary courses on electronic commerce and network security and the development of a portable educational network for teaching computer security. He also directs the Defense Department and National Science Foundation computer security scholarship programs at GW and leads research efforts in capacity building and computer security curriculum development.

Dr. Hoffman recently was the principal investigator for a project examining the feasibility of a civilian cyber defense exercise similar to that already participated in by military educational institutions in the United States and has run a number of "what if?" exercises related to cybersecurity and the infrastructure.

A Fellow of the Association for Computing Machinery, Dr. Hoffman founded what is now GW's Cyber Security Policy and Research Institute and has served on a number of Advisory Committees including those of the Center for Democracy and Technology, IBM, the Federal Trade Commission, and the ACM Conference on Computers, Freedom, and Privacy. He occasionally testifies before Congress on security and privacy-related issues.

Dr. Hoffman received his B.S. in mathematics from Carnegie Mellon University and his M. S. and Ph. D. from Stanford University in computer science.

More Information:

http://www.cs.seas.gwu.edu/graduate/security/cscsiamain.html
http://www.nsa.gov/isso/programs/coeiae/index.htm

Back to top ↑


March 25, 2005

Speaker: Kannan Srinivasan

Research Officer, Institute for Information Technology - Wireless Systems (IIT-WS)
National Research Council of Canada
1250 Grand Lake Road, PO Box 5300, Sydney, Nova Scotia - B1P 6L2

Title

A Lightweight Security Protocol for Wireless Communications

Abstract:

Existing security standard for the widely used wireless local area network (WLAN) technology, Wired Equivalent Privacy (WEP), is vulnerable to many attacks and is broken. Many software programs such as Kismet are available that can crack WEP in minutes. The solutions in providing more robust security for WLAN (WiFi Protected Access or WPA) have been to add more processing through Message Integrity Check (MIC) algorithms and through extending security overhead per packet. This talk will illustrate the vulnerabilities of WEP and will introduce a new security protocol called State Based Key Hop (SBKH). SBKH is a novel approach in providing security in a state based manner. The state based approach eliminates the need for additional algorithms such as MIC and the need for extended security overhead per packet (as found in WPA). SBKH also eliminates state initialization on every packet through the state based approach. The talk will conclude with some preliminary performance results of SBKH that indicate a power efficiency of up to 75% per packet compared to WEP and WPA, and with future work to be done in extending SBKH to Wireless Sensor Networks.

Biography

Kannan Srinivasan is a Research Officer at the National Research Council Canada, Institute of Information Technologies, Wireless Systems group (NRC-IIT-WS) located in Sydney Nova Scotia. His current research focus is on Medium Access Control (MAC), routing, security and in-network processing specifically applied to Wireless Sensor Networks.

Back to top ↑


April 1, 2005

Speaker: David Ferraiolo

Computer Scientist
National Institute of Standards and Technology
Computer Security Division

Title

Evolution of Access Control in Commercial Products

Abstract:

Access control is the administrative and automated process of defining and limiting which system users can perform which system operations on which system resources. Pertaining to each organization is a unique set of policies that dictate the circumstances and conditions under which specific users are permitted access to specific resources. Access control policies are enforced through a mechanism consisting of access control functions and access control data that together map a user’s access request to a decision whether to grant or deny access. Access control mechanisms come in a wide variety of forms, each with their individual (and often proprietary) attributes, functions, and methods for configuring policy, and a tight coupling to a class of policies. This talk presents the standardization and economic conditions that have driven evolution of access control mechanisms and products from mandatory and discretionary access control products of the early 80s in support of military policies, through role-based access control products of the mid 90s in support of the policy and administrative needs of commercial organizations, to present day efforts to devise a policy neutral access control mechanism in support of the emerging needs of Government and commercial organizations.

Biography

David F. Ferraiolo is the supervisor of the Emerging Technologies Research group of the Computer Security Division at the National Institute of Standards and Technology (NIST). He has over 19 years of experience in computer and communications security, serving both the government and private industry. During his last 10 years of employment at NIST, he has conducted extensive research in various areas of access control, including formal model development, reference and prototype implementation, product demonstration development and evaluation, and is given credited as the originator of numerous commercially available security mechanisms. He is a coauthor of a recent book on RBAC, is the author or coauthor of more than 20 papers in the area of access control, and the principle inventor on two U.S. patents. He received a U.S. Department of Commerce gold medal in 2002 and a 1998 Excellence in Technology Transfer award from the Federal Laboratory Consortium for research in RBAC, and has served on the editorial boards of the U.S Federal Criteria and the international Common Criteria (ISO 15408). His talks have included Key Note speeches at technical conferences, and lectures at Universities and corporations. His publications are widely referenced from sources within the U.S., Canada, Europe, Asia, and Africa and have impacted research and standardization efforts around the world. He received a combined B.S. in computer science and mathematics from the State University of New York at Albany in 1982.

Back to top ↑


April 8, 2005

Speaker: Gene Kim

Co-founder, Chief Technology Officer,
Tripwire Inc.

Title

Advancing Quantitative Management And Causal Science To IT Operations And Security

Abstract:

In this presentation, I will share the work I have been doing over the last five years with the IT Process Institute, Software Engineering Institute and Institute of Internal Auditors, codifying the observed practices of the high-performing IT organizations. These high performers have a culture of change management, a culture of causality and a perpetual desire to detect variance before it causes a catastrophic event. By doing this, they have the highest service levels (e.g., MTTR, MTBF), the earliest and most effective integration of security controls into the IT operations lifecycle, the lowest cost of controls (e.g., cost to prepare, liase, and remediate from audits) and also the best cost effeciencies (e.g., % of operational expense spent on unplanned work, server to system administrator ratios). The practices of the high performers, as well as the transformations that they went to become high performers, is codified in the Visible Ops methodology.

I will also talk about the VEESC survey of practice. The acronym is also its purpose: Quantifying the Value, Effectiveness, Effieciency and Security of Controls. The goal of VEESC is to find the dominant IT controls that correlate with high performers. Once the correlations are found, we can build a quantitative model to understand causation. We hypothesize that in high performing organizations, certain key IT controls deliver 80% of the value at 20% of the cost, and that change and access controls are those foundational and dominant controls. Our goal is to correlate which processes and controls stand out as dominant and foundational, having the properties of a low cost of control and high payback to the organization.

Biography

Gene Kim is the CTO and co-founder of Tripwire, Inc. In 1992, he co-authored Tripwire while at Purdue University with Dr. Gene Spafford. He is currently actively working on a series of projects to capture and codify how "best in class" organizations have IT operations, security, audit, management, and governance working together to solve common objectives. In 2004, he co-wrote the Visible Ops Handbook, codifying how to successfully transform IT organizations from "good to great." In 2003, he co-chaired two conferences with SANS and the Software Engineering Institute, and was named by InfoWorld as one of the "Four Up and Coming CTOs to Watch." Gene is certified on both IT management and audit processes, possessing both ITIL Foundations and CISA certifications.

Back to top ↑


April 22, 2005

Speaker: Susan M. Koski

Vice President, Corporate Information Security Manager of Network and Perimeter Defense
Mellon Financial Corporation

Title

Considerations for Security Outsourcing

Abstract:

The presentation will provide the following:

Overview of enterprise vulnerability alerting and compliance tracking, enterprise threat and vulnerability / attack and penetration testing, network-based intrusion detection engineering, maintenance, monitoring and response, security incident response processes and response, event log monitoring and response, network security analysis, and senior management reporting.

Focus topics will be: Considerations for security outsourcing

Topics that may also be covered, time permitting include: Importance of addressing security vulnerabilities, Considerations for forensic investigations

Biography

Susan Koski is a Vice President at Mellon Financial Corporation, responsible for Information Security regarding the Network, Infrastructure and Perimeter Defenses. Here, Susan has responsibility to manage enterprise vulnerability alerting and compliance tracking, enterprise threat and vulnerability / attack and penetration testing, network-based intrusion detection engineering, maintenance, monitoring and response, security incident response processes and response, event log monitoring and response, network security analysis, and senior management reporting.

Prior to joining Mellon Financial Corporation, Ms. Koski held positions providing technical support for 3-tier architectures across multiple platforms and technology sets, designed and developed software for nuclear control systems, and performed quality assurance testing for system components, integration of those components, and customer acceptance testing for delivery of the final system.

Ms. Koski holds an MBA from Duquesne University and a Bachelors of Science Degree in Electrical Engineering from the University of Pittsburgh. She is a member of the Information Systems and Security Association (ISSA) and is an Advisory Board member of the Pittsburgh Chapter of Infragard.

Back to top ↑