Tutorial:
Why use an autonomic computing approach in developing secure, trusted and auditable services for e-everything in an open distributed computing environment.
Tutorialista: Ahmed Patel - University College, Dublin, Irlanda
Abstract:
Why have e-business trust and security often been evasive and unsuccessful?
This talk will attempt to answer this question by looking at an autonomic approach to
communications services for on-line businesses that requires e-everything.
It reviews the issues and challenges, and presents a rationale for security, privacy,
interception, forensics of digital evidence and trust in an autonomic communications
and computing environment. A combination of security, privacy enhancing technologies,
trustworthy computing interfaces and techniques, advocacy, and greater understanding of the
socio-economic and technical aspects of these new electronic phenomena must be covered to
establish a sound e-business operating environment on a global level. Some possible solutions
pertaining to this environment are also reviewed and examples of some key research areas
outlined.
Palestra:
Cybercrime investigation methodology and tools.
Palestrante: Ahmed Patel - University College, Dublin, Irlanda
Apresentação da Palestra:
Clique aqui para obter a apresentação da Palestra.
Abstract:
The emphasis in computer security and allied fields is generally
concentrated on the scientific and technological aspects of the problems
pertaining to network distributed computing. While this is very
important for providing security and protection services, it is equally
important to understand the problems and possible solutions, as well as
to have trained personnel in order to combat and investigate events such
as break-ins, breaches, IT fraud, etc. This is more so a pertinent
requirement in the ever- increasing use of the Internet and mobile
access because of their elusive and pervasive nature. Realistic
investigative models and tools and proper training will ensure that the
people and processes involved in such work can be as accurate, efficient
and effective as possible. The key to this is the training of
high-technology crime investigators not only for law enforcement
agencies but also auditors and crime investigators in industry. The
first part of the session will examine the issues relating to devising a
comprehensive model to investigate cybercrimes in a consistent and
iterative manner such that the results are the same regardless of the
number of times the same investigation is carried out by different
investigators. The second part of the session will give some examples of
the tools for carrying out the investigations. The final session will
indicate where possible new research opportunities exist in the field of
cybercrime investigation.
Ahmed PATEL received his MSc and PhD degrees in Computer Science from
Trinity College Dublin (TCD) in 1978 and 1984 respectively, specializing in the design,
implementation and performance analysis of packet switched networks. He is a Senior Lecturer
in the Department of Computer Science, UCD and Head of the Computer Networks and Distributed
Systems Research Group.
His research interests span topics concerning international networking and application
standards, network security, forensic computing, high-speed networks, heterogeneous distributed
computer systems and including distributed search engines and systems for the Web.
He has published well-over hundred and sixty technical and scientific papers and co-authored
two books on computer network security and one book on group communications, co-edited a book
distributed search systems for the Internet. He has been a "guest editor" for advanced topics
in the subject areas of interest on numerous occasions for different journals. He is a member
of the Editorial Advisory Board of the following International Journals:
(i) Computer Communications, (ii) Computer Standards & Interface,
(iii) Digital Investigations and (iv) Cyber Crimes and Criminal Justice.
He is frequently serves as an invited external academic expert on review panels evaluating,
validating and auditing academic course degree and certificate teaching and training
programmes. He is a consultant, expert evaluator and reviewer of R&D proposals, technical
and scientific auditor of R&D projects for the national, international and European Union
funding agencies. He is often requested to adjudicate on contemporary colleagues'
academic and research activities as an independent expert. He has been active from
the very beginning of his postgraduate education and research in closing the digital divide
ITC gap, personally and otherwise, through various mechanisms. He has presented papers on
ITC topics as an invited guest at various conferences in the Middle East and North Africa.
He was also involved in the formation of a very successful small company developing network
management software for telecommunications systems.
Tutorial:
Intrusion Tolerance: the road to Automatic Security.
Apresentação do Tutorial:
Clique aqui para obter a apresentação do Tutorial.
Tutorialista: Paulo Veríssimo - University of Lisboa Faculty of Sciences
Abstract:
The pervasive interconnection of systems throughout the world has given computer services a significant socioeconomic value that both accidental faults and malicious activity can affect. The classical approach to security has mostly consisted of trying to prevent bad things from happening—by developing systems without vulnerabilities, for example, or by detecting attacks and intrusions and deploying ad hoc countermeasures before any part of the system is damaged. But what if we could address both faults and attacks in a seamless manner, through a common approach to security and dependability?
This is the proposal of intrusion tolerance, which assumes that: systems remain somewhat faulty or vulnerable; attacks on components will sometimes be successful; and automatic mechanisms ensure that the overall system nevertheless remains secure and operational. Building an intrusion-tolerant system to arrive at some notion of intrusion-tolerant middleware for application support presents multiple challenges. Surprising as it might seem, intrusion tolerance isn't just another instantiation of accidental fault tolerance. To capture the essence of intrusion tolerance, we must first consider that an intrusion is in fact a malicious fault that has two underlying causes: a weakness, flaw, or vulnerability; or a malicious act, or attack, which attempts to exploit the former.
Classical security methodologies mainly focus—quite successfully—on preventing intrusion. However, as reality painfully proves every day, it's impossible, even infeasible, to guarantee perfect prevention: simply put, we can't handle all attacks because they aren't all known, and new ones appear constantly. Such as chains break at their weakest link, a few inconspicuous weaknesses are easy prey to hackers, and the resulting intrusions that escape the intrusion-prevention barrier, will go unnoticed and will likely cause security failures.
The last resort is then intrusion tolerance, which, as the name suggests, acts after intrusion and before failure. Intrusion-tolerance techniques rely on local mechanisms and distributed protocols, and assume combinations of detection (of intruded hosts or tampered communications), recovery (neutralization of intruder activity), or masking (use of spare components or replicas, such that the whole resists the intrusion of a minority).
In this tutorial, we address: the introduction of the fundamental concepts of intrusion tolerance, and the strategies, mechanisms, systems and protocols that help realize the vision of automatic security . However, intrusion tolerance is not without limitations as a paradigm for designing resilient systems, some of which quite unexpected. We discuss some of these findings arising from recent research.
Palestra:
Mirror, Mirror embedded on the wall! What future lies ahead of us all?
Palestrante: Paulo Veríssimo - University of Lisboa Faculty of Sciences
Abstract:
Real-time and embedded systems as we know them are going through a revolution that will significantly change the way we think about them. This change is being announced by several important signs:
- the proliferation of applications of mixed nature/purpose, but whose distinguishing feature is being supported by ad-hoc collections of wireless and mobile entities that act with the environment
- the continued growth of environments which are themselves active, made of pervasive and inconspicuous devices where these applications are immersed, forming an ambient intelligence world
- the self-organisation of these entities into complex systems e.g., small-scale embedded systems as we know them today, organised to form large-scale systems of embedded systems
There will be many more computing devices in embedded, sometimes function-specific, inconspicuous components, than there will be 'computers' as we know them today. Most, if not practically all of them, will be networked, interconnected in some form. However, they can not be designed under the assumptions and techniques prevailing in the embedded systems arena (hard real-time, static, closed and integrated systems).
The applications we foresee in this scenario may look futuristic, but they are about to come. They will exhibit a large degree of pro-activity, will work sometimes independently of direct human control, executing amongst networked components that act autonomously, to affect and control the environment, or spontaneously disseminate information. The key characteristics of these applications are: sentience, autonomy, large scale, time/safety criticality, geographical dispersion, mobility, and evolution. Together, they make up an exciting challenge that must be met by the right paradigms.
What challenges does the mirror on the wall unveil, for Embedded Systems research?
To master complexity, modularity, autonomy, dynamics of configurations, heterogeneity of compositions, pervasiveness of devices, ubiquity of computations, uncertainty of timeliness, security and dependability. In other words, to think about complex real-time systems-of-embedded-systems.
Paulo Veríssimo é doutorado e agregado em Eng. Electrotécnica e de Computadores, pelo IST. É professor no Departamento de Informática (DI) da Faculdade de Ciências da Universidade de Lisboa ( http://www.di.fc.ul.pt/~pjv ), e Director do LASIGE, laboratório de investigação do DI ( http://lasige.di.fc.ul.pt ). Pertence ao European Security & Dependability Advisory Board e é editor associado das IEEE Transactions on Dependable and Secure Computing. Foi Presidente do IEEE Technical Committee on Fault Tolerant Computing e do Steering Committee da conferência DSN e membro do Conselho Executivo da ``CaberNet European Network of Excellence''. Foi coordenador do projecto Europeu IST/FET CORTEX ( http://cortex.di.fc.ul.pt ). É membro sénior do IEEE. Paulo Veríssimo lidera o Grupo de investigação Navigators integrado no LASIGE, e interessa-se correntemente por: arquitectura, algoritmos e subsistemas de suporte (middleware) para sistemas distribuídos, embebidos e permeantes (pervasive), nas facetas de adaptabilidade em tempo-real e segurança e tolerância a faltas/intrusões. Tem mais de 130 publicações internacionais com revisor, e é co-autor de cinco livros internacionais (ex. http://www.navigators.di.fc.ul .pt/dssa/ ).
Tutorial:
Novel optical control plane technologies and their role in Grid Computing.
Tutorialista: Gigi Karmous-Edwards - MCNC Grid Computing and Network Services, NC, USA
Apresentação do Tutorial:Clique aqui para obter a apresentação do Tutorial.
Abstract:
This tutorial explains what a “control plane” is and why is it important to the Global
Integrated Infrastructure Facility (GLIF ) community as well as what the GLIF community is.
Specifically, the GLIF community is trying to address various application grid challenges,
such as: dynamic use of end-to-end optical networking resources; global transfers of large
datasets (terabytes and petabytes) across long distances; coordination of network and Grid
resources, such as CPU and storage; the ability to make reservations for networking resources;
deterministic end-to-end connections (low jitter, low latency); time scales of a few
micro-seconds to longer-term wavelengths; and, near-real-time feedback of network performance
measurements to the applications and Grid middleware. To meet these challenges, the optical
networking community, in conjunction with the Grid community, has to rethink intelligent
optical control planes for future Grid computing. The goal is to raise attendee awareness
of new developments in the area of optical control planes and Grid infrastructure that address
current research activities, and to provide visionary scenarios for future Grid computing
combined with optical network technologies.
Palestra: Enlightened Computing
Apresentação da Palestra:Clique aqui para obter a apresentação da Palestra.
Gigi Karmous-Edwards (gigi@mcnc.org) is a Principal Scientist at MCNC where
her research focus is on novel optical control plane technologies and their role in Grid
Computing. She serves as Principal Investigator of NSF seed-funded large collaborative
project, Enlightened Computing. Chair of “Control Plane and Grid Integration” working group
of Global Lambda Infrastructure Facilities (GLIF) organization. Co-editor and co-author of new
Wiley book “GridNetworks”, published July, 2006. Guest editor of IEEE Communications Magazine,
Feature Topic “Optical Control Planes for Grid Networks: Opportunities, Challenges and the
Vision”, March, 2005. Serves on technical advisory board of EU's EARNEST study for Geant2 and
LONI. She recently chaired GridNets 2005, workshop on Grid related networking research
(part of BroadNets), and currently on the GridNets steering committee. She organized and
chaired two International workshops for “Optical Control Plane for the Grid Community,” which
continues to meet and make progress in the area of optical control plane research.
In her role, she initiates and leads collaborative research activities, which focus on advance
networking technologies for Grid computing, and has published several papers in that area.
She recently was appointed Adjunct Professor of Computer Science at North Carolina State
University, where she plans on teaching advanced classes on Network Management and Control
Planes. She has been an invited guest speaker at several international conferences. She has
spent the last fifteen teen years of her twenty-one-year academic and industry R&D career in
all disciplines of networking Control Planes and Network Management, including strong activity
in standards work, system architecture for data communication systems, and software design
for both embedded systems and management applications. She received her B.S. in Chemical
Engineering, and her M.S. in Electrical Engineering, from NCSU. She is a member of the IEEE
society.
