CySeP Plenary Speakers

 

Prof. Matt Bishop (University of California, Davis, USA)



Example pic
Matt Bishop received his Ph.D. in computer science from Purdue University, where he specialized in computer security, in 1984. He was a research scientist at the Research Institute of Advanced Computer Science and on the faculty at Dartmouth College before joining the Department of Computer Science at the University of California at Davis.
His main research area is the analysis of vulnerabilities in computer systems, including modeling them, building tools to detect vulnerabilities, and ameliorating or eliminating them. He works in network security, resilience, attribution, policy modeling, data sanitization, and formal modeling of access control. He also is interested in electronic voting, worked on numerous analyses of e-voting systems including the RABA study in Maryland, and was one of the two principle investigators of the California Top-to-Bottom Review, which performed a technical review of all electronic voting systems certified in the State of California.
He is active in information assurance education, and co-led the Joint Task Force that developed the ACM/IEEE/ASIS SIGSAC/IFIP WG11.8 Cybersecurity Curricular Guidelines. The second edition of his textbook, “Computer Security: Art and Science”, was published in November 2018 by Addison-Wesley Professional. He teaches introductory programming, software engineering, operating systems, and (of course) computer security.


Seminar title: TBA

Visit Homepage

Prof. Yvo G. Desmedt (University of Texas at Dallas, TX, USA)



Yvo Desmedt is the Jonsson Distinguished Professor at the University of Texas at Dallas, a Honorary Professor at University College London, a Fellow of the International Association of Cryptologic Research (IACR) and a Member of the Belgium Academy of Science. He received his Ph.D. (1984, Summa cum Laude) from the University of Leuven, Belgium. He held positions at: Université de Montréal, University of Wisconsin - Milwaukee (founding director of the Center for Cryptography, Computer and Network Security), and Florida State University (Director of the Laboratory of Security and Assurance in Information Technology, one of the first 14 NSA Centers of Excellence). He was BT Chair and Chair of Information Communication Technology at University College London. He has held numerous visiting appointments.
He is the Editor-in-Chief of IET Information Security and Chair of the Steering Committees of CANS and ICITS. He was Program Chair of e.g., Crypto 1994, the ACM Workshop on Scientific Aspects of Cyber Terrorism 2002, and ISC 2013. He has authored over 200 refereed papers, primarily on cryptography, computer security, and network security. He has made important predictions, such as his 1983 technical description how cyber could be used to attack control systems (realized by Stuxnet), and his 1996 prediction hackers will target Certifying Authorities (DigiNotar was targeted in 2011).


Seminar title: Information Security: Back to the Essentials

In the 19th century astronomers studying Mars came up with maps of canals on Mars. In fact it was a logical thinking for people familiar with Earth. Similar mistakes were made in biology, were it was assumed that oxygen and sunshine were required to enable life. Access Control as implemented today is based on a model that predates the Internet, computer viruses and massive hackings. Should we be surprized that it is inadequate? An alternative to the Access Control Matrix is discussed in this context. Chaum's 1980's Dining Cryptographers and Chaum's MIX are very well known approaches towards anonymity. At that time it was not customary for cryptographers to model the security goal. So, Chaum never modeled anonymity. Afterwards researchers were building on top of Chaum's solution, but were not looking back at the foundations of anonymity. We show that there are message probabilities for which anonymity is completely impossible. Moreover, we show that sometimes Chaum's solutions are not optimal and leak information about the sender/receiver. The question will be raised whether after 45 years research on computer security and 40 years open research in cryptography, we should not systematically revisit the foundations we regard as facts. Part of the lecture is based on recent papers in IEEE Tr. on Inform. Th, and in "From Database to Cyber Security", Springer.

Visit Homepage

Prof. Virgil D. Gligor (Carnegie Mellon University, PA, USA)



Example pic
Virgil D. Gligor received his B.Sc., M.Sc., and Ph.D. degrees from the University of California at Berkeley. He taught at the University of Maryland between 1976 and 2007, and is currently a Professor of ECE at Carnegie Mellon University. Between 2007 and 2015 he was the co-Director of CyLab. Over the past forty-five years, his research interests ranged from access control mechanisms, penetration analysis, and denial-of- service protection, to cryptographic protocols and applied cryptography. Gligor was an Associate Editor of several ACM and IEEE transactions and the Editor in Chief of the IEEE Transactions on Dependable and Secure Computing. He received the 2006 National Information Systems Security Award jointly given by NIST and NSA, the 2011 Outstanding Innovation Award of the ACM SIG on Security Audit and Control, and the 2013 Technical Achievement Award of the IEEE Computer Society.


Seminar title: A Rest Stop on the (Never Ending) Road to Provable Security

During the past decade security research has offered persuasive arguments that the road to provable security is never ending, and further that there's no rest stop on this road; e.g., there is no security property one can prove without making assumptions about other, often unproven, system properties. In this seminar I describe what a useful first rest stop might look like, and illustrate one possible place for it on the road to provable security. Specifically, I show that a simple verifier can establish software root of trust (RoT) on an untrusted system unconditionally; i.e., without secrets, trusted hardware modules, or bounds on the adversary power. I will illustrate the theory foundation for proving RoT establishment unconditionally, and show that the proofs require only the availability of randomness in nature and correct specifications for the untrusted system. The verifier is trustworthy as it requires only the off-line ability to construct nonces from strings of truly random bits and evaluate a new computation primitive – the randomized polynomials -- and then perform an on-line measurement of the untrusted system's evaluation of randomized polynomials and its response time. The optimal code for randomized polynomials on the instruction sets of real processors is discussed is some detail. I also illustrate why RoT establishment is useful for obtaining other basic properties unconditionally, such as secure initial state determination and verifiable boot -- a stronger notion than secure and trusted boot. Verifiable boot can be viewed as an instance of the FlipIt game between a defender and an adversary, where the defender wins the game by discovering the presence of malware surreptitiously inserted by the adversary into the system, unconditionally.

Visit Homepage

Prof. Joseph Yehuda Halpern (Cornell University, NY, USA)



Example pic
Joseph Halpern received a B.Sc. in mathematics from the University of Toronto in 1975 and a Ph.D. in mathematics from Harvard in 1981. In between, he spent two years as the head of the Mathematics Department at Bawku Secondary School, in Ghana. After a year as a visiting scientist at MIT, he joined the IBM Almaden Research Center in 1982, where he remained until 1996, also serving as a consulting professor at Stanford. In 1996, he joined the Computer Science Department at Cornell University, where he is currently the Joesph C. Ford Professor and was department department chair 2010-14. Halpern's major research interests are in reasoning about knowledge and uncertainty, security, distributed computation, decision theory, and game theory. Together with his former student, Yoram Moses, he pioneered the approach of applying reasoning about knowledge to analyzing distributed protocols and multi-agent systems. He has coauthored 5 patents, three books ("Reasoning About Knowledge", "Reasoning about Uncertainty", and "Actual Causality"), and over 360 technical publications.
Halpern is a Fellow of AAAI, AAAS (American Association for the Advancement of Science), the American Academy of Arts and Sciences, ACM, IEEE, the Game Theory Society, the National Academy of Engineering, and SAET (Society for the Advancement of Economic Theory). Among other awards, he received the Kampe de Feriet Award in 2016, the ACM SIGART Autonomous Agents Research Award in 2011, the Dijkstra Prize in 2009, the ACM/AAAI Newell Award in 2008, the Godel Prize in 1997, was a Guggenheim Fellow in 2001-02, and a Fulbright Fellow in 2001-02 and 2009-10. Two of his papers have won best-paper prizes at IJCAI (1985 and 1991), and another two received best-paper awards at the Knowledge Representation and Reasoning Conference (2006 and 2012). He was editor-in-chief of the Journal of the ACM (1997-2003) and has been program chair of a number of conferences, including the Symposium on Theory in Computing (STOC), Logic in Computer Science (LICS), Uncertainty in AI (UAI), Principles of Distributed Computing (PODC), and Theoretical Aspects of Rationality and Knowledge (TARK). He started and continues to be the administrator of CoRR, the computer science section of arxiv.org.


Seminar title: From Coordination to Blockchain: The Elusive Trail of Common Knowledge

Reasoning about knowledge -- what I know about what you know about what I know ... -- is the type of reasoning that is often seen in puzzles and paradoxes, and has been studied at length by philosophers. But it plays a key role in many other contexts, ranging from understanding conversations to the analysis of distributed computer algorithms. More recently, it has been shown to play a key role in understanding what a blockchain protocol provides. I'll start the talk by considering a number of well-known puzzles and paradoxes, which both illustrate the subtleties of reasoning about knowledge and the advantages of having a good framework in which to make this reasoning precise. These puzzles also turn out to be closely related to important problems in distributed computing and game theory. In particular, they emphasize the importance of the notion of common knowledge, which turns out to be essential for reaching agreements and coordinating action. Unfortunately, we can prove that in practical multi-agent systems, common knowledge is not attainable. This seems somewhat paradoxical. How can common knowledge be both necessary and unattainable? The paradox gets resolved (to some extent) by examining a number of variants of common knowledge that turn out to be both attainable and sufficient for many applications. In particular, I'll show that how that a variant of common knowledge characterizes the guarantees provided by blockchain protocols. The work on blockchain is joint with Rafael Pass. The earlier work is joint with Yoram Moses, Ron Fagin, and Moshe Vardi.

Visit Homepage

Prof. Gernot Heiser (UNSW, Sydney, Australia)



Example pic
Gernot Heiser is Scientia Professor and John Lions Chair of Operating Systems at UNSW Sydney and Chief Research Scientist at Data61, CSIRO. His research interest are in operating systems, real-time systems, security and safety. He is the founder and past leader of Data61’s Trustworthy Systems group, which pioneered large-scale formal verification of systems code, specifically the design, implementation and formal verification of the seL4 microkernel; seL4 is now being designed into real-world security- and safety-critical systems. Heiser's former company Open Kernel Labs, acquired by General Dynamics in 2012, marketed the OKL4 microkernel, which shipped on billions of mobile wireless chips and more recently ships on the secure enclave processor of all iOS devices. He presently serves as Chief Scientist, Software, of HENSOLDT Cyber, a Munich-based company providing a secure hardware-software stack for embedded and cyber-physical systems. Gernot is a Fellow of the ACM, the IEEE and the Australian Academy of Technology and Engineering (ATSE).



Seminar title: TBA

Visit Homepage

Dr. Allison Mankin (Public DNS, Salesforce, Washington, DC, USA)



Example pic
Allison Mankin is an Internet protocol lead and researcher based in the Washington DC area. She currently focuses on privacy enhancement of the Internet infrastructure (e.g. DNS over TLS). She holds the position of Principal Architect, Public DNS, at Salesforce. She has a long history in and around the IETF and IRTF, including serving as the IRTF Chair 2017-2019. She is one of the three appointed members of the IETF's ombudsteam. She has worked in a diverse set of industry, academic and government settings. Some of her positions prior to Salesforce were at Verisign, JHU Applied Physics Lab, the US National Science Foundation (NSF), Bell Labs, and USC/ISI. As a program director at the US NSF, Allison was a leader of the Future Internet Design (FIND) program, which initiated the funding of info-centric networking and also played an early role in software-defined networking.



Seminar title: TBA

Visit Homepage

Prof. Patrick Drew McDaniel (The Pennsylvania State University, PA, USA)



Example pic
Patrick McDaniel is the William L. Weiss Professor of Information and Communications Technology and Director of the Institute for Networking and Security Research in the School of Electrical Engineering and Computer Science at the Pennsylvania State University. Professor McDaniel is also a Fellow of the IEEE and ACM and the director of the NSF Frontier Center for Trustworthy Machine Learning. He also served as the program manager and lead scientist for the Army Research Laboratory's Cyber-Security Collaborative Research Alliance from 2013 to 2018. Patrick's research centrally focuses on a wide range of topics in computer and network security and technical public policy. Prior to joining Penn State in 2004, he was a senior research staff member at AT&T Labs-Research. Dr. McDaniel's research focuses on a wide range of topics in computer and network security and technical public policy, with particular interests in mobile device security, adversarial machine learning, systems security, program analysis for security, and the integrity and security of election systems.



Seminar title: TBA

Visit Homepage

Prof. Ravi Sandhu (University of Texas, San Antonio, USA)



Example pic
Ravi Sandhu is Professor of Computer Science, Executive Director of the Institute for Cyber Security and Lead PI of the NSF Center for Security and Privacy Enhanced Cloud Computing at the University of Texas at San Antonio, where he holds the Lutcher Brown Endowed Chair in Cyber Security. Previously he served on the faculty at George Mason University (1989-2007) and Ohio State University (1982-1989). He holds BTech and MTech degrees from IIT Bombay and Delhi, and MS and PhD degrees from Rutgers University. He is a Fellow of IEEE, ACM and AAAS, and has received numerous awards from IEEE, ACM, NSA, NIST and IFIP, including the 2018 IEEE Innovation in Societal Infrastructure award for seminal work on role-based access control (RBAC). A prolific and highly cited author, his research has been funded by NSF, NSA, NIST, DARPA, AFOSR, ONR, AFRL, ARO and private industry.
His seminal papers on role-based access control established it as the dominant form of access control in practical systems. His numerous other models and mechanisms have also had considerable real-world impact. He served as Editor-in-Chief of the IEEE Transactions on Dependable and Secure Computing, and previously as founding Editor-in-Chief of ACM Transactions on Information and System Security. He was Chairman of ACM SIGSAC, and founded the ACM Conference on Computer and Communications Security, the ACM Symposium on Access Control Models and Technologies and the ACM Conference on Data and Application Security and Privacy. He has served as General Chair, Steering Committee Chair, Program Chair and Committee Member for numerous security conferences. He has consulted for leading industry and government organizations, and has lectured all over the world. He is an inventor on 30 security technology patents and has accumulated over 41,000 Google Scholar citations for his papers. At UTSA his team seeks to pursue world-leading research in both the scientific foundations of cyber security and their applications in diverse 21st century cyber technology domains, including cloud computing, internet of things, autonomous vehicles, big data and blockchain. Particular focus is on foundations and technology of attribute-based access control (ABAC) as a successor to RBAC in these contexts. His web site is at www.profsandhu.com.


Seminar title: TBA

Visit Homepage

Prof. Pierangela Samarati (University of Milano, Italy)



Example pic
Pierangela Samarati is a Professor at the Department of Computer Science of the Universita' degli Studi di Milano, Italy. Her main research interests are on data and applications security and privacy, especially in emerging scenarios. She has participated in several projects involving different aspects of information protection. On these topics, she has published more than 270 peer-reviewed articles in international journals, conference proceedings, and book chapters. She has been Computer Scientist in the Computer Science Laboratory at SRI, CA (USA). She has been a visiting researcher at the Computer Science Department of Stanford University, CA (USA), and at the Center for Secure Information Systems of George Mason University, VA (USA).
She is the chair of the IEEE Systems Council Technical Committee on Security and Privacy in Complex Information Systems (TCSPCIS), of the ERCIM Security and Trust Management Working Group (STM), and of the ACM Workshop on Privacy in the Electronic Society (WPES). She is a member of several steering committees. She is ACM Distinguished Scientist (named 2009) and IEEE Fellow (named 2012). She has received the ESORICS Outstanding Research Award (2018), the IEEE Computer Society Technical Achievement Award (2016), the IFIP WG 11.3 Outstanding Research Contributions Award (2012), and the IFIP TC11 Kristian Beckman Award (2008). She has served as General Chair, Program Chair, and program committee member of several international conferences and workshops.


Seminar title: TBA

Visit Homepage

Prof. Gene Tsudik (University of California, Irvine, USA)



Example pic
Gene Tsudik is a Chancellor's Professor of Computer Science at the University of California, Irvine(UCI). He obtained his PhD in Computer Science from USC in 1991. Before coming to UCI in 2000, he was at IBM Zurich Research Laboratory (1991-1996) and USC/ISI (1996-2000). His research interests include many topics in security, privacy and applied cryptography. Gene Tsudik is a Fulbright Scholar, Fulbright Specialist (twice), a fellow of ACM, a fellow of IEEE, a fellow of AAAS, and a foreign member of Academia Europaea. From 2009 to 2015 he served as Editor-in-Chief of ACM Transactions on Information and Systems Security (TISSEC, renamed to TOPS in 2016). Gene was the recipient of 2017 ACM SIGSAC Outstanding Contribution Award. He is also the author of the first crypto-poem published as a refereed paper.



Seminar title: Formally Verifying Remote Attestation for Simple Embedded Devices

Remote Attestation (RA) is a security service that allows a trusted verifier (Vrf) to measure the software state of an untrusted remote device -- Prv. If correctly implemented, RA allows Vrf to remotely detect if Prv is in an illegal or compromised state. Although several RA architectures have been proposed, little attention has been devoted to their verifiability and security guarantees that can be derived through formal verification of RA architectures. In this talk we introduce VRASED: Verifiable Remote Attestation for Simple Embedded Devices. VRASED instantiates a hybrid (HW/SW) RA co-design aimed at low-end embedded systems, e.g., simple IoT devices. Since VRASED security properties must be jointly guaranteed by HW and SW, verification is a challenging task, which has never been attempted before in the context of RA. Besides being the first formally verified RA scheme, VRASED is the first formally verified HW/SW implementation of any security service. VRASED’s publicly available implementation is realized on Basys3 FPGA and requires 16x fewer Look-Up Tables and 36x fewer registers than the cheapest pure HW-based RA design.

Visit Homepage

Navigation

Registration

Venue

Accommodation

Social event

Accepted posters, demos, and short talks

Important Dates