| The Evolution of Gobal Privacy Law |
|
Lisa Sotto
|
|
| Reliable Communication and Secure Routing Protocols |
|
Lakshminarayanan Subramanian
Today's Internet is at risk. A single misbehaving router--whether through
misconfiguration or malicious intent--can hijack routes, bringing down
over a third of the Internet. This critical vulnerability stems from the
pervasive assumption inherent in existing protocols that any information
propagated by routers is correct. Emerging security proposals for Internet
routing require a public key infrastructure and a trusted central authority,
and thus are unlikely to see wide deployment.
In this talk, I will first describe Listen and Whisper, two decentralized
and deployable security mechanisms that improve the security of the Border
Gateway Protocol (BGP), the current inter-domain routing protocol. Their
combination eliminates the threat of route hijacking due to misconfigurations
and restricts the damage that deliberate attackers can cause. Using a real-world
deployment of these mechanisms within the Berkeley campus network, we have
been able to detect several routing anomalies.
Then, I will show how these techniques can be extended to provide a foundational
suite of security primitives to achieve secure routing in an arbitrary
network against a bounded number of adversaries. These techniques address
two open theoretical problems: (a) Under what constraints can one achieve
decentralized key distribution given a bounded number of adversaries? (b)
When can one achieve Byzantine agreement if the underlying graph is not
known to the nodes?
|
|
| Secure Sketch for Biometric Templates |
|
Nasir Memon
|
|
| Analyzing Security Policies |
|
Scott Stoller
Increasing electronic information sharing, together with increasing security
concerns, is spurring interest in security policy frameworks more powerful
than traditional frameworks such as access control lists. With more powerful
policy frameworks comes a need for more powerful tools for development,
analysis, and validation of security policies.
This talk describes our work on analysis of security policies in a variety
of frameworks, including type enforcement (as in Security-Enhanced Linux),
attribute-based access control (as in XACML), trust management, and administrative
role-based access control (ARBAC).
|
|
| Distributed Privacy-Preserving Policy Reconciliation |
|
Susanne Wetzel
Organizations use security policies to regulate how they share and exchange
information, e.g., under what conditions data can be exchanged, what protocols
are to be used, who is granted access, etc. Agreement on specific policies
is achieved though policy reconciliation, where multiple parties, with
possibly different policies, exchange their security policies, resolve
differences, and reach a concensus. Current solutions for policy reconciliation
do not take into account the privacy concerns of reconciliating parties.
In this talk we address the problem of preserving privacy during security
policy reconciliation. We introduce new protocols that meet the privacy
requirments of the organizations and allows parties to find a common policy
rule which maximizes their individual preferences.
|
|
| Large-Scale System Security |
|
Steve Bellovin
|
|
| IBM's Security and Privacy Challenges and Strategy |
|
Linda Betz
|
|
