CERIAS Weekly Security Seminar - Purdue University

This presentation will teach participants how to develop secure infrastructures in eCommerce by discussing security impacts to business applications, Netcentric security elements, and real stories from client experience. The presentation includes a thorough discussion of risk assessment methodology.

This presentation will teach participants how to develop secure infrastructures in eCommerce by discussing security impacts to business applications, Netcentric security elements, and real stories from client experience. The presentation includes a thorough discussion of risk assessment methodology. About the speaker: Mr. Santarcangelo is a consultant in the Security Technologies Specialty for Andersen Consulting. He has three years of experience designing and implementing integrated security solutions for fortune 100 clients. Recent projects include implementing a security solution to automate user administration and on-going management across several platforms for a large computer hardware provider, and leading a web security architecture team for a large telecommunications company. Mr. Santarcangelo has experience with several leading security software packages (including Cybercop Scanner, ISS Scanner, Axent ESM), NT management tools, and UNIX and network security issues.

As use of information technology continues to expand, the need to identify and preserve electronic evidence becomes a paramount. Once strictly the domain of law enforcement agencies, computer forensic examination has become a common part of litigation. Mr. Hansen will discuss a evolution of computer forensics, some of the ongoing legal and technical challenges that face a service provider in this area. Mr. Hansen will review a number of recent cases, and identify current trends in this area.

As use of information technology continues to expand, the need to identify and preserve electronic evidence becomes a paramount. Once strictly the domain of law enforcement agencies, computer forensic examination has become a common part of litigation. Mr. Hansen will discuss a evolution of computer forensics, some of the ongoing legal and technical challenges that face a service provider in this area. Mr. Hansen will review a number of recent cases, and identify current trends in this area. About the speaker: Mr. Hansen joined Trident Data Systems in 1998 to develop a line of network incident response and computer forensic services. Under his direction, Trident has become one of the premier US providers of computer forensics investigation to law enforcement agencies, financial institutions, technology firms, and a variety other clients. Mr. Hansen joined Trident from the United States Air Force, where as a Special Agent he most recently served as the Deputy Director, Computer Crime Investigations Division of the Air Force Office of Special Investigations. In this capacity, he provided guidance and oversight of all investigations into the penetration of Air Force and select Department of Defense computer systems worldwide, and was assisted in the development of the nation's premier computer forensics laboratory. During his eleven years with the OSI, Mr. Hansen conducted counterintelligence investigations, protective service operations, directed a counter-narcotics operations team, and performed several high profile undercover operations

This talk addresses the issue of reconciling the needs of law enforcement and national security with the continuing evolution of computer and communications technology. It will describe the needs of both the law enforcement and national security communities including their current technical requirements and solutions. It will then describe technological trends and show how technical imperatives will render current solutions ineffective. It concludes with a description of possible directions that may be used to meet both law enforcement and national security needs while accounting for both technical evolution and social rights.

This talk addresses the issue of reconciling the needs of law enforcement and national security with the continuing evolution of computer and communications technology. It will describe the needs of both the law enforcement and national security communities including their current technical requirements and solutions. It will then describe technological trends and show how technical imperatives will render current solutions ineffective. It concludes with a description of possible directions that may be used to meet both law enforcement and national security needs while accounting for both technical evolution and social rights. About the speaker: David Aucsmith is the chief technologist for data and communications security technology at Intel Corporation. He is responsible for research, development and deployment of data and communications security technologies and products, in both hardware and software. Additionally, he is responsible for technical policy issues regarding security technology and serves as Intel's technical interface to regulatory organizations. He is currently working on industry standard architectures for the application and interoperability of data security technologies for communications, electronic commerce, and content protection. Previously, he was the architect of Intel's Common Data Security Architecture (CDSA), which is now an Open Group standard. Prior to joining Intel, David was the manager of Trusted Systems Development at Sequent Computer Systems. There he was chief architect and manger of the team that developed the first TCSEC compliant B1 level symmetric multiprocessor secure computer system. He earned MS degrees in CS from Georgia Tech, and in Nuclear Physics from NPS, and held the rank of Lieutenant Commander in the US Navy.

In the past several years there has been an explosive growth in digital imaging technology and applications. Digital images and video are now widely distributed on the Internet and via CD-ROM. One problem with a digital image is that an unlimited number of copies of an "original" can be easily distributed and/or forged. This presents problems if the image is copyrighted. The protection and enforcement of intellectual property rights has become an important issue in the "digital world." Many approaches are available for protecting digital images and video; traditional methods include encryption, authentication and time stamping. In this talk we describe algorithms for image authentication and forgery prevention known as digital watermarking. A digital watermark is a signal that is embedded in a digital image or video sequence that allows one to establish ownership, identify a buyer or provide some additional information about the digital content. In this talk we will review the current state of watermarking and describe some of the open research problems.

In the past several years there has been an explosive growth in digital imaging technology and applications. Digital images and video are now widely distributed on the Internet and via CD-ROM. One problem with a digital image is that an unlimited number of copies of an "original" can be easily distributed and/or forged. This presents problems if the image is copyrighted. The protection and enforcement of intellectual property rights has become an important issue in the "digital world." Many approaches are available for protecting digital images and video; traditional methods include encryption, authentication and time stamping. In this talk we describe algorithms for image authentication and forgery prevention known as digital watermarking. A digital watermark is a signal that is embedded in a digital image or video sequence that allows one to establish ownership, identify a buyer or provide some additional information about the digital content. In this talk we will review the current state of watermarking and describe some of the open research problems. About the speaker: Edward J. Delp was born in Cincinnati, Ohio. He received the B.S.E.E. (cum laude) and M.S. degrees from the University of Cincinnati, and the Ph.D. degree from Purdue University. From 1980-1984, Dr. Delp was with the Department of Electrical and Computer Engineering at The University of Michigan, Ann Arbor, Michigan. Since August 1984, he has been with the School of Electrical and Computer Engineering at Purdue University where he is a Professor of Electrical and Computer Engineering.He is a Fellow of the IEEE, a Fellow of the SPIE, and a Fellow of the Society for Imaging Science and Technology (IS&T). His research interests include image and video compression, multimedia security, medical imaging, multimedia systems, communication and information theory. Dr. Delp has also consulted for various companies and government agencies in the areas of signal and image processing, robot vision, pattern recognition, and secure communications. More information about Professor Delp may be found in his online bio.

Current research in information security at many labs are largely focused on traditional themes: firewalls, intrusion detection, cryptography, and computer viruses. However, there are other challenges that need to be addressed to provide a basis for protecting our information infrastructure. About the speaker: Spaf is the Director of CERIAS and is a noted researcher and iconoclast. A more comprehensive vita is available online.

Current research in information security at many labs are largely focused on traditional themes: firewalls, intrusion detection, cryptography, and computer viruses. However, there are other challenges that need to be addressed to provide a basis for protecting our information infrastructure.

Multicast routing is a service that provides for efficient many-to-many communication in a network. Traditionally, secure multicast protocols have used existing multicast routing services and relied on cryptographic protection of the messages sent to provide security. Much previous work in the area has been on methods of establishing a shared key between members subscribing to the multicast group. Some problems with this approach are that any network member can receive the encrypted traffic, and that the multicast routing protocol itself is subject to attacks which allow for effective denial-of-service attacks against the group members. I present Keyed-HIP (KHIP), a protocol for secure, hierarchical, multicast routing that changes the multicast model to prevent non-group members from receiving the secure traffic, and limits the effectiveness of denial of service attacks against the multicast group. KHIP also provides an efficient mechanism for distributing data encryption keys to all members of the group. While the type of security provided by KHIP is not necessary in all cases, for some applications the traditional model of multicast security may be lacking.

Multicast routing is a service that provides for efficient many-to-many communication in a network. Traditionally, secure multicast protocols have used existing multicast routing services and relied on cryptographic protection of the messages sent to provide security. Much previous work in the area has been on methods of establishing a shared key between members subscribing to the multicast group. Some problems with this approach are that any network member can receive the encrypted traffic, and that the multicast routing protocol itself is subject to attacks which allow for effective denial-of-service attacks against the group members. I present Keyed-HIP (KHIP), a protocol for secure, hierarchical, multicast routing that changes the multicast model to prevent non-group members from receiving the secure traffic, and limits the effectiveness of denial of service attacks against the multicast group. KHIP also provides an efficient mechanism for distributing data encryption keys to all members of the group. While the type of security provided by KHIP is not necessary in all cases, for some applications the traditional model of multicast security may be lacking. About the speaker: Clay was born in Washington, D.C, and spent much of his childhood living overseas as required by the career of his stepfather, who was a covert agent for the CIA. Clay got an undergraduate degree in electrical engineering from the University of Virginia, and after a year as a computer programmer on Capitol Hill, joined the U.S. Army. As an infantry officer with the 101st Airborne Division, Clay served overseas with the peace-keeping force in the Sinai Peninsula, earning a commendation for liaison work with the Egyptian and Israeli military. Because sitting in a muddy foxhole with a rifle was not intellectually challenging enough, Clay left the Army to return to graduate school. He attended the University of California at Santa Cruz, and for his dissertation he studied computer networking, particularly multicast routing and network security issues. With the ink not yet dry on his PhD, Clay took a job as an assistant professor in computer science at Purdue University, not so much for easy access to corn, but to be associated with CERIAS and to continue his research into network security. Clay is particularly interested in finding ways to exploit existing protocols, in designing secure protocols and in finding ways to keep careful track of what is happening in a network while maintaining user privacy and anonymity.