[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Internet Security: Secure Communications Over Untrusted Networks
please post
INTERNET SECURITY
SECURE COMMUNICATIONS OVER UNTRUSTED NETWORKS
A one-day seminar on November 12, 1994
Embarcadero Hyatt Regency Hotel in San Francisco.
Methods of achieving authentication, authorization,
confidentiality, integrity, and nonrepudiation are key to the
successful realization of the National Information
Infrastructure (NII). Today's Internet is a proving ground for
what will become the NII.
The San Francisco Chapter of the IEEE Computer Society has put
together an outstanding program on encryption, intrusion
detection, firewalls, architectures, and protocols for Internet
Security. Speakers in this seminar will describe several of
the main techniques that exist today and the directions in
which they are evolving. The seminar will be helpful to
engineers, engineering managers and product planners seeking
current knowledge of Internet Security.
PROGRAM
8:30 a.m. Registration opens
9:00 a.m. Introduction
9:05 a.m. Keynote Address James Bidzos, President of RSA
9:45 a.m. Steven Bellovin, Ph.D., Bell Labs
"Firewalls for Computer Security"
11:00 a.m. Teresa Lunt, SRI
"Intrusion Detection"
11:45 a.m. Round Table Lunch (incl. with registration)
1:00 p.m. Professor Martin E. Hellman, Ph.D., Stanford
"Cryptography: The Foundation of Secure Networks"
2:00 p.m. Dan Nessett, Ph.D.,
SunSoft and PSRG
"Future Internet Security Architecture"
3:00 p.m. Matt Blaze, Ph.D., Bell Labs
"Protocols: Security Without Firewalls"
4:00 p.m. "Public Safety vs. Private Liberty"
A Panel Discussion on the Social
Implications of Internet Security
Rex Buddenberg NPS
Alan McDonald FBI
Stewart Baker formerly of the NSA
James Bidzos President of RSA
Matt Blaze Bell Labs
Martin Hellman Stanford
A one day seminar in San Francisco, on Saturday, November 12th,
covering private and public-key encryption, key-escrow,
fire-walls, architecture and protocols for security,
intrustion detection, and a spirited panel discussion on
"Public Safety vs. Private Liberty" !
SEATING IS LIMITED. PRE-REGISTER BY OCTOBER 15TH.
9:05 Keynote Address
James Bidzos, President of RSA
James Bidzos, President of RSA Data Security, will present the
keynote address. Mr. Bidzos heads a company whose encryption
technologies are licensed for products ranging from computer
operating systems, to software copy protection, to electronic
mail, to secure telephones. RSA has licensed several million
copies of its encryption software, and has become a focal point
for debate on appropriate application of cryptography.
Mr. Bidzos has gained a unique perspective on the requirements
of effective cryptographic systems. He will highlight the
problem of providing strong encryption for users of computer
networks while meeting the legitimate needs of law enforcement
9:45 Steven Bellovin, Ph.D., Bell Labs
"Firewalls for Computer Security"
When you connect your computer to the Internet, you also create
a channel into your computer. Clever vandals, thieves and
industrial spies have found ways to abuse most of the Internet
protocols from FTP and Telnet to the World Wide Web and
Network Time Protocols. Short of pulling the plug, firewalls
provide the surest defense. The firewall administrator must
keep abreast of new methods of attack and understand how
firewalls can mitigate the threat. Steven M. Bellovin, Ph.D.,
is a senior researcher at AT&T's Bell Laboratories and
co-author of the well known guide "Firewalls and Internet
Security: Repelling the Wily Hacker." As one responsible for
protecting "the phone company" from Internet hackers, Dr. Bellovin
can describe from firsthand experience how firewalls can be
constructed to screen them out. Dr. Bellovin will join us in a
live video teleconference from Bell Laboratories.
11:00 Teresa Lunt, SRI "Intrusion Detection"
Inevitably, someone will try to breach your firewall and might
succeed. The time it takes you to discover the intrusion and
catch the culprit depends on the event logging you have
established. However, logging the many different transactions
that might expose trespassing produces mountains of data.
Automatic digestion of the logs is the only hope of monitoring
them all. Teresa F. Lunt, Director of Secure Systems Research
at SRI's Computer Systems Laboratory, directs work in
multilevel database systems and intrusion detection. Ms. Lunt
will describe intrusion detection and demonstrate automated
tools developed at SRI to analyze audit data for suspicious
behavior.
1:00 Professor Martin E. Hellman, Ph.D., Stanford
"Cryptography: The Foundation of Secure Networks"
Data in transit across unsecured networks like the Internet
are subject to wiretapping attacks and impersonation.
Moreover, privacy of communication and authentication of the
sender's message are essential to Internet commerce, with
exchange of contracts, receipts, credit card drafts and the
like increasingly commonplace. Encryption can solve some of
these problems, but what kind of encryption? Authentication
only or encrypted messages? Secret key or public key, or
both? Will you need a giant key ring for mes sage keys,
session keys, file keys, and passwords? Martin E. Hellman,
Ph.D., Professor of Electrical Engineering at Stanford
University, is co-inventor of public key cryptography with
Whitfield Diffie and Ralph Merkle. He was elected a Fellow of
the IEEE for contributions to cryptography. Dr. Hellman will
explore threats to communication and costs of electronic
countermeasures. He will explain the importance and means of
authenticating electronic messages, and he will survey public key
cryptography. Dr. Hellman will describe public key techniques
including Rivest-Shamir-Adleman (RSA), Diffie-Hellman, ElGamal
and Digital Signature Standard (DSS). He will also describe
the current status of export control and encryption standards
such as the Data Encryption Standard (DES), Escrowed
Encryption Standard (EES) and its encryption algorithm,
Skipjack, which is implemented in Clipper and Capstone chips.
2:00 Dan Nessett, Ph.D., SunSoft and PSRG
"Future Internet Security Architecture"
Dan Nessett, Ph.D., of the SunSoft Division of Sun
Microsystems, and until recently with Lawrence Livermore
National Laboratory, has worked extensively in local area
networks, distributed operating systems and distributed systems
security. He is a member of the Privacy and Security Research
Group (PSRG), which is convened under the auspices of the
Internet Society. Dr. Nessett will explain the emerging
Internet security architecture work undertaken by the PSRG.
The architecture will guide the development of security
mechanisms used in Internet standards.
3:00 Matt Blaze, Ph.D., Bell Labs
"Protocols: Security Without Firewalls"
We use firewalls because Internet protocols are not inherently
secure. Can we rehabilitate the Internet protocols to produce
protocols which are secure, not computationally prohibitive,
and compatible with existing protocols? Matt Blaze, Ph.D., of
Bell Laboratories will talk about the problems of integrating
cryptographic protection into large-scale network infrastructure.
Dr. Blaze is the author of "A Cryptographic
File System for Unix," presented at the 1993 ACM Conference on
Communications and Computer Security, and co-author with John
Ioann idis of "The Architecture and Implementation of
Network-Layer Security Under UNIX," which describes "swIPe," a
network-layer security protocol for the IP protocol suite.
Dr. Blaze will address issues concerning network security
protoc ols, key management and distribution, and threats and
models for cryptographic engineering.
4:00 A Panel Discussion on the Social Implications of
Internet Security "Public Safety vs. Private Liberty"
At one end of an imagined security spectrum lies the
information police-state. Through traffic analysis,
mandatory personal ID numbers and escrowed encryption, and
the ability to record all messages and commerce carried out
on the Information Superhighway, governments could maintain
dossiers on every aspect of the personal life and business
of its citizens. Privacy advocates fear that a corrupt government
could use such information against its political enemies and to
subvert personal freedoms. At the other extreme lies information
anarchy. Through the use of digital cash, anonymous remailers,
and strong non-escrowed encryption, the Information
Superhighway could become a hide-out for criminals and
national security threats. The potential for black-market
activity and the associated tax-evasion is so enormous that
some have speculated that governments could eventually
collapse. Law-enforcem ent advocates fear that they will be
unable to keep up with criminals and terrorists who ply their
trade electronically. Our distinguished panel will provide
insight into the interplay between the rights of individuals
to privacy and freedom, the rights of companies to conduct
unrestrained trade, and the ability of law enforcement and
security agencies to perform their functions efficiently.
This conclusion to the seminar will put into perspective
the social changes that might be wrought by the technical
advances discussed earlier in the day.
Panelists include:
Rex Buddenberg NPS
Alan McDonald FBI
Stewart Baker formerly of the NSA
James Bidzos President of RSA
Matt Blaze Bell Labs
Martin Hellman Stanford
Rex Buddenberg, Instructor of information systems architecture
and applied networking at the Naval Postgraduate School, will
moderate the panel. Mr. Buddenberg is a maritime command,
communication, control and intelligence (C3I) consultant and a
computer networking author. As a C3I architect for the U.S.
Coast Guard, he developed plans and specifications for
extending Internet connectivity to oceanographic ships. Mr.
Buddenberg contemplates the means and effects of net warfare as
both the good guys and bad guys share the same network.
Alan McDonald, Special Counsel for Electronic Surveillance Matters,
Information Resources Division, Federal Bureau of Investigation,
is a specialist in the law and policy concerning electronic
surveillance, Digital Telephony, and encryption issues.
He frequently represents the FBI's view of law enforcement equities
in light of advanced telecommunications and encryption.
Stewart Baker is a former General Counsel to the NSA and
a partner in Steptoe & Johnson, a Washington, DC law firm.
His expertise is in telecommunications, computer export policy,
security of national information infrastructure and encryption.
Mr. Baker brings direct experience with the problem that strong
encryption creates for the NSA in protecting our national
security.
QUESTIONS? CALL (415)-327-6622.
Cut-off and complete this form, enclose your check payable to
the IEEE SFCS, and mail to: IEEE Council Office 701 Welch
Rd. #2205 Palo Alto, CA. 94304
To qualify for the reduced Pre-registration fees, your
application with check must be postmarked no later than Oct.
15, 1994. Registration fee includes lunch, refreshments, and
parking. Seating is limited. To make sure the seminar is
not sold out, call (415) 327-6622.
please check the appropriate box
Fees on or before Oct. 15th:
___ IEEE Member $ 110
___ Non-member $ 120
___ Student $ 85
Fees after Oct. 15th:
___ IEEE Member $ 125
___ Non-member $ 145
___ Student $ 100 (students must present ID)
The seminar location is the Hyatt Regency Embarcadero Hotel,
near the Ferry Building, in San Francisco.
Your registration fee includes the all day seminar, lunch,
and convenient parking in the garages underneath adjacent
Embarcadero Centers 1, 2, or 3. (Keep your ticket for validation).
Please print clearly:
Name : __________________________________________
Title : __________________________________________
Company: __________________________________________
Address: __________________________________________
__________________________________________
_______________________________ ___ ______
Day phone #:(___)_____-_______
IEEE member (or affiliate) #:_______ ____ (for discount)
College/University (if student):___________________
___ Vegetarian lunch option
Refunds will be honored through October 22nd, substitutions
any time. Additional information can be obtained by telephoning
the IEEE Bay Area Council Office: (415)327-6622.
IEEE SFCS RESERVES THE RIGHT TO MAKE CHANGES TO THE SEMINAR
Sponsored by the San Francisco Chapter of the IEEE Computer
Society. The IEEE is a non-profit organization.