Workshop on Information Assurance Education
| Home Page | Agenda | Speakers | Registration Form | Local Information |
|---|
Bio: Dan Wallach is interested in computer security and the issues of building secure software systems for the Internet. He was one of the founding members of Princeton's Secure Internet Programming Laboratory which was responsible for identifying and publicizing a number of flaws in commercial Java implementations. Wallach was also part of the Java group at Netscape and helped design and implement Netscape's "stack inspection" security architecture. His current research interests focus on the security of Java environments and the general issues that arise in the secure execution of untrusted mobile code. Mobile code challenges many of the security assumptions made by traditional operating systems and network firewalls, requiring us to reformulate our security policies and invent new mechanisms to efficiently implement them. Wallach's most recent work has been to formally model Sun's JDK 1.2 security architecture and build an equivalent system based on this model which makes fewer demands on the runtime system. Dan received his Ph.D. in 1999 from Princeton University.
Bio: R. Sekar is an Associate Professor of Computer Science and the Director of the Center for Cybersecurity at Stony Brook University. Sekar got his Bachelor's degree in EE from IIT, Madras and a Ph.D. in CS from Stony Brook in 1991. From 1991 to 1996, he was a Research Scientist in Networking Research at Bellcore. He then accepted a faculty position at Iowa State University, and subsequently moved to Stony Brook in 1999. He is an expert in computer security and specializes in the areas of intrusion detection, prevention and response, and mobile and untrusted code security. He is very active in information assurance education, and led Stony Brook's effort in introducing IA specializations at the graduate and undergraduate levels, in becoming an NSA Center of Excellence, and obtaining a $2.5 million grant from NSF to support scholarships for students specializing in IA.
The talk starts with an overview of issues in cyber security, including data security; web security; authentication; integrity; viruses, worms, and Trojans; spam; denial of service; and phishing, spoofing, and other social engineering attacks. I then discuss the contents of an undergraduate course, entitled Web Security, that I have taught for several years at the University of Houston.
Bio: Ernst L. Leiss has worked on various aspects of data security and high-performance computing for over two decades. Two of the six books he has written deal with security (Principles of Data Security, Plenum NY; Software Under Siege: Viruses and Worms, Elsevier, Oxford) and has contributed the articles on Data Security and on Viruses and Worms to The Encyclopedia of Physical Science and Technology (John Wiley, New York).
In addition to teaching courses on data security for many years, Leiss has authored papers and supervised theses in data security focusing on
- inference control in statistical databases,
- digital signatures,
- authorization systems (with emphasis on propagation),
- protecting ownership of proprietary software,
- data integrity in digital optical disks,
- immutability of codes, and
- authentication of multi-media documents (primarily MPEG videos)
through (mainly invisible) watermarks and encryption-based schemes.
Dr. Leiss holds graduate degrees in Mathematics and Computer Science; he joined the Department of Computer Science at the University of Houston in 1979 where he is currently a Full Professor.contact: eleiss@uh.edu
Bio: William H. Winsborough is an Associate Professor in Computer Science at the University of Texas at San Antonio. He received his PhD at the University of Wisconsin-Madison in 1989. Professor Winsborough's current research interests are in computer security and privacy in distributed systems, with an emphasis on policy-language systems and provable security properties . Professor Winsborough was Program Co-chair of the 2005 IEEE Workshop on Policy in Distributed Systems and Networks (Policy 2005) and is Program Co-chair of the 4th International Conference on Trust Management (iTrust'2006), to be held 16-19 May 2006 in Pisa, Italy. He is the author of about 40 refereed research articles and papers. Professor Winsborough has two current projects funded by the National Science Foundation (NSF).
Bio: Rakesh Verma is a Professor of Computer Science at the University of Houston (UH). His research interests are on formal methods with applications to protocol verification, automated reasoning and equational programming, on information assurance and on information retrieval. Rakesh was a visiting professor at the Centre for Informatics Research (CRIN) in Nancy, France, a joint centre of INRIA Lorraine and the French national research agency (CNRS) in 1995, 1996-97 and 2001. Recently, Rakesh moderated a panel on "Automata Theory Education" at the ACM SIGCSE Symposium on Computer Science Education. He has given more than 20 invited talks in the US, UK, France, Germany, India, and the Netherlands, and his research has been published in leading journals and conferences. He received his PhD from Stony Brook University.