Industry Canada 1 Industrie Canada IP Telecom and Security Program • Attendees: Lewis Robart and David Gibson – IP Telecom and Security Group, Spectrum Engineering Branch, Industry Canada • Group’s objective is to ensure reliable telecommunications services, through engineering investigation and analysis of emerging technologies. • Program Components – Engineering investigation and analysis • Protocol Analysis Lab (PAL) • Industry collaboration – Standards development – Academic partnerships October 17, 2005 CASCON 2005 – Cybersecurity Workshop Centre for CyberSecurity Research at University of Toronto at Mississauga Stefan Saroiu University of Toronto How do we start addressing the problem? We need modern ways of examining how Internet and networked information systems work? Network traffic vantage points Mechanisms to replay traffic in controlled environments We need to examine new problems introduced by new technologies Mobile devices + ubiquitous connectivity $500/month buys WiMax metropolitan connectivity at broadband speeds in Seattle In 10 years, a $500 PDA will have a 20x faster CPU and a 30x bigger hard disk than your desktop [Keshav’ 05] Stefan Saroiu: Centre for CyberSecurity University of Toronto at Mississauga Eric Yu Assoc. Prof. Fac. Info. Studies University of Toronto www.fis.utoronto.ca/~yu Systems design for security and privacy Software Requirements Engineering, NFRs Intentional modeling for Software Engineering Strategic Modeling Knowledge Management Enterprise Architecture Strategic Dependency Model – Smart Card System Strategic Rationale Model – Card Manufacturer The i* framework for strategic actors modeling Michel Barbeau School of Computer Science Carleton University Interests: Wireless security, intrusion detection, threat assessment, radio frequency fingerprinting, mobility profiling Recent Work • WiMax/802.16 Threat Analysis – Paper in Q2SWinet 05 • Enhancing Intrusion Detection in Wireless Networks Using Radio Frequency Fingerprinting – Paper CIIT ’04 with J. Hall and E. Kranakis • Rogue Access Point Detection in Wireless Networks – Patent with J.M. Robert (Alcatel) • See: www.scs.carleton.ca/~barbeau Contact info René Struik Phone: +1 (905) 501-6083 Certicom Research Email: rstruik@certicom.com Research interests Core crypto • ECDSA signatures: speed-up verification (single, batch) • ECDH key agreement: unbalanced and assisted computations Adhoc sensor networks • Security models and trust management • Semi-automatic lifecycle management • Configuration and installation • Low implementation cost - Protocols: re-use building blocks, parallelism flows, etc. - Keying material: key identification, key usage, key size Adhoc networks • No centralized management • Promiscuous behavior • Unreliability Sensor networks • Low energy consumption • Low manufacturing cost Security constraints • Decentralized key management • Flexible configuration and trust model • Low impact key compromise • Automatic lifecycle management • Low communication overhead • Low implementation cost Cyber-Security Research and Test Facility Stephen Neville Assistant Professor Electrical & Computer Engineering Dept. University of Victoria Email: sneville@ece.uvic.ca Overview Development of a research and test facility for accurately simulating corporate-scale network environments for systems (and systems-of-systems) level cyber-security and privacy research. Goals: a) Ability to simulate/re-create arbitrary network environments: Up to full 1 Gbps bandwidths. Reproductions down to packet payloads and inter-packet timing characteristics. Overlaying of arbitrary attack and normal events. Not based on virtual networks unlike Iowa State’s ISEAGE system. or, DETER – based on University of Utah’s EmuLab suite. Overview (cont.) b) Ability to re-instantiate/re-run experiments on-demand Exact control over facility’s configuration All system OSes (mirrored in at experiment run time) Network traffic data images Network switch configurations Timing and sequencing of overlaid attack and normal traffic events Performed through custom experiment control and management software: Experiment configuration Data set loading Experiment sequencing On-demand isolation from all UVic networks To meet the goals of scientific repeatability To facilitate statistically valid sensitivity and robustness research Overview (cont.) c) Physically isolated & secure facility Exact control over all network traffic Physically isolated networks (not virtual networks) Physically separate laboratory space Complete facility behind locked doors. No internet connection during experimental runs Access restrictions based on a per data set basis Required to meet security and privacy concerns. Equipment: 42 dual-Xeon 3.0GHz IBM HS20 blades Each with dual 36 G SCSI drives 2 dual-Xeon 3.0 GHz 2U x386 servers each with its own 350G 15k SCSI RAID 12 Nortel Layer 2/3 network switch modules Cisco 4503 layer 2/3 switch 4 3.4 Ghz dual-Xeon desktop servers 2 with quad 2x2 20” LCD displays 9 small form factor 2.8Ghz Xeon PC’s 4 1 Gbps Ethernet ports per machine 4 independent 1 Gbps networks 2 attack/simulation networks 2 experiments control networks Leverage UVic’s existing petabyte storage facility 4 Gbps fiber connection to UVic’s research network Physical Architecture: 4Gbps F iber connection to Control N etworks (dual 1 Gbps Cat5E ethernet) U Vic Research Network CIS CO Catalyst 4503 N etwork Switch F irewall 2 Experiment Controllers each w ith a 5x73.4 GB 15k SCS I RAID (2U Rack Mount dual 3.0GHz Xeon w 2GB mem. Linux Servers ) S oftw are Firewall A ttacking H osts (3 blades + 2 2.8 GH z 1GB mem. 160G ATA drive small form factor PC’s) Target Hos ts (3 blades + 2 2.8 GHz 1GB mem. 160G ATA drive s mall form factor PC’s) (dual card I/O) (6 blades + 2 3.4G hz 2 G b M em. 160 G B ATA drive desktops with 4 head video card and 4 1 Gbps ethernet ports) (30 3.0GHz dual Xeon Blades 1 GB mem. and 36.4 GB SCSI hard drive and 4 1Gbps Cat5e ethernet ports) Background Traffic Generation Cluster CyberS ecurity Ris k A nalysis and M anagement Cluster Blade Rack KV M Console Software Firewall S oftw are Firew all Real-Time Situational Aw areness Cons oles (2x2 20.1” 1600x1200 LCD displays ) Software Firewall 2 D ual 1 Gbps Cat5e ethernet Attack and S imulation Networks Managed Internet Connection to A ttack/Simulation Netw ork Firewall/VPN Note: - All hosts except small form factor P C’s are dual process or machines w ith 4 1 Gbps ethernet ports - All machines except the machines in the target cluster will run a Linux variant - Target machines will run both Window OS es and Linux on a per experiment bas is - The tw o desktop risk management clus ter hosts have a 4-head video card to support the 4x4 dis plays required for the ris k management consoles - For clarity network hubs and switches are not show n. - Total facility non-educational cost $545,000.00 Plus 5 small form factor PC’s for off-s ite data collection activities Software F irewall Software Router Status Fully funded. CFI New Opportunities grant British Columbia Knowledge Development fund. Generous in-kind donation by IBM Canada Inc. CFI Infrastructure 5 year Operating grant $550k+ in total funding. Equipment on-site and powered (as of Oct. 1) Rack mount equipment is secure server room. Adjacent secure lab space under renovation. Final network connections in process of being made. Going Forward Over next 4 to 8 weeks initial facility capabilities will come on-line. Custom facility control and management software Position to be filled Nov. 1st Completion time: estimated at 8 months Completion date: Late summer ’06 Interesting research can be undertaken prior to all the facility’s capabilities are fully realized. Seeking: Representative network traffic data sets Academic and industrial collaborators Not limited to cyber-security related research Open to general systems and systems-of-systems level research Ideally also, funding opportunities: Particularly, student support Securing Computing Systems Interests: David Lie Department of Electrical and Computer Engineering University of Toronto Virtual Machine Monitors to provide: Isolation Customization Flexibility Intrusion Detection Automatic Signature Generation Automatic Filter Generation Automatic Recovery Preventing Information Leakage Private Key SSH-Priv Password File Minimal OS SSH-Unpriv Other Applications Operating System Virtual Machine Even if the Linux system is compromised, the private key and password are safe in a separate Virtual Machine The adversary cannot get that information Marsha Chechik University of Toronto, Department of CS Interests: Automated reasoning about software Requirements engineering Verification and validation Interests in Cybersecurity: Reasoning about components and their interactions w.r.t. complex security properties Specifications that allow compositional reasoning Analysis of code Automated, precise, scalable Example: reasoning about ssh Split ssh into two parts (secure kernel and the rest) Prove that the two parts still perform the right function Prove that the splitting did not introduce new problems In ssh: communication between the two parts could be undermined, allowing access to the rest of info Prove, using Toronto software model-checker Yasm that secure kernel satisfies its properties About 30,000 lines of code. Guarantee, using Virtual Memory Monitors, that the rest of the system is secure CISaC cisac.math.ucalgary.ca H.C. Williams iCORE Chair, Algorithmic Number Theory & Cryptography Department of Mathematics and Statistics University of Calgary CISaC’s Mission CISaC's objective is to conduct multi-disciplinary research in information protection, including: mathematical foundations, Secure communication and cryptography, Quantum information science, Privacy Security of computer networks, software, and hardware. Urs Hengartner Assistant Professor in the School of Computer Science at University of Waterloo Ph.D. from Carnegie Mellon (August 2005) uhengart@cs.uwaterloo.ca Research interests Privacy in future computing environments Uncertainty in access control Credential discovery Research Interests in Information Privacy Privacy violations caused by naïve application of access control in pervasive computing Location-based service leaks current location Calendar entry leaks participants’ location Privacy for emerging services Bell Canada’s “Seek & Find” service Google’s talk, email,… services Urs Hengartner • Ashraf Matrawy: Assistant Professor, Systems and Computer Engineering, Carleton University • Background is network reliability, QoS, and security • Security interests – Mitigation of Network Denial of Service (NDoS) through new network architectures and traffic management techniques. (with DSG at Carleton) – Establishing trust in collaborative and P2P applications in wireless environments. – Evaluation of network security: development of metrics that describe the security status of a computer network. http://www.sce.carleton.ca/faculty/matrawy.html amatrawy@sce.carleton.ca José M. Fernandez – École Polytechnique Background M.Sc. Theoretical Crypto (U of T, 1993) Ph.D. in Quantum Computing (U of Montreal, 2004) Some government/industry experience in ITSEC (1993-2004) École Polytechnique Current Research Areas 1. • • 4th-year intro to ITSEC (updated!) Graduate Network Security course Graduate “Microprogramme” in Computer Security in development Research/training HQP: • Done: 3x M.Sc., 4x B.Sc. In progress: 1x Ph.D.(co-dir) 8x M.Sc. (3x co-dir) • DDoS Attacks • • 2. 3. Mobile-agent based 1x M.Sc.A (ST) Evolutionary methods 1x M.Sc.A (FK) Collaborative strategies 1x M.Sc.A (KA) Malware analysis and optimisation 4. Statistical modelling and defensive strategy optimisation 2x M.Sc.A (EH, AB) In ad-hoc networks 2x M.Sc.A. (AM, SMR) Next-generation IDS Asst. Prof. Department of Computer Engineering, since 2004 Teaching : • 1x M.Sc.A (PMB) Quantum Stuff … 1x Ph.D. José M. Fernandez – École Polytechnique Funding CFI Collaborators & Partnerships • John Mullins • 1 M$ grant (eqpt+SW) • 144x blade cluster for network emulation • Special-purpose HW Traffic generator Reconfigurable network • Research Sensor Network (looking for hosts!!) • High-security Malware Lab NSERC : formal methods in security • Ettore Merlo & Giuliano Antoniol Software security. Automated vulnerability discovery by static analysis of source code • Samuel Pierre Security in ad-hoc networks • 15 k$ (+ 15k$ pending) FQRNT (pending) Sureté du Québec/RCMP • Teaching and trg of students (internships) • Possible R&D projects ASIMM • Local IT Security prof. association Bank of Montréal • Partner in CFI grant • 20k$/yr x 2 yr. Too many toys, not enough kids !!! CRIMOB • FQRNT research centre proposal • 15 k$/yr x 3 yr. Polytechnique start-up grants DGI-Polytechnique ____(your name here)____ Security and FLOSS Professor Mark Perry mperry@uwo.ca Faculty of Law Faculty of Science University of Western Ontario FLOSS for the ‘paranoid’ • Who can we trust? • Ourselves? • What are vital systems for democracy? • Voting • Government • Tax • Defense • What software to use? • FLOSS…. Nadia TAWBI Computer Science & Software Engineering Department Laval University Research Interests: • Static Code Analysis • Dynamic Code Analysis • Malicious Code Detection • Formal Verification • Securing & Optimizing Resource Limited Devices Security Policy Enforcement Mechanisms Malicious Code Detection – Extracting a model representing program behaviour: Type based analysis Flow analysis Abstract Interpretation – Expressing security policy in a modal logic – Model checking – Depending on the result : Accept Reject Instrument Embedded security – Optimizing security enforcement mechanisms R&D Areas Andrew.Patrick@nrc-cnrc.gc.ca • intelligent agents for trust communication, handling (personal) data, and computer activity monitoring • privacy applications and negotiation • trust: psychological and artificial • biometrics: face recognition, usability • human-computer interaction: interfaces and evaluation • machine translation and data mining for security intelligence • anonymous ad-hoc mobile networks • security and privacy for e-services • engineering software for security Gord Agnew University of Waterloo Long term storage of records in large databases (e-health records) Secure and authenticated end-to-end VoIP Secure Sensor Networks Patrick C. K. Hung Faculty of Business and Information Technology University of Ontario Institute of Technology (UOIT) Oshawa, Ontario Research Interests: Security and Privacy, Services Computing, Business Process Integration, Electronic Negotiation and Agreement. What I am working on… • • • Teaching: Introduction to Programming, E-Commerce, E-Business Technologies, ECommerce Security Infrastructures, and External Environment of Business Research: – "Mobile Network Dynamic Workflow Exception Handling System," U.S. Patent Application Filed to U.S. Patent and Trademark Office, Boeing Phantom Works, USA, 2004-2006 – "M-services computing security and privacy enforcement model," NSERC Discovery Grants Program - Individual, 2005-2007 – “Requirements and Architecture for Healthcare Privacy in Mobile Ad Hoc Networks (MANETs)” with BUL, Bell’s Privacy Center of Excellence, UofT, and Faculty of Health Sciences at UOIT, IN PROGRESS Professional Services: – Program Co-chair of the Ninth IEEE EDOC Conference (EDOC 2005) "The Enterprise Computing Conference" and the General Chair of the tenth IEEE EDOC 2006 – Program Committee Vice-Chair of 2006 IEEE International Conference on Services Computing (SCC 2006) – Associate Editor of the International Journal of Web Services Research (JWSR) and International Journal of Business Process Integration Management (IJBPIM) – Executive committee member of the IEEE Computer Society’s Technical Steering Committee for Services Computing (TSC-SC) The 2006 International Conference on Privacy, Security and Trust (PST 2006) Venue: University of Ontario Institute of Technology (UOIT) Oshawa, Ontario, Canada Theme: Bridge the Gap between PST Technologies and Business Services Date: October 30 (Monday) - November 1 (Wednesday), 2006 Topics of interest include, but are NOT limited to, the following: Privacy Preserving/Enhancing Technologies Critical Infrastructure Protection Identity and Trust management Network and Wireless Security Operating Systems Security Intrusion Detection Systems and Technologies Secure Software Development and Architecture Representations and formalizations of Trust in electronic and physical social systems PST challenges in e-services, e.g. e-Health, e-Government, e-Banking, e-Commerce, and eMarketing Information filtering, recommendation, reputation and delivery technologies, spam handling technologies Trust technologies, technologies for building trust in e-Business Strategy Observations of PST in practice, society, policy and legislation Digital Rights Management Human Computer Interaction and PST Implications of, and technologies for, Lawful Surveillance Biometrics, National ID cards, identity theft PST in services computing Privacy, traceability, and anonymity Trust and reputation in self-organizing environments Anonymity and privacy vs. accountability Access control and capability delegation Important Dates Papers Submission Deadline: Notification of Acceptance: Final Manuscript Due: Conference: April 3, 2006 May 15, 2006 June 5, 2006 November 1-2, 2006 Workshop Proposals Submission Deadline: Notification of Acceptance: Final Workshop Papers Due: Workshops: January 23, 2006 February 6, 2006 June 5, 2006 October 30, 2006 Organizing Committee General Chair Greg Sprague (NRC, Canada) Program Co-Chairs Bernadette Schell (UOIT, Canada) Wilfred Fong (UOIT, Canada) Workshop Chair Scott Knight (Royal Military College, Canada) Publication & Publicity Co-Chairs: George Yee (National Research Council, Canada) Patrick Hung (UOIT, Canada) Advisory Committee of PST 2006 Sushil Jajodia (George Mason University, USA) Ravi Sandhu (George Mason University, USA) Elisa Bertino (Purdue University, USA) Vijay Atluri (Rutgers University, USA) Lorrie Cranor (Carnegie Mellon University, USA) Vijay Varadharajan (Macquarie University, Australia) Larry Korba (NRC, Canada) Ian Blake (University of Toronto, Canada) J. Leon Zhao (The University of Arizona, USA) Cunsheng Ding (Hong Kong University of Science and Technology, Hong Kong) Sylvia Osborn (The University of Western Ontario, Canada) John McHugh (Dalhouse University, Canada) Location We are hiring faculty members in security and computer games! www.uoit.ca Preliminary Call For Contributions The 2006 International Conference on Privacy, Security and Trust (PST 2006) Theme: Date: Venue: Bridge the Gap between PST Technologies and Business Services October 30 - November 1, 2006 University of Ontario Institute of Technology (UOIT) Oshawa, Ontario, Canada The 2006 International Conference on Privacy, Security and Trust (PST 2006) is the FOURTH annual conference focusing on privacy, security and trust technologies and related research issues. PST is a forum for researchers, scientists, educators, business people, technologists, futurists, policy makers, and industry practitioners, who have a vision and an understanding of the large challenges (and accompanying advances), to exchange information regarding advancements in the state of the art and practice of privacy, security and trust technologies, as well as to identify the emerging research topics and define the future of PST. The theme of PST 2006 is “Bridge the Gap Between PST Technologies and Business Services,” which aims to investigate the research issues of business services-level security and privacy considerations and objectives to the realization in PST technologies. The program of PST 2006 will continue to feature research papers with a wide range of topics, focusing on different aspects of electronic services and PST technologies. Topics of interest include, but are NOT limited to, the following: Privacy Preserving/Enhancing Technologies Critical Infrastructure Protection Identity and Trust management Network and Wireless Security Operating Systems Security Intrusion Detection Systems and Technologies Secure Software Development and Architecture Representations and formalizations of Trust in electronic and physical social systems PST challenges in e-services, e.g. e-Health, e-Government, e-Banking, e-Commerce, and e-Marketing Information filtering, recommendation, reputation and delivery technologies, spam handling technologies Trust technologies, technologies for building trust in e-Business Strategy Observations of PST in practice, society, policy and legislation Digital Rights Management Human Computer Interaction and PST Papers Deadline: April 3, 2006 Implications of, and technologies for, Lawful Surveillance Submission Notification of Acceptance: May 15, 2006 Final Manuscript Due: June 5, 2006 Biometrics, National ID cards, identity theft Conference: November 1-2, 2006 PST in services computing Workshop Proposals Privacy, traceability, and anonymity Submission Deadline: January 23, 2006 Trust and reputation in self-organizing environments Notification of Acceptance: February 6, 2006 Final Workshop Papers Due: June 5, 2006 Anonymity and privacy vs. accountability Workshops: October 30, 2006 Access control and capability delegation All accepted papers will be published in the conference proceedings in hardcopy and on-line version. It is planned to select the best research papers for special issues in top notch journals. There will be awards for winners of the Best Paper and Best Student Paper competitions. Submissions are encouraged as long papers (8-12 pages), short papers (4-5 pages) and posters. Further details will be announced soon. We are also inviting proposals for workshops to be held on October 30, 2006. Workshops provide organizers and participants an opportunity to discuss current topics on PST in a small and interactive atmosphere. Workshops can choose to concentrate in-depth on research topics, but can also be devoted to research, application and industry issues. Proposals should include the workshop, the names and a brief (200 word) biography for each organizer and a summary of the workshop contents (approximately 1-2 pages i.e. 500-1000 words). For any enquires, please contact Dr. Patrick Hung (patrick.hung AT uoit.ca). Supported by Faculty of Business and Information Technology (FBIT) - Version 1.0 See you at PST 2006!