CySeP '14 Technical Program

 

The calendar below shows the schedule for the CySeP Winter School.

 

 

 

Talks, Panels and Tutorials

 

Day 1, Talk 1 (9:00-10:15)

Speaker: Pierangela Samarati (University of Milano, Italy)

Title: Confidentiality and integrity for data in the cloud

Abstract: The rapid advancements in Information and Communication Technologies (ICTs) have enabled the emerging of the “cloud” as a successful paradigm for conveniently storing, accessing, processing, and sharing information. With its significant benefits of scalability and elasticity, the cloud paradigm has appealed companies and users, which are more and more resorting to the multitude of available providers for storing and processing data. Unfortunately, such a convenience comes at a price of loss of control over these data and consequent new security threats that can limit the potential widespread adoption and acceptance of the cloud computing paradigm. In this talk, I will illustrate some security and privacy issues arising in the cloud scenario, focusing in particular on the problem of guaranteeing confidentiality and integrity of data stored or processed by external providers.

 

Day 1, Talk 2 (10:45-12:00)

Speaker: Yvo Desmedt (University of Texas, Dallas, USA)

Title: Secret Sharing and its Applications

Abstract: Originally secret sharing was a technique used to enforce the policy that no single party could open a vault. Since 1979 the technique allows to distribute information (called shares) about a secret such that only authorized subsets of participants can recover the original secret and unauthorized ones cannot. Secret sharing is now the foundation of threshold cryptography, a technique that allows to reduce trust in a cryptographic implementation and/or in these that own the secret keys to operate it. Other applications include reliable and private communication, called Private and Secure Message Transmission and Secure Multiparty Computation. Secret sharing has also been considered in very broad contexts, such to secure the cloud, for law enforcement applications, to fight side channels, etc.
In this lecture we explain the foundations of secret sharing, and several constructions using both combinatorics as well as algebra. We also discuss some of the applications listed earlier.

 

Day 1, Talk 3 (13:00-14:15)

Speaker: Moti Yung (Google, USA)

Title: Foot in the Cloud's Door: Cryptography for Evolving Ecosystems

Abstract: Computational paradigms nowadays change, and global systems over the word-wide networks evolve. Systems have to take this into account scale, growth, software agility, and increased scope. Building and maintaining active systems is an important part of the cloud, network computing, web services, etc. Cryptography as part of an active software system (rather than cryptography as usually designed, as an essentially mathematical field by itself) has to consider the existing and future constraints, the scale, the evolution, and the enhanced scope of successful systems. Actual customized cryptographic components that are secure, based on solid theory, yet are suitable for the new style of system global nature and evolution are needed (beyond existing black-box crypto), while, on the other hand, no methodology for such components exist (the often recited "designing security from the start," hardly applies!) In this talk, I will review my experience regarding how the cryptographic protection of Google's global platform for display ads auctions (AdX) has been designed and evolved over the last few years; and will draw analogy about design methodology of actual useful security in the setting of systems that, by nature, change.

 

Day 1, Talk 4 (14:45-16:00)

Speaker: Ahmad-Reza Sadeghi (Darmstadt Technical University, Germany)

Title: Beasty Memories: The Quest for Practical Defense against Code Reuse Attacks

Abstract: Code reuse attacks, such as Return-oriented Programming (ROP), are elegant techniques that exploit software program vulnerabilities to redirect program control logic within applications. In contrast to code injection attacks, ROP maliciously combines short instruction sequences (gadgets) residing in shared libraries and the application's executable. Even after three decades the security vulnerabilities enabling these attacks still persist, and the cat and mouse game plays on. To date, ROP has been applied to a broad range of architectures (including Intel x86, SPARC, Atmel AVR, ARM and PowerPC). As a consequence, a variety of defenses have been proposed over the last few years, most prominently code randomization (ASLR) techniques and control- flow integrity (CFI). Particularly, constructing practical CFI schemes has recently become a hot topic of research, as it promises the most general mitigation methodology.
In this talk, we go on a journey through the space of return-oriented programming (ROP) attacks and defenses. We investigate the security of various defense technologies proposed so far with particular focus on control- flow integrity (CFI). The quest for practical CFI solutions has led to a number of so-called coarse-grained CFI proposals. Unfortunately, as we show, all these approaches suffer from various weaknesses and can be bypassed under weak assumptions. Finally, we discuss new research directions on designing protection mechanisms against code reuse attacks, including our current work.

 

Day 2, Talk 1 (9:00-10:15)

Speaker: Jan Camenisch (IBM Research, Switzerland)

Title: Anonymous Credentials - From Theory to Practise

Abstract: Anonymous credentials allow users to authenticate without identifying themselves by revealing only the necessary attributes. In this talk, we will follow the path of anonymous credentials from the cryptographic algorithms to their use in practical systems. To this end, we will fist present the different features of anonymous credentials, give an overview of the possible cryptographic realisations of these features. We will then discuss how to integrate the crypto algorithms into attribute-based access control system, including the necessary policy languages and software components. Finally, we will show a life demonstrator of the technology.

 

Day 2, Talk 2 (10:45-12:00)

Speaker: N. Asokan (Aalto University, Finland)

Title: Technology Transfer from Security Research Projects: A Personal Perspective

Abstract: Taking research results from the lab to the real world is a challenge in any field. Security research is no exception. In this talk, I will describe several security research projects that my colleagues and I have participated in during my stint in industrial research laboratories. For each project, I will describe the motivations that led to the project, briefly outline the technical solutions we came up with and discuss our experience in trying, and sometimes succeeding, to transfer research results from these projects for productization and deployment. From these experiences, I will attempt to draw some lessons for technology transfer of security research results.

 

Day 2, Talk 3 (13:00-14:15)

Speaker: Florian Kerschbaum (SAP, Germany)

Title: Technology Transfer from a Large Corporation Industrial Research Lab

Abstract: The Karlsruhe team of SAP Security Research spent the last two years on a major technology transfer in client-controlled encrypted databases. Florian has been the chief architect responsible for the technical direction of the project. The project is very successful in terms of reception within the company and the academic community compared to many previous efforts by SAP. In this talk he will give a recap of his experiences in terms of how to select a topic, how to run the project and the role of management.

 

Day 2, Talk 4 (14:45-16:00)

Speaker: Refik Molva (EURECOM, France)

Title: Selected Topics in Cloud Computing Security

Abstract: With the advent of cloud computing, outsourcing of data storage and computation became very popular. Despite well known advantages such as high performance and elasticity at reduced cost for ownership and maintenance, outsourcing and cloud computing suffer from various security and privacy breeches. In this presentation we will focus on some research results about the confidentiality and integrity of data storage based on cloud computing whereby the attacks against confidentiality and integrity can be perpetrated by the potentially malicious cloud service provider as well as third party intruders.
Research on data confidentiality as discussed in the talk tackles the problem of handling encrypted data stored in the cloud along two directions: a scheme that allows the cloud provider to search for words in an encrypted database in a privacy-preserving manner and an approach that allows the cloud provider to perform data reduction on encrypted files using the widespread de-duplication technique. As with integrity, the problem of data retrievability with untrusted cloud providers and a solution for proof of retrievability will be presented.

 

Day 3, Talk 1 (9:00-10:15)

Speaker: Ravi Sandhu (University of Texas, San Antonio, USA)

Title: Attribute Based Access Control Models

Abstract: This talk will review recent developments in attribute-based access control (ABAC). The ongoing authorization leap from rights to attributes offers numerous compelling benefits. Decisions about user, subject, object and context attributes can be made relatively independently and with suitable decentralization appropriate for each attribute. Policies can be formulated by security architects to translate from attributes to rights. Dynamic elements can be built into these policies so the outcomes of access control decisions automatically adapt to changing local and global circumstances. On the benefits side this leap is a maturation of authorization matching the needs of emerging cyber technologies and systems. On the risks side devolving attribute management may lead to attributes of questionable provenance and value, with attendant possibility of new channels for social engineering and malware attacks. We argue that the potential benefits will lead to pervasive deployment of attribute-based access control, and more generally attribute-based security. The cyber security research community has a responsibility to develop models, theories and systems which enable safe and chaos-free deployment of ABAC. This is a current grand challenge for access control researchers.

 

Day 3, Talk 2 (10:45-12:00)

Speaker: Radia Perlman (EMC, USA)

Title: How to build an insecure system out of perfectly good cryptography

Abstract: The world does not need insecure cryptographic algorithms in order to design, build, and deploy insecure systems. This talk gives examples of types of weaknesses that are generally neglected when thinking about designing networked systems. For instance, standards bodies might spend years fighting over the exact syntax of messages, but leave it as an exercise to the world to determine which chains of trust should be considered secure. We'll include as many diverse, fun, and scary examples as time allows.

 

Day 3, Talk 3 (13:00-14:15)

Speaker: Charlie Kaufman (Microsoft, USA)

Title: Security and Privacy Challenges Operating a Public Cloud Service

Abstract: Most of the challenges facing operators of a public cloud service are extensions of those facing anyone operating a public facing service, namely protecting the service from a wide range of different sorts of attacks that could be mounted from the outside like SQL injection, exploitation of buffer overruns in applications or in operating systems, denial of service attacks, and impersonation of external users. These now become shared responsibilities, where the cloud provider and the application owners each have to do their part.
But some challenges are new, like protecting application owners from one another and preventing cloud resources from being used to mount high bandwidth attacks against third parties out on the Internet. In some ways, operating a public cloud service is like operating an ISP. To be a good citizen on the network, the provider must detect and prevent misbehavior on the part of its customers. The provider must do this, however, without breaking any of the privacy guarantees it has made to its customers with respect to blocking provider administrators from accessing customer data. The provider has to be able to detect customer misbehavior without looking too closely at legitimate customer behavior.
This talk looks at these challenges even as they are rapidly unfolding before us and suggests which problems require careful engineering and which remain elusive research problems.

 

Day 3, Tutorial 1 (14:45-16:00)

Speaker: Milan Petkovic (Philips, Netherlands)

Title: Policy Management and Enforcement

Abstract: We are living in digital era, in which data sharing and distributed computing play a crucial role. However concerns about information security and privacy are creating big obstacles and hindering the proper use of big data. In this tutorial we will make an overview of policy languages, authorization models and techniques for policy management and enforcement. The overview and theoretical introduction to the technologies such as XACML or Attribute-Based Encryption will be complemented with practical trainings.

 

Day 4, Talk 1 (9:00-10:15)

Speaker: Keith Martin (Royal Holloway University of London, UK)

Title: Why cyber security is hard

Abstract: In this talk we will examine some of the challenges we face in providing a practical notion of cyber security. In particular we will look at the role of teaching and research in delivering the ideas and skills that society requires in order to secure cyberspace.

 

Day 4, Talk 2 (10:45-12:00)

Speaker: Valtteri Niemi (University of Turku, Finland)

Title: Design of security architectures for mobile systems

Abstract: We take a brief look at security architectures of 2G, 3G and 4G cellular systems, and put a focus on various design decisions made for each system. Trade-offs between cost, security and usability are explained. In addition, we discuss other factors that affect design decisions, e.g. techno-political issues, regulatory requirements and time schedules of standardization. The talk is about security features specified by 3GPP for 3G and 4G, and by ETSI for 2G. In the end, some challenges and future design decisions for 5G systems are also briefly covered.

 

Day 4, Talk 3 (13:00-14:15)

Speaker: Bart Preneel (Katholieke Universiteit Leuven, Belgium)

Title: Cryptogaphy and Information Security in the post-Snowden era

Abstract: In June 2013 Snowden has transferred a set of sensitive documents to journalists, resulting in a continuous stream of revelations on mass surveillance by governments. In this talk we present an overview of these revelations; we also discuss their impact on our understanding of mass surveillance practices and the security of ICT systems. In particular, we discuss the known ways in which sophisticated attackers can bypass or undermine cryptography. We conclude by analyzing how these revelations affect future research in information security and privacy.

 

Day 4, Tutorial 2 (14:45-17:30)

Speaker: Xavier Larduinat (Gemalto, France)

Title: Key principles for Devices security and Servers security: attacks and counter-measures

Abstract: This presentation is an overview of fundamental security principles both at the edge (the device in the user's hand) and the core (the back-office servers at the Services Provider's side). Physical attacks as well as software threats are described, re-emphasizing the need for both hardware tamper-resistance and software defenses. The objective of the presentation is to give all digital services developers a good first approach of key strategic defenses they should consider for all their projects. The presentation remains agnostic about specific solutions, brands or services. The focus is on risk assessment and the appropriate level of counter measures that should be deployed.
As a pre-requisite, this presentation will have a better impact on an audience with basic knowledge in security software, authentication mechanisms and servers architecture.

 

Day 5, Talk 1 (9:00-10:15)

Speaker: Jovan Golic (Telecom Italia, EIT ICT Labs)

Title: Cyber security and privacy

Abstract: Cyber security is typically viewed in terms of the attacks and defences in cyberspace. The current status and problems in the area of cyber security will be discussed. The main aspects and challenges of data privacy relating to the security and users' control of sensitive data in cyberspace will be pointed out. The strategy and priorities of the EIT ICT Labs Action Line on Privacy, Security & Trust will be then discussed. In particular, the following questions will be addressed: (i) how to counteract growing cyber attacks in efficient, timely, and cost-effective manner, (ii) how to implement proactive, security-by-design approach in order to make cyberspace more secure, (iii) how to implement proactive, privacy-by-design approach in order to resolve growing privacy problems in cyberspace, bridging the gaps between currently available techniques and practice, (iv) how to address data privacy and security in cloud services, and (v) how to address e-ID management in a simple, efficient, and privacy-aware manner.

 

Day 5, Talk 2 (10:45-12:00)

Speaker: Sebastien Gambs (University of Rennes, France)

Title: Towards privacy-preserving location-based services

Abstract: The advent of personal devices equipped with positioning, computational and communication capabilities, such as smartphones, has led to the large scale collection of the mobility data of individuals and the emergence of Location-Based Services (LBSs), which are personalized according to the position of the users. Examples of innovative LBSs include the search for neighboring services around the user, carpooling application dynamically matching a driver with a potential passenger or real-time traffic monitoring based on information sensed through users' smartphones, just to name a few.
However among all the personal data, learning the location of an individual is one of the greatest threat against his privacy. In particular, the mobility data of an individual can be used to learn the points of interests characterizing his mobility such as his home and place of work, to predict his past, current and future locations or even to discover his social network. In this talk, I will illustrate these risks by demonstrating how it is possible through inference attacks working on mobility traces to deduce other type of personal data. I will also discuss the protection mechanisms that can be used to mitigate these risks and to build privacy-preserving LBSs.

 

Day 5, Tutorial 3 (13:00-17:30)

Speaker: Jorge Lopez Hernandez-Ardieta (Indra, Spain) and Jose Maria de Fuentes (University Carlos III, Spain)

Title: Advanced simulator for cybersecurity experimentation and training

Abstract: This workshop is aimed at providing the attendees with a first-hand experience of the Indra's advanced simulator for cyber security experimentation and training. The simulator has been conceived as a solution for the technological experimentation and continuous training in cybersecurity, providing an advanced environment for improving the capabilities and skills to detect, react and respond to cyber attacks. The simulator is a solution still under development, funded by the Spanish Ministry of Economy and Competitiveness under the INNPACTO 2011 programme. Indra collaborates with the University Carlos III of Madrid and the University of Malaga in this project.
The workshop is split into three sessions. The first session will last 1 hour, and the attendees will be introduced to the fundamentals of computer forensics and steganography, with a particular emphasis on the concepts and techniques that underlie the training session. In the second session, a brief introduction to the simulator will be given along with its main capabilities, functionality and roadmap, and will take 45 minutes approximately. Lastly, in the training session, the attendees will have the chance to individually undertake a technical exercise titled "Data exfiltration in corporate environments", in which they will have to determine, as an experienced IT forensic examiner, how a particular criminal act took place in a fictitious entity of the financial sector.
The attendees are expected to spend 3-4 hours to solve the hands-on exercise, which has been designed to challenge experienced professionals. However, it should be noted that the simulator automatically monitors the student's performance, providing automated guidance in the case that the student gets stuck. Therefore, we are confident that both entry level students and experienced professionals will enjoy and learn from this experience.
The attendees are expected to bring their own laptop. The following tools are required for the correct completion of the exercise:

  • Firefox version 32 or later.
  • Exiftool
  • A text editor, such as Notepad++ or Editplus.
  • A regular PDF viewer (e.g. Adobe Acrobat Reader)
  • A regular file compression utility (e.g. WinRar, WinZip)

We suggest that the attendees install them in their laptops before the workshop.


Agenda:

  • Session 1: Introduction to Computer Forensics (1h)
  • Session 2: Introduction to the simulator (45 minutes)
  • Session 3: Hands-on exercise (3-4 hours)
  • Session 4: Debriefing (15 minutes)

Navigation

Registration

Venue Information

Social Events

List of accepted posters

Important Dates

Contact

Sponsored by