Dieter Gollmann
Paul Kearney
Frank Piessens
  • Dieter Gollmann, Veracity, Plausibility, and Reputation
    ABSTRACT: The canonical IT security properties are geared towards infrastructure security. The task of an infrastructure security service is completed once data has been delivered to the application. When false data is submitted to the infrastructure, false data will be delivered securely. To secure an application, one thus may have to go beyond securing the infrastructure and in addition provide mechanisms for detecting false data. We propose veracity as a new security property relevant at the application level. We examine examples for veracity mechanisms from network management and conclude with a discussion of security in cyber-physical systems.
    Prof. Dieter Gollmann received his Dipl.-Ing. in Engineering Mathematics (1979) and Dr.tech. (1984) from the University of Linz, Austria, where he was a research assistant in the Department for System Science.
    He was a Lecturer in Computer Science at Royal Holloway, University of London, and later a scientific assistant at the University of Karlsruhe, Germany, where he was awarded the 'venia legendi' for Computer Science in 1991. He rejoined Royal Holloway in 1990, where he was the first Course Director of the MSc in Information Security. He joined Microsoft Research in Cambridge in 1998. In 2003, he took the chair for Security in Distributed Applications at Hamburg University of Technology, Germany.
    Dieter Gollmann is the acting editor-in-chief of the International Journal of Information Security and an associate editor of the IEEE Security & Privacy Magazine. His textbook on 'Computer Security' has appeared in its third edition.

  • Paul Kearney, Towards a C2I platform for combatting the cyber-threat.
    ABSTRACT: In my talk, I outline a number of cyber-attacks that have been reported in recent years, and examine the vulnerability of organisations and critical infrastructure to them. I then discuss an approach to combating cyber-threats that integrates specialised tools within a managed service platform to create a command, control an intelligence (C2I) system used to co-ordinated defences against a diverse collection of resourceful and persistent opponents. The discussion is illustrated with examples from BT research and development projects. Such a system will have to be refreshed and up-graded regularly to keep pace with challenges such as:
    • The escalating arms race against threat agents,
    • Innovations in technology and business practice,
    • Changing regulations and compliance demands,
    • A cyber-Moore's Law that dictates a continual shrinking of required response times.
    Ultimately it will need to be adaptive and to learn from experience.
    Paul Kearney is Chief Security Researcher in the Security Futures Practice, BT Innovate & Design. He joined BT in 1997 having previously worked in the personal electronics and defence aerospace industries. Paul has specialised in information security and business continuity research since 2001. His main research focus at the moment is cyber security. Other interests include methodologies for secure systems engineering, and holistic approaches to enterprise security and resilience. Paul has played a leading role in several European collaborative research projects. He is a Certified Information System Security Professional (CISSP), a Member of the Institute of Information Security Professionals (MInstISP), and holds the Certificate of the Business Continuity Institute (CBCI).

  • Frank Piessens, Recent developments in low-level software security.
    ABSTRACT: An important objective for low-level software security research is to develop techniques that make it harder to launch attacks that exploit implementation details of the system under attack. Baltopoulos and Gordon have summarized this as the principle of source-based reasoning for security: security properties of a software system should follow from review of the source code and its source-level semantics, and should not depend on details of the compiler or execution platform.
    Of course, whether the principle holds (or to what degree it holds) for a particular system depends on the attacker model. If an attacker can only provide input to the program under attack, then the principle holds for any safe programming language. However, for more powerful attackers that can load new compiled code into the system, the principle of source based reasoning typically breaks down completely.
    In this talk, we discuss some exciting recent developments in low-level software security that hold the promise to restore source based reasoning even against attackers that can load arbitrary machine code.
    Frank Piessens is a professor in the Department of Computer Science at the Katholieke Universiteit Leuven, Belgium. His research field is software security, where he focuses on the development of high-assurance techniques to deal with implementation-level software vulnerabilities and bugs, including techniques such as software verification, run-time monitoring, type systems and programming language design.