Sorry if you receive multiple copies.
Late seminar announcement.
This e-mail contains two seminar announcements and the speaker's profile.
Thursday Nov 2, 14.15 - 16.00 (Local in Key building. Room number will be announced later)
- --------------------------------------------------------------
Dynamic Security in Communication Systems // ph.D. thesis 1999
As of now, the provision of security (confidentiality, integrity, and
authenticity) is an all-or-nothing issue. Todays communication
subsystems offer no mechanisms to fine-tune the strength of offered
security and have applications use just the right amount to deter
attackers.
In this talk, dynamic aspects of security in communication systems
are explored. This covers Quality of Service (QoS) models and
requirements for security, secure multimedia protocols, and peer and
component authentication. Each of these issues is examined, and their
dynamic properties are shown. In essence, it is shown that it is
possible to provide fine-grained, scalable security to applications
and allow them to select at runtime the required amount of processing
overhead necessary to achieve sufficient security.
Friday, Nov 3, 10.15 - 12.00 (local ESTRADEN at E-building)
- -----------------------------------------------------------
Supernets (Virtual Enterprise Networks) // ACSAC 2000
We present a vision of computing environments in which enterprise
networks are built using untrusted public infrastructures. The vision
allows for networks to dynamically change depending on the need of
their users, rather than forcing the users to build organizations
around networks. This vision is realized through a design abstraction
called 'Virtual Enterprise Networking', or short Supernets. A first
prototype of such a Supernet has been implemented on Linux.
The talk describes vision and properties of Supernets, and then
outlines the different components of the implemented architecture.
This covers the security mechanisms behind Supernets, the address
translation mechanisms, and the Linux kernel modifications to
achieve, among others, sandboxing properties. Some aspects of secure
storage are also explored.
About the speaker:
- -----------------------
Germano Caronni (IEEE/ACM) received his PhD in Computer Science from
ETH Zuerich. Germano was one of the first to invent a process to
watermark images, participated in the IETF (IPSEC), led the independent
implementation effort for SKIP (secure TCP/IP) and its integration into
an adaptive firewall. In 1997, he won the RC5/48 challenge of RSA DSI.
Since late 1997, Germano has been with Sun Microsystems, where he has
introduced a novel solution to secure multicasting, worked on
authentication frameworks, and participated in the design of an overall
security architecture for Suns' products. He is currently a member of
the Security Research group in the Sun Labs, and working in the realm
of communication and storage security and key management systems.