Sorry if you receive multiple copies.

Late seminar announcement. This e-mail contains two seminar announcements and the speaker's profile.

Thursday Nov 2, 14.15 - 16.00 (Local in Key building. Room number will be announced later) - -------------------------------------------------------------- Dynamic Security in Communication Systems // ph.D. thesis 1999

As of now, the provision of security (confidentiality, integrity, and authenticity) is an all-or-nothing issue. Todays communication subsystems offer no mechanisms to fine-tune the strength of offered security and have applications use just the right amount to deter attackers.

In this talk, dynamic aspects of security in communication systems are explored. This covers Quality of Service (QoS) models and requirements for security, secure multimedia protocols, and peer and component authentication. Each of these issues is examined, and their dynamic properties are shown. In essence, it is shown that it is possible to provide fine-grained, scalable security to applications and allow them to select at runtime the required amount of processing overhead necessary to achieve sufficient security.

Friday, Nov 3, 10.15 - 12.00 (local ESTRADEN at E-building) - ----------------------------------------------------------- Supernets (Virtual Enterprise Networks) // ACSAC 2000

We present a vision of computing environments in which enterprise networks are built using untrusted public infrastructures. The vision allows for networks to dynamically change depending on the need of their users, rather than forcing the users to build organizations around networks. This vision is realized through a design abstraction called 'Virtual Enterprise Networking', or short Supernets. A first prototype of such a Supernet has been implemented on Linux.

The talk describes vision and properties of Supernets, and then outlines the different components of the implemented architecture. This covers the security mechanisms behind Supernets, the address translation mechanisms, and the Linux kernel modifications to achieve, among others, sandboxing properties. Some aspects of secure storage are also explored.

About the speaker: - ----------------------- Germano Caronni (IEEE/ACM) received his PhD in Computer Science from ETH Zuerich. Germano was one of the first to invent a process to watermark images, participated in the IETF (IPSEC), led the independent implementation effort for SKIP (secure TCP/IP) and its integration into an adaptive firewall. In 1997, he won the RC5/48 challenge of RSA DSI.

Since late 1997, Germano has been with Sun Microsystems, where he has introduced a novel solution to secure multicasting, worked on authentication frameworks, and participated in the design of an overall security architecture for Suns' products. He is currently a member of the Security Research group in the Sun Labs, and working in the realm of communication and storage security and key management systems.