November 2005

Stevens, Columbia and IBM to hold Security & Privacy Day

Meeting will discuss problems and solutions in cyber security

HOBOKEN, N.J. -- Stevens Institute of Technology, Columbia University and IBM Research have joined together to organize "Security and Privacy Day," Monday, Nov. 14 at Stevens. The all-day meeting, which will be held in the Bissinger Room, on the fourth floor of the Wesley J. Howe Center, brings together researchers and practitioners in government, academia and industry, who will discuss problems and possible solutions in cyber security, both for e-commerce and homeland security. A particular emphasis of the meeting is to bring together those interested in communications security and end-to-end security.

The morning keynote talk will be delivered by Joan Feigenbaum, a Professor in the Computer Science Department at Yale University, who will discuss progress on the Privacy Obligations and Rights in Technologies of Information Assessment (PORTIA) project. Stevens researchers are also active collaborators in PORTIA, which funded by the National Science Foundation (NSF) under its Information Technology Research Program.

Sotiris Ioannidis, a researcher at Stevens, will speak on Consistent Security Policy Evaluation. He will discuss the problem of security policy consistency in decentralized heterogeneous systems. To avoid failures, security policy must be maintained in a consistent state across the multitude of system elements. Ioannidis' approach maintains consistency in such environments by examining security policies against each other, from the highest level of abstraction all the way to the mechanism specifics. Policies are checked both statically and dynamically, as the system evolves, and inconsistencies and policy failures are reported back to the policy administrator.

Moti Yung, a visiting senior research scientist at Columbia and director, Advanced Authentication Research at RSA Security, will present Kleptography: Cryptographic Attacks on Cryptographic Systems and their Trust Implications. The presentation will cover Kleptographic attacks whereby black box cryptographic systems are attacked by the careful employment of other cryptographic means to create backdoors that are both undetectable and protected against reverse engineering. Implications to testing and trust regarding cryprosystems will be discussed as well.

The afternoon keynote talk, .NET Framework Security: Lessons Learned from Five Years of Shipping Partially-Trusted Code, will be given by Brian LaMacchia, a software architect at Microsoft Research. Following a coffee break and poster session, Mariangiola Dezani-Ciancaglini, Universita di Torino, will speak on A Distributed Object-Oriented Language with Session Types. The talk proposes the language Ldoos, a simple distributed object-oriented language augmented with session communication primitives and types. Ldoos provides a flexible object-oriented programming style for structural interaction protocols by prescribing channel usages within signatures of distributed classes.

Adriana Compagnoni, an Associate Professor of Computer Science at Stevens, will close the program with her presentation, Mobile Access Control. The increasing demands for mobile communications in our society have inspired the academic community to study access control mechanisms in the presence of mobility. In Role-Based Access Control (RBAC), a given user is assigned a collection of roles (e.g., employee, faculty, student, etc.). In turn, each role is assigned a collection of access privileges. A user gains access to a resource by activating a role which has the necessary privileges. Mobility adds a new dimension to RBAC, since the services available to a given user also depend on the location of the user, agreements between parties, and the technology underlying the connection. Her presentation is based on joint work with Elsa Gunter, Research Associate Professor at the University of Illinois at Urbana-Champaign.

In addition to the technical talks, the event will also feature research posters and security demos from students and IBM researchers.

The organizing committee members include, from Stevens, Professors Adriana Compagnoni, Dominic Duggan, David Naumann, Susanne Wetzel and Rebecca Wright, and Vugranam Sreedhar (IBM Research) and John Ioannidis (Columbia). Sponsors include Stevens Technogenesis® Fund, the Imperatore School of Sciences and Arts, IBM Research and the PORTIA project. For more information, please contact Dominic Duggan via e-mail at dduggan@cs.stevens.edu.

About Stevens Institute of Technology
Established in 1870, Stevens offers baccalaureate, masters and doctoral degrees in engineering, science, computer science, management and technology management, as well as a baccalaureate in the humanities and liberal arts, and in business and technology. Located directly across the Hudson River from Manhattan, the university has enrollments of approximately 1,780 undergraduates and 2,700 graduate students, and a current enrollment of 2,250 online-learning students worldwide. Additional information may be obtained from its web page at www.Stevens.edu.
For the latest news about Stevens, please visit www.StevensNewsService.com.