About
Advance Program
Invited Speakers
Call for Papers
Important Dates
Accepted Papers
Program Committee
Officers
Conference Venue
Registration
Hotel Information
Travel Information
Since 1995

 

Maintained and
Sponsored by

Keynote Speaker

Seraphin Calo is a Principal Research Staff Member at IBM Research and currently manages the Network Science group within that organization. He received the M.S., M.A., and Ph.D. degrees in electrical engineering from Princeton University, Princeton, New Jersey. He has worked, published, and managed research projects in a number of technical areas, including: queueing theory, data communications networks, multi-access protocols, expert systems, policy based computing, and complex systems management. Dr. Calo was a leading member of the IBM team that won and continues to work on government sponsored research programs in information science. He has been very active in international conferences, particularly in the systems management and policy areas. Dr. Calo has authored more than one hundred technical papers and has a number of United States patents (26 issued). He has received six IBM Research Division awards, and twelve IBM Invention Achievement awards.

Title: Distributed Intelligence - Trends in the Management of Complex Systems

The ability to incorporate intelligence in even small devices and to make use of contextual information from widely deployed sensors has already begun to change management paradigms. As edge computing and IoT devices become more prevalent, systems will increasingly consist of cooperating, heterogeneous, distributed, autonomous elements. Architectures for cognitive, collaborative systems are evolving to deal with such complex environments. Concepts from multi-agent systems and autonomic computing are being applied to cope with the scope and breadth of large collections of interacting devices and services. Technologies for security and access control must evolve as well. Policy-based mechanisms are widely used and have been very successful in protecting information and controlling access to systems and services. They tend to rely, however, on a centralized infrastructure and on the automated enforcement of directives. Newer paradigms are being investigated that allow policy structures to be more dynamic and contextual, while still preserving the desired levels of control. We will present trends in the evolution of architectures for distributed, federated systems, and the technologies for managing them.


Marten van Dijk is the Charles H. Knapp Associate Professor at the Electrical and Computer Engineering department at the University of Connecticut. He has over 15 years of experience in system security research in both academia (MIT and UConn) and industry (Philips Research and RSA Laboratories). At MIT he was part of the team that introduced the first circuit realizations of Physical Unclonable Functions (PUFs) which received the A. Richard Newton Technical Impact Award in Electronic Design Automation (ACM & IEEE) in 2015, and the team that designed Aegis, the first single-chip secure processor that verifies integrity and freshness of external memory which was selected for inclusion in "25 years of International Conference on Supercomputing" in 2014. His work on a simple and efficient Oblivious RAM received a best student paper award at CCS 2013. The IRIS authenticated file system with proofs of retrievability received the NYU-Poly AT&T Best Applied Security Paper Award, 3rd place, 2012. His work on fully homomorphic encryption over the integers was nominated (1 out of 3) for best paper award at Eurocrypt 2010. Marten is associate editor of the IEEE Transactions on Computers and the IEEE Transactions on Trusted and Dependable Secure Computing.

Title: Leveraging Hardware Isolation for Process Level Access Control & Authentication

Critical resource sharing among multiple entities in a processing system is inevitable, which in turn calls for appropriate authentication and access control mechanisms to be in place. Generally speaking, these mechanisms are realized in the form of software "policy checkers" that enforce certain "rules" depending upon the application. Whether implemented separately as operating system modules or embedded inside the application, these policy checkers expose additional attack surface besides the application software itself. In order to protect the application software from the external adversaries, modern secure processing platforms, such as Intel's flagship architecture SGX, employ hardware isolation principles that offer secure containers or enclaves to run the sensitive code. We extend this model one step further and propose to leverage the same hardware isolation mechanisms to shield the authentication/access control policy checker software. While mostly relying on the fundamental features of the current secure processors, our framework introduces minimal extensions to these architectures which not only offer a guarded environment to execute the policy checkers, but also give the application designer a much richer information set to customize the policy checker software.


Copyright (c) ACM SACMAT All rights reserved.