About
Advance Program
Invited Speakers
Call for Papers
Important Dates
Accepted Papers
Program Committee
Officers
Conference Location
Registration
Hotel Reservation
Since 1995

 

Maintained and
Sponsored by

Keynote Speakers

Virgil D. Gligor received his B.Sc., M.Sc., and Ph.D. degrees from the University of California at Berkeley. He taught at the University of Maryland between 1976 and 2007, and is currently a Professor of ECE at Carnegie Mellon University. Between 2007 and 2015 he was the co-Director of CyLab. Over the past forty years, his research interests ranged from access control mechanisms, penetration analysis, and denial-of-service protection, to cryptographic protocols and applied cryptography. Gligor was an editorial board member of several ACM and IEEE journals and the Editor in Chief of the IEEE Transactions on Dependable and Secure Computing. He received the 2006 National Information Systems Security Award jointly given by NIST and NSA, the 2011 Outstanding Innovation Award of the ACM SIG on Security Audit and Control, and the 2013 Technical Achievement Award of the IEEE Computer Society.

Title: Establishing and Maintaining Root of Trust on Commodity Computer Systems

Suppose that a trustworthy program must be booted on a commodity system that may contain persistent malware. For example, a formally verified micro-kernel, micro-hypervisor, or a subsystem obtained from a trustworthy provider must be booted on a computer system that runs Windows, Linux, or Android. Establishing root of trust assures the user that either the system is in a malware-free state in which the trustworthy-program boot takes place or the presence of malware is discovered, with high probability. Obtaining such an assurance is challenging because malware can survive in system states across repeated secure- and trusted-boot operations. These operations do not always have malware-unmediated access to device memories; e.g., memories of bring-your-own devices; e.g., keyboards, consoles, printers, routers, and sometimes even disk controllers. They certainly have no unmediated access to all memories of interconnected components of a personal home system, auto, etc. To date, concrete assurance for root-of-trust establishment has not been obtained on more complex systems than tablets or smartphones.

Establishing root of trust is important because makes all persistent malware ephemeral and forces the adversary to repeat the malware-insertion attack, perhaps at some added cost. Nevertheless, some malware-controlled software can always be assumed to exist in commodity operating systems and applications. The inherent size and complexity of their components (aka the "giants") render them vulnerable to successful attacks. In contrast, small and simple software components with rather limited function and high-assurance layered security properties (aka the "wimps") can be resistant to attack. Maintaining root of trust assures a user that a commodity computer's wimps are isolated from, and safely co-exist with, adversary-controlled giants. To survive, secure wimps must use services of, or compose with, insecure giants. This appears to be "paradoxical:" wimps can counter all adversary attacks but survive only if they use adversary-controlled giants from which they have to defend themselves.

In this presentation, I will illustrate the challenges of root-of-trust establishment via "verifiable boot" operations unconditionally; i.e., without secrets, privileged modules (e.g., TPMs), or adversary bounds. Then, I will present a method to define a wimp's adversary accurately and completely using a structure found in cryptographic protocols. A desirable consequence of such definitions is the ability to produce partial orders on adversary attacks. Finally, I will present secure wimp composition with giants, via two examples of experimental systems (i.e., on-demand isolated I/O channels and a trusted display service) designed and implemented at CMU's CyLab.


Robert H. Deng is Professor at the School of Information Systems, and Director of Secure Mobile Centre, Singapore Management University (SMU). Prior to joining SMU in 2004, he was Principal Scientist and Manager of Infocomm Security Department, Institute for Infocomm Research, Singapore. His research interests include data security and privacy, multimedia security, network and system security. He has served/is serving on the editorial boards of many international journals, such as IEEE Transactions on Information Forensics and Security, IEEE Transactions on Dependable and Secure Computing, and the International Journal of Information Security. He is the chair of the Steering Committee of the ACM Asia Conference on Computer and Communications Security (ASIACCS). He received the University Outstanding Researcher Award from the National University of Singapore in 1999 and the Lee Kuan Yew Fellow for Research Excellence from the Singapore Management University in 2006. He was named Community Service Star and Showcased Senior Information Security Professional by (ISC)^2 under its Asia-Pacific Information Security Leadership Achievements program in 2010. He is Fellow of IEEE.

Title: Achieving End-to-End Security in Mobile Computing

In a remarkably short time, mobile computing capability has become a fundamental feature in the lives of billions of people, who have developed an unprecedented reliance on smart phones and tablets compared to any previous computing technology. With the trend of bring your own device, mobile devices are increasingly used to access and store sensitive corporate information as well. However, value and risk are intertwined. Not only do mobile devices and applications present a unique set of risks to personal privacy, they also pose new security challenges to enterprise information systems. This talk will provide an overview of the research activities conducted in the Secure Mobile Center at the Singapore Management University, from techniques to fortifying mobile platforms, mobile malware analysis and detection, scalable access control of encrypted data in the cloud, to secure and usable authentication schemes in mobile computing.


Dr. Bhavani Thuraisingham is the Louis A. Beecherl, Jr. Distinguished Professor of Computer Science and the Executive Director of the Cyber Security Research and Education Institute (CSI) at The University of Texas at Dallas. She is an elected Fellow of IEEE, the AAAS, the British Computer Society, and the SPDS (Society for Design and Process Science). She received several prestigious award including IEEE Computer Society's 1997 Technical Achievement Award for "outstanding and innovative contributions to secure data management", the 2010 ACM SIGSAC (Association for Computing Machinery, Special Interest Group on Security, Audit and Control) Outstanding Contributions Award for "seminal research contributions and leadership in data and applications security for over 25 years" and the SDPS Transformative Achievement Gold Medal for her contributions to interdisciplinary research. She has unique experience working in the commercial industry (Honeywell), federal research laboratory (MITRE), US government (NSF) and academia and her 35 year career includes research and development, technology transfer, product development, program management, and consulting for the federal government. Her work has resulted in 100+ journal articles, 200+ conference papers, 100+ keynote and featured addresses, eight US patents (three pending) and fifteen books (one pending). She received the prestigious earned higher doctorate degree (DEng) from the University of Bristol England in 2011 for her published work in secure data management since her PhD. She has been a strong advocate for women in computing and has delivered featured addresses at events organized by the CRA-W (Computing Research Association) and SWE (Society for Women Engineers).

Title: Cloud-centric Assured Information Sharing

This presentation will describe our research and development efforts in assured cloud computing for the Air Force Office of Scientific Research. We have developed a secure cloud computing framework as well as multiple secure cloud query processing systems. Our framework uses Hadoop to store and retrieve large numbers of RDF triples by exploiting the cloud computing paradigm and we have developed a scheme to store RDF data in a Hadoop Distributed File System. We implemented XACML-based policy management and integrated it with our query processing strategies. For secure query processing with relational data we utilized the HIVE framework. More recently we have developed strategies for secure storage and query processing in a hybrid cloud. In particular, we have developed algorithms for query processing wherein user’s local computing capability is exploited alongside public cloud services to deliver an efficient and secure data management solution. We have also developed techniques for secure virtualization using the XEN hypervisor to host our cloud data managers as well as an RDF-based policy engine hosted on our cloud computing framework. Finally we have developed a secure social media framework hosted on our secure cloud computing framework.

The presentation will discuss our secure cloud computing framework for assured information sharing and discuss the secure social media framework. We will then discuss the relationship to big data security and privacy aspects and connect our research to Secure Internet of Things with a special emphasis on data privacy.


Copyright (c) ACM SACMAT All rights reserved.