Technical Program – Thursday

8:30 Invited Essayist Rebecca Mercuri, Radcliffe Institute of Advanced Study, Harvard University, USA
Transparency and Trust in Computational Systems
10:00 BREAK

Session Chair: Dan Thomsen, Tresys Technology, USA

If A1 is the Answer, What was the Question? An Edgy Naïf's Retrospective on Promulgating the Trusted Computer Systems Evaluation Criteria
Marv Schaefer
Books With a Past
presented by Paul Karger, IBM

A Look Back at "Security Problems in the TCP/IP Protocol Suite"
Steven M. Bellovin
AT&T Labs -- Research


12:00 LUNCH
1:30 Middleware
Chair: David Chizmadia, Promia, Inc., USA

  • Vulnerabilities and Security Threats in Structured Overlay Networks: A Quantitative Analysis§, Mudhakar Srivatsa and Ling liu, Georgia Institute of Technology, USA
  • Securing Java RMI-based Distributed Applications§, Ninghui Li, Purdue University, USA, John Mitchell, Stanford University, USA, and Derrick Tong, Google, USA
  • .NET Security: Lessons Learned and Missed from Java§, Nathanael Paul and David Evans, University of Virginia, USA
  • Insider Threat
    Chair: LouAnna Notargiacomo, The MITRE Corporation, USA

  • Tracing the Root of "Rootable" Processes§, Amit Purohit, Vishnu Navda and Tzi-cker Chiueh, Stony Brook University, USA
  • Open-Source Applications of TCPA Hardware§, John Marchesini, Sean Smith, Omen Wild, Alex Barsamian and Josh Stabiner, Dartmouth College, USA
  • Security Policies to Mitigate Insider Threat in the Document Control Domain§, Suranjan Pramanik, Vidyaraman Sankarnarayanan and Shambhu Upadhyaya, University at Buffalo, USA
  • Security Foundations
    Chair: Ed Giorgio, Booz Allen Hamilton, USA

  • Framework Solution for Software Life Cycle Security, Bar Biszick-Lockwood, QualityIT, USA
  • Computer Forensics, Scott Greene, Great Scott Enterprises, Inc., USA
  • A real world look at practical implementation issues and solutions of Intrusion Prevention, Ralph Harvey, Prevx Inc., USA
  • 3:00 BREAK
    3:30 Network Security
    Chair: Simon Wiseman, QinetQ Ltd, UK

  • Nabs: A System for Detecting Resource Abuses via Characterization of Flow Content Type§, Kulesh Shanmugasundaram, Mehdi Kharrazi and Nasir Memon, Polytechnic University, USA
  • Static Analyzer for Vicious Executables (SAVE)§, Srinivas Mukkamala, Andrew Sung, Dennis Xu and Patrick Chavez, New Mexico Tech, USA
  • CTCP: A Centralized TCP/IP Architecture for Networking Security§, Fu-Hau Hsu and Tzi-cker Chiueh, SUNY at Stony Brook, USA
  • PANEL - The Cyber Enemy Within...Countering The Threat From Malicious Insiders
    Chair: Dick Brackney, Advanced Research and Development Activity, USA
  • Terrance Goan, Stottler, Henke Associates, USA
  • Shambhu Upadhyaya, University of Buffalo, USA
  • Allen Ott, Lockheed Martin, Orincon Information Assurance, USA
  • Managing Security
    Chair: Jean Schaffer, NSA, USA

  • Pentagon Increases Security with DigitalPersona Biometric Fingerprint Authentication Technology, Vance Bjorn, DigitalPersona, USA
  • US/NATO Interconnection for CJTF Exercises – Getting NATO into JTFEX, Rick Parker, NATO C3 Agency, Belgium
  • A Security Engineering Framework for Cross Domain Solutions, Art Wilson, Tresys Technology, USA
  • 5:00 ADJOURN
    § This symbol indicates papers that were anonymously peer reviewed by four or more reviewers before acceptance.

    [ Wednesday ] [ Friday ]