NSPW, 2005.

• Proceedings of New Security Paradigms Workshop Lake Arrowhead, CA. September 20-23, 2005.

Internet Instability and Disturbance: Goal or Menace?

• biological analogy for virus and worm outbreaks.
• propose that the practice of deliberately and preiodically destabilizing the system via the release of Malicious Mobile Code (MMC) (the author has no control after its release) may in fact result in higher overall system stability.

Use of Diversity as a Defense Mechanism

• panel discussion

Insider thread

• panel discussion

Divide and Conquer: The Role of Trust and Assurance inthe Design of Secure Socio-Technical Systems

• HCI
• argue that distinguishing between trust and assurance yields a wider range of strategies for ensuring dependability of the human element in a secure socio-technical system.

Pass-thoughts: Authenticating with Our Minds

• Brain-Computer Interface (BCI): a new type of HCI, a user transmitting thoughts directly to a computer.
• a user authenticate to a device by transmitting a thought
• require NO interpretation of the brain signals
• benefit: obvious, disadvantges: hardware (electrodes)

Message Authentication by Integrity with Public Corroboration

• opposite of "security by obsecurity"
• security by publicity
• opposite of using authentication as the basis for access control
• use access conrtol/integrity as the basis for authentication
• security by integrity
• authentication are based on corroboration (cross-checking publically available info)
• non-cryptographic

Flooding and Recycling Authorizations

• modern access control mostly follow the request-response paradigm, synchronous RPC etc.
• make it asynchronous, and utilize the low cost of CPU resources and network bandwidth by speculatively pre-compute and publish "junk" authorizations. Those authorizations that are needed will be readily available with virtually no latency, ultimiately improving the end-user's experience.
• publish-subscribe architecture.

Principle-Driven Forensic Analysis

• lack of tools that consider data from user space/context (what a program is reading/writing to memory) and lack of automated analysis
• 5 major principles and principle-based tools: logging and auditing
• interrrups, traps, memory allocations, files, events and context of both the kernel and user space.
• using hypervisor, binary rewriter, compiler modifications...

Visual Security Protocol Modeling

• problem: existing model-driven paradigm not good for security protocols: seqncues of interactions between principals.
• solution: visual modeling

Empirical Privilege Profiling

• principle fo least privilege
• find out the least priviledge a program need by tracking its actual use of resources
• white-box (source), gray-box(prog stack), black-box approaches (binary, kernel calls).
• privileg profile: pair (resource, {access right})
• program behavior profiles are important topics for anomaly-based IDS.

Speculative Virtual Verification: Policy-Constrained Speculative Execution

• design of computer architectures is usually performance-driven.
• Speculative Virtual Verification (SVV): speculative execution of code based on high-level security and safety constraints. Automated response by rewriting the instruction stream.

-- QiLiao - 09 Apr 2008