Constraints, Style and Focus of Industrial Security Research
Dr. Tzi-cker Chiueh - Constraints, Style and Focus of Industrial Security Research
Although there are many interesting research problems in cyber security, the computer security industry tends to focus only on a subset of them because of environmental constraints their products have to operate in, economic considerations on overall cost-effectiveness, and implementation complexity related to software engineering and product positioning. In this talk, I will discuss these issues by way of examples in the hope to shed some lights on the industrial security research world. In addition, I will dive deep into a particular area of research that is crucial to the entire security industry: Windows/Intel binary emulation, analysis and instrumentation.
Professor Emeritus Bill Caelli - National Information Infrastructure Protection (NIIP) and the Role of IDS
IDS has taken on major significance in relation to critical infrastructure protection (CIP) particularly when enterprise information systems are interconnected with data acquisition and control systems (DACS), such as SCADA based sub-systems, used to manage major utilities such as power, water etc. Compounding the information security problem is the fact that at the same time those enterprise information systems are facing two new and specific information assurance challenges imposed by an increasingly mobile workforce, using enterprise information systems from mobile phones, PDAs, laptop computers and the like through unprotected wireless access points, and the development of those enterprise systems around service oriented architectures (SOA) based on a web services (.Web 2.0.) structure. Placement, management, control and monitoring of IDS/IDP systems thus takes on new importance along with the policy, regulatory and legal environments under which they operate, particularly where the majority of a nation.s critical infrastructure and its associated national information infrastructure are privately owned and operated. Questions arise as to best usage of IDS/IDP systems in this environment along with the ethical and legal obligations placed upon enterprise management. This paper builds upon almost 5 years of experience in Australia.s Trusted Information Sharing Network (TISN) through its Information Technology Security Expert Advisory Group (ITSEAG) to analyse the technical and policy/legal aspects of IDS in the CIP/NIIP environment.
Student Scholarships Sponsor:
NWSI - Northwest Security Institute