ISOC 1997 SYMPOSIUM NETWORK & DISTRIBUTED SYSTEM SECURITY [long]
David M. Balenson
- --------------------------------------------------------------------------
THE INTERNET SOCIETY 1997 SYMPOSIUM ON
NETWORK AND DISTRIBUTED SYSTEM SECURITY
(NDSS '97)
10-11 FEBRUARY 1997
SAN DIEGO PRINCESS RESORT, SAN DIEGO, CALIFORNIA
This fourth annual symposium will bring together researchers,
implementors, and users of network and distributed system security
technologies to discuss today's important security issues and
challenges. It will provide a mix of technical papers and panel
presentations that describe promising new approaches to security
problems that are practical, and to the extent possible, have
been implemented. We hope to foster the exchange of technical
information and encourage the Internet community to deploy
available security technologies and develop new solutions to
unsolved problems.
WHY YOU SHOULD ATTEND
The use of the Internet is rapidly growing and expanding into
all aspects of our society. Commercial organizations are coming
under increasing pressure to make their services available on-line.
This in turn is increasing the need for rapid and widespread
deployment of usable and effective network and distributed system
security technologies. High visibility attacks on the Internet
underscore the vulnerabilities of the Internet and the need to
solve its security problems. There is growing concern for securing
the network infrastructure itself. Recent trends in software
distribution (such as Java and ActiveX technologies) have made
certain attacks easier to carry out. Privacy has become an
important issue for the Internet.
NDSS '97 will bring together researchers, implementors, and users
of network and distributed system technologies to discuss today's
important security issues and challenges. We have selected the
technical papers and panel presentations that describe promising
new approaches to security problems that are practical, and to
the extent possible, have been implemented. Topics to be addressed
include Internet infrastructure and routing security, security
for the World Wide Web, Java and ActiveX security, cryptographic
protocols, public key management, and protection of privacy.
The symposium will have a positive impact on the state of Internet
security. You will have the opportunity to actively participate
in the dialog. Ask questions of the speakers, raise your important
issues during the panel sessions, and let other participants know
of your requirements, observations, and experience in this
important area. We hope to encourage the wide-scale deployment
of security technologies and to promote new research that can
address the currently unmet security needs of the Internet
community.
CONTENTS
Preliminary Program
Organizing Committee
San Diego Princess Resort
Registration Information
Registration Form
- --------------------------------------------------------------------------
P R E L I M I N A R Y P R O G R A M
SUNDAY, FEBRUARY 9
6:00 P.M. - 8:00 P.M.
RECEPTION
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
MONDAY, FEBRUARY 10
7:30 A.M.
CONTINENTAL BREAKFAST
8:30 A.M.
OPENING REMARKS
9:00 A.M.
SESSION 1: THINGS THAT GO BUMP IN THE NET
Chair: Stephen T. Kent (BBN Corporation, USA)
Experimental Results of Covert Channel Elimination in One-Way
Communication Systems, Nick Ogurtsov, Hilarie Orman, Richard
Schroeppel, Sean O'Malley, and Oliver Spatscheck (University
of Arizona, USA)
Blocking Java Applets at the Firewall, David M. Martin Jr.,
Sivaramakrishnan Rajagopalan and Aviel D. Rubin (Bellcore, USA)
Continuous Assessment of a Unix Configuration: Integrating
Intrusion Detection & Configuration Analysis, Abdelaziz Mounji
and Baudouin Le Charlier (Institut D'Informatique, Namur,
BELGIUM)
10:30 A.M.
BREAK
11:00 A.M.
SESSION 2: PANEL: SECURITY OF DOWNLOADABLE EXECUTABLE CONTENT
Chair: Aviel Rubin (Bellcore, USA)
12:30 NOON
LUNCH
2:00 P.M.
SESSION 3: PROTOCOL IMPLEMENTATION AND ANALYSIS
Chair: Christoph Schuba (Purdue University, USA)
An Interface Specification Language for Automatically Analyzing
Cryptographic Protocols, Stephen H. Brackin (Arca Systems, USA)
Probable Plaintext Cryptanalysis of the IP Security Protocols,
Steven M. Bellovin (AT&T Research, USA)
Misplaced Trust: Kerberos Version 4 Session Keys, Bryn Dole (Sun
Microsystems), Steve Lodin (Delco Electronics), and Eugene Spafford
(Purdue University, USA)
3:30 P.M.
BREAK
4:00 P.M.
SESSION 4: PANEL: SECURITY OF THE INTERNET INFRASTRUCTURE
Chair: Russ Mundy (Trusted Information Systems, USA)
7:00 P.M.
DINNER BANQUET
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
TUESDAY, FEBRUARY 11
7:30 A.M.
CONTINENTAL BREAKFAST
8:30 A.M.
SESSION 5: ROUTING SECURITY
Chair: Hilarie Orman (DARPA, USA)
Securing the Nimrod Routing Architecture, Karen E. Sirois and
Stephen T. Kent (BBN Corporation, USA)
Securing Distance-Vector Routing Protocols, Bradley R. Smith,
Shree Murthy and J.J. Garcia-Luna-Aceves (University of California
Santa Cruz, USA)
Reducing the Cost of Security in Link-State Routing, R. Hauser,
A. Przygienda and G. Tsudik (IBM and USC/ISI, USA)
10:00 A.M.
BREAK
10:30 A.M.
SESSION 6: SECURITY FOR THE WORLD WIDE WEB
Chair: Win Treese (OpenMarket, USA)
Securing Web Access with DCE, Brian C. Schimpf (Gradient
Technologies, USA)
PANEL: SECURITY FOR THE WORLD WIDE WEB
Chair: Win Treese (OpenMarket, USA)
12:00 A.M.
LUNCH
1:30 P.M.
SESSION 7: PUBLIC KEY MANAGEMENT
Chair: Jonathan Trostle (CyberSafe, USA)
Hierarchical Organization of Certification Authorities for
Secure Environments, Lourdes Lopez (Universidad Politecnica de
Madrid, SPAIN)
Trust Models in ICE-TEL, Andrew Young and Nada Kapidzic Cicovic
(Univeristy of Salford, UNITED KINGDOM)
Distributed Authentication in Kerberos Using Public Key
Cryptography, Marvin Sirbu and John Chung-I Chuang (Carnegie
Mellon University, USA)
3:00 P.M.
BREAK
3:30 P.M.
SESSION 8: PANEL: WEB PRIVACY AND ANONYMITY
Chair: (To Be Determined)
- --------------------------------------------------------------------------
O R G A N I Z I N G C O M M I T T E E
GENERAL CHAIR
David Balenson, Trusted Information Systems
PROGRAM CHAIRS
Clifford Neuman, USC Information Sciences Institute
Matt Bishop, University of California at Davis
PROGRAM COMMITTEE
Steve Bellovin, AT&T Research
Tom Berson, Anagram Laboratories
Doug Engert, Argonne National Laboratory
Warwick Ford, Verisign
Richard Graveman, Bellcore
Li Gong, JavaSoft
Burt Kaliski, RSA Laboratories
Steve Kent, BBN Corporation
Tom Longstaff, CERT
Doug Maughan, National Security Agency
Dan Nessett, 3Com Corporation
Hilarie Orman, DARPA/ITO
Michael Roe, University of Cambridge
Christoph Schuba, Purdue University
Jonathan Trostle, CyberSafe
Theodore Ts'o, Massachusetts Institute of Technology
Doug Tygar, Carnegie Mellon University
Vijay Varadharajan, University of W. Sydney
Roberto Zamparo, Telia Research
PUBLICATIONS CHAIR
Steve Welke, Institute for Defense Analyses
LOCAL ARRANGEMENTS CHAIR
Thomas Hutton, San Diego Supercomputer Center
REGISTRATIONS CHAIR
Torryn Brazell, Internet Society
STEERING GROUP
Internet Research Task Force, Privacy and Security Research Group
SPONSORED BY THE INTERNET SOCIETY
Donald M. Heath, President & CEO
Martin Burack, Executive Director
- --------------------------------------------------------------------------
S A N D I E G O P R I N C E S S R E S O R T
LOCATION
The Symposium venue is the San Diego Princess Resort, a tropical
paradise on a forty-four acre island in Mission Bay, ten minutes
from the international airport. Lush gardens landscaped with
hundreds of species of tropical and subtropical plants are
always ablaze with color and perfect for themed group events.
Charming pathways wander among sparkling waterfalls, across
quaint footbridges and sleepy lagoons filled with water lilies
and waterfowl. A white sand beach curves around the island
for over a mile, and the award-winning grounds encompass five
swimming pools and six lighted tennis courts.
Spouses and family members can catch a convenient Harbor Hopper
for a quick trip to Sea World. Plan to visit La Jolla, the world
famous San Diego Zoo or Mexico, only 30 minutes by car or Trolley.
HOUSING INFORMATION
We have reserved a special block of sleeping rooms at the San Diego
Princess Resort at the following rates:
Lanai Patio Rooms $ 81*
Lanai Garden Rooms $114
* This represents the Government Rate for San Diego. A limited
number of rooms are available at this rate. Reservations must
be made no later than January 13, 1997. You must present a
valid government id upon check-in.
Based on room type and space availability, the special group
rates are applicable two days prior to and two days after the
symposium. Current Room Tax is 10.5%.
Check-in availability cannot be committed prior to 4:00 p.m.
Check-out time is 12:00 noon. The San Diego Princess Resort
will make every effort to accommodate any early arrivals, so
make sure you give them your arrival time when you make your
reservation.
TO MAKE A RESERVATION
Contact the San Diego Princess Resort at +1-800-344-2626
(+1-619-274-4630 if outside the United States). To receive
the special group rates, reservations must be made no later
than January 20, 1997. To receive the special goverment
rate, you must make your reservation by January 13, 1997.
CLIMATE
February weather in San Diego is normally very pleasant. Early
morning temperatures average 55 degrees while afternoon
temperatures average 67 degrees. Generally, a light jacket or
sweater is adequate, although, occasionally it rains.
- --------------------------------------------------------------------------
R E G I S T R A T I O N I N F O R M A T I O N
FEES ISOC Non-
Members Member*
Early registration
(postmarked on/before Jan. 22) $305 $345
Late registration $375 $415
REGISTRATION INCLUDES
- Attendance - Symposium Proceedings - Two luncheons
- Reception - Banquet - Coffee Breaks
* Non-Member fee includes one year Internet Society membership.
FOR MORE INFORMATION
Contact Carol Gray at the Internet Society at +1-703-648-9888
or send E-mail to Ndss...@isoc.org.
WEB PAGE
Additional information about the symposium and San Diego, plus
on-line registration, are available via the Web at:
http://www.isoc.org/conferences/ndss97
SPONSORSHIP OPPORTUNITIES AVAILABLE!
Contact Torryn Brazell at the Internet Society at +1-703-648-9888
or send E-mail to Ndss...@isoc.org.
- --------------------------------------------------------------------------
R E G I S T R A T I O N F O R M
INTERNET SOCIETY SYMPOSIUM ON NETWORK AND DISTRIBUTED SYSTEM SECURITY
10-11 FEBRUARY, 1997 SAN DIEGO, CALIFORNIA, USA
Fill out this form and FAX it to NDSS'97 Registration at +1-703-648-9887,
send it via E-mail to Ndss...@isoc.org, or mail it to NDSS97,
12020 Sunrise Valley Drive, Suite 210, Reston, VA, 20191, USA
PERSONAL INFORMATION
__Mr __Ms __Mrs __Dr __Prof __M __Prof Dr __Dip Ing __Ing __Miss __Mlle
First Name: ________________________________ MI: ____________________
Family Name: ___________________________________ __Sr __Jr __II __III
Badge Name: __________________________________________________________
Please enter your name as you would like it to appear on your name tag.
CONTACT INFORMATION
Title: _______________________________________________________________
Organization: ________________________________________________________
Street address: ______________________________________________________
______________________________________________________________________
City: ________________________________________________________________
State/Province: ___________________________ Postal Code: ____________
Country: _____________________________________________________________
Telephone Number (work): _____________________________________________
Telephone Number (home): _____________________________________________
Fax Number: __________________________________________________________
E-mail address: ______________________________________________________
SPECIAL NEEDS? (Vegetarian meals, wheelchair access, etc?)
______________________________________________________________________
______________________________________________________________________
APPEAR ON REGISTRANTS LIST?
___ Please check here if you would NOT like your name included
in the list of registrants.
PAYMENT INFORMATION
All Payments must be in United States Dollars.
Conference Fee
--------------
If you are an Internet Society member, you are eligible for a
reduced conference registration fee. Non-member symposium
attendees will receive a one year Internet Society membership
as part of the non-member registration fees.
Check one: On/Before After
January 22 January 22
---------- ----------
___ Internet Society Member Fee US$ 305.00 US$ 375.00
___ Non-Member Fee US$ 345.00 US$ 415.00
Method of Payment
-----------------
Payment must be received on/before February 7, 1997 or we will
be unable to pre-register you.
1. ___ Check. Make payable to the Internet Society.
2. ___ Credit Card. ___ American Express ___ Visa ___ Mastercard
Name on Credit Card: ____________________________________
Credit Card Number: _____________________________________
Expiration Date: ________________________________________
3. ___ CyberCash. Account Number: _____________________________
4. ___ First Virtual. Account Number: _________________________
5. ___ Wire Transfer*
Bank ABA Number: 054000030
Account Number: Internet Society 148 387 10
Riggs National Bank of Virginia
950 Herndon Parkway
Herndon, VA 20171 USA
Wire Transfer Confirmation Number: ______________________
* Please process wire transfer before sending registration
form.
6. ___ U.S. Government Purchase Order*
P.O. Number: ____________________________________________
* Please fax or mail a copy of your purchase order along
with your registration form.
Cancellation Policy
-------------------
Refunds (less a $25 processing fee) will be issued for cancellations
received on/before February 7, 1997. No refunds will be issued
after February 7, 1997.
- -----------------------------------------------------------------------