|
PST2011
Ninth Annual Conference
on Privacy, Security and Trust
Speakers |
|
Day 1
Tuesday July 19
PST Morning Keynote, Tuesday, July 19
Ron Plesco
President and CEO of the National Cyber-Forensics Training Alliance |
|
Brief Bio
A nationally renowned Information Security & Privacy Attorney with 15 years experience in Information Assurance/Privacy, Identity Management and Computer Crime Law, Ronald E. Plesco, Jr. is the CEO of the private sector and federally funded National Cyber Forensic Training Alliance (NCFTA). The NCFTA functions as a conduit between private industry and law enforcement with a core mission to identify, mitigate and neutralize cyber crime. In an effort to streamline intelligence exchange, the NCFTA organizes SME interaction into threat-specific initiatives. The NCFTA currently manages several initiatives focusing on: Financial, Pharmaceutical, Telecommunications, Web Hosting, Retail, Shipment, and Industrial Control System cyber crimes and the black market infrastructure that supports each. This infrastructure includes botnets, hosting companies, malware, money laundering and shipment/money mule recruitment.
Previously, Ron founded and served as the Director of the SRA (SRX) Privacy/Information Assurance Division. As a Privacy SME he was the privacy lead for the US-VISIT Border Security, TSA Secure Flight Program, and Department of Homeland Security (DHS) Privacy office contracts in addition to being the Program Manager for the development of the SRA team at the DHS National Cyber Security Division/USCERT. For seven years, Ron served at the pleasure of Governor Tom Ridge as the Director of Public Safety Policy assigned to the Pennsylvania State Police. Immediately following Sept 11th he was selected to Chair the Cyber Attacks Committee for the PA Homeland Security Council.
A former prosecutor, Ron’s unique experience and non-traditional speaking style have made him a prolific presenter for private and public organizations. Recent audiences have included the Overseas Security Advisory Council, US Army War College, International Association of Financial Crimes Investigators, and private keynotes for Fortune 100 companies. |
PST Symposium C2 July 19
Title: Overview of Modern Tools and Techniques to Capture Specialized Knowledge,
Robert Charpentier
Scientist, Defence Research and Development Canada |
|
Brief Bio
Mr. Robert Charpentier completed his degree in engineering physics at "l'École Polytechnique de Montréal" in 1979. After working at CAE Electronics on flight simulators, he joined Defence Research Establishment Valcartier, where he specialized in infrared imagery and space-based surveillance. His current research domains are secure interoperability and software security design and certification. |
PST Symposium C3 July 19
Title: Public Health Model of Information Security
Peter Cassidy
Anti Phishing Working Group |
|
Brief Bio
Peter Cassidy is the secretary general of the Anti-Phishing Working Group (APWG), the largest and most influential independent coalition combating Internet crime today, having cultivated the organization since 2004 into an internationally recognized authority on electronic crime with more than 3,200 members from more than 1,850 information technology companies, law enforcement agencies, government ministries, universities and research institutions worldwide.
Peter is a product development consultant, software designer, industrial analyst and widely published writer, speaker and commentator on information security, white collar crime and electronic crime who has been investigating the intersection of security technologies, electronic commerce, public policy and financial crime for decades in his many capacities.
His leadership of the APWG fortuitously enabled him to combine his interests to build bridges across the many disciplines and domains required for a single entity to comprehensively address the emerging electronic crime plexus. Today, the APWG embodies a uniquely heterogeneous global counter-crime association drawing upon the expertise of technologists, risk managers, private and public law enforcement and security personnel, government ministers, computer scientists and behavioral researchers.
Engaging all of these perspectives at once allows the APWG to narrate the experience of criminality emerging on the Internet in compelling and useful ways, including: statistical reports developed by the APWG's members and sponsors; APWG member conferences; the annual APWG eCrime Research Summit conference for industrial and academic researchers; APWG member mailing lists; research and policy collaborations with governmental and industrial bodies; and APWG presentations at events sponsored by industry, government, law enforcement agencies and diplomatic organizations.
Speaking engagements on behalf of the APWG have brought Peter before audiences of industrial, governmental and law enforcement organizations in Korea, Canada, Australia, the United Kingdom, Singapore, France, Belgium, Japan, China, Portugal, Hong Kong, China and the United States. He is regularly interviewed by media from the US, Canada, Latin America, the United Kingdom, Western Europe, Eastern Europe, Australia, Japan, China and India.
He has presented to the European Commission, the Council of Europe, departments of the United States Treasury and Japan's Ministry of Economy, Trade and Industry (METI). He also lectures on electronic crime at the National Advocacy Center, the training center for US federal prosecutors.
As a business development consultant to both established and startup global technology firms, Peter has assisted in the design and development of security-related technologies and services (among them: a personal identity data abuse alerting system; license management systems to control software usage; watermarking systems for copyrighted digital intellectual property; and a system to distill actuarial proxies from network performance data as a basis for premium calculations in cyber-risk insurance policies).
Today, he sits on the boards of directors and technical advisory boards of a number of technology companies in investor and non-investor roles. His first startup was as a writer and editorial development consultant for a new publication at Reed Elsevier's Sydney, Australia subsidiary in 1987.
His specific expertise and historical perspective in information security technologies have garnered him industrial analysis and custom consulting contracts with some of the most prestigious industrial research firms in America: Giga Information Group, Dataquest, Strategy Analytics, CI-InfoCorp, Business Research Group, Inc., a subsidiary of Cahners/Reed Elsevier and NSI Information Services. In 1995, he cofounded the Digital Commerce Society of Boston, a leading forum on innovations in electronic commerce technologies and then-emerging electronic payment paradigms.
As a technology writer and commentator, Peter has authored articles and opinion columns under his own byline for international business publications such as The Economist, Forbes ASAP and Wired magazine. In that role, journalists have interviewed and quoted him on such disparate topics as cryptography export policy and business-to-business customer acquisition costs.
In his capacity as an industrial analyst, he has spoken and given presentations on copyright management, license management, consumer privacy, distance learning and US cryptography export policies in the United Staes and Brazil. Moreover, he has contributed commentary to standards-making bodies and to the US Congress directly and under the auspices of his industrial clients.
As commentator on public policy and industrial technology policy, Peter's articles and analyses have appeared in such journals of opinion as OMNI Magazine, The Covert Action Quarterly, CIO Magazine, InformationWeek and The Progressive as well as in the opinion pages of daily newspapers, such as The Boston Sunday Globe, and in the US weeklies that carried his columns via the AlterNet news service during the mid-1990s.
Moreover, his reporting on white collar crime, bank fraud, mortgage fraud and underwriting malfeasance have appeared in the Polk Award-winning National Mortgage News, Boston Magazine, The Texas Observer, Sunday Boston Herald and Boston Business Journal. His journalism has been supported by grants from the Fund for Constitutional Government and the Fund for Investigative Journalism. His articles have been anthologized in university collections and course books.
In the academic domain, Peter has been: a visiting fellow at MIT's School of Architecture and Planning during the 2001-2002 school year, charged with development of a research program to quantify information risks that attend the construction of electronic commerce architectures; a visiting fellow at Florida State University's School of Computer Science at Tallahassee during the 2006 school year, working with the staff in developing an academic research conference focusing on electronic crime, 2005 and 2006 school years; a guest lecturer on financial crime reporting to Boston University's masters program in finance journalism, 1990, 1991, 1992, and 1993; an adjunct professor of non-fiction and industrial writing at Boston University's College of Communications, 1990-1991 school year; associate lecturer of journalism at Bunker Hill Community College, 1990-1991; and guest lecturer on non-fiction writing to the Urban Scholars Program, University of Massachusetts at Boston, Summer, 1985.
|
PST Symposium C4 July 19
Network Security
Eric Ziegast,
Internet Systems Consortium |
|
Brief Bio
Eric Ziegast is a Senior Operations Engineer and Security Information Exchange Programme Manager for Internet Systems Consortium. He helped grow ISPs like UUNET and AT&T since 1991 and websites like BlueMountain.com. Eric created DNS blacklist technology for the Mail Abuse Prevention System which became the primary enforcement tool for an industry of IP and domain reputation organizations.
|
Frédéric Painchaud C2 July 19
Scientist, Defence Research and Development Canada
|
|
Brief Bio
Mr. Frédéric Painchaud completed his master’s degree in Computer Science with honors at “Université Laval” in 2002. He then joined Defence Research and Development Canada – Valcartier, where his research interests are architectural risk analysis, software certification, secure software engineering, automatic software verification and formal methods. |
PST Afternoon Keynote July 19
Dean Turner
Director, Global Intelligence Network, Symantec Security Response |
|
Title: High Profile Targeted Attacks
Abstract: Mr. Turner will provide a briefing on current threats and trends with a focus on high profile targeted attacks such as Stuxnet and the growing trend that sees nation and non-nation state actors at the forefront of potential actors and victims.
Brief Bio
Dean Turner is the Director of the Global Intelligence Network where he manages Symantec's Deepsight Analyst teams and security intelligence and defines Symantec’s go-to-market strategy for sensor and intelligence coverage in key regional and vertical markets. Turner also manages and co-authors the Symantec Internet Security Threat Report. In this role, he coordinates the research and analysis of attack data gathered from Symantec's DeepSight Threat Management System, Managed Security Services, Business Intelligence Services and Symantec Antivirus Research Automation for use in the publication of the ISTR. Dean is also Symantec’s Canadian spokesperson for matters relating to the ISTR having done numerous print, radio and television interviews.
Turner was one of the co-founders of SecurityFocus in 1999 and served as its Director of Operations and Content until the company's acquisition by Symantec in 2002. Prior to forming SecurityFocus, Turner worked for Network Associates as their Competitive Analysis Manager for their security product line.
Turner has a broad range of expertise from Operations and Network Security to Incident Analysis. He has spoken at various Defense and Security Conferences and maintains a research interest with the academic community on such issues as Information Warfare and Infrastructure Protection.
Turner has a bachelor's degree in political science and strategic studies from the University of Calgary, Canada and a master’s degree in security studies from the University of Hull, U.K.. |
PST Symposium C1 July 19
James NorrIe
Associate Dean, Administration for the Ted Rogers School of Management, Ryerson University |
|
Title: Strategic Implications of Social Media
Brief Bio
Dr. Norrie is an Associate Professor and a former Director of the School where he taught in the areas of Introductory IT, Advanced Project Management, IT Strategy, Systems Analysis & Design, Business Process & Performance Improvement, e-Business, Ethics and Professional Practice. He currently teaches Information Technology Law. Dr. Norrie undertakes applied research with a particular focus on the strategic implications of emerging technologies on organizations, particularly social media related, and speaks regularly at industry events and consults to numerous organizations globally in his areas of expertise. He has authored or co-authored four books and numerous articles and is frequently quoted in the national press, appears on radio and current affairs TV and is a regular Panelist on the Media and the Message show on AM640. He is currently serving as the Associate Dean, Administration for the Ted Rogers School of Management and teaching in the Faculty's MBA program and a senior undergraduate electives in Law and Technology related subjects.
Prior to joining the faculty, James was both an entrepreneur and successful executive with a 10+ year track record of creating, growing or managing high-tech and e-business ventures, most recently as President of an internet-based company. In addition to his Ryerson appointment, James previously served either as an independent member or Chairman of the Board of Directors or Board of Advisors of several corporate and one charitable Board. This governance experience resulted in his appointment to the Board of Centennial College and he currently serves on numerous university committees or forums, previously was a member of the university's Senate as well as seeking to generally advance the post-secondary education system in Ontario and nationally through appropriate service elsewhere. As an active member of the Ryerson Angel Network and through SIFE Ryerson and the DMZ, James provides advice and support to student entrepreneurs wishing to launch innovative digital or internet-based businesses. |
|
PST Symposium C5 July 19
Doug Allport
Owner, Allport Group Inc. |
|
Brief Bio
Doug is currently supporting the Multi-Agency Situational Awareness System (MASAS) National Implementation Team as a Special Advisor, while managing the Canadian Profile of the Common Alerting Protocol (CAP-CP) governance study for the Canadian Association for Public Alerting and Notification (CAPAN). Doug's volunteer efforts include serving as CAPAN's Executive Director, and CAPAN's representative on the National Alert and Aggregation Dissemination (NAAD) System Advisory Council. |
|
|
|
Day 2
Wednesday July 20
Academic Keynote
Dr. Douglas Stinson, University of Waterloo |
|
Title: New Combinatorial Techniques for User-Private Information Retrieval
Abstract
Domingo-Ferrer and Bras-Amoros introduced the idea of using combinatorial designs to hide the identity of users posting queries to a database. They suggested the use of certain structures known as "configurations'' and this theme has been pursued in several additional papers.
In this talk, we discuss the problem of maintaining user anonymity even if a sequence of queries can be "linked'', e.g., due to being on a similar specialized topic. This notion of anonymity can be defined from the point of view of the database as well as from the point of view of other users in the scheme.
We propose the use of balanced incomplete block designs as well as some related but more general types of designs in order to provide security in this context.
Brief Bio
Dr. Stinson is a Professor and University Research Chair in the David R. Cheriton School of Computer Science at the University of Waterloo. He is affiliated with the CrySP (Cryptography, Security and Privacy) research group, and with the CACR (Centre for Applied Cryptographic Research).
- PhD from Waterloo in 1981.
- NSERC post-doctoral fellowship at the University of Manitoba (Department of Computer Science) in 1981-1982.
- NSERC University Research Fellowship at the University of Manitoba (Department of Computer Science) from 1982-1989.
- University of Nebraska-Lincoln (Computer Science and Engineering Department) in 1990.
- University of Waterloo (Department of Combinatorics and Optimization) in 1998, when I was awarded the NSERC/Certicom Industrial Research Chair in Cryptography (1998-2003).
- School of Computer Science at Waterloo. Held a Mathematics Faculty Fellowship from 2001-2004.
- Holds a University Research Chair from 2005-2012.
|
Day3
Thursday July 21
Academic Keynote
Dr. Mikhail Atallah, Purdue University |
|
Title: Secure Computational and Storage Outsourcing
Abstract: Although utility-computing technologies like cloud computing can yield substantial economic, social, and scientific benefits, there are impediments to achieving their full potential. One of the impediments is a reluctance to disclose information, for fear of losing control over its subsequent dissemination and usage. Moreover, laws often forbid the disclosure of certain kinds of information (e.g., health, financial), or strictly regulate the form and timing of that disclosure. We review security technologies that can mitigate this problem, in particular computational and storage outsourcing. In computational outsourcing, weak clients use powerful remote servers to carry out intensive computational tasks without revealing to the servers anything about the data or the computed answers. In storage outsourcing, storage-limited clients use remote servers to store/search/manipulate massive data without revealing to the servers anything about the data or the queries and updates on it.
Brief Bio
Mikhail (Mike) Atallah obtained the Ph.D. from the Johns Hopkins University in 1982 and immediately joined the Computer Science Department at Purdue University, where he was promoted to Associate Professor in 1986, to Professor in 1989, and to Distinguished Professor in 2004. His research interests include information security, distributed computing, algorithms, and computational geometry. A Fellow of both the ACM and IEEE, he has served on the editorial boards of top journals, and on the program committees of top conferences and workshops. He was keynote and invited speaker at many national and international meetings, and a speaker nine times in the Distinguished Lecture Series of top Computer Science Departments. He was selected in 1999 as one of the best teachers in the history of Purdue and included in a permanent wall display of Purdue's best teachers past and present. |
|
|
|
|
|
|
|
|
|
|
|
|