Fall 2004 Internet2 Member Meeting Security-Related Sessions

[Valerie Vogel <vvogel () EDUCAUSE EDU>]

For those of you planning to attend the Fall 2004 Internet2 Member
Meeting in Austin, TX, September 27-30, a summary of security-related
sessions is provided below. 

For more information, see: http://events.internet2.edu/2004/fall-mm/.

Thank you,

Valerie Vogel
Security Task Force Project Assistant, EDUCAUSE & Internet2

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
I2 FALL MEMBER MEETING SECURITY-RELATED SESSIONS:

26 Sep (Sun.), 7-9 pm
Email Security BoF
        Securing e-mail is an ever-growing priority for the
        enterprise, particularly in response to compliance
        requirements for signing and encryption (e.g. HIPAA)
        and the ever-growing spam problem. Recent sender-
        verification efforts such as Sender Policy Framework
        (SPF) and Caller ID are gaining traction, and various
        approaches to mail signing and encryption are still
        struggling for broad acceptance. This BoF is co-
        sponsored by the MACE-MList working group and SALSA,
        and will discuss these issues in the context of R&E,
        with an eye toward guidance for mail administrators
        seeking help in navigating these issues.
        http://security.internet2.edu/salsa/
        http://middleware.internet2.edu/mlist/

27 Sep (Mon.), 7:30-9 pm
SALSA Meeting [Closed]

27 Sep (Mon), 1:00 PM - 2:30 PM
PKI Working Group
        
28 Sep (Tues.), 8-9:30 am
SALSA NetAuth BoF
        This session will focus on the future direction and
        focus of the SALSa-NetAuth working group. We will focus
        on both the near term future documents covering
        automated network policy enforcement and investigations
        of solutions to the 'visiting scientist' problem.

28 Sep (Tues.), 4:30-5:30 pm
SALSA Update
        SALSA, composed of leading campus network security
        architects, is the Steering Group for the Internet2
        efforts within the Internet2/EDUCAUSE Security Task
        Force. SALSA has launched a number of workgroups, most
        notably in authentication and authorization for network
        access and advanced network security issues such as
        malware, firewalls in multi-homed networks, DNSSec,
        etc. This session will present recent work by SALSA and
        its workgroups, with a particular focus on the progress
        in managing network access in an increasingly complex
        and Interrealm world.

29 Sep (Wed.), 8:45-10 am
Balancing Performance, Security and Usability in a Real-World High
Performance Network
        When managing a high performance networking
        environment, factors such as performance, security, and
        usability often come into conflict. Cumbersome access
        control measures may be needed for security, but
        negatively affect usability. Performance needs may
        drive use of less security than ideal. We will address
        the tradeoffs and ordering between these three elements
        based on experience within the PNNL high performance
        networking arena, exhibiting workable methods for
        establishing and meeting goals in all three areas. Our
        results will be illustrated via both our own
        experiences as well as a test network established for
        assisting in the decision-making process, as well as
        some of the protections that are currently in place.
        This includes a traditional layered defense methodology
        with specific elements selected based on our three
        criteria. It also includes novel s practical solutions
        such our distributed firewall model, which addresses a
        relatively lower cost to performance and usability
        while still maintaining an acceptable level of
        security. The PNNL high performance computing
        environment is driven by a science to solutions
        approach, and incorporates a .25-teraflop prototype of
        a 9.1-teraflop Hewlett Packard Linux-based
        supercomputer, as well as an IBM SP computer system
        with 512 processors and a theoretical peak performance
        of 247 gigaflops.

29 Sep (Wed.), 10:30-11:45 am
Can We Get Ahead of the Crackers?
        The deployment of very high-speed networks is making it
        even easier for malicious hackers to do millions of
        dollars of damage to computer systems. Thousands of
        zombie machines infected with viruses can launch
        crippling denial of service attacks. Crackers who are
        able to penetrate corporate and university systems can
        download gigabytes of sensitive or confidential
        information in minutes. The growth of the Grid and Web
        services will no doubt lead to new forms of cyber-
        mischief. Fortunately, new technologies offer new ways
        to improve cyber-security. Better authentication and
        authorization systems are being deployed. Research on
        autonomic computing is providing ways to build self-
        monitoring and self-protecting systems and networks.
        Intrusion detection software can detect unauthorized
        access before damage can be done. More and more
        companies and universities are realizing the need to
        improve identity management and access control. This
        panel will examine new approaches to cyber-security and
        autonomic computing and determine whether the next
        generation of the Internet can be more secure than the
        current one.

29 Sep (Wed.), 10:30 AM - 11:45 AM
PKI
        
29 Sep (Wed.), 3-4 pm
Security: New Trends, New Issues
        This session will talk about developments over the past
        year in both the nature of security issues and our
        tools for responding to the new issues. Topics to be
        addressed include a profile of current attack vectors,
        some new approaches to email security, and a taxonomy
        of malware that can help structure the problem spaces
        emerging in botnets, spyware, etc.

29 Sep (Wed.), 4:30-5:45 pm
Security Implications of IPv6
        IPv6 offers a number of significant performance and
        security advantages over IPv4. However, these same
        benefits also work to the advantage of IPv6-savvy
        attackers, even on IPv4 or dual stack networks. This
        presentation will use a systems approach to examine the
        security implications of IPv6 at the network and
        applications layers of the advanced computing
        environment. Recommendations and best practices for the
        secure operation of networks in an IPv6 enabled world
        as well as IPv4/IPv6 dual stack networks will be
        shared.

30 Sep (Thurs.), 8:45-10 am
CALEA
        CALEA is the Computer Assistance for Law Enforcement
        Act, initially passed in 1994. Under CALEA, providers
        of commercial voice services are required to engineer
        their networks in such a way as to assist law
        enforcement agencies in executing wiretap orders.
        Earlier this year, the FBI, Department of Justice, and
        Drug Enforcement Administration jointly petitioned the
        FCC (which is the federal agency designated to
        administer CALEA) to extend CALEA to include all
        Internet service providers. Thirteen higher education
        associations as well as ISP's, civil liberties groups,
        and other organizations filed negative responses to the
        petition, which remains under consideration at the FCC.
        This panel features speakers with a wide range of
        views, both pro and con, on the FCC petition, who will
        discuss both the technological and social aspects of
        expanding CALEA to cover digital services.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

**********
Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at 
http://www.educause.edu/groups/.