Educause Security Discussion mailing list archives
Fall 2004 Internet2 Member Meeting Security-Related Sessions
From: Valerie Vogel <vvogel () EDUCAUSE EDU>
Date: Thu, 23 Sep 2004 15:50:31 -0600
For those of you planning to attend the Fall 2004 Internet2 Member Meeting in Austin, TX, September 27-30, a summary of security-related sessions is provided below. For more information, see: http://events.internet2.edu/2004/fall-mm/. Thank you, Valerie Vogel Security Task Force Project Assistant, EDUCAUSE & Internet2 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - I2 FALL MEMBER MEETING SECURITY-RELATED SESSIONS: 26 Sep (Sun.), 7-9 pm Email Security BoF Securing e-mail is an ever-growing priority for the enterprise, particularly in response to compliance requirements for signing and encryption (e.g. HIPAA) and the ever-growing spam problem. Recent sender- verification efforts such as Sender Policy Framework (SPF) and Caller ID are gaining traction, and various approaches to mail signing and encryption are still struggling for broad acceptance. This BoF is co- sponsored by the MACE-MList working group and SALSA, and will discuss these issues in the context of R&E, with an eye toward guidance for mail administrators seeking help in navigating these issues. http://security.internet2.edu/salsa/ http://middleware.internet2.edu/mlist/ 27 Sep (Mon.), 7:30-9 pm SALSA Meeting [Closed] 27 Sep (Mon), 1:00 PM - 2:30 PM PKI Working Group 28 Sep (Tues.), 8-9:30 am SALSA NetAuth BoF This session will focus on the future direction and focus of the SALSa-NetAuth working group. We will focus on both the near term future documents covering automated network policy enforcement and investigations of solutions to the 'visiting scientist' problem. 28 Sep (Tues.), 4:30-5:30 pm SALSA Update SALSA, composed of leading campus network security architects, is the Steering Group for the Internet2 efforts within the Internet2/EDUCAUSE Security Task Force. SALSA has launched a number of workgroups, most notably in authentication and authorization for network access and advanced network security issues such as malware, firewalls in multi-homed networks, DNSSec, etc. This session will present recent work by SALSA and its workgroups, with a particular focus on the progress in managing network access in an increasingly complex and Interrealm world. 29 Sep (Wed.), 8:45-10 am Balancing Performance, Security and Usability in a Real-World High Performance Network When managing a high performance networking environment, factors such as performance, security, and usability often come into conflict. Cumbersome access control measures may be needed for security, but negatively affect usability. Performance needs may drive use of less security than ideal. We will address the tradeoffs and ordering between these three elements based on experience within the PNNL high performance networking arena, exhibiting workable methods for establishing and meeting goals in all three areas. Our results will be illustrated via both our own experiences as well as a test network established for assisting in the decision-making process, as well as some of the protections that are currently in place. This includes a traditional layered defense methodology with specific elements selected based on our three criteria. It also includes novel s practical solutions such our distributed firewall model, which addresses a relatively lower cost to performance and usability while still maintaining an acceptable level of security. The PNNL high performance computing environment is driven by a science to solutions approach, and incorporates a .25-teraflop prototype of a 9.1-teraflop Hewlett Packard Linux-based supercomputer, as well as an IBM SP computer system with 512 processors and a theoretical peak performance of 247 gigaflops. 29 Sep (Wed.), 10:30-11:45 am Can We Get Ahead of the Crackers? The deployment of very high-speed networks is making it even easier for malicious hackers to do millions of dollars of damage to computer systems. Thousands of zombie machines infected with viruses can launch crippling denial of service attacks. Crackers who are able to penetrate corporate and university systems can download gigabytes of sensitive or confidential information in minutes. The growth of the Grid and Web services will no doubt lead to new forms of cyber- mischief. Fortunately, new technologies offer new ways to improve cyber-security. Better authentication and authorization systems are being deployed. Research on autonomic computing is providing ways to build self- monitoring and self-protecting systems and networks. Intrusion detection software can detect unauthorized access before damage can be done. More and more companies and universities are realizing the need to improve identity management and access control. This panel will examine new approaches to cyber-security and autonomic computing and determine whether the next generation of the Internet can be more secure than the current one. 29 Sep (Wed.), 10:30 AM - 11:45 AM PKI 29 Sep (Wed.), 3-4 pm Security: New Trends, New Issues This session will talk about developments over the past year in both the nature of security issues and our tools for responding to the new issues. Topics to be addressed include a profile of current attack vectors, some new approaches to email security, and a taxonomy of malware that can help structure the problem spaces emerging in botnets, spyware, etc. 29 Sep (Wed.), 4:30-5:45 pm Security Implications of IPv6 IPv6 offers a number of significant performance and security advantages over IPv4. However, these same benefits also work to the advantage of IPv6-savvy attackers, even on IPv4 or dual stack networks. This presentation will use a systems approach to examine the security implications of IPv6 at the network and applications layers of the advanced computing environment. Recommendations and best practices for the secure operation of networks in an IPv6 enabled world as well as IPv4/IPv6 dual stack networks will be shared. 30 Sep (Thurs.), 8:45-10 am CALEA CALEA is the Computer Assistance for Law Enforcement Act, initially passed in 1994. Under CALEA, providers of commercial voice services are required to engineer their networks in such a way as to assist law enforcement agencies in executing wiretap orders. Earlier this year, the FBI, Department of Justice, and Drug Enforcement Administration jointly petitioned the FCC (which is the federal agency designated to administer CALEA) to extend CALEA to include all Internet service providers. Thirteen higher education associations as well as ISP's, civil liberties groups, and other organizations filed negative responses to the petition, which remains under consideration at the FCC. This panel features speakers with a wide range of views, both pro and con, on the FCC petition, who will discuss both the technological and social aspects of expanding CALEA to cover digital services. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- Fall 2004 Internet2 Member Meeting Security-Related Sessions Valerie Vogel (Sep 23)