Institute for Cyber Security Events

-

Wednesday, November 13, 2019

Mark your calendar and come join us for CAE Forum! CAE Forum is a live, real-time, online, academic forum where members of the CAE community give non-technical presentations on topics of value to the CAE community. CAE Forum is about sharing your ideas, knowledge, and expertise to empower and strengthen our community. It’s that simple.CAE Forum presentations are normally held on the third Wednesday of each month during the fall and spring semesters.

Topic: A Security Analysis of Facebook’s Political Ad Library

Date: November 13, 2019Time: 1:10–1:50 p.m. ET

Location: Zoom Meeting

Audience: Students, professors, government

Presenter(s): Laura Edelson, New York University

Description: Online advertising plays an increasingly important role in political elections. As part of the 2016 U.S. national elections, there were a number of controversies regarding an ad-driven propaganda campaign to influence elections and privacy violations. In response to these controversies, Facebook, Google, and Twitter have all created policies and implemented products to make transparent and archive U.S. political advertisements that have run on their platforms. We present a security review of Facebook's Ad Library and political ad disclosure efforts. Laura Edelson is a Ph.D. candidate and Research Assistant at NYU. Laura has returned to academia after a successful career as a software engineer in the financial and data analysis sectors because she came to question the impact that big data and machine learning, and her work, in particular, had on society at large. She worked as a software engineer in the financial and data analysis sectors for 15 years at Palantir, Factset, and NYFIX.

AND

Topic: Secure Cloud Assisted Smart Cars

Date: November 13, 2019

Time: 2:00–2:40 p.m. EST

Location: Zoom Meeting

Audience: Students, professors, goverment

Presenter(s): Maanak Gupta, Tennessee Tech

Description: Smart cars are among the essential components and major drivers of future cities and connected world. The interaction among connected entities in this vehicular internet of things domain, which also involves smart traffic infrastructure, restaurant beacons, emergency vehicles, etc., will offer many real-time service applications and provide safer and more pleasant driving experience to consumers. Security and privacy are big concerns that deter the adoption of smart cars, which if not properly addressed will have grave implications with risk to human life and limb. In this talk, Gupta will first highlight the access control needs in smart cars ecosystem and present an access controloriented architecture. Furthermore, he will discuss the proposed dynamic groups and attribute-based access control model for smart cars ecosystem, which considers both system wide attributes-based security policies and individual user privacy preferences for allowing or denying service notifications, alerts and operations to on-board resources. In the end, Gupta will briefly discuss a proof of concept implementation in AWS IoT cloud platform 

A recording of the live presentations will be available within 48 hours of the presentation

Contact us at caeforum@caecommunity.org.
Official Flyer

Thursday, November 14, 2019

Mark your calendars and come join your friends in the CAE community for a Tech Talk. CAE Tech Talks are free and conducted live in real-time over the internet, so no travel is required. Capitol Technology University hosts the presentations using Zoom, which employs slides, VOIP, and chat for live interaction. Just log in as “Guest” and enjoy the presentation.

Topic: Wireless and Mobile Softwarization: Security and Privacy Pandora's Box?

Date: November 14, 2019

Time: 1:00–1:50 p.m. EST

Location: Zoom Meeting

Just log in as “Guest” and enter your name. No password required.

Presenter(s):Guevara Noubir, Northeastern University

Description: The wireless revolution delivered beyond the pioneers dreams, forever changing how we access information, interact with each other, and our physical world. Yet, a confluence of factors indicates that a security and privacy storm is brewing. Limited resources and lack of strong security models, led to a variety of weaknesses in wireless and mobile systems. These risks are amplified by the accelerated pervasiveness and ad hoc integration of wireless communications in a variety of systems such as air traffic, biomedical devices, electricity grid, in addition to bring-your-own-device policies, and a multitude of smart and wirelessly connected IoT devices deployed in homes and business. At the same time hardware and in particular wireless softwarization is removing natural barriers such as attacks physical co-location, or cost. In this talk, we will reflect on some of the wireless and mobile security and privacy emerging challenges and trends, from side-channel attacks to cross-layer attacks, as well as defense approaches

AND

Topic: Building Secure Software Systems Using Security

Date: November 14, 2019

Time: 2:00–2:40 p.m. EST

Location: Zoom Meeting

Just log in as “Guest” and enter your name. No password required.

Presenter(s): Eduardo Fernandez, Florida Atlantic University

Description: Patterns combine experience and good practices to develop basic models that can be used to build new systems and to evaluate existing systems. Security patterns join the extensive knowledge accumulated about security with the structure provided by patterns to provide guidelines for secure system requirements, design, and evaluation. We consider the structure and purpose of security patterns, show a variety of security patterns, and illustrate their use in the construction of secure systems. These patterns include among others Authentication, Authorization/Access Control, Firewalls, Secure Broker, Web Services Security, and Cloud Security. We have built a catalog of over 100 security patterns. The use of patterns can provide a holistic view of security, which is a fundamental principle to build secure systems. Patterns can be applied throughout the software lifecycle and provide a good communication tool for the builders of the system. The patterns are shown using UML models and examples are taken from my two books on security patterns as well as from my recent publications.

CAE Tech Talks are recorded.

For questions on CAE Tech Talk, please email CAETechTalk@nsa.gov.
Official Flyer

-