Mark your calendars and come join your friends in the CAE community for a Tech Talk. CAE Tech Talks are free and conducted live in real-time over the internet, so no travel is required. Capitol Technology University hosts the presentations using Zoom, which employs slides, VOIP, and chat for live interaction. Just log in as “Guest” and enjoy the presentation.

Topic: Wireless and Mobile Softwarization: Security and Privacy Pandora’s Box?

Date: November 14, 2019

Time: 1:00–1:50 p.m. EST

Location: Zoom Meeting

Just log in as “Guest” and enter your name. No password required.

Presenter(s):Guevara Noubir, Northeastern University

Description: The wireless revolution delivered beyond the pioneers dreams, forever changing how we access information, interact with each other, and our physical world. Yet, a confluence of factors indicates that a security and privacy storm is brewing. Limited resources and lack of strong security models, led to a variety of weaknesses in wireless and mobile systems. These risks are amplified by the accelerated pervasiveness and ad hoc integration of wireless communications in a variety of systems such as air traffic, biomedical devices, electricity grid, in addition to bring-your-own-device policies, and a multitude of smart and wirelessly connected IoT devices deployed in homes and business. At the same time hardware and in particular wireless softwarization is removing natural barriers such as attacks physical co-location, or cost. In this talk, we will reflect on some of the wireless and mobile security and privacy emerging challenges and trends, from side-channel attacks to cross-layer attacks, as well as defense approaches and their 

AND

Topic: Building Secure Software Systems Using Security

 

Date: November 14, 2019

Time: 2:00–2:40 p.m. EST

Location: Zoom Meeting

Just log in as “Guest” and enter your name. No password required.

Presenter(s): Eduardo Fernandez, Florida Atlantic University

Description: Patterns combine experience and good practices to develop basic models that can be used to build new systems and to evaluate existing systems. Security patterns join the extensive knowledge accumulated about security with the structure provided by patterns to provide guidelines for secure system requirements, design, and evaluation. We consider the structure and purpose of security patterns, show a variety of security patterns, and illustrate their use in the construction of secure systems. These patterns include among others Authentication, Authorization/Access Control, Firewalls, Secure Broker, Web Services Security, and Cloud Security. We have built a catalog of over 100 security patterns. The use of patterns can provide a holistic view of security, which is a fundamental principle to build secure systems. Patterns can be applied throughout the software lifecycle and provide a good communication tool for the builders of the system. The patterns are shown using UML models and examples are taken from my two books on security patterns as well as from my recent publications.

CAE Tech Talks are recorded.

For questions on CAE Tech Talk, please email CAETechTalk@nsa.gov.

Official Flyer