If you are visiting Cory Hall from off campus, please see the Visitor Information page.

To receive notification of future TRUST Seminar Series talks, please join either the trustlocal or the trustseminar workgroup.
(Most members of TRUST that are located at UC Berkeley should join the trustlocal workgroup instead of the trustseminar workgroup.)

Information on past TRUST Security Seminars is available here.

For information about the TRUST Seminar Series, please contact Galina Schwartz or Aimee Tabor

TRUST Security Seminar - Spring 2012 Series

   Andrew Odlyzko, University of Minnesota

   Thursday, January 19, 2012 at 1:00 PM
   Soda Hall, Wozniak Lounge

Abstract. Network security is terrible, and we are constantly threatened with the prospect of imminent doom. Yet such warnings have been common for the last two decades. In spite of that, the situation has not gotten any better. On the other hand, there have not been any great disasters either. To understand this paradox, we need to consider not just the technology, but also the economics, sociology, and psychology of security. Any technology that requires care from millions of people, most very unsophisticated in technical issues, will be limited in its effectiveness by what those people are willing and able to do. This suggests that one can provide adequate security using contrarian approaches that violate traditional security and system engineering precepts (such as encouraging "spaghetti code").  

Andrew Odlyzko is a Professor in the School of Mathematics at the University of Minnesota. He is engaged in a variety of projects, from mathematics to security and Internet traffic monitoring. His main task currently is to write a book that compares the Internet bubble to the British Railway Mania of the 1840s, and explores the implications for future of technology diffusion. Between 2001 and 2008, he also was at various times the founding director of the interdisciplinary Digital Technology Center, Interim Director of the Minnesota Supercomputing Institute, Assistant Vice President for Research, and held an ADC Professorship, all at the University of Minnesota. Before moving to Minneapolis in 2001, he devoted 26 years to research and research management at Bell Telephone Laboratories, AT&T Bell Labs, and AT&T Labs, as that organization evolved and changed its name.

Back to Top

   Kevin Fu, University of Massachusetts Amherst

   Thursday, January 26, 2012 at 1:00 PM
   Soda Hall, Wozniak Lounge

Abstract. The Institute of Medicine commissioned my 2011 report on the role of trustworthy software in the context of U.S. medical device regulation. This talk will provide a glimpse into the risks, benefits, and regulatory issues for innovation of trustworthy medical device software. Come learn a bit about the science, technology, and policy that shapes medical device software.

Today, it would be difficult to find medical device technology that does not critically depend on computer software. The technology enables patients to lead more normal and healthy lives. However, medical devices that rely on software (e.g., drug infusion pumps, linear accelerators) continue to injure or kill patients in preventable ways-- despite the lessons learned from the tragic radiation incidents of the Therac-25 era. The lack of trustworthy medical device software leads to shortfalls in properties such as safety, effectiveness, dependability, reliability, usability, security, and privacy.

Additional reading material for the talk can be found here:

• Trustworthy Medical Device Software
• Software Issues for the Medical Device Approval Process

Kevin Fu is an assistant professor in the Department of Computer Science at the University of Massachusetts Amherst. His research focuses on security, privacy, and low-power operation of pervasive computer systems such as RFID-scale computers and software-controlled medical devices. To this end, Prof. Fu works on energy-aware software and cryptographic technology for computational RFIDs---tiny embedded computers that operate without batteries. Prof. Fu's contributions include the security analysis of several systems ranging from contactless no-swipe credit cards and implantable cardiac defibrillators to access-controlled Web sites and automated software updates. He served as a visiting scientist at the Food & Drug Administration, the Beth Israel Deaconess Medical Center of Harvard Medical School, and MIT CSAIL. Prof. Fu leads the UMass Amherst Security and Privacy Research (SPQR) lab. He serves as director of the RFID Consortium on Security and Privacy (RFID-CUSP.org) and co-director of the Medical Device Security Center. Prof. Fu received his Ph.D. in Electrical Engineering and Computer Science from the Massachusetts Institute of Technology. He also holds a certificate of achievement in artisanal bread making from the French Culinary Institute and maintains an active participation in the study of Latin and the Classics.

Back to Top

   Mohit Tiwari

   Thursday, February 2, 2012 at 1:00 PM
   Soda Hall, Wozniak Lounge

Abstract. Systems responsible for controlling aircraft, protecting the master secret keys for a bank, or regulating access to medical devices, all demand a level of trust far beyond the norm. Creating such high assurance systems today is an incredibly expensive operation; even assessing the assurance of the resulting system can cost upwards of $10,000 per line of code. In this talk, I will present an automatic analysis and an architecture that have been co-designed to yield a system verifiably free from all digital information leaks.

The verification technique, GLIFT, analyzes complete systems at the level of individual bits and logic gates. GLIFT is based on the insight that all information flows, whether implicit, timing, or explicit, look surprisingly similar at the gate level where weakly defined assembly language descriptions give way to precise logical functions. We then devise an architecture and programming model, Execution Leases, that allows programmers to explicitly control the flow of secret or untrusted information. We extend the basic architecture to include micro-architectural optimizations like caches and predictors, implement a micro-kernel that explicitly manages all micro-architectural features, and present an I/O subsytem that shares a single physical bus among off-the-shelf devices of different security domains. This complete system, all implemented and tested on an FPGA, is then automatically verified to enforce non-interference using GLIFT.

Mohit Tiwari is a post-doc in the EECS department at UC Berkeley, working with Professor Krste Asanovic and Professor Dawn Song. He completed his MS and PhD in Computer Science from UC Santa Barbara, working on architectures for securing high assurance systems with Professor Tim Sherwood. Before joining ArchLab at UCSB, he did his B.Tech in Computer Science and Engineering at IIT Guwahati. Mohit is interested in building secure and reliable systems. To this end, his research cuts across program analysis [glift, hardgrind], computer architecture [leases, rangecache, 3dsec], and system software [glift-sys]. He also collaborates with research colleagues on languages for designing secure hardware [caisson], and on synthesizing hardware designs efficiently onto FPGAs [glift-synth].

Back to Top

   Guru Parulkar, Stanford University

   Thursday, February 9, 2012 at 1:00 PM
   Soda Hall, Wozniak Lounge

Abstract. SDN is a new approach to networking that has the potential to enable on-going network innovation in a production setting. Key aspects of SDN include: separation of data and control planes; a uniform vendor agnostic interface called OpenFlow between control and data planes; logically centralized control plane, realized using a network OS, that constructs and presents a logical map of the entire network to services or control applications on top; and slicing and virtualization of the underlying network. In SDN a researcher, network administrator, or third party can introduce a new capability by writing a software program that simply manipulates the logical map of a slice of the network.

Researchers around the world are starting to deploy SDN networks for research and limited production use. SDN networks also form the network substrate of NSF's GENI infrastructure designed to enable research at scale in networking and distributed systems. Industry is embracing SDN. Network operators plan to build their infrastructure using this approach. Incumbent vendors as well as startups are developing a range of products for different market segments including data center, service provider and enterprise. In this talk I will share the SDN story (so far): rationale, design, deployments, and coming together of an ecosystem.

Guru Parulkar is the Executive Director of Clean Slate Program and a Consulting Professor of EE at Stanford since August 2007. At Stanford Guru helped create three large projects/programs: OPEN (Open Programmable Extensible Networking), POMI 2020 (Programmable Open Mobile Internet 2020), and SEDL (Stanford Experimental Data Center Laboratory). Recently his time and energy on OPEN. Prior to joining Stanford, he spent four years at National Science Foundation (NSF) and worked with the broader research community and NSF CISE team to champion and create programs such as GENI, Future Internet Design, and Network of Sensor Systems. Guru spent four years in Silicon Valley doing successful and not so successful startups such as Growth Networks, Tenaya Networks, Sceos (Ruckus Wireless), and Nevis Networks and worked with accomplished entrepreneurs, engineers, and business leaders. He spent over 12 years at Washington University in St. Louis as a Professor of Computer Science and Director of Applied Research Laboratory and worked with Jon Turner, Jerry Cox, George Varghese, and a group of very talented and creative graduate students to lead research and prototyping of high performance networking and multimedia systems such as the virtual memory system of NetBSD and FreeBSD Unix (Chuck Cranor), APIC gigabit network interface (Zubin Dittia and others), router plug-in software (Dan Decasper and Zubin Dittia), packet striping algorithms (Hari Adiseshu), multimedia on demand server and service (Milind Buddhikot), and Real Time Upcall system for QoS for NetBSD (R. Gopal), Congram-oriented Internetworking to get QoS and performance (Tony Mazaani and Sanjay Kapoor), IP and ATM integration, and others. Guru received PhD in Computer Science from the University of Delaware in 1987 (advisor: Dave Farber) at the time when UDEL was at the center of exciting developments in networking including CSNET, NSFNET, Memnet, gigabit testbeds, and others.

Back to Top

   Nikita Borisov, University of Illinois at Urbana-Champaign

   Thursday, February 16, 2012 at 1:00 PM
   Soda Hall, Wozniak Lounge

Abstract. Forthcoming  

Nikita Borisov is an assistant professor of Elecrical and Computer Engineering at the University of Illinois. His research interests are online privacy and Internet-scale distributed systems. He is the co-designer of the "off-the-record" (OTR) instant messaging protocol and was responsible for the first public analysis of 802.11 security. He served as co-chair of the Privacy Enhancing Technologies Symposium in 2007 and 2008. Prof. Borisov received his PhD from the University of California, Berkeley in 2005 and a BMath from the University of Waterloo in 1998.

Back to Top

   David Bailey, Lawrence Berkeley National Laboratory

   Thursday, March 1, 2012 at 1:00 PM
   Soda Hall, Wozniak Lounge

Abstract. Large high-performance computing (HPC) systems pose some unique challenges and opportunities for cybersecurity. To begin with, large HPC systems are very expensive, and outages are very disruptive to the scientists and others who rely on them. Secondly, the advent of "BitCoin" and the like has added a new dimension of threat: The very large computational power of these systems might be subverted by intruders for financial gain. On the other hand, an HPC environment does simplify some things, since there are typically only a limited number of users, a limited portal to the outside world, and typically only a few types of scientific applications are run (which applications typically have very distinctive signatures of interprocessor communication). In this talk, we will present some techniques we have developed to identify scientific computations by their communication signatures.  

David H Bailey is a Senior Scientist at the Lawrence Berkeley National Lab. He has a background in mathematics and computer science. He received his B.S. in mathematics from Brigham Young University in 1972 and his Ph.D. in mathematics from Stanford University in 1976. He worked for 14 years as a computer scientist at NASA Ames Research Center, but since 1998 has been the Chief Technologist of the Computational Research Department at the Lawrence Berkeley National Laboratory. Bailey is perhaps best known as a co-author (with Peter Borwein and Simon Plouffe) of a 1996 paper that presented a new formula for (pi). This BaileyBorweinPlouffe formula permits one to calculate binary or hexadecimal digits of pi beginning at an arbitrary position, by means of a simple algorithm. The formula was discovered by Simon Plouffe using a computer program written by Bailey. More recently, Bailey and Richard Crandall showed that the existence of this and similar formulas has implications for the long-standing question of "normality" whether and why the digits of certain mathematical constants (including pi) appear "random" in a particular sense. Bailey also does research in numerical analysis and parallel computing.

Back to Top

  Tamer Basar, University of Illinois at Urbana-Champaign

   Thursday, March 8, 2012 at 1:00 PM
   Soda Hall, Wozniak Lounge

Abstract. Forthcoming  

Tamer Basar received B.S.E.E. degree from Robert College, Istanbul, in 1969, and M.S., M.Phil, and Ph.D. degrees in engineering and applied science from Yale University, in 1970, 1971 and 1972, respectively. After stints at Harvard University, Marmara Research Institute (Gebze, Turkey), and Bogazici University (Istanbul), he joined the University of Illinois at Urbana-Champaign (UIUC) in 1981, where he is with the Department of Electrical and Computer Engineering, and holds the positions of Swanlund Endowed Chair, Center for Advanced Study Professor, Research Professor at the Coordinated Science Laboratory, and Research Professor with the Information Trust Institute. He has spent sabbatical years at Twente University of Technology (the Netherlands; 1978-79), and INRIA (France; 1987-88, 1994-95). His current research interests include stochastic teams and games; routing, pricing, and congestion control in communication networks; control over wired and wireless networks; formation in adversarial environments; mobile and distributed computing; risk-sensitive estimation and control; mean-field game theory; game-theoretic approaches to security in computer networks, including intrusion detection and response: and cyber-physical systems.

Back to Top

   Thursday, March 15, 2012 at 1:00 PM
   Soda Hall, Wozniak Lounge

Abstract. Forthcoming  

Back to Top

   Thursday, March 22, 2012 at 1:00 PM
   Soda Hall, Wozniak Lounge

Abstract Forthcoming  

Back to Top

   Thursday, April 5, 2012 at 1:00 PM
   540 Cory Hall    <-----NOTE DIFFERENT LOCATION

Abstract Distributed strategic learning and game dynamics are frequently met in dynamic decision-making environment. In presence of imperfect observations, time delays and noisy measurements, good estimators are crucial for finding optimal, locally optimal and stable configurations. This talk will overview various combined fully distributed payoff and strategy (CODIPAS) learning in games under uncertainties. Convergence, stability and efficiency issues will be discussed. Application to network security and energy management will be given.  

Tembine Hamidou received a Master's degree in applied mathematics from Ecole Polytechnique and from University Joseph Fourier, France. He received a PhD in Computer Science from the University of Avignon. He is currently an assistant professor at Ecole Superieure d'Electricite (Supelec, France). His main research interests are evolutionary games, differential population games, mean field stochastic games and their application. From 2007 to 2009, he was a research assistant at the Computer Science Department of University of Avignon and teacher assistant at University of Aix-Marseille. He has been a visiting researcher at University of McGill (Montreal, Quebec, Canada), Ecole Polytechnique de Montreal (Quebec, Canada), University of Illinois at Urbana-Champaign (UIUC, US), Ecole Polytechnique Federale de Lausanne (EPFL, Switzerland) and University of Wisconsin (Madison, US). He was the recipient of many best paper awards (ACM Valuetools 2007, IFIP Networking 2008, IEEE/ACM WiOpt 2009, IEEE Infocom Workshop 2011).

Back to Top

   Yuliang Zheng, University of North Carolina at Charlotte

   Thursday, April 12, 2012 at 1:00 PM
   Soda Hall, Wozniak Lounge

Abstract. Forthcoming  

Yuliang Zheng is a Professor at the University of North Carolina at Charlotte. He is best known for inventing the Signcryption cryptographic primitive that combines the digital signature and encryption operations into one single step. He also invented the HAVAL hash function, SPEED cipher, and STRANDOM pseudo-random number generator. Zheng serves as Chief Technology Officer of Calyptix Security Corporation, a company he co-founded in 2002. Zheng earned his Bachelor of Science degree in computer science from the Nanjing Institute of Technology in 1982, and then went on to Yokohama National University in Japan, where he earned his master's and PhD degrees in electrical and computer engineering. Zheng has published numerous articles and books on security and holds a number of patents in security. He is known as the father of "signcryption" technology and is widely recognized as an international authority in cryptography and network security.

Back to Top

   TBA

   Thursday, April 19, 2012 at 1:00 PM
   Soda Hall, Wozniak Lounge

Abstract. Forthcoming.  

Back to Top

   Jeannette Wing, Carnegie Mellon University

   Thursday, April 26, 2012 at 1:00 PM
   540 Cory Hall    <-----NOTE DIFFERENT LOCATION

Abstract. Forthcoming  

Jeannette Wing is the President's Professor of Computer Science and Head of the Computer Science Department at Carnegie Mellon University. She received her S.B., S.M., and Ph.D. degrees from the Massachusetts Institute of Technology. From 2007-2010 she was the Assistant Director of the Computer and Information Science and Engineering Directorate at the National Science Foundation. Professor Wing's general research interests are in the areas of trustworthy computing, specification and verification, concurrent and distributed systems, programming languages, and software engineering. Her current interests are on the foundations of trustworthy computing, with a focus on the science of security and privacy.

Back to Top

   Dan Wallach, Rice University

   Thursday, May 3, 2012 at 1:00 PM
   Soda Hall, Wozniak Lounge

Abstract. Forthcoming  

Dan Wallach is an associate professor in the Department of Computer Science at Rice University in Houston, Texas and is the associate director of NSF's ACCURATE (A Center for Correct, Usable, Reliable, Auditable and Transparent Elections). His research involves computer security and has touched on issues include web browsers and servers, peer to peer systems, smartphones, and voting machines. He has testified about voting security issues before government bodies in the U.S., Mexico, and the European Union, and has served as an expert witness in a number of voting technology lawsuits. Dan did his undergrad work at UC Berkeley, where he was a member of the Computer Science Undergraduate Association. He received his PhD from Princeton University where he studied Java security, which included spending two cool summers working at Netscape and, among other things, helping design their Java security architecture, which has since influenced the Java2 architecture as well as Microsoft's C# system.

Back to Top