【誠摯邀請】2011/11/21 13:30~15:20 邀請大家蒞臨Prof. Elisa Bertino演講

講  者:Prof. Elisa Bertino
              Professor  of Computer Science Department, Purdue University and Research Director of CERIAS
講  題:
Talk 1:Protecting Information Systems from Insider Threats - Concepts and Issues(13:30~14:20)

Talk 2:Securing Data in the Cloud - Challenges and Research Directions(14:30~15:20)

日    期:100年11月21日(一)
時    間:13:30~15:20
地    點:工程四館B1國際會議廳       
主持人:謝續平教授


Talk1 Abstract:
Past research on information security has focused on protecting valuable resources from attacks by outsiders.
However, statistics show that a large amount of security and privacy breaches are due to insider attacks.
Protection from insider threats is challenging because insiders may have access to many sensitive resources and high-privileged system accounts. Suitable approaches need to combine several security techniques, like fine-grained access control, stronger authentication protocols, integrated digital identity management, intrusion detection, with techniques from areas like information integration, machine learning, and risk assessment. In this talk, after an introduction to the problem of insider threats, we will present recent work addressing the problem of anomaly detection and response policies for database management systems and then discuss open research issues, by emphasizing the role of techniques from the area of information integration.

Talk2 Abstract:
Managing data is arguably one of the reasons for adopting cloud technologies. These technologies are very promising with respect to enhancing scalability, reducing costs, and rapidly adapting to changes in application demands. However the adoption of these technologies is not without risks. Data stored in a cloud would be accessible to a large variety of individuals, like the IT staff of the cloud providers. The cloud providers may in turn outsource data management functions to other providers. Data integrity and availability are critical issues. Physical protection, crucial for data security, may be difficult to assess for the organization owning the data as data may be stored in different countries, which makes difficult making inspections to the data storage location. In some cases, even being able to control the location of the data may be difficult. However, making sure that data is stored or not stored in certain locations is crucial for compliance. Data segregation is essential in the context of multi-tenant contexts in which data owned by different organizations may reside on the same systems. Support for disaster recovery, and accountability are also critical requirements. In the talk we will first elaborate on these issues. We will then present an overview of the MASK system, able to support fine-grained encryption of data while at the same time supporting identity-based privacy-preserving access control on encrypted data. We will conclude the presentation with a discussion about the notion of accountability policies and tools for managing security policies.

 

 

誰在線上

目前有 7 個訪客 以及 沒有會員 在線上

總瀏覽人數

文章瀏覽點擊數
676002

最新消息

 

 

【資安新聞】打造資安將才 交通大學首創亥客書院  (2016/12/01)

 

 
 
一張電子發票會透露多少資訊?金融罪犯如何能盜領巨款?為響應政府推動資通安全政策、培育資安人才,交通大學整合資訊、電機、管理學院及資通安全研教中心、資訊服務中心、推廣教育中心與國內外資安學者專家,跨領域攜手成立「亥客書院」,敦請交大講座教授張善政擔任書院院長,以及美國電機電子學會會士、資訊安全學會前理事長謝續平特聘教授擔任副院長,打造台灣第一流的資安人才培育平台。
閱讀全文...

 

 

【獲獎公告】IEEE Fellow Class of 2014

 

This year, Professor Shiuhpyng Winston Shieh is elevated as an IEEE fellow for the contribution of advances in pattern-oriented intrusion detection and fault-tolerant protection.

閱讀全文...

 

 

【誠摯邀請】2013/3/14 13:30~15:20 邀請大家蒞臨Dr. Jeffrey Voas演講

 

閱讀全文...

 

 

 【誠摯邀請】2012/5/8 13:30~15:20 邀請大家蒞臨Dr. Jeffrey Voas演講

 

閱讀全文...



【誠摯邀請】2011/11/18 10:40~11:40 邀請大家蒞臨Prof. Lixia Zhang演講

 

 

講    者:Prof. Lixia Zhang
                Computer Science Department, UCLA
講    題:Named Data Networking
日    期:100年11月18日(五)
時    間:上午10:40~11:40
地    點:工程三館345會議室
主持人:謝續平教授