14th October, 2022

" Cloud Security: Intel®’s Approach and Solutions Through Confidential Computing Technology Offerings" 
Nagaraju N Kodalapura, Lead Offensive Security Researcher, Intel.

Time: 14th October, 2022, Friday 3:00 pm - 4:00 pm IST

Abstract: The objective of this presentation is to provide an overview of what’s Confidential Computing and its significance to cloud security. Then we shall briefly discuss about Intel’s TEEs (Trusted Execution Environment) and their key role in Confidential Computing, understand their security objectives and a high level threat model. One of the implicit objectives of this presentation is to bring the “security awareness” and “security first mindset” with the audience, followed by Q & A.

About speaker: Nagaraju N Kodalapura (Raju) is the Lead Offensive Security Researcher working in Intel Corporation for about 20+ years and has been working in the security research space for more than 10 years. He received his M.S. degree in Digital Design and Embedded Systems from Manipal University, India. He holds 5 Granted Patents and is a IEEE Senior Member with 5+ security research publications in IEEE, Black Hat and other renowned venues. He leads a team of offensive security researchers focusing on Confidential Computing and Virtualization technologies targeting cloud/datacentric platforms within IPAS (Intel Product Assurance and Security) organization. He is passionate about spirituality, technology and hardware security.

1st July, 2022

"Transparent, Trustworthy and Privacy-Preserving Supply Chain "
Prof. Salil Kanhere, UNSW Sydney, Australia.

Recording of this talk: Click Here to view on YouTube

Slides for this talk: Click Here to download

Time: 1st July, 2022, Friday 3:00 pm - 4:00 pm IST

Abstract: Over the years, supply chains have evolved from a few regional traders to globally complex chains of trade. Consequently, supply chain management systems have become heavily dependent on digitisation for the purpose of data storage and traceability of goods. However, current approaches suffer from issues such as scattering of information across multiple silos, susceptibility of erroneous or untrustworthy data, inability to accurately capture physical events associated with the movement of goods and protection of trade secrets. Our work aims to address above mentioned challenges related to traceability, scalability, trustworthiness and privacy. To support traceability and provenance, a consortium blockchain based framework, ProductChain, is proposed which provides an immutable audit trail of product's supply chain events and its origin. The framework also presents a sharded network model to meet the scalability needs of complex supply chains. Next, we address the issue of trust associated with the qualities of the commodities and the entities logging data on the blockchain through an extensible framework, TrustChain. TrustChain tracks interactions among supply chain entities and dynamically assigns trust and reputation scores to commodities and traders using smart contracts. For protecting trade secrets, we propose a privacy-preservation framework PrivChain, which allows traders to keep trade related information private and rather return computations or proofs on data to support provenance and traceability claims. The traders are in turn incentivised for providing such proofs. A different privacy-preservation approach for decoupling the identities of traders is explored in TradeChain by managing two ledgers: one for managing decentralised identities and another for recording supply chain events. The information from two ledgers is then collated using access tokens provided by the data owners, i.e. traders themselves. We will conclude the talk with some future directions.

About speaker: Salil Kanhere is a Professor in the School of Computer Science and Engineering at UNSW Sydney, Australia. He is also affiliated with the Cybersecurity Cooperative Research Centre (CSCRC) and the UNSW Institute for Cyber Security (IFCYBER). His research interests span the Internet of Things, pervasive computing, cybersecurity, blockchain and applied machine learning. He has published over 300 peer-reviewed articles and is leading several government and industry funded research projects on these topics. He received the Friedrich Wilhelm Bessel Research Award (2020) and the Humboldt Research Fellowship (2014), both from the Alexander von Humboldt Foundation in Germany. He is the recipient of 8 Best Paper Awards. Salil has held visiting positions at I2R Singapore, Technical University Darmstadt, University of Zurich and Graz University of Technology. He is a Senior Member of the IEEE and ACM, an ACM Distinguished Speaker and an IEEE Computer Society Distinguished Visitor. He serves as the Editor in Chief of the Ad Hoc Networks journal and as an Associate Editor of IEEE Transactions On Network and Service Management, Computer Communications, and Pervasive and Mobile Computing. He has served as General Chair and TPC Chair of several IEEE/ACM international conferences such as IEEE PerCom, IEEE ICBC, IEEE Blockchain, IEEE LCN, IEEE CNSM, IEEE WoWMoM and EWSN. Salil has co-authored a book titled Blockchain for Cyberphysical Systems published by Artech House in 2020.

20th May, 2022

"Administrators are Users Too: Understanding and Catering Security
for System Operators and Administrators"
Prof. Frank Li, Georgia Institute of Technology, USA.

Recording of this talk: Click Here to view on YouTube

Slides for this talk: Click Here to download

Time: 20th May, 2022, Friday 6:30 pm - 7:30 pm IST

Abstract: Over the last two decades, the computer security research community has increasing recognized and embraced the socio-technical nature of many security issues. As a result, there has been rich and vibrant exploration of human factors in security, particularly focused on typical end users (e.g., PC/laptop and mobile device users). However, until more recently, there has been significantly less investigation into the operators and administrators managing Internet systems for various organizations. This population is a distinct but important one, whose technical expertise and unique responsibilities in maintaining their organizations’ security distinguish them from end users.

In this talk, I will highlight the importance of understanding how these operators manage the security of Internet systems. I will discuss several works that use Internet and web measurement techniques (e.g., Internet-wide scanning, web crawling) as well as traditional user studies to identify operator security behavior, and that develop socio-technical approaches to drive better security behavior. These works touch on aspects of patching vulnerabilities, correcting security misconfigurations, and managing online authentication.

About speaker: Frank Li is an Assistant Professor at the Georgia Institute of Technology, jointly appointed in the newly formed School of Cybersecurity and Privacy and the School of Electrical and Computer Engineering. His research focuses on understanding and improving Internet security in a data-driven fashion, using various approaches including Internet measurements, user studies, and software analysis.  His research has received two best paper awards (ACM IMC and USENIX SOUPS), and has been funded by the NSF, DARPA, and industry partners. He completed his Ph.D. in computer science at UC Berkeley and his B.S. in computer science from MIT.

3rd May, 2022