1 / 4

My $.02 on Research Challenges in Security

My $.02 on Research Challenges in Security. Gene Tsudik SCONCE : Secure Computing and Networking Center UC Irvine http://sconce.ics.uci.edu/ 05/11/2004. My (myopic, biased, subjective, self-centered and misguided) selection of topics that are: Beaten to death…or just tired.

Download Presentation

My $.02 on Research Challenges in Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. My $.02 on Research Challenges in Security Gene Tsudik SCONCE: Secure Computing and Networking Center UC Irvine http://sconce.ics.uci.edu/ 05/11/2004

  2. My (myopic, biased, subjective, self-centered and misguided) selection of topics that are:Beaten to death…or just tired • Multicast security • Especially group key management  • DDoS reactive measures, especially, IP traceback • JAVA security • XML security • Mixes and mixnets (for wired networks) • Routing security (BGP, OSPF, RIP!) • IPsec and kin • Fair exchange and kin • Covert channels (thanks, Virgil!) • Intrusion Detection • Neither beaten to death, nor tired; just not a research topic • Multi-Level Security

  3. My (myopic, biased, subjective, self-centered and misguided) View of Prominent Challenges • How to provably forget secrets? • Nano-cryptography and nano-security for constrained devices • Anonymity: voting, petitions, handshakes, reputation management • Casual Multicast • Publish/subscribe, sensor nets, manets, etc. • Group Membership: Distributed Admission and Eviction • P2P, MANETs, other collaborative settings • Policies, protocols • Effective DDoS resistance for web services • Puzzles ain’t it… • Could it be done at transport layer? • Effective SPAM countermeasures: SPAM = application-layer DDoS • We tolerate physical spam… sender pays, recycling works  • I could use, say, $.02 for each piece of spam in my mbox • Observability in wireless, ad hoc and sensor networks • Home wireless nets are becoming ubiquitous

  4. The end…Have I managed to upset everyone?

More Related