The Second Workshop on Advances in Trusted Computing (WATC '06 Fall)

Invited Talks

• Mr. Ned M. Smith
  Staff Security Architect - Intel Digital Office Platforms
  Co-Chair Infrastructure Working Group in the Trusted Computing Group
  
  Title: "The Role of Integrity Management Infrastructure in support of Proactive Security" (presentation)
  Abstract: Today's security mechanisms can be classified as reactive measures aimed at improving response time and efficiency when recovering from security mishap. Nevertheless, security incident rates continue to increase exponentially. A fundamentally different approach to security is required; one that applies proactive techniques to prevent malware from ever executing. Integrity management infrastructure seeks to make it easy to recognize known good code from suspect code and to verify platform configurations are within acceptable standards. Verification during system boot and at network connect are effective points where integrity checks can be enforced. The TCG IWG Integrity Manifest Schemas can be used to aid automated evaluation of platform configurations.
  
  Biography: Ned's security background includes Trusted System development based on Trusted Computing Security Evaluation Criteria (TCSEC), firewall design, Common Data Security Architecture (CDSA) and cryptographic interface design, SSL/TLS and PKI. He established the Trusted Network Connect subgroup of the IWG and helped define TNC architecture and specifications. His recent work at Intel includes definition of Intel vPro platform security and Safer Computing architecture. He holds a Master of Science (MS) degree in computer science.
  
  
  
• Professor Ahmad-Reza Sadeghi (Ruhr University Bochum, Germany)
  
  Title: "Trusting Trust - The Need and Challenges for Trusted Computing"
  Abstract: Trusted Computing (TC) is an emerging technology. Multiple prominent international research and industrial projects have started to investigate trustworthy computing platforms and distributed applications with mutually assured trust properties based on TC. These efforts have yielded first promising results. Nevertheless, a number of challenging problems remain that have to be addressed before Trusted Computing can be rolled out on a large scale and in security critical contexts. These problems are not just of technical nature, but also have social, economical and political flavors. From a research perspective, this makes the Trusted Computing a subject that is both complex and appealing.
  Although the instantiation of Trusted Computing by the Trusted Computing Group (TCG) happened several years ago and has been subjected to an extensive public debates, there is still surprisingly limited understanding of this technology and its opportunities, in particular among decision makers.
  The main purpose of this talk is to give an insight into the experience we have gained and the research activities on national and European basis. We want to share and discuss some ideas, challenges and work in progress with the attendees in particular the trust in TPM, its compliance and flexible implementation, and options of realizing more abstract functionalities based on these implementations.
  
  Biography: Ahmad-Reza Sadeghi is a Professor at Horst Goertz Institute for IT Security at Bochum University in Germany. Prior to academia he has been with R&D Departments of IT enterprises, such as Ericsson Telecommunications, for several years.
  Currently, he is leading several national and international research and development projects on design and implementation of Trustworthy Computing Platforms based on Trusted Computing technology. His research interests include Trusted Computing, design of cryptographic protocols, fingerprinting, and privacy enhancing technologies.
  Ahmad has MSc in Electrical Engineering as well as in Mechanical Engineering. He received his PhD in Computer Science on privacy protecting cryptographic systems from Saarland University in Saarbrucken, Germany.
  
  
• Mr. Ronald Perez
  Senior Technical Staff Member at the IBM T. J. Watson Research Center
  
  Title: "Virtualization and the Trusted Platform Module" (presentation)
  Abstract: Virtualization technologies are increasingly being employed in an effort to increase the utilization of physical computing resources and to simplify many systems management tasks. This combination will result in a reduced total cost of ownership and an accelerated increase in the number of virtual systems. While the isolation properties offered by virtualization have the potential to improve system security, trusted computing technologies also promise to play an increasingly important role in this regard. I will discuss this role and our efforts to virtualize the Trusted Platform Module, as well as the unique security-related challenges posed by virtulized environments.
  
  Biography: Ronald Perez is a Senior Technical Staff Member at the IBM T. J. Watson Research Center where he currently manages the Secure Systems Department, a team of computer scientists and engineers pursuing technologies that enhance computer platform security in distributed heterogeneous environments. His research interests include operating systems as well as secure hardware and embedded subsystems. His current focus is the advancement of emerging trusted computing and hardware-based virtualization technologies to achieve strong platform security guarantees. Prior to joining IBM Research in 1997, he spent several years developing aspects of fault tolerant systems at Tandem Computers, and ten years with Motorola in a number of areas related to systems software and single board computers. Ronald received his degree in Computer Science from The University of Texas at Austin.
  
  

Preliminary Program (as of November 16)