From: voidstar@netcom.com (Scott Corcoran)
Date: Thu, 22 Sep 94 08:53:31 PDT
To: cypherpunks@toad.com
Subject: Internet Security: Secure Communications Over Untrusted Networks
Message-ID: <199409221551.IAA16831@netcom.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



                                                                 please post




                         INTERNET SECURITY
             SECURE COMMUNICATIONS OVER UNTRUSTED NETWORKS

               A one-day seminar on November 12, 1994
           Embarcadero Hyatt Regency Hotel in San Francisco.


	Methods of achieving authentication, authorization,
	confidentiality, integrity, and nonrepudiation are key to the
	successful realization of the National Information
	Infrastructure (NII).  Today's Internet is a proving ground for
	what will become the NII.

	The San Francisco Chapter of the IEEE Computer Society has put
	together an outstanding program on encryption, intrusion
	detection, firewalls, architectures, and protocols for Internet
	Security.  Speakers in this seminar will describe several of
	the main techniques that exist today and the directions in
	which they are evolving.  The seminar will be helpful to
	engineers, engineering managers and product planners seeking
	current knowledge of Internet Security.


	PROGRAM

	8:30 a.m.  Registration opens

	9:00 a.m.  Introduction

	9:05 a.m.  Keynote Address James Bidzos, President of RSA

	9:45 a.m.  Steven Bellovin, Ph.D., Bell Labs
	           "Firewalls for Computer Security"

	11:00 a.m. Teresa Lunt, SRI
	           "Intrusion Detection"

	11:45 a.m.  Round Table Lunch (incl. with registration)

	1:00 p.m.  Professor Martin E. Hellman, Ph.D., Stanford
	           "Cryptography: The Foundation of Secure Networks"

	2:00 p.m.  Dan Nessett, Ph.D.,
	           SunSoft and PSRG
	           "Future Internet Security Architecture"

	3:00 p.m.  Matt Blaze, Ph.D., Bell Labs
	           "Protocols: Security Without Firewalls"

	4:00 p.m.  "Public Safety vs. Private Liberty"
	           A Panel Discussion on the Social
	           Implications of Internet Security
	           Rex Buddenberg        NPS
	           Alan McDonald         FBI
	           Stewart Baker         formerly of the NSA
	           James Bidzos          President of RSA
	           Matt Blaze            Bell Labs
	           Martin Hellman        Stanford


	A one day seminar in San Francisco, on Saturday, November 12th,
	covering private and public-key encryption, key-escrow,
	fire-walls, architecture and protocols for security,
	intrustion detection, and a spirited panel discussion on
	"Public Safety vs. Private Liberty" !

	SEATING IS LIMITED. PRE-REGISTER BY OCTOBER 15TH.


	9:05  Keynote Address

	James  Bidzos,  President of  RSA

	James Bidzos, President of RSA Data Security, will present the
	keynote address.  Mr. Bidzos heads a company whose encryption
	technologies are licensed for products ranging from computer
	operating systems, to software copy protection, to electronic
	mail, to secure telephones.  RSA has licensed several million
	copies of its encryption software, and has become a focal point
	for debate on appropriate application of cryptography.

	Mr. Bidzos has gained a unique perspective on the requirements
	of effective cryptographic systems.  He will highlight the
	problem of providing strong encryption for users of computer
	networks while meeting the legitimate needs of law enforcement


	9:45  Steven Bellovin,  Ph.D.,  Bell  Labs
	      "Firewalls for Computer Security"

	When you connect your computer to the Internet, you also create
	a channel into your computer.  Clever vandals, thieves and
	industrial spies have found ways to abuse most of the Internet
	protocols from FTP and Telnet to the World Wide Web and
	Network Time Protocols.  Short of pulling the plug, firewalls
	provide the surest defense.  The firewall administrator must
	keep abreast of new methods of attack and understand how
	firewalls can mitigate the threat. Steven M. Bellovin, Ph.D.,
	is a senior researcher at AT&T's Bell Laboratories and
	co-author of the well known guide "Firewalls and Internet
	Security:  Repelling the Wily Hacker."  As one responsible for
	protecting "the phone company" from Internet hackers, Dr. Bellovin
	can describe from firsthand experience how firewalls can be
	constructed to screen them out.  Dr. Bellovin will join us in a
	live video teleconference from Bell Laboratories.

	11:00  Teresa  Lunt,  SRI "Intrusion Detection"

	Inevitably, someone will try to breach your firewall and might
	succeed.  The time it takes you to discover the intrusion and
	catch the culprit depends on the event logging you have
	established.  However, logging the many different transactions
	that might expose trespassing produces mountains of data.
	Automatic digestion of the logs is the only hope of monitoring
	them all. Teresa F. Lunt, Director of Secure Systems Research
	at SRI's Computer Systems Laboratory, directs work in
	multilevel database systems and intrusion detection.  Ms. Lunt
	will describe intrusion detection and demonstrate automated
	tools developed at SRI to analyze audit data for suspicious
	behavior.

	1:00 Professor  Martin E. Hellman, Ph.D., Stanford
	"Cryptography: The Foundation of Secure  Networks"

	Data in transit across unsecured networks like the Internet
	are subject to wiretapping attacks and impersonation.
	Moreover, privacy of communication and authentication of the
	sender's message are essential to Internet commerce, with
	exchange of contracts, receipts, credit card drafts and the
	like increasingly commonplace. Encryption can solve some of
	these problems, but what kind of encryption?  Authentication
	only or encrypted messages?  Secret key or public key, or
	both?  Will you need a giant key ring for mes sage keys,
	session keys, file keys, and passwords?  Martin E. Hellman,
	Ph.D., Professor of Electrical Engineering at Stanford
	University, is co-inventor of public key cryptography with
	Whitfield Diffie and Ralph Merkle.  He was elected a Fellow of
	the IEEE for contributions to cryptography.  Dr. Hellman will
	explore threats to communication and costs of electronic
	countermeasures.  He will explain the importance and means of
	authenticating electronic messages, and he will survey public key
	cryptography.  Dr. Hellman will describe public key techniques
	including Rivest-Shamir-Adleman (RSA), Diffie-Hellman, ElGamal
	and Digital Signature  Standard (DSS).  He will also describe
	the current status of export control and encryption standards
	such as the Data Encryption Standard (DES), Escrowed
	Encryption Standard (EES) and its encryption algorithm,
	Skipjack, which is implemented in Clipper and Capstone chips.

	2:00 Dan Nessett, Ph.D., SunSoft and PSRG
	    "Future Internet Security Architecture"

	Dan Nessett, Ph.D., of the SunSoft Division of Sun
	Microsystems, and until recently with Lawrence Livermore
	National Laboratory, has worked extensively in local area
	networks, distributed operating systems and distributed systems
	security.  He is a member of the Privacy and Security Research
	Group (PSRG), which is convened under the auspices of the
	Internet Society.  Dr. Nessett will explain the emerging
	Internet security architecture work undertaken by the PSRG.
	The architecture will guide the development of security
	mechanisms used in Internet standards.


	3:00 Matt Blaze, Ph.D., Bell Labs
	     "Protocols: Security Without Firewalls"

	We use firewalls because Internet protocols are not inherently
	secure.  Can we rehabilitate the Internet protocols to produce
	protocols which are secure, not computationally prohibitive,
	and compatible with existing protocols?  Matt Blaze, Ph.D., of
	Bell Laboratories will talk about the problems of integrating
	cryptographic protection into large-scale network infrastructure.
	Dr. Blaze is the author of "A Cryptographic
	File System for Unix," presented at the 1993 ACM Conference on
	Communications and Computer Security, and co-author with John
	Ioann idis of "The Architecture and Implementation of
	Network-Layer Security Under UNIX," which describes "swIPe," a
	network-layer security protocol for the IP protocol suite.
	Dr. Blaze will address issues concerning network security
	protoc ols, key management and distribution, and threats and
	models for cryptographic engineering.

	4:00  A Panel Discussion on the Social Implications of
	Internet Security "Public Safety vs. Private Liberty"

	At one end of an imagined security spectrum lies the
	information police-state. Through traffic analysis,
	mandatory personal ID numbers and escrowed encryption, and
	the ability to record all messages and commerce carried out
	on the Information Superhighway, governments could maintain
	dossiers on every aspect of the personal life and business
	of its citizens.  Privacy advocates fear that a corrupt government
	could use such information against its political enemies and to
	subvert personal freedoms. At the other extreme lies information
	anarchy. Through the use of digital cash, anonymous remailers,
	and strong non-escrowed encryption, the Information
	Superhighway could become a hide-out for criminals and
	national security threats.  The potential for black-market
	activity and the associated tax-evasion is so enormous that
	some have speculated that governments could eventually
	collapse.  Law-enforcem ent advocates fear that they will be
	unable to keep up with criminals and terrorists who ply their
	trade electronically.  Our distinguished panel will provide
	insight into the interplay between the rights of individuals
	to privacy and freedom, the rights of companies to conduct
	unrestrained trade, and the ability of law enforcement and
	security agencies to perform their functions efficiently.
	This conclusion to the seminar will put into perspective
	the social changes that might be wrought by the technical
	advances discussed earlier in the day.

	Panelists include:

	           Rex Buddenberg        NPS
	           Alan McDonald         FBI
	           Stewart Baker         formerly of the NSA
	           James Bidzos          President of RSA
	           Matt Blaze            Bell Labs
	           Martin Hellman        Stanford

	Rex Buddenberg, Instructor of information systems architecture
	and applied networking at the Naval Postgraduate School, will
	moderate the panel.  Mr. Buddenberg is a maritime command,
	communication, control and intelligence (C3I) consultant and a
	computer networking author.  As a C3I architect for the U.S.
	Coast Guard, he developed plans and specifications for
	extending Internet connectivity to oceanographic ships.  Mr.
	Buddenberg contemplates the means and effects of net warfare as
	both the good guys and bad guys share the same network.

	Alan McDonald, Special Counsel for Electronic Surveillance Matters,
	Information Resources Division, Federal Bureau of Investigation,
	is a specialist in the law and policy concerning electronic
	surveillance, Digital Telephony, and encryption issues.
	He frequently represents the FBI's view of law enforcement equities
	in light of advanced telecommunications and encryption.

	Stewart Baker is a former General Counsel to the NSA and
	a partner in Steptoe & Johnson, a Washington, DC law firm.
	His expertise is in telecommunications, computer export policy,
	security of national information infrastructure and encryption.
	Mr. Baker brings direct experience with the problem that strong
	encryption creates for the NSA in protecting our national
	security.


	QUESTIONS? CALL (415)-327-6622.

	Cut-off and complete this form, enclose your check payable to
	the IEEE SFCS,  and mail to:  IEEE Council Office 701 Welch
	Rd. #2205 Palo Alto, CA. 94304

	To qualify for the reduced Pre-registration fees, your
	application with check must be postmarked no later than Oct.
	15, 1994.  Registration fee includes lunch, refreshments, and
	parking.  Seating is limited. To make sure the seminar is
	not sold out, call (415) 327-6622.

	please check the appropriate box

	Fees on or before Oct. 15th:

		___ IEEE Member   $ 110
		___ Non-member    $ 120
		___ Student       $  85

	Fees after Oct. 15th:
		___ IEEE Member    $ 125
		___ Non-member     $ 145
		___ Student        $ 100 (students must present ID)


	The seminar location is the Hyatt Regency Embarcadero Hotel,
	near the Ferry Building, in San Francisco.
	Your registration fee includes the all day seminar, lunch,
	and convenient parking in the garages underneath adjacent
	Embarcadero  Centers 1, 2, or 3.  (Keep your ticket for validation).


	Please print clearly:

	Name   : __________________________________________

	Title  : __________________________________________

	Company: __________________________________________

	Address: __________________________________________

	         __________________________________________

	         _______________________________ ___ ______

	Day phone #:(___)_____-_______

	IEEE member (or affiliate) #:_______ ____ (for discount)

	College/University (if student):___________________

	___ Vegetarian lunch option


	Refunds will be honored through October 22nd, substitutions
	any time.  Additional information can be obtained by telephoning
	the IEEE Bay Area Council Office: (415)327-6622.

	IEEE SFCS RESERVES THE RIGHT TO MAKE CHANGES TO THE SEMINAR

	Sponsored by the San Francisco Chapter of the IEEE Computer
	Society. The IEEE is a non-profit organization.