1st ITI Workshop on Dependability and Security: Opportunities and Challenges in Building an Overarching Community
December 3, 2004
Coordinated Science Laboratory
University of Illinois
Welcome to the web site for the December 3, 2004 ITI Workshop on Dependability and Security! The workshop was a great success. Below you can find PDFs of many of the slides and posters that were presented. You can also view a press release giving an overview of the event.
Explosive growth in the number and complexity of computing systems requiring dependability and security in their operation is one of the most striking features of our technological and social landscape. Dependability and security are here understood as a system's general worthiness of being relied upon and trusted to the extent required, even under extreme conditions. Dependability involves the relevant application and system qualities, including fault tolerance, availability, performability, and robustness. Security, with its classic foundations in cryptography, involves issues relating to intrusion detection and tolerance, authentication, and firewall designs, as well as security-related protocols, modeling, and benchmarking. The interplay between dependability/security and performance is also involved, as is evident in many critical application domains, such as critical infrastructure protection, aerospace, telecommunications, healthcare, and e-commerce. The expectation that modern, vast computing systems will be highly available and secure despite accidental failures and malicious attacks constitutes a major challenge for researchers, developers, and managers in the computing field.
Design of systems for dependability and security has assumed major importance in both government and commercial sectors, where there is a renewed interest in validation, verification, and measurement of various aspects of security, system survivability, fault tolerance, and performance. Furthermore, dependability, security, and performance have tended to be treated separately, despite the fact that the rigorous discipline of system design and analysis is best based on the joint consideration of these issues to allow appropriate trade-offs.
The December 2004 ITI Workshop on Dependability and Security provided a forum for leading academics and industry researchers to speak to the challenges and opportunities in dependable and secure computing. The participating experts represented a broad range of dependability/security issues. The workshop was sponsored by the newly created Information Trust Institute (ITI) at Illinois, and was held in the Coordinated Science Laboratory on the campus of the University of Illinois at Urbana-Champaign.
Slides from Technical Sessions
|Information Trust Institute (ITI) introduction
||William Sanders (Director, ITI) and
Ravi Iyer (Director, UIUC CSL)
|Panel: Grand challenges and open questions in trusted systems (Ravi Iyer, UIUC, moderator; Zbigniew Kalbarczyk, UIUC, recorder)
||Steve Bellovin (AT&T Labs)
Carl Landwehr (NSF)
Jean-Claude Laprie (LAAS-CNRS)
Roy Maxion (Carnegie Mellon)
|Session 1: Addressing trustworthiness in design (Roy Campbell, UIUC, moderator; Michael Loui, UIUC, recorder)
Elisa Bertino (Purdue/U. Milano)
Mootaz Elnozahy (IBM Austin)
Virgil Gligor (U. Maryland)
Michael Waidner (IBM Zurich)
|Session 2: Assessing and validating trust in systems and networks (Carl Gunter, UIUC, moderator; Klara Nahrstedt, UIUC, recorder)
||Catherine Meadows (Naval Research Lab)
Andre Schiper (École Polytechnique Fédérale de Lausanne)
Neeraj Suri (TU Darmstadt)
Kishor Trivedi (Duke)
|Rapid-fire student presentations (David Nicol, UIUC, moderator)
Jodie Boyer, HariGovind Ramasamy, Yuan Xue, Claudio Basile, Geta Sampemane, Seung Yi, Adam Lee (UIUC)
|Closing discussion: Key findings and determining the path forward (William H. Sanders, UIUC, moderator)
||Zbigniew Kalbarczyk, Michael Loui, and Klara Nahrstedt (UIUC)
PDFs of Posters Presented at the Workshop
|Achieving Trusted Systems by Providing Security and Reliability: Formal Reasoning on Security Vulnerabilities Using Pointer Taintedness Semantics
||Shuo Chen, Karthik Pattabiraman, Zbigniew Kalbarczyk, and Ravishankar K. Iyer
|Application Aware Checking - Reliability and Security Engine
||Nithin M. Nakka, Zbigniew T. Kalbarczyk, and Ravi K. Iyer
|Assessment of Microprocessors Failure Behavior Using Fault Injection at Gate-level
Giacinto Paolo Saggese and Ravi Iyer
|Attack Neutralization in Wireless Ad Hoc Networks: Inner-circle Consistency
||Claudio Basile, Zbigniew Kalbarczyk, and Ravi K. Iyer
|An Attribute-Based Authorization Service Using TrustBuilder
M. Winslett and A. Lee
|Bilateral Teleoperation over Unreliable Communication Networks
||Paul Berestesky, Nikhil Chopra, and Mark W. Spong
|Byzantine Modification Detection for Multicast Using Network Coding
T. Ho, B. Leong, R. Koetter, M. Médard, M. Effros, and D. R. Karger
|Design and Implementation Oriented Validation of Survivable Systems
||A. Agbaria, T. Courtney, M. Ihde, W. H. Sanders, M. Seri, and S. Singh
|Face Recognition Independent of Facial Expression
||Hongcheng Wang and Narendra Ahuja
|Hemispherical Imaging for Wide Area Monitoring
||Chunyu Gao, Hung Hua, and Narendra Ahuja
|Hestia: Security Middleware for Critical Cyber Infrastructure
||Raquel Hill and Roy Campbell
|Internet Messaging as a Family of Web Services
||Kevin Lux, Carl A. Gunter, Raja N. Afandi, and Jianqing Zhang
|KNOW Why Your Access was Denied: Feedback for Usable Security
||Geetanjali Sampemane, Apu Kapadia, and Roy H. Campbell
|LocFlow: Location based Services for Workflow
||Kaijun Tan, Jodie P. Boyer, and Carl A. Gunter
|Marianas: Survivable Trust for Critical Infrastructure
||D. M. Nicol and J. J. Farris
|A Middleware Solution to QoS and QoP Support for Multimedia Applications in Wireless Networks
||Wenbo He and Klara Nahrstedt
Möbius: An Integrated Performance/Dependability/Security Evaluation Environment
|Tod Courtney, David Daly, Salem Derisavi, Shravan Gaonkar, Mark Griffith, Vinh V. Lam, Michael McQuinn, Eric W. D. Rozier, and William H. Sanders
|Modeling and Analysis of Access Control Failure
||Prasad Naldurg and Roy H. Campbell
|PeerTrust: A Language for Trust Management in P2P Systems
||M. Winslett and C. Zhang
|Privacy-Preserving Data Mining in Relational Databases
||Xiaoxin Yin and Jiawei Han
|Providing Fault-Tolerant Ad Hoc Routing Service in Adversarial Environments
||Yuan Xue and Klara Nahrstedt
|Quality of Authentication in Ad Hoc Networks
||Seung Yi and Robin Kravets
|Real-time Immersive Network Simulation Environment: RINSE
||D. M. Nicol, M. Liljenstam, J. Liu, L. Karbiner, Y. Yuan, G. Yan, and C. Grier
|Resilient Inter-domain Routing and Configuration
||Li Xiao and Klara Nahrstedt
|Routing with Confidence: Supporting User Discretion in Policy Based Networks
||Apu Kapadia, Prasad Naldurg, and Roy H. Campbell
|Security & Privacy for Ubiquitous Computing Environments
||Jalal Al-Muhtadi, Geetanjali Sampemane, and Roy Campbell
|Selfish Misbehavior in Wireless Networks
||Pradeep Kyasanur and Nitin H. Vaidya
|Multirobot Teleoperation over Delayed Communication Networks
||Oscar Martinez-Palafox, Dongjun Lee, and Mark W. Spong
|Threat Analysis of GNU Software Radio
||Suvda Myagmar, Raquel L. Hill, and Roy Campbell
|TrustBuilder: Authorization and Authentication for Open Systems
||M. Winslett, K. E. Seamons, A. Lee, L. Olson, and M. Rosulek
Descriptions of Laboratory Demonstrations Presented
Prof. Carl Gunter
Demonstration of WSEmail
Email is a widely used application that is crucial in many business and personal contexts. However, email is based on a collection of protocols designed before some current challenges, such as spam and spoofing ("phishing"), became commonplace. We will demo WSEmail, a re-conceptualization of email as a family of web services. Web services are an emerging suite of standards for B2B interaction on the web. Using web services as a foundation improves email by enhancing flexibility, security, and integration.
Prof. Roy Campbell
Active Space Demonstration
Computing grounded in big, stationary boxes is giving way to a world of pervasive computing populated by ubiquitous networks of dissimilar computing and information facilities. Pervasive computing enables anytime, anywhere access to applications and information. It is characterized by its support of intelligent appliances that tap advanced networking technologies to function when and where needed. This demonstration will present research aimed at enabling pervasive computing. The demonstration will highlight research activities focused on developing a distributed operating system and a middleware infrastructure needed to support mobility, multimedia, QoS, adaptation, location awareness, security, and information hiding.
Prof. Jennifer Hou
1. J-Sim Simulation and Emulation for Future Network-Centric Combat Systems
The capacity of J-Sim will be demonstrated via real-time simulation and emulation for network-centric warfare (a full-fledged version of future combat systems) on two laptops connected via a router. The simulation will be conducted with real-life traces from SAIC, Inc. and visualized (via Java3D) and displayed on a real terrain. In addition to faster-than-real-time warfare simulation, we will also demonstrate the notion of emulation by having a Webcam capture real-life images, transport them continuously through a virtual simulation environment, and display them on another real-life physical device, e.g., a PDA. The entire simulation and emulation environment can be used for resource planning and management for future combat systems.
2. End-to-end Measurement of Available Bandwidth
Network measurement and diagnostics infrastructure capabilities will be demonstrated by measurement in real-time of the available bandwidth on any Internet path (of LANs, intranets, or the Internet) on an end-to-end basis (without the support of routers). This tool is part of the wired and wireless measurement and diagnostics infrastructure being built at UIUC that can be leveraged to detect traffic abnormality.
Prof. Klara Nahrstedt
1. Quality of Protection & Bandwidth Aware Mobile Multimedia Delivery
To secure the transmission of a multimedia stream over networks, the multimedia stream is encrypted at the video server. A mobile application will adapt its levels of security and bandwidth utilization, depending on the user's preferences and network's conditions, during the handoff between wireless and wireline networks.
2. Audio Adaptation to Wireless Bandwidth Fluctuations
In this demonstration, wireless channel quality will be monitored and an audio streaming application will be adapted to the monitored channel quality. As channel quality worsens, the application will demand a greater fraction of the wireless bandwidth until all the bandwidth is consumed, after which the application must alter its audio sample transmission rate.
3. Power-adaptive Operating Systems and Applications
This demonstration will show how an operating system in mobile devices can manage its battery as a computing resource for multimedia applications. Our GRACE-OS operating system switches the CPU frequency to minimize power consumption while maximizing the quality of applications based on application requirements.
4. Delay-Bounded Voice Delivery Over Wireless Networks
QoS of multimedia delivery is supported in a wireless network via a cross-layer design in which proportional delay differentiation is implemented at the network level, and the adaptive service class selection is conducted at the middleware level. In this demonstration, performance comparison of audio delivery with QoS support and with no QoS support will be shown under different background data traffic.
5. Tele-immersion Research
This demonstration will consist of three smaller demonstrations:
- Tele-immersion using a local video stream: Stereo cameras have been configured to capture the 3D scenes. The captured 3D models can then be rendered on a display, and the viewer can change the viewpoint of the scene.
- Tele-immersion using a video stream from a remote system: Streaming from archived 3D video from Berkeley to UIUC will be shown on plasma displays.
- 3D video stream selection: A user will be shown to have the ability to select a particular view of a video production that is being captured in 3D by multiple cameras.
Prof. Marianne Winslett
This demonstration will explain the basics of using automated trust negotiation as a means of authentication and authorization in open systems. In addition, we will provide two demonstrations of how automated trust negotiation can be used on the web. The first demo will show how trust negotiation can be used to determine whether or not a party attempting to order medicine from a hypothetical online pharmacy is authorized to buy the particular medicines requested. The second demo will show how users of the web can use content-triggered trust negotiation to protect their personal information (e.g., credit card numbers) and foil phishing attacks.