Moti Yung (Google; (Adjunct) Columbia University, US)
Title: On Deploying Secure Computation Protocols in Daily Business Applications
The area of Secure Computation Protocols is the third generation of modern cryptography, where Symmetric Key Encryption was the first generation, and Public Key Cryptography was the second one. The area started with the Mental Poker protocol in the late 70s, has been a theoretical research area for 40 years, with more applied protocols in recent years.
In this talk I will cover an effort that led to the first cryptographic protocols working routinely in business applications, employing secure computation (rather than the typical secure communication). I will argue why our time is technologically the right setting for adopting secure computation and how we approached the deployment. The talk will explain the why and how, and also some of the technical developments that were needed to design the protocol to actual business needs and performance requirements, allowing two companies to compute on shared data results that are critical to business, while keeping the inputs otherwise mutually private.
About Moti Yung
Moti Yung is a Security and Privacy Research Scientist with Google. He got his PhD from Columbia University in 1988. Previously, he was with IBM Research, Certco, RSA Laboratories, and Snap. He has also been an adjunct senior research faculty at Columbia, where he has co-advised and worked with PhD students. His contributions to research and development treat science and technology holistically: from the theoretical mathematical foundations, via conceptual mechanisms, to applied cryptography, and to participation in developing actual industrial products.
Yung is a fellow of the IEEE, the ACM, the IACR, and the European Association for Theoretical Computer Science (EATCS). In 2010 he gave the IACR Distinguished Lecture. He is the recipient of the 2014 ACM’s SIGSAC Outstanding Innovation award, and the 2014 ESORICS (European Symposium on Research in Computer Security) outstanding research award. In 2018 he received the IEEE-CS W. Wallace McDowell Award. In 2020 he received the test-of-time award for a paper predicting ransomware co-authored in 1996 in IEEE’s Symp. on Security and Privacy; also in 2020 he received the IACR’s PKC conference test-of-time award for a paper he co-authored in 1998. In 2021 he received the IEEE Computer Pioneer Award.
Pierangela Samarati (Università degli Studi di Milano, Italy)
Professor at the Computer Science Department of the Università degli Studi di Milano
Title: Data Security and Privacy in Emerging Scenarios
The rapid advancements in Information and Communication Technologies (ICTs) have been greatly changing our society, with clear societal and economic benefits. Mobile technology, Cloud, Big Data, Internet of things, services and technologies that are becoming more and more pervasive and conveniently accessible, towards to the realization of a smart society. At the heart of this evolution is the ability to collect, analyze, process and share an ever-increasing amount of data, to extract knowledge for offering personalized and advanced services. A major concern, and potential obstacle, towards the full realization of such evolution is represented by security and privacy issues. I will illustrate some security and privacy issues arising in emerging scenarios, focusing on the problem of managing data while guaranteeing protection of data stored or processed by external providers.
About Pierangela Samarati
Pierangela Samarati is a Professor at the Department of Computer Science of the Università degli Studi di Milano, Italy. Her main research interests are on data and applications security and privacy, especially in emerging scenarios. She has participated in several projects involving different aspects of information protection. On these topics, she has published more than 280 peer-reviewed articles in international journals, conference proceedings, and book chapters. She has been Computer Scientist at SRI, CA (USA) and visiting researcher at Stanford University, CA (USA), and at George Mason University, VA (USA). She is the chair of the IEEE Systems Council Technical Committee on Security and Privacy in Complex Information Systems (TCSPCIS) , of the ERCIM Security and Trust Management Working Group (STM), and of the ACM Workshop on Privacy in the Electronic Society (WPES). She is ACM Distinguished Scientist (named 2009) and IEEE Fellow (named 2012).
She has received the ESORICS Outstanding Research Award (2018), the IEEE Computer Society Technical Achievement Award (2016), the IFIP WG 11.3 Outstanding Research Contributions Award (2012), and the IFIP TC11 Kristian Beckman Award (2008).
Frédéric Cuppens and Nora Cuppens (Polytechnique Montréal, Canada)
Professor of Computer Science
Title: IT/OT Cyber Resilience
One important consequence of digital transformation is that the two previously areas of information technology (IT) and operational technology (OT) are no longer separate. This creates new opportunities for cyber-attacks. We have chosen to investigate this topic from the perspective of IT/OT cyber resilience. In our presentation, we will attempt to provide answers to the following 4 questions: (1) Why cyber resilience? (2) What is cyber resilience? (3) How to improve cyber resilience? and (4) How to measure cyber resilience?
About Frédéric Cuppens
Frédéric Cuppens is currently a full professor at the Ecole Polytechnique de Montréal. He conducts research in the field of information systems security (expression, deployment and formal validation of security policies, intrusion detection and response, resilience of systems to cyber attacks). In particular, he designed the CRIM (Malicious Intent Correlation and Recognition) security supervision module based on an innovative approach to alert correlation and developed the OrBAC (Organization Based Access Control) security policy model. He has published more than 250 articles in international conferences and journals. He received the Ampère Medal from SEE in 2015 and an Outstanding Research Award from IFIP TC11 in 2016. He was listed among the "100 of cybersecurity" by the magazine l'Usine Nouvelle. In 2019, he was promoted to the rank of Emeritus Member of the SEE.
About Nora Cuppens
Nora Cuppens is currently a full professor at the Polytechnique Montreal. She obtained a PhD from the Ecole Nationale Supérieure de l'Aéronautique et de l'Espace and an Habilitation à Diriger les Recherches from the University of Rennes 1. Her current research topics include access and usage control and traceability, formal validation of security properties and assessment of cyber risks, malware detection and intrusion response using artificial intelligence algorithms, security data protection and cyber-resilience to cyber attacks. She has published over 200 technical papers in peer-reviewed journals and conference proceedings. She received the Outstanding Service Award of IFIP TC 11 in 2016 and the Outstanding Service Award of IFIP WG 11.3 in 2017. Nora Cuppens is currently leading the naval cybersecurity research cluster at Poytechnique Montreal.
Daniel Xiapu Luo (The Hong Kong Polytechnic University, Hong Kong)
Associate Professor Department of Computing, The Hong Kong Polytechnic University
Title: Towards Defending Against Sophisticated Mobile Malware
Mobile malware is still rapidly evolving and adopting various mechanisms to evade detection and make profit. Although many detection approaches have been designed, they could be rendered ineffective by the sophisticated protection methods (e.g., code and UI manipulation) and exploitation tricks (e.g., via new attack vectors) adopted by mobile malware. In this talk, we will introduce our recent studies on these methods and our new solutions to defend against sophisticated mobile malware.
About Daniel Xiapu Luo
Xiapu Luo is an associate professor in the Department of Computing, The Hong Kong Polytechnic University. His research focuses on Mobile/IoT security and privacy, Blockchain/smart contracts, Network/Web Security and Privacy, Software Engineering and Internet Measurement with papers published in top security/software engineering/networking conferences (e.g., IEEE SP/USENIX Sec/CCS/NDSS, ICSE/FSE/ASE/ISSTA) and journals. His research led to eight best paper awards, including ACM SIGSOFT Distinguished Paper Award in ICSE'21, Best Paper Award in INFOCOM'18, Best Research Paper Award in ISSRE'16, etc. and several awards from the industry. Moreover, he has four granted US patents.