【誠摯邀請】2011/11/21 13:30~15:20 邀請大家蒞臨Prof. Elisa Bertino演講

講  者:Prof. Elisa Bertino
              Professor  of Computer Science Department, Purdue University and Research Director of CERIAS
講  題:
Talk 1:Protecting Information Systems from Insider Threats - Concepts and Issues(13:30~14:20)

Talk 2:Securing Data in the Cloud - Challenges and Research Directions(14:30~15:20)

日    期:100年11月21日(一)
時    間:13:30~15:20
地    點:工程四館B1國際會議廳       
主持人:謝續平教授


Talk1 Abstract:
Past research on information security has focused on protecting valuable resources from attacks by outsiders.
However, statistics show that a large amount of security and privacy breaches are due to insider attacks.
Protection from insider threats is challenging because insiders may have access to many sensitive resources and high-privileged system accounts. Suitable approaches need to combine several security techniques, like fine-grained access control, stronger authentication protocols, integrated digital identity management, intrusion detection, with techniques from areas like information integration, machine learning, and risk assessment. In this talk, after an introduction to the problem of insider threats, we will present recent work addressing the problem of anomaly detection and response policies for database management systems and then discuss open research issues, by emphasizing the role of techniques from the area of information integration.

Talk2 Abstract:
Managing data is arguably one of the reasons for adopting cloud technologies. These technologies are very promising with respect to enhancing scalability, reducing costs, and rapidly adapting to changes in application demands. However the adoption of these technologies is not without risks. Data stored in a cloud would be accessible to a large variety of individuals, like the IT staff of the cloud providers. The cloud providers may in turn outsource data management functions to other providers. Data integrity and availability are critical issues. Physical protection, crucial for data security, may be difficult to assess for the organization owning the data as data may be stored in different countries, which makes difficult making inspections to the data storage location. In some cases, even being able to control the location of the data may be difficult. However, making sure that data is stored or not stored in certain locations is crucial for compliance. Data segregation is essential in the context of multi-tenant contexts in which data owned by different organizations may reside on the same systems. Support for disaster recovery, and accountability are also critical requirements. In the talk we will first elaborate on these issues. We will then present an overview of the MASK system, able to support fine-grained encryption of data while at the same time supporting identity-based privacy-preserving access control on encrypted data. We will conclude the presentation with a discussion about the notion of accountability policies and tools for managing security policies.

 

 

誰在線上

目前有 12 個訪客 以及 沒有會員 在線上

總瀏覽人數

文章瀏覽點擊數
807091

最新消息

【誠摯邀請】2019/10/30 前瞻企業資安管理策略與科技研討會

 

隨著科技日新月異,高科技產業的經營也面臨駭客攻擊挑戰與資安風險。迎向資安大數據時代的來臨,本會將介紹前瞻資安管理策略與技術,建議企業高階主管因應資安管理法與ISO資安標準,訂定資安治理方向與策略。

 

議程:下載

報名表:下載

線上報名:連結

 

閱讀全文...

 

 

【資安新聞】打造資安將才 交通大學首創亥客書院  (2016/12/01)

 

 
 
一張電子發票會透露多少資訊?金融罪犯如何能盜領巨款?為響應政府推動資通安全政策、培育資安人才,交通大學整合資訊、電機、管理學院及資通安全研教中心、資訊服務中心、推廣教育中心與國內外資安學者專家,跨領域攜手成立「亥客書院」,敦請交大講座教授張善政擔任書院院長,以及美國電機電子學會會士、資訊安全學會前理事長謝續平特聘教授擔任副院長,打造台灣第一流的資安人才培育平台。
閱讀全文...

 

 

【獲獎公告】IEEE Fellow Class of 2014

 

This year, Professor Shiuhpyng Winston Shieh is elevated as an IEEE fellow for the contribution of advances in pattern-oriented intrusion detection and fault-tolerant protection.

閱讀全文...

 

 

【誠摯邀請】2013/3/14 13:30~15:20 邀請大家蒞臨Dr. Jeffrey Voas演講

 

閱讀全文...

 

 

 【誠摯邀請】2012/5/8 13:30~15:20 邀請大家蒞臨Dr. Jeffrey Voas演講

 

閱讀全文...