This feature story from Sun Microsystems talks about how the corporation is answering the call to improve overall software security and quality. This initiative is partly in response to Sun’s participation in the Security Vision Roundtable CERIAS held in conjunction with Accenture last September.
The Purdue Information Systems Security Office (ISSO) provides lots of security related software products free to Purdue University employees. For more information on site-licensed applications, see the ISSO site.
The objective of this symposium is to provide an effective forum for researchers and practitioners who are interested in distributed systems design and development, particularly with reliability, availability, safety, security, or real-time properties. We welcome original research papers as well as papers that deal with development experiences and experimental results of operational systems. See the official website for more information.
A group of senior security experts, including Steve Bellovin, Matt Blaze, David Farber, Peter Neumann, and CERIAS Director Gene Spafford have released comments on the recent IITRI review of the FBI’s Carnivore system. Their position paper concludes that the IITRI review is a reasonable first effort at review, but that several critical issues are left unresolved. More details are available in the full report.
One of the many extension programs that CERIAS offers is a weekly security seminar that is both free and open to the public. If you are interested in attending or presenting in this forum, see the online logistics for more information or contact the director of the center.
The National Infrastructure Protection Center (NIPC) released an advisory on December 1st in response to an increased number of attacks on eCommerce websites running Windows NT and Internet Information Server. If you maintain machines running IIS then you should read the NIPC article.
Eugene Spafford, the director of CERIAS, has been named as one of USAToday’s People To Watch 2001 in the December 27th edition. His unbiased viewpoint and relationships with government, industry and academia were cited as contributing reasons for the honor.
Held as part of the 8th ACM Conference on Computer Security (CCS 2001) a special half-day workshop on data mining for security applications is being offered on November 8th, 2001. This event provides an opportunity for attendees of the ACM CCS to meet with researchers who are interested in applying data mining techniques to security applications and discuss critical issues of mutual interest during a concentrated period. For more information see the ACM CCS website.
The National Computer Security Center (NCSC) and the National Institue of Standards and Technology (NIST) are no longer sponsoring their annual systems security conference according to this press release.