Re: CRIME MEETING - December 14 10:00 am - LAST CALL

From: Crispin Cowan (crispin@private)
Date: Mon Dec 13 2004 - 11:04:05 PST


Richard Busby wrote:

>Date: Tuesday, 14 December 2004 10:00 AM PST
>
>Where: Oregon Zoo Conference Room
>
>Speaker - Crispin Cowan, Ph.D.  CTO Immunix
>
>Topic - "Intrusion Protection"
>  
>
Immunix will be bringing donuts to the meeting :)

Here is the abstract for the talk.

    Intrusion Prevention and Application Security:
    The Good, The Bad, and the Ugly
    Crispin Cowan, PhD
    CTO, Immunix Inc.

    Richard Clarke said that "The reason why you have people breaking
    into your software is because your software sucks." More than just
    scathing criticism of the software industry, this comment highlights
    the extreme difficulty of assuring that your applications do what
    they are supposed to do, /and nothing else/. You can test for what
    an application is supposed to do, but you cannot effectively test
    for the surprising  "something else" mis-features that attackers
    exploit: they "tickle" your applications with "creative" inputs that
    make software mis-behave, and as a result can break into your
    systems. Effects like open source code review help Linux to be more
    secure by being less likely to have unpleasant surprises, but this
    does not eliminate the threat. To really secure applications, host
    application security is required to nail down what each application
    is permitted to do, to ensure that it is not doing any surprising
    "something else"s. This talk will explain the theoretical
    foundations that make proving "nothing else" impossible, and show
    how host application security provides the only real alternative to
    trust-worthy software. We then show how the LSM (Linux Security
    Modules) feature (new in the Linux 2.6 kernel) enables unprecedented
    precision in the control of application behavior on standard Linux
    kernels.

Crispin

>No host lunch to follow
>
>See you there!
>
>
>
>  
>

-- 
Crispin Cowan, Ph.D.  http://immunix.com/~crispin/
CTO, Immunix          http://immunix.com



This archive was generated by hypermail 2.1.3 : Mon Dec 13 2004 - 11:59:30 PST