Monday, July 27
|
8:15 a.m.
|
Buses Leave Courtyard by Marriott for the Dartmouth Campus
|
|
8:30 a.m.
|
Conference Registration and Continental Breakfast
Alumni Hall, The Hopkins Center for the Arts
|
|
9:00 a.m.
|
Welcoming Remarks
Denise Anthony
Research Director, Institute for Security, Technology, and Society at Dartmouth College and
Associate Professor of Sociology, Dartmouth College
|
|
9:10 a.m.
|
Legal and Regulatory Developments for Privacy and Security (Abstract)
Rodney Petersen
Interim Head of the EDUCAUSE Washington Office and
the Coordinator of the EDUCAUSE/Internet2 Computer and Network Security Task Force
|
|
10:05 a.m.
|
"Crimeware" Threats (Abstract)
Peter Cassidy
Secretary General, Anti-Phishing Working Group (APWG)
|
|
11:00 a.m.
|
Break
|
|
11:15 a.m.
|
Hacker Trends and Motivations
Scott McGaunn
FBI Agent, Computer Crime Squad, Boston
|
|
12:10 p.m.
|
Lunch
|
|
1:00 p.m.
|
Panel Discussion: Email Services for the Campus Community
Slides: Steve McAllister, Mary Corcoran, Adam Preset, Ellen Young
Participants: Mary Corcoran (Boston College), Adam Preset (University of Pennsylvania), and Ellen Young (Dartmouth College)
Moderator: Steve McAllister, Director of Digital Information Strategy, Dartmouth College
|
|
1:55 p.m.
|
Campus Life Online: Understanding Student Culture and Facebook (Abstract)
Ana Martínez Alemán
Associate Professor and Chair of Educational Administration and
Higher Education Administration Department at Boston College
Co-author of Online Social Networking on Campus: Understanding What Matters in Student Culture
and
Katherine Lynk Wartman
PhD, Higher Education, Boston College
Co-author of Online Social Networking on Campus: Understanding What Matters in Student Culture
|
|
2:50 p.m.
|
Break
|
|
3:05 p.m.
|
Government-related Activities in Education and Workforce Training for Information Security
Brenda Oldfield
Director, Cyber Education and Workforce Development
National Cyber Security Division, Department of Homeland Security
|
|
4:00 p.m.
|
Emerging Trends in Enterprise Security Metrics (Abstract)
Andrew Jaquith
Senior Research Analyst, Forrester Research and author of Security Metrics
|
|
4:55 p.m.
|
Wrap-up
David Bucciero
Director of Technical Services, Peter Kiewit Computing Services, Dartmouth College
|
|
5:30 p.m.
|
Social at the Hanover Inn, Hayward Lounge
|
|
7:00 p.m.
|
Free Time for Dinner
|
|
8:30 p.m.
|
Buses Return to Courtyard by Marriott
|
Tuesday, July 28
|
8:15 a.m.
|
Buses Leave Courtyard by Marriott for the Dartmouth Campus
|
|
8:30 a.m.
|
Continental Breakfast
Location: Haldeman Center, Russo Gallery
|
|
9:00 a.m.
|
Break-out Session 1
The Higher Education Bridge Certification Authority (HEBCA) and the Four Bridges Forum (4BF) (Abstract)
Slides: Higher Education PKI Initiatives and Why PKI & the 4BF
Scott Rea
Director, HEBCA|USHER Operating Authority
Dartmouth College Senior PKI Architect
Location: Haldeman Center, Room 046
Pleasant Skies, or a Gathering Storm: The Good and Evil of Security Services in the Cloud (Abstract)
Dartmouth College's Cyber Security Initiative (CSI)
Location: Haldeman Center, Room 125
The Phishing Education Landing Page (Abstract)
Peter Cassidy
Secretary General, Anti-Phishing Working Group (APWG)
Location: Haldeman Center, Room 031
|
|
10:10 a.m.
|
Break-out Session 2
The Higher Education Bridge Certification Authority (HEBCA) and the Four Bridges Forum (4BF) (Abstract)
Slides: Higher Education PKI Initiatives and Why PKI & the 4BF
Scott Rea
Director, HEBCA|USHER Operating Authority
Dartmouth College Senior PKI Architect
Location: Haldeman Center, Room 046
The Phishing Education Landing Page (Abstract)
Peter Cassidy
Secretary General, Anti-Phishing Working Group (APWG)
Location: Haldeman Center, Room 031
Anatomy of an RIAA File-sharing Lawsuit (Abstract)
Ashlyn Lembree
Professor, Intellectual Property and Transaction Clinic,
Franklin Pierce Law Center and
Sergey Bratus
Research Assistant Professor, Computer Science Department
and Research Fellow, Institute for Security, Technology, and Society at Dartmouth College
Location: Haldeman Center, Room 125
|
|
11:20 a.m.
|
Break-out Session 3
Pleasant Skies, or a Gathering Storm: The Good and Evil of Security Services in the Cloud (Abstract)
Dartmouth College's Cyber Security Initiative (CSI)
Location: Haldeman Center, Room 031
Anatomy of an RIAA File-sharing Lawsuit (Abstract)
Ashlyn Lembree
Professor, Intellectual Property and Transaction Clinic,
Franklin Pierce Law Center and
Sergey Bratus
Research Assistant Professor, Computer Science Department
and Research Fellow, Institute for Security, Technology, and Society at Dartmouth College
Location: Haldeman Center, Room 125
|
|
12:30 p.m.
|
Lunch
Location: Dartmouth Outing Club House on Occom Pond
Bus service will be provided from the Haldeman Center to the Dartmouth Outing Club House.
|
|
1:15 p.m.
|
Conference Wrap-Up
Location: Dartmouth Outing Club House on Occom Pond
Steve Nyman
Chief Information Security Officer, Dartmouth College
The Conference will conclude at 2:00 p.m. Bus service back to the Courtyard by Marriott will be provided at this time.
|
Talk Abstracts
Legal and Regulatory Developments for Privacy and Security
The politics of privacy and security have reached new heights as the Obama administration announces a comprehensive review of cybersecurity. While many in Washington are waiting to see what the White House proposes as the way forward, the Congress and federal agencies continue to craft legislation and regulations designed to combat concerns for identity theft, data protection, and safeguarding of our nation's critical infrastructure. This session will provide an update from Washington, focusing on recommendations from the administration and private sector groups that call for a comprehensive cybersecurity strategy.
Rodney Petersen
"Crimeware" Threats
Phishing has evolved from pure social engineering schemes to crimeware-based phishing systems using sophisticated technical subterfuge, sometimes blending both kinds of schemes in a single attack architecture. In this segment, Mr. Cassidy reviews genres of crimeware, the data they target and the mechanisms by which they propagate.
Peter Cassidy
Campus Life Online: Understanding Student Culture and Facebook
In this talk, the authors of Online Social Networking on Campus: Understanding What Matters in Student Culture (Routledge, 2009) will discuss the results of an empirical study of undergraduate college student use of the social networking site Facebook. They will pay particular attention to the meanings students make of their own use of this site, as well as implications for college administrators.
Ana Martínez Alemán and Katherine Lynk Wartman
Emerging Trends in Enterprise Security Metrics
Managers know that "you can't manage what you don't measure." Budget pressures and the need to demonstrate security effectiveness have led leading enterprises to embrace security metrics as a key discipline. In this talk, Forrester senior analyst and noted author Andrew Jaquith discusses prevailing trends in security metrics and measurement, identifies key best practices, and recommends areas for future research.
Andrew Jaquith
Break-out Session Abstracts
The Higher Education Bridge Certification Authority and the Four Bridges Forum (4BF)
Strong authentication of identity and thorough verification of devices is a mandatory requirement for critical cyber infrastructures. The use of Public Key Infrastructures (PKI) can provide stronger authentication of individuals and devices, and enable a host of security services based on the digital certificates they issue. This break-out session will include a discussion of the benefits of PKI on campus with information on the Higher Education Bridge Certification Authority (HEBCA) and Four Bridges Forum (4BF) which enable PKI certificates to be interoperable across major US federal agencies, US-based pharmaceutical companies, aerospace and defense contractors and colleges and universities.
Scott Rea
Pleasant Skies, or a Gathering Storm: The Good and Evil of Security Services in the Cloud
Staff and students participating with Dartmouth's Cyber Security Initiative (CSI) will discuss their research on performing security services in the cloud. The findings suggest that there are potential technical and cost benefits of using cloud services for a number of tasks including penetration testing, forensic analysis, security monitoring, honeypots, and various processor-intensive security procedures. However, those with malicious intentions could also reap these benefits and the team will address concerns such as anonymous use of cloud services, the risk of easy access to high-powered computing, and potential legal complications in dealing with attacks from the cloud.
Dartmouth's Cyber Security Initiative
The Phishing Education Landing Page
The primary motivation of the APWG/CMU CyLab Phishing Education Landing Page is to instruct credulous email users the moment they have placed themselves at risk: when they have clicked on a link in a phishing email. Why? Because that failure in judgment presents a "teachable moment" for someone who has almost fallen victim of a phishing attack - and is when training is most effective. Mr. Cassidy will introduce the landing page, explain its logistical architecture, and review some of the data about users who have been redirected to it developed by APWG's partners at CMU CyLab. See: http://education.apwg.org/r
Peter Cassidy
Anatomy of an RIAA File-sharing Lawsuit
An attorney for a defendant in an RIAA file-sharing suit and the defense's expert witness dissect aspects of these lawsuits on matters of interest to university computer departments. Put on your latex gloves and bring your scalpel.
Ashlyn Lembree and Sergey Bratus
|
