ETISS 2011 Speakers

Boris Balacheff

HP, United Kingdom

Boris Balacheff is a HP Labs expert in the field of computer security, specializing in the area of trusted computing and trusted infrastructure technologies. He sits on the Board of Directors of the Trusted Computing Group (TCG) and co-chairs its Certification Program Committee. Boris also serves on HP’s corporate Security Office where he focuses on HP’s trusted infrastructure security strategy.

Boris Balacheff’s research has ranged from cryptographic algorithms and protocols to networking and computer security. He developed an expertise in smartcard technology and was the Technical Committee representative for HP on the PC/SC specification working group. He is one of the early contributors to the invention of Trusted Computing technology, and he co-authored the HPLabs’ book on this topic. He also served on the Technical Committee of the Trusted Computing Platform Alliance (TCPA) during the development of its early specifications. Boris Balacheff joined HP Labs in 1997 with a French “Diplôme d’Ingénieur” degree in applied mathematics and computer science.

Workshop: Cloud, Mobility and Security

Jan-Erik Ekberg

Nokia Research Center, Finland

Jan-Erik Ekberg is a principal resarch engineer at Nokia Research Center Helsinki. He has been working with security protocols in communication networks for over 10 years - including technologies like GSM, IN, WLAN, BT and BT-LE. For the last 5 years his research interests have also included topics related to hardware-assisted platform security mechanisms - from legacy solutions in the mobile domain to TCG technologies like TPM and MTMs. He is a member of the Mobile WG in TCG.

Lecture: Mobile Security

The lecture will provide an overview of platform security mechanisms in mobile handsets. We will explore some of the available hardware mechanisms and components for providing the trust foundation for system security. Secure boot and operating system security concepts will be reviewed using Symbian, Maemo/Meego and Android security as use cases. We will also look at The Mobile Trusted Module (MTM) - a finalized specification by the Trusted Computing Group that extends the TPM for mobile use cases like secure boot. NFC ticketing is presented as one use case where the combination of secure hardware, UI and communication aspects of the mobile phone can improve on existing designs and approaches.

David Grawrock

Intel, United States

David Grawrock is a Senior Principal Engineer and Security Architect for the Intel Security Center of Excellence which is part of the Intel Architecture Group. David's role in the group is to help ensure the security of Intel products. David was the lead security architect for Trusted Execution Technology and helped bring that technology to market. Outside of Intel David was the Chair of the Trusted Computing Group TPM workgroup and vice chair on the technical committee. David has worked in the computer industry for 30 years holding positions with Symantec, Central Point Software, and Lotus. David is the holder of 41 patents with many more pending. David does have a life outside of Intel; he is a proud husband, father, and grandfather, retired dedicated soccer coach, fly fisherman, photographer, and long suffering family genealogist.

Lecture: Chain of Trust and DRTM

David will cover chains of trust. When dealing with those chains one needs to figure out where does the chain start, how does one extend the chain, and how does one tell others about the chain. The discussion will also focus on the two methods of starting a chain, static root of trust and dynamic root of trust and what platform functions must be present to make those roots a reality.

Michael Herfert

Fraunhofer SIT, Germany

Michael Herfert is head of the research area "Cloud, Identity & Privacy" at Fraunhofer SIT.  He worked in a multitude of national and international security projects. In the past he worked in the area of eHealth and long term security. In 2008 he tested first prototypes of Germany's new identity card (nPA) in a trial at the University of Darmstadt. He is one of the founders of the competence center (CC nPA) for this card. This year he works in the "CloudCycle" project, one of the winners of Germany's ministry of commerce (BMWi) Trusted Cloud call.

Lecture: Cloud Storage

Cloud storage applications like Mozy, Dropbox, Crashplan and many others are very popular. They offer to store any kind of data in a very reliable way, managed in highly protected data centers by professional administrators. In the pre-cloud era this was a privilege of big companies having a big financial background. Now, this is a new opportunity for private persons and for small and medium companies. They can use cloud storage to syncronize computers, to share data with friends and to realize a backup which is off-premise. The software producers provide easy to install and easy to use applications for the client side. The prices are moderate, in many cases small amounts of storage are even free.

Allmost any application claims to be secure. However, in many cases it is not clear what is meant to be secure.  The lecture analysis the security requirements of storage services in general and shows concrete securiy characteristics of some of the most important cloud storage applications.

Trent Jaeger

Penn State University, United States

Trent Jaeger received his M.S.E. and Ph.D degrees in computer science and engineering from the University of Michigan, Ann Arbor in 1993 and 1997, respectively. Trent joined the Computer Science and Engineering department at Penn State in 2005. He is co-director of the Systems and Internet Infrastructure Security (SIIS) Lab at Penn State. Prior to joining Penn State, he was a research staff member at IBM Thomas J. Watson Research Center for nine years.

His research/teaching interests are in the areas of computer security, operating systems, security policies, and source code analysis for security. Trent has been active in the Linux community for several years, particularly in contributing code and tools for the Linux Security Modules (LSM) framework (in Linux 2.6) and for integrating the SELinux/LSM with IPsec (called Labeled IPsec, available in Linux 2.6.18 and above). Trent also has active interests in virtual machine systems (mostly Xen) and trusted computing hardware (Linux Integrity Measurement Architecture and its successor PRIMA).

He is also active in the security research community at large, having served on the program committees of many of the major security conferences, including the IEEE Symposium on Security and Privacy, USENIX Security Symposium, ACM Conference on Computer and Communications Security, European Symposium on Research in Computer Security, Annual Computer Security Applications Conference, ISOC Network and Distributed Systems Symposium. Trent has been Program Chair of the ACM Symposium on Access Control Models and Technologies and the ACM Conference on Computer and Communications Security (Industry Track). He is the current Program Chair for the 2007 USENIX Workshop on Hot Topics in Security. He has over 100 refereed publications, and is the holder of several U.S. patents.

Lecture: Distributed and Cloud Computing Security

Preventing attacks proactively in modern distributed systems is a major challenge. The addition of mandatory access control (MAC) enforcement in commodity software was supposed to prevent such attacks by limiting the number of processes accessible to adversaries and confining those still accessible. Unfortunately, the task of security professionals is still reactive, fixing vulnerabilities as adversaries identify them. We claim that in order to configure systems to defend themselves from attacks proactively, MAC enforcement must be customized to the target deployment. However, OS distributors currently focus on designing generic MAC policies for all their customers, leaving system administrators with the difficult task of composing and customizing these policies for their deployment manually. In this talk, I will discuss automated methods to detect attack paths in programs and systems, how to extend such methods to distributed systems, and how to use the resulting attack path information to defend, deploy, monitor the integrity of large scale systems.  One focus of the talk will be the Proactive Integrity Methodology, a mostly-automated method that computes system-wide MAC policies in the Decentralized Information Flow Control model to prevent attacks proactively for distributed system deployments.  I will discuss the application of the method to virtualized Linux systems and the integration of the results with integrity measurement frameworks. Using such methods, system administrators can generate deployment-specific MAC policies for their distributed systems and verify whether OS distributions satisfy those policies, enabling proactive configuration to prevent attacks.


Andrew Martin

University of Oxford, United Kingdom

Dr Andrew Martin lectures to Software Professionals as part of Oxford University's Software Engineering Programme, where he directs the Master of Science course in Software and Systems Security. He has a background in formal methods, but today devotes most of his time to issues of security in distributed systems. He has been particularly interested in the grid and cloud computing paradigms, the security questions they raise, and how the technologies of trusted computing can help to address the challenges in that area.

Andrew wrote a doctoral thesis on the subject 'Machine-Assisted Theorem Proving for Software Engineering', in the early 1990s. He then worked as a Research Fellow in the Software Verification Research Centre at the University of Queensland, Australia. Returning to the UK, he was briefly a lecturer at the University of Southampton, before returning to Oxford to take up his present post in 1999. Dr Martin is a fellow of Kellogg College, Oxford.

Lecture: Trusted Infrastructure 101

We will review the relevant concepts of trust, making a working definition which is suitable for the themes of TIW. The seminar will explain the core components of trusted infrastructure, and explain their essential functionality and assumptions - trusted platforms, the TPM, and trusted virtualization, storage, and networking. We will assume a working knowledge of the purposes of cryptography, and of computer and network architecture. This session is an introduction, intended for those who are new to Trusted Infrastructure.

Jonathan McCune

CMU, United States

Jonathan McCune is a Research Systems Scientist for CyLab at Carnegie Mellon University. He earned his Ph.D. degree in Electrical and Computer Engineering from Carnegie Mellon University, and received the A.G. Jordan thesis award. He received his B.Sc. degree in Computer Engineering from the University of Virginia (UVA). Jonathan's research interests include secure systems, trusted computing, virtualization, and spontaneous interaction between mobile devices. When keyboards and LCDs get to be too much for him, Jon can usually be found riding a bike.

Graeme Proudler

HP, United Kingdom

Graeme Proudler is a researcher at Hewlett Packard Laboratories and the Chair of the Trusted Computing Group’s Technical Committee. He was the technical lead of HP-Labs’ research group that contributed to Trusted Computing Platform Alliance specifications, a founder member of the TCPA Technical Committee, and original editor of the TCPA main specification.

Graeme read Physics at Oxford University. After graduation, he designed communication-security equipment. Since joining HP Laboratories, he has worked on information security, networking and mobile communications. His current interests are trust and information security in computer platforms and networks.

Lecture: Next Gen TPM

This presentation describes some of the concepts, constraints and opportunities that will determine the TCG’s next generation Trusted Platform Module. While not describing the actual TPM architecture (which is still under development by TCG, and hence confidential), the material gives some insights into the operation of future TPMs.

Carsten Rudolph

Fraunhofer SIT, Germany

Dr. Carsten Rudolph received his PhD in Information Security at Queensland University of Technology, Brisbane in 2001. Since then, he is working at the Fraunhofer Institute for Secure Information Technology SIT where he is now head of Secure Engineering. His research concentrates on information security, formal methods, secure engineering and cryptographic protocols.  Among other activities he has worked on a security validation of the Trusted Platform Module TPM 1.2 on behalf of the German BSI and he contributed as invited expert to the standardization of the TPM in the Trusted Computing Group TCG. Currently, he leads the EU FP7 project SecFutur on  security engineering for embedded systems and he is involved in various other international and German research initiatives.

Lecture: Trusted Infrastructure and Applications

The uptake of the widely distributed TPM in concrete applications is still rather low. Nevertheless, the growing market of mobile and distributed embedded systems can benefit from core functionalities of trusted computing by establishing resilient and trustworthy platforms supporting various advanced business scenarios and opportunities. This talk will explore the applicability of Trusted Computing technologies in several embedded scenarios. Prototypical realizations for some of these scenarios are developed in several current FP7 projects (NanoDatacenters, SecFutur, and TERASA).

Ahmad-Reza Sadeghi

CASED/Fraunhofer SIT, Germany

Prof. Dr.-Ing. Ahmad-Reza Sadeghi is the head of the System Security Lab at the Center for Advance Security Research (Technische Universität Darmstadt) and the Scientific Director of Fraunhofer Institute for Secure Information Systems (SIT) both in Darmstadt, Germany. He is also guest professor at Ruhr-University Bochum (RUB) in Germany. He received his PhD in Computer Science with the focus on privacy protecting cryptographic systems from the University of Saarland in Saarbrücken Germany. Prior to academia, he worked in Research and Development of Telecommunications enterprises, amongst others Ericson Telecommunications. Currently, Prof. Sadeghi leads several international research and development projects on design and implementation of trustworthy computing platforms and trusted computing, security hardware, particularly Physically Unclonable Functions (PUF), Cryptographic Privacy-protecting Systems, and cryptographic compilers (in particular for secure computation). He has been serving as a program chair or committee member for a variety of conferences and workshops on information security, trusted computing and applied cryptography. He is on Editorial Board of the ACM Transactions on Information and System Security. Prof. Sadeghi has been awarded with the renowned German award “Karl Heinz Beckurts” for his research on Trusted Computing technology and its transfer to industrial practice. The award honors excellent scientific achievements that gave visible industrial innovations in Germany. Further, his group received the second prize of German IT Security Competition Award 2010. His main research interests are security architectures, cryptographic protocols and security hardware.

Thomas Schneider

CASED/TU Darmstadt, Germany

Dr.-Ing. Thomas Schneider is a post-doctoral researcher at the Center for Advanced Security Darmstadt (CASED). In February 2011 he obtained his Ph.D. in Information Technology on "Engineering Secure Two-Party Computation Protocols" from Ruhr-University Bochum; from 2008-2011 he worked as research assistant at the Horst Görtz Institute for IT Security (HGI) in Bochum doing research in several international projects on cryptographic compilers (CACE), processing of encrypted signals (SPEED), and the European network of excellence in cryptology (ECRYPT II). In 2008 he obtained a diploma degree in Computer Science from University Erlangen-Nürnberg; he wrote his masters thesis “Practical Secure Function Evaluation" in 2007 while doing a 6 months research internship at Alcatel-Lucent Bell Labs, USA as stipendiary of the German National Academic Foundation (Studienstiftung des Deutschen Volkes). His research interests include privacy-preserving cryptographic protocols, in particular their efficiency, automatic generation, and combination with (un)trusted hardware.

Lecture: Hardware-assisted cryptographic protocols

Cryptographic protocols enable secure collaborations without mutual trust and provide the basic technology for many privacy-preserving applications. However, even the simplest functionalities such as oblivious transfer or set intersection require computationally expensive public key cryptography when implemented in software only.

A recent line of research shows how tamper-proof hardware (e.g., TPMs, cryptographic coprocessors, or smartcards) can be used to substantially improve the performance of cryptographic protocols. In many cases, the tamper-proof hardware is trusted globally and implements a trusted third party. Most recent protocols provide security guarantees even if the hardware is not trusted by some of the protocol participants. These protocols provide security even in face of hardware trojans or side-channel attacks.

In our lecture, we give an overview on the trust models, security goals, and restrictions of hardware-assisted cryptographic protocols. Then, we discuss several recent research results on practical hardware-assisted cryptographic protocols for oblivious transfer, set intersection, and general secure two-party computation.

Allan Tomlinson

Royal Holloway, University of London, United Kingdom

Allan Tomlinson is a senior lecturer with the Information Security Group (ISG) at Royal Holloway, University of London. He was awarded a PhD in 1991 from the University Edinburgh for work on VLSI architectures for cryptography. He then joined the Institute of Microelectronics at the National University of Singapore, working on secure NICAM broadcasting and in 1994 moved to General Instrument in California to work on the Digicipher II pay-tv system. Before joining the ISG, he was Principal Engineer at Barco Communications Systems where he was responsible for the development of the "Krypton" Video Scrambler.

His current research interests are in distributed systems security, trusted virtualization and mobile network security. He is the PI for the Mobile VCE "Instant Knowledge" programme  (DT/F007310/1) investigating privacy in mobile social networks. He also serves on the competitions working group for the UK Cyber Security Challenge; a national competition to identify the nation's cyber security talent.

Ingrid Verbauwhede

KU Leuven, Belgium

Ingrid Verbauwhede is a full professor in the Electrical Engineering Department at the KULeuven in Belgium and an adjunct professor at the EE department at UCLA, Los Angeles, CA.

In Leuven, she heads the embedded security part of COSIC which is a research group of around 80 people focusing on many aspects of design, implementation and usage of cryptology. Ingrid received her PhD degree from Leuven in 1991. She was a post-doctoral researcher and visiting lecturer at UC Berkeley for 2 years and worked in industry in the Bay Area before joining UCLA in 1998. From 1998 till 2005 she was an associate professor at the EE department at UCLA where she ran the embedded security lab.  She joined COSIC in 2003.

Her interest is in embedded security, in general working on the interface between cryptographers and physical reality. Current work focuses on light weight crypto, hardware architectures for crypto algorithms, side-channel attacks and countermeasures, and lightweight roots of trust.

She has graduated 17 Ph.D. students which now have positions all over the world. For more information please visit,

Lecture: Tamper Resistant Hardware

In this presentation, the focus will be on the implementation aspects of cryptographic and security applications for embedded devices. Over the years, mathematically strong cryptographic algorithms and protocols have been created. The weak link has become the incorporation of these algorithms in small, embedded, power constrained devices. It requires both an efficient and a secure implementation. Implementations of cryptographic algorithms need to be efficient as they need to operate withing area or memory budget or energy and power budget. On top the implementations need to be physically secure. Most important are the so-called passive attacks, where devices are being monitored, i.e. eavesdrops, while performing normal operation. Countermeasures for these so-called side-channel attacks have an implementation cost that needs to be balanced with the overall design cost. These design methods will be illustrated with examples of secure secret key and public key implementations.

Michael Waidner

Fraunhofer SIT, Germany

Michael Waidner is the director of the Fraunhofer Institute for Secure Informationtechnology (Fraunhofer SIT) and Chair Professor for Security in IT at the Technische Universität Darmstadt. Together with Prof. Dr. Johannes Buchmann he is leading the Center for Advanced Security Research Darmstadt (CASED).

He received his PhD from the University of Karlsruhe (now known as KIT) in 1991. In 1994 he joined the IBM Zurich Research Lab in Rüschlikon, Switzerland, where he was responsible for the research activities in the areas of IT security and privacy. He was one of the initiators of the Zurich Information Security Center (ZISC) at the ETH Zurich. In 2006 he moved to IBM in New York. Until 2010 he was an IBM Distinguished Engineer and the Chief Technology Officer for Security, responsible for the technical security strategy and architecture of the IBM Corporation. In 2010 he left IBM and came to Darmstadt.

Michael Waidner authored more than 130 scientific publications and is inventor of more than 20 patents. He is an IEEE Fellow and an ACM Distinguished Scientist.