|
|
Keynotes
| Taher Elgamal |
 |
| CSO Axway Inc. |
Network and Security Architectures - What Works, What Does Not, and What is Really Missing |
Information security has grown from a few tools to protect enterprise networks to becoming an integral part of conducting commerce.
This presentation provides the overall network and security architectures as they progressed over the last 15 years. The introduction of
Internet connectivity in all our business interactions has required the industry to modify its thinking when it comes to securing the networks.
This presentation will provide an overview of what works, what does not work and what is really missing.
Special attention will be given to the new waves of online fraud and intellectual property theft attacks. Some very well-known sites have been successfully
exploited in the recent months, together with growing online fraud due to the exposure of private and confidential information. This presentation
will provide insight into why such attacks are possible and why are they successful in today's environment. A call for an improved security model
with certain new controls can improve the situation and help organizations mitigate against these attacks.
There are many existing technologies and commercial products that can help solve these issues, however, the deployment and implementations may be
difficult or introduce unnecessary steps to hinder the use of these products. We will discuss issues in authentication, access control, and
network and application layer defense as well various content protection and security ideas. There are still many open issues in solving the
overall problem. We will discuss the how the use of the Internet to conduct commerce has opened many security issues. Areas for further research
and development will be discussed especially when it comes to securing content.
|
| |
| Edward Humphreys |
 |
| CEO XiSEC, Convenor ISO/IEC JTC1 SC27/1 |
Profitable Information Security Policies |
| When you go to Japan you hear businesses talking about implementing "ni nana zero zero ichi"
and the benefits they have gained from endeavors. The same business excitement can be heard in other Asian, North American, European and
Middle-eastern countries. So what is this buzz all about? Quite simply implementing information security policies that enable businesses
to do well, to take business opportunities that are profitable. These companies are all talking about implementing ISO/IEC 27001 the
international standard on information security management which has become the common language for securing their business operations
and engaging in profitable business relationships with their clients, customers and business partners. This keynote talk goes through
the past, present and future of ISO/IEC 27001 from its early beginnings as a British Standard to its rapid rise as the most successful,
best selling international information security standard of all time to hit the international business community. |
| |
| Klaus Gheri |
 |
| CTO, phion AG - a Barracuda Networks company |
The Impact of Cryptographic-Hardware-Research on Development of Next Generation Firewalls |
|
The old network firewall paradigm has changed significantly. Today's next generation firewall no longer contents itself with making a traffic
flow decision based on information readily available from packet and protocol header information. Additional computationally intense and latency
critical traffic flow processing is required to determine the very nature of the application causing the traffic and to inspect the application
data payload for data leakage, malware or exploit patterns. Since HTTP and its SSL encapsulated counterpart HTTPs have become the de-facto
standard transport protocol for a huge number of applications these protocols need to be closely inspected. Especially for HTTPs the application
protocol inspection involves a significant amount of CPU processing power. Furthermore a massive crypto load stemming from high bandwidth VPN
tunnels and data compression must often be handled by the same device. With the market moving to full duplex wire speed performance requirements
of 20 Gbps or more with all detection technologies switched on economically viable and future proof concepts for task acceleration are needed.
|
|
Sponsors & Supporters
|
