Top
Past Meeting Archive Los Angeles ACM home page National ACM home page Click here for More Activities this month
Check out the Southern California Tech Calendar

Joint Meeting of the
Los Angeles Chapters of ACM,
and IEEE Computer Society

Wednesday, March 6, 2002

Trends in Information Security

Presented by Roberta Gotfried,
Raytheon Company

The field of computer security began over 20 years ago in the form of a highly formal discipline aimed at protecting confidentiality of government classified information as the use of computers grew. Since that time, computer security has evolved as an engineering discipline through a series of incarnations, each one addressing a new set of objectives and new sets of threats - all the time trying to keep up with the rapidly changing world of computing and information systems. Now, privacy and cyber terrorism have taken a pre-eminent place in the field, with much wider public awareness.
This talk will review the evolution of the field of information security, look at recent trends in information security and look at what might lie ahead.

Ms. Roberta Gotfried is currently Director of Information Assurance Programs for Raytheon Electronic Systems and Chair of the Raytheon-wide Information Security and Information Management TIG. She has over 20 years of experience leading research and development of technology programs in software systems. She has lead research and development activities in information security for real-time systems for the last 10 years. She was a Principal Investigator and the lead system security engineer for numerous technology programs, including the DARPA-funded PROSE development for high performance computers and the Information Assurance Reliability Model program and is Program Manager for several research programs in embedded systems information technology. She was also Principal Investigator on the Secure Avionics Architecture Concept Development Program, to define the system security requirements for the Joint Strike Fighter.

“Trends in Information Security”

LA ACM Chapter March Meeting.
Held Wednesday, March 6, 2002.
The presentation was given by Roberta Gotfried of Raytheon. This was a joint meeting of the Los Angeles Chapters of ACM and the IEEE Computer Society.

She started out with the question "What is information assurance?". It is like the blind men and the elephant; it depends on your previous experience. You may think of it as encryption, multilevel security, intrusion detection or system integrity and they are all part of the "information assurance" elephant. Information assurance is concerned with confidentiality (preventing disclosure), integrity (preventing unwanted modifications), availability of system resources, authentication and non-repudiation (providing accountability and traceability). In the early the idea was to build a fortress around your computer to prevent undesired access, but this was not practical when interactive computing and the Internet became necessary. The network and software vulnerabilities are all too real. Now everyone is becoming concerned with security, as hacker activities are all too real and increasing in frequency. We can look forward to emerging threats of cyber warfare by nations and political groups.

Attack information is readily available on the web including code that can be used for attacks. There are hacker conferences that allow everyone to share the techniques and tools of how to do things. The attackers have a wide range of motivations for attacks. Some are "script kiddies" who look for on-line information, but don't have much real knowledge. Others are skilled coders and hackers with considerable talent. Criminal motivations are on the increase, and politically motivated attacks from nation-states and terrorist groups are expected. So far few terrorist groups have made cyber attacks although they do use the Internet to organize and communicate. Attacks from terrorist sympathizers and people who are anti-capitalist have been more common. It is easy to disguise the origin of attacks. Any conflict will attract thrill seekers without many skills who are not big threats but can cause economic loss. There are numerous world conflicts where sympathizers on both sides try to disrupt the other side and spread propaganda such as Pakistan/India, Israel/Palestine, former Yugoslavia/NATO and US/China after the spy plane incident. There were cyber attacks both against the US and the Taliban after September 11, 2001. Some lessons from recent events are that cyber attacks accompany physical attacks; the attacks are increasing in volume, sophistication, and coordination; and cyber attackers are attracted to high value targets.

Trends in cyber attacks were discussed. Buffer overflows are a common method of attack and a lot of popular software is vulnerable to buffer overflows. Viruses and worms are examples of malicious code and Ms. Gotfried presented many examples. Code Red exploited Microsoft IIS buffer overflow vulnerabilities. Code Red was indiscriminate in its probing, but Code Red II improved its probing mechanism and added a "back door" to infected machines so that hackers could enter a machine and gain control of it. Countermeasures to cyberwarfare are to monitor activities, log events, develop an incident management plan, contact authorities and do ingress and egress filtering. Firewalls and routers are becoming more resistant to attacks. One improvement is that people are starting to take security seriously.

Some disturbing facts are that the US is particularly vulnerable to attack because of its dependence on IT and connectivity. As quickly as new products come out, vulnerabilities are discovered and in spite of increased awareness many systems remain vulnerable, sufficient resources are still not spent on system protection, and people don't know what to do in case of intrusion. There are not enough qualified professionals and education about the problem, and market forces don't favor increased robustness of products. You should apply and follow "best practices" for computer and physical security, apply regular software updates, and install worm protection, intrusion detection systems and firewalls. You should expect more frequent and devastating cyber attacks in the future.

For information go to:
www.cert.org (Computer Emergency Response Team/Coordination Center)
www.nipc.gov (National Infrastructure Protection Consortium)
www.sans.org (System Administration, Network and Security Institute)
www.incidents.org
www.cerias.purdue.edu (Center for Education and Research in Information Assurance and Security)
cve.mitre.org
A recommended publication is:
Cyber Attacks During the War on Terrorism, by Michael A. Vatis, Institute for Security Technology Studies at Dartmouth College.

Roberta Gotfried may be contacted at rlgotfried@raytheon.com
This was the seventh meeting of the LA Chapter year. If you weren't there you missed an excellent presentation on a very important topic. Ms. Gotfried's presentation showed that things will be difficult enough if you are prepared for cyber attacks, but might be catastrophic if you are not.

Mike Walsh, LA ACM Secretary


The Los Angeles Chapter normally meets the first Wednesday of each month at the Ramada Hotel, 6333 Bristol Parkway, Culver City. The program begins at 8 PM.   From the San Diego Freeway (405) take the Sepulveda/Centinela exit southbound or the Slauson/Sepulveda exit northbound.

6:30 p.m.  Cocktails/Social

7:00 p.m. Dinner

The menu choices are listed in the table above.
Avoid a $3 surcharge!!
Make your reservations early.

8:00 p.m.  Presentation

 

To make a reservation, call or e-mail John Radbill, (818) 353-8077, and indicate your choice of entree, by Sunday before the dinner meeting.

There is no charge or reservation required to attend the presentation at 8:00 p.m.. Parking is FREE!

For membership information, contact Mike Walsh, (818)785-5056 or follow this link.


Other Affiliated groups

SIGAda   SIGCHI SIGGRAPH  SIGPLAN

****************
LA SIGAda

Joint LA ACM SIGPLAN and SIGAda Meeting
Wednesday, March 13, 2002
More Details

Return to "More"

****************

LA  SIGGRAPH

In Association with Deluxe Laboratories, Efilm, and Technique

"Digital Aspects of Color Timing and Mastering for Film"

Tuesday, March 12, 6:30 Social, 7:30 Program

Digital Cinema Laboratory
Entertainment Technology Center
Pacific Hollywood Theater
6433 Hollywood Blvd.

This presentation will explore current and future techniques used to color time and master motion pictures. Join us as three companies present their work on digital color timing and educate the audience on the process involved in mastering a film.

Digital color timing is, in actuality, video technology being applied to a film process by visual effects professionals. We begin by asking what is the process? Then how can digital techniques fit into the traditional laboratory pipeline? Will the process be a hybrid of the two? Are we moving to a totally digital pipeline?
Filmmakers can and will continue employing specific labs to get the distinctive look that a lab offers with its proprietary print techniques. If this is the case, the question of whether new standards need to be established for color timing arises. If so, what are the new standards that need to be set?

To date there have been very few movies that have been completely color timed digitally. As this process develops, an emergence of new tools for directors and cinematographers to employ to color time movies is also developing. What are these emerging tools?

Deluxe Laboratories, Efilm, and Technique will each present their unique solutions to digital color timing. Both traditional and digital processes will be presented. Presentations will be followed by a panel discussion addressing all of these issues.

The PROGRAM Speakers:

Joshua Kolden, Moderator & Independent Digital Imaging Consultant. Kolden comes from a visual effects background, and has focused his 15 years of experience on advancing the state of the art of digital visual production. He has supervised digital effects on projects such as "The Fifth Element," and "the Experience Music Project" as well as developing and integrating new technologies into the production process. Currently Kolden consults on leading edge color management technology such as high dynamic range imaging to better capture the artistic intent of filmmakers.

Peter Sternlicht, Executive Vice President & Technicolor Creative Services Technique, a division of Technicolor, Inc. Peter brings 20 years of visual effects management and artistry with 5 years of digital intermediate R&D to Technique(tm).

Josh Pines, Director of Imaging R & D Technique, a division of Technicolor, Inc. Pines served as digital photography scanning supervisor at ILM, and headed the company's Imaging department since 1990. Earlier, he led the computer graphics division at R/Greenberg Associates. Some of the many films he worked on include "A.I," "Pearl Harbor," "The Phantom Menace," "Saving Private Ryan," "Men in Black," "Dragonheart," "Forrest Gump," "Schindler's List," "Jurassic Park," "Death Becomes Her," and "Terminator 2: Judgment Day."
Michael Kanfer, Digital Mastering Supervisor Efilm, (A Panavision Company) After ten years of electronic imaging experience with print and video, Michael Kanfer began his career in visual effects at Digital Domain in 1993. During his tenure there he received an Academy Award nomination for Best Visual Effects for "Apollo 13," and the Academy Award for Best Visual Effects for "Titanic." He recently served as the Associate Visual Effects Supervisor for "Harry Potter and the Sorcerer's Stone" at Sony Pictures Imageworks. He is currently the Digital Mastering Supervisor at EFILM (A Panavision Company). Michael and his team of Digital Intermediate specialists at EFILM have recently completed a head to tail 2K digital intermediate for Paramount / Icon Pictures of the Randall Wallace film "We Were Soldiers," starring Mel Gibson.

James Carter, Vice President & Dailies and Client Relations Deluxe Laboratories With over 25 years of experience in all aspects of motion picture and video post production, James Carter is currently Vice President at one of the oldest and most respected film processing laboratories in the world. Carter started out his career as a film color timer at Foto-Kem, and has gone on to manage and improve the color timing services at both Foto-Kem and Deluxe Labs. He has improved quality control system, and has overseen all aspects of laboratory operations.

Fees/Registration:
The meeting is free to LA ACM SIGGRAPH members. It is $10 for non-members. Those new LA SIGGRAPH members who sign up on-site and pay the annual membership fee (checks or cash only) do not have to pay the $10 fee.

Please visit our website for meeting dates, and news of upcoming events.

For further details contact the SIGPHONE at (310) 288-1148 or at Los_Angeles_Chapter@siggraph.org, or www.siggraph.org/chapters/los_angeles

Return to "More"

****************

Past Meeting Archive Los Angeles ACM home page National ACM home page Top

 Last revision: 2002 0326 [Webmonster]