Check out the new USENIX Web site.
11th USENIX Security Symposium, August 5-9, 2002, San Francisco Marriott, San Francisco, California, USA
SEC '02 Home | Register/Hotel | Tutorials | Tech Sessions | Activities/BoFs | At a Glance

Tutorial Descriptions   [Tutorial Overview]

Monday, August 5, 2002    

M1 Building Secure Software  NEW
Gary McGraw, Cigital

Who should attend: Developers, architects, and managers charged with developing code for security-critical and mission-critical projects (e.g., code that is intended to live on the Net), and security practitioners who must grapple with software security issues such as code review and risk analysis. Participants should have some familiarity with software development. Code examples include C, Java, and Python. This tutorial is based on material found in the book Building Secure Software, published by Addison-Wesley in their Professional Computing series.

What do wireless devices, cell phones, PDAs, browsers, operating systems, network services, public key infrastructure, and firewalls have in common? The answer is "software." Software is everywhere, and it is not usually built to be secure. This tutorial explains why the key to proactive computer security is making software behave. With software complexity growing alarmingly--the source code base for Windows XP is 40 million lines--we have our work cut out for us. Clearly, the penetrate-and-patch approach is non-optimal. Even worse is bolting security mechanisms on as an afterthought. Building software properly, both at the design and the implementation level, is a much better approach. This tutorial takes an in-depth look at some common software security risks, including buffer overflows, race conditions, and random number generation, and goes on to discuss essential guidelines for building secure software. A risk-driven approach to software security which integrates analysis and risk management throughout the software lifecycle is the key to better computer security.

Topics include:

  • Aligning security goals and software project goals
  • Software risk management
  • Performing risk analysis
  • Integrating securing into the software lifecycle
  • Code-scanning technology
  • Common software security risks
  • Design versus implementation risks
  • Building software security capability
  • Open source and security
  • Guidelines for building secure software

Upon completion of this tutorial, participants will understand why software security is essential to any organization building Net-enabled software, how to avoid common security problems, and how to design more secure software.

Gary McGraw Gary McGraw (M1) Cigital Inc.'s CTO, researches software security and sets technical vision in the area of software risk management. Dr. McGraw is co-author of four popular books: Java Security (Wiley, 1996), Securing Java (Wiley, 1999), Software Fault Injection (Wiley 1998), and Building Secure Software (Addison-Wesley, 2001). He consults with major e-commerce vendors, including Visa, MasterCard, and the Federal Reserve, functions as principal investigator on several government grants, and serves on commercial and academic advisory boards. Dr. McGraw holds a dual Ph.D. in cognitive science and computer science from Indiana University and a B.A. in philosophy from UVa. He regularly contributes to popular trade publications and is often quoted in national press articles.


M2 Practical Wireless IP: Concepts, Administration, and Security
Philip Cox and Brad C. Johnson, SystemExperts Corporation

Who should attend: Users, administrators, managers, and others interested in learning about some of the fundamental security and usage issues around wireless IP services. This tutorial assumes some knowledge of TCP/IP networking and client/server computing, the ability or willingness to use administrative GUIs to set up a device, and a general knowledge of common laptop environments.

Whether you like it or not, wireless services are popping up everywhere. And you and your organization will be responsible for understanding and managing the devices you possess. Since the purpose of wireless is to share data when you aren't directly attached to a wired resource, you need to understand the fundamental security and usage options. In this tutorial we will cover a number of topics that affect you in managing and using wireless services. Some of the topics will be demonstrated live using popular wireless devices.

Topics include:

  • Cellular services basics
    • What's out there?
    • Who's using what?
    • What really matters?
  • Wireless LAN fundamentals
    • Architecture
    • Threats
    • 802.11b
    • Configuration examples
    • Antennas
  • Access points
    • Channels, placement
    • Bandwidth, aggregation
    • Congestion
    • Roaming, signals
  • General issues
    • Sniffers
    • Building your own access point
    • 802.11a

Phil Cox Philip Cox (M2) is a consultant with SystemExperts Corporation. Phil frequently writes and lectures on issues of UNIX and Windows NT integration and on information security. He is the lead author of Windows 2000 Security Handbook, 2nd Edition (Osborne McGraw-Hill), a contributing author of Windows NT/2000 Network Security (Macmillan Technical Publishing), and a featured columnist in ;login: The Magazine of USENIX & SAGE. He has served on numerous USENIX program committees. Phil holds a B.S. in computer science from the College of Charleston, South Carolina.
Brad C. Johnson Brad C. Johnson (M2) is vice president of SystemExperts Corporation. He has participated in the Open Software Foundation, X/Open, and the IETF, and has often published about open systems. Brad has served as a security advisor to organizations such as Dateline NBC and CNN. He is a frequent tutorial instructor and conference speaker on network security, penetration analysis, middleware, and distributed systems. He holds a B.A. in computer science from Rutgers University and an M.S. in applied management from Lesley University.


M3 UNIX Security Threats and Solutions  NEW
Matt Bishop, University of California, Davis

Who should attend: Anyone interested in threats to UNIX security and how to deal with them.

This tutorial uses case histories to show what vulnerabilities the attackers exploited, how the system administrators might have closed those loopholes, and how the intruders were discovered. Concepts and mechanisms, as well as publicly available tools, are discussed. This course focuses on non-network problems.

Topics include:

  • Security policies vs. security mechanisms
  • Password security and cracking
  • Files and auditing
  • Access control mechanisms
  • Management of privileges
  • Malicious logic and the UNIX system
  • Basic vulnerabilities analysis
  • Basic incident management
  • Security holes past and current
  • Managing the humans
  • Where to get help

Matt Bishop Matt Bishop (M3) began working on problems of computer security, including the security of the UNIX operating system, at Purdue, where he earned his doctorate in 1984. He worked in industry and at NASA before becoming a professor, teaching courses in computer security, cryptography, operating systems, and software engineering at both Dartmouth College and the University of California at Davis, where he teaches now. Matt's current research interests are analyzing vulnerabilities in operating systems, protocols, and software in general; denial of service; intrusion detection; and formal models of access control.


M4 Network Security Protocols and Current Standards  NEW
Radia Perlman, Sun Microsystems

Who should attend: Anyone who wants to understand the theory behind network security protocol design, with an overview of the alphabet soup of standards and cryptography. This tutorial is especially useful for anyone who needs to design or implement a network security solution, but it is also useful to anyone who needs to understand existing offerings in order to deploy and manage them. Although the tutorial is technically deep, no background other than intellectual curiosity and a good night's sleep in the recent past are required.

First, without worrying about the details of particular standards, we discuss the pieces out of which all these protocols are built.

We then cover subtle design issues, such as how secure email interacts with distribution lists, how designs maximize security in the face of export laws, and the kinds of mistakes people generally make when designing protocols.

Armed with this conceptual knowledge of the toolkit of tricks, we describe and critique current standards.

Topics include:

  • What problems are we trying to solve?
  • Cryptography
  • Key distribution
    • trust hierarchies
    • public key (PKI) vs. secret key solutions
  • Handshake issues
    • Diffie-Hellman
    • Man-in-middle defense
    • Perfect forward secrecy
    • Reflection attacks
  • PKI standards
    • X.509
    • PKIX
  • Real-time protocols
    • SSL/TLS
    • IPsec (including AH, ESP, and IKE)
  • Secure email
  • Web security
    • URLs
    • HTTP, HTTPs
    • Cookies

Radia Perlman Radia Perlman (M4) is a Distinguished Engineer at Sun Microsystems. She is known for her contributions to bridging (spanning tree algorithm) and routing (link state routing) as well as security (sabotage- proof networks). She is the author of Interconnections: Bridges, Routers, Switches, and Internetworking Protocols, and co-author of Network Security: Private Communication in a Public World, two of the top 10 Networking reference books, according to Network Magazine. She is one of the 25 people whose work has most influenced the networking industry, according to Data Communications Magazine. She has about 50 issued patents, an S.B. and S.M in mathematics and a Ph.D. in computer science from MIT and an honorary doctorate from KTH, the Royal Institute of Technology in Sweden.


Tuesday, August 6, 2002   

T1 A Crash Course in SSL and TLS  NEW
Eric Rescorla, RTFM Inc.

Who should attend: Programmers, designers and architects who want to acquire an in-depth knowledge of SSL and TLS. Attendees should be familiar with TCP/IP. Familiarity with basic cryptography (encryption, public key, message digests, etc.) is desirable. We'll start with a brief primer on cryptography if a substantial portion of the class needs it.

This tutorial is an in-depth look at SSL and TLS. In this tutorial, we'll cram as much SSL/TLS knowledge into your head as possible in a single day. Topics covered will include:

Topics include:

  • An in-depth look at the SSL handshake and its major variants
    • session resumption
    • client auth
    • export modes
  • Data transfer and alerts
  • Known attacks
  • Performance
    • tuning
    • hardware acceleration
  • Integrating SSL into protocols
    • generic philosophy
    • HTTPS
    • SMTP/TLS
  • Programming with SSL
  • The future of SSL/TLS

After completing this tutorial, you will know enough about SSL to be seriously dangerous to your friends, neighbors, and co-workers.

Eric Rescorla (T1) is Principal Engineer of RTFM, Inc., an independent security consulting firm. He has been working in Internet Security since 1993. He has been a member of the TLS working group from before the beginning and has written several commercial SSL implementations as well as the free Java toolkit PureTLS and the SSL protocol analyzer ssldump. He is the author of "SSL and TLS: Designing and Building Secure Systems" (Addison-Wesley 2000) as well as the RFCs defining Secure-HTTP and HTTP over TLS.

T2 Building Honey Pots for Intrusion Detection  NEW
Marcus Ranum, Consultant

Who should attend: System and network managers with administrative skills and a security background. The tutorial examples will be based on UNIX/Linux. While the materials may be of interest to a Windows/NT administrator, attendees will benefit most if they have at least basic UNIX system administration skills.

This class provides a technical introduction to the art of building honey pot systems for intrusion detection and burglar-alarming networks. Students completing this class will come away armed with the knowledge that will enable them to easily assemble their own honey pot, install it, maintain it, keep it secure, and analyze the data from it.

Topics include:

  • Introduction
    • IDSes
    • Fundamentals of burglar alarms
    • Fundamentals of honey pots
    • Fundamentals of log-data analysis
    • Spoofing servers
  • Overview of our honey pot's design
    • System initialization
    • Services
    • Spoofing server implementation walkthrough
    • Multiway address/traffic manipulation
    • Logging architecture: syslogs, XML logs, statistical processing
    • Simple tricks for information visualization
  • Crunchy implementation details
    • How to write spoofing rules
    • How to write log filtering rules
  • Management
    • How to get help in analyzing attacks
    • Keeping up to date

Auxiliary materials: Attendees will receive a bootable CD-ROM containing a mini UNIX kernel and preconfigured software, and will also have source-code access to the honey pot building toolkit. Attendees may also wish to review The Honeynet Project, eds., Know Your Enemy: Revealing the Security Tools, Tactics, and Motives of the Blackhat Community (Addison-Wesley, 2001).

Marcus Ranum Marcus Ranum (T2) founded and served as CTO of NFR Security, Inc. He is a consultant and has been working in the computer/network security field for over 14 years. Marcus is credited with designing and implementing the first commercial Internet firewall product. He also designed and implemented other significant security technologies, including the TIS firewall toolkit and the TIS Gauntlet firewall. As a researcher for ARPA, Marcus set up and managed the Whitehouse.gov email server. Widely known as a teacher and industry visionary, he has been the recipient of both the TISC Clue award and the ISSA lifetime achievement award. Marcus lives in Woodbine, Maryland, with his wife, Katrina, and a small herd of cats.


T3 Cisco's Security Features: What They Are, Where to Use Them, How to Configure Them  NEW
John Stewart, Digital Island, Inc.

Who should attend: Network and system administrators running Cisco networks, and security professionals.

It's common knowledge that over 85% of all Internet traffic crosses a Cisco product at one time or another. Given this fact, it is obvious that improving security on Cisco products can improve the overall security of your site as well as the overall security of the Internet. However, the security features available in Cisco products can be a discipline in themselves. This class takes a nuts-and-bolts approach to deciding which Cisco security features to use, and when and where to use them. A sample network is used as the basis for the class. For each area, sample uses and actual configuration techniques are discussed.

Topics include:

  • Perimeter Security
    • Cisco Access Control Lists (ACLs)
    • Lock and key
    • TCP intercept
    • Context-Based Access Control (CBAC)
    • Firewalling technologies compared and contrasted
    • PIX
    • IOS
  • Access Lists revealed
    • Basic vs. extended
    • Where and how to use ACLs
    • Event logging
    • Per-user ACLs on dial-up ports
  • Router-to-router security
    • Shared symmetrical application keys
    • Distributed Director
    • Remote access
    • Route authentication
  • User security
    • Authentication, Authorization, Accounting (AAA)
    • TACACS
    • Fixed, OTP, SecureCard
    • RADIUS
    • Kerberos
  • IPSec
    • Current standards update
    • Deploying IPSec with other technologies
    • ISAKMP/Oakley
    • Availability
    • Configuring and using IPSec
  • Network Address Translation (NAT)
    • Hiding your company
    • Hiding your Web servers
    • Using NAT over dial-up
  • VPN
    • VPDNs
    • GRE tunnels
    • Layer 2 Forwarding (L2F)
    • L2TP tunnels

John Stewart John Stewart (T3) is responsible for investigating emerging technologies and helping to set future direction for Exodus, a Cable & Wireless Service. Previous to this position, Mr. Stewart was Digital Island's Chief Security Office. He also managed the core team and company-wide Security Council for auditing and adherence. As part of his involvement with the Center for Information Security (CIS), Mr. Stewart co-developed the Cisco Router Auditing Tool, an industry security analysis tool to help network administrators protect their Cisco routers, switches, and PIX firewalls. He serves on advisory boards for CloudShield, Tripwire Security, and hotU, Inc. Mr. Stewart holds a Master of Science degree in Computer and Information Science from Syracuse University, Syracuse, New York.


T4 IPSec  NEW
John Ioannidis, AT&T Labs;
Angelos Keromytis, Columbia University

Who should attend: Who should attend: Network administrators, system managers, developers of network applications, and anyone interested in network security. Some familiarity with networking principles is required, but cryptography is not.

The IPSec protocol suite provides network-layer security for the Internet and is an IETF standard. It is already widely used to implement Virtual Private Networks (VPNs), and is beginning to make its way into commercial implementations of desktop operating systems. This tutorial covers every feature of IPSec and its key management protocol, IKE, gives many real-life examples drawn from a variety of environments and operating systems, and aims to clear a lot of myths and misunderstandings about IPSsec.

Topics include:

  • Justification of network-layer security
  • Encapsulation, tunneling, and overlay networks
  • The IPSec transforms (ESP and AH)
  • Transport and tunnel modes
  • Key management
  • IKE, the Internet Key Exchange protocol
  • Interaction between IPSec/IKE and firewall/NAT boxes
  • Examples
  • Performance considerations (software and hardware)
  • Comparison with TLS/SSL
  • About PKIs
  • Miscellaneous topics
  • Future developments
    • Policy
    • Additional Key Management protocols

John Ioannidis John Ioannidis (T4) is a researcher at AT&T Labs — Research. He has been contributing in the IETF for over 10 years, and has been with the IPsec effort since the very beginning, and wrote the first SunOS, BSD and Linux implementations. He has also worked on policy mechanisms for IPsec, and more recently on JFK, a proposed successor to the Internet Key Exchange protocol. His many research interests include security of large distributed systems, wireless and mobile networking, micropayment systems, and high-speed network monitoring.

Angelos Keromytis Angelos Keromytis (T4) is an Assistant Professor of Computer Science at Columbia University. He has been working on IPsec since 1995, both in defining and refining the standards in the IETF, and in implementing and measuring its performance. He developed the OpenBSD IPsec stack, and wrote the first free implementations of the Photuris and IKE key management protocols for IPsec. More recently, he has been working on a proposed successor to IKE, named JFK, and has designed and implemented a cryptographic acceleration framework for IPsec (and other cryptography-heavy applications). His other research interests include scalable access control mechanisms, security policy composition and enforcement, and distributed system virtualization.

?Need help? Use our Contacts page.
Last changed: 25 April 2002 aw
Security '02 Home
Events calendar
USENIX home