Information Security Society Switzerland (ISSS)
menu

ISSS Security Lunch

 

Improving Electronic Perimeter Security based on Fluctuant Parameterization

22. April 2010, 12:00 - 14:00,  Hotel Royal, Geneva

Registration

 

Abstract / Résumé:

Any ecosystem aims to find its homeostasis, i. e. the steady state operating in ideal conditions. When an ecosystem does not reach this state, it is found under stress. Three are the possible states of stress, flight, fight or inhibition. In this presentation an information system is considered a natural ecosystem.
Computer systems are based on operating systems which, in the majority, are written in C programming language. This language is permissive to errors, which as time goes by, and because of requirements of new services, increase exponentially. The opening of information systems to the external world, and the
presence of hackers in the public domain of internet, put this ecosystem under stress. The current policy of installing security patches and software protection system like anti-virus or other code controllers shows that the system is in state of fight. However, this policy of permanent installation of new protection elements continually creates a new system in a new environment with new functions, and
new vulnerabilities as well. In such a system, the proper functioning of the old functions is not always granted. The objective of this presentation is to make the system invisible to predators, which in the computer world, are the hackers. Based on the strategies of camouflage, the electronic perimeter fluctuates over time, making the system invisible to predators.

---

Tout écosystème a pour objectif de trouver son homéostasie, autrement dit son état d’équilibre, état de fonctionnement idéal. Lorsqu’un écosystème n’atteint pas cet état, il se trouve en état de stress. Trois sont les états de stress possible, la fuite, la lutte ou l’inhibition. Dans cette présentation un système d’information est considéré comme un écosystème physique. Tout système informatique se base sur un système opérationnel (Operating System) qui est dans la quasi-majorité de cas écrit en langage C. Ce langage est permissif aux erreurs, qui au fur du temps, et à cause des exigences de nouveaux services, augmentent de manière exponentielle. L’ouverture des systèmes d’informations vers le monde extérieur, et la présence des hackers dans le domaine publique d’internet, mettent cet ecosystème en état de stress. La politique actuelle d’installation de patchs de sécurité ainsi que des logiciels de protection du système de type anti-virus ou autre démontre que le système se trouve en état de lutte. Or, cette politique d’installation permanente de nouveaux éléments de protection, aura comme effet de créer continuellement un nouveau système dans un nouvel environnement et des nouvelles fonctions, mais aussi de nouvelles failles. Dans un tel système, le bon fonctionnement des anciennes fonctions n’est pas toujours garanti. L’objectif de cette présentation est de s’inspirer des écosystèmes afin de rendre ce système invisible aux prédateurs qui, dans le monde informatique, sont les hackers. S’inspirant sur les stratégies du camouflage le périmètre électronique fluctue dans le temps, ce qui rend le système invisible aux prédateurs.

 

Speaker / Conférencier:
Michel Paschalidès,  Research Director, Cybernis Limited

 

Biography:

Michel Paschalidès is a  highly experienced Senior Manager in document security with a background in security governance, stake assessments, technical threat analysis, enterprise risk management, PKI, Identity Management and Attack & Penetration assessments. ISSS member, Michel has expert knowledge in cryptography, steganography, symbology, advanced data carriers, security governance, security protocols, security services and applications. After having received a master degree in Physics Engineering from Swiss Institute of Technology in Lausanne, and Information Technology from University of Lausanne, he has initiated a Ph.D. is data carriers security. In parallel he has obtained different masters in Cryptography, Formal Analysis, System Communication, Distributed Systems, Artificial Intelligence and Intelligent Agents. He has participated in many industrial and European research security projects. Michel Paschalidès has occupied different managing positions in different information technology editors, as head of the development, technical director and CTO, as well as teaching positions and proposed Postgraduate Lectures in Geneva’s University of Applied Sciences. He has participated in two research programs of European Commission FP2 and FP3 and he is presently auditing FP6-BRIDGE (Bringing RFID in Global Environment) project European researches.

 

Slides:

The slides of this talk can be found in the ISSS member area.

 

Costs:
The restaurant will collect the money for the lunch and beverages from each participant. Entry is free (not including lunch).

 

Location:

Hôtel Royal
Rue de Lausanne 4
1201 Genève
+41 (0)22 906 14 71
Map

 

Registration Deadline:
19. April 2010, 12:00 CEST

 

Menu:

There will be no menu. The hotel provides a buffet.

  • Menu 1, 2 and 3: Buffet , CHF 63.00