Seen on the net: The Western Institute of Computer Science announces a week-long course on INTERNET SECURITY taught at Stanford University July 29 -- August 2, 1996 by Arthur M. Keller (Stanford University) David H. Crocker (Brandenburg Consulting) Tina M. Darmohray (Information Warehouse!) Whitfield Diffie (Sun Microsystems) Mark Eichin (Cygnus Support) Alan Fedeli (IBM) Gail Grant (Open Market) Lance Hoffman (George Washington University) Peter G. Neumann (SRI International) Allan Schiffman (Terisa Systems) A Practical Week-long Course for Consultants, Educators, Government and Industry Scientists and Engineers This course is taught by leading researchers and practitioners in the area of internet security: Arthur M. Keller, Dave Crocker, Tina M. Darmohray, Whitfield Diffie, Mark Eichin, Alan Fedeli, Gail Grant, Lance Hoffman, Peter Neumann, and Allan M. Schiffman. Participants will receive a grounding in internet security, familiarity with current concepts and issues, and exposure to the most important research and development trends in the area. Connecting to the Internet brings both unparalleled information resources and unparalleled security dangers. Protecting computer systems and networks from attacks is a critical and ongoing process. Equally important is protecting corporate intellectual property assets from inappropriate access. This course will examine a variety of network security topics, including protecting against intrusion, detecting and tracking intruders, and repairing damage after intrusion. The course will being with a survey of risk analysis and setting up emergency responses to network incidents. We then follow with a detailed description of cryptography, including cryptographic policy and a panel. The course will then cover specific security technologies. These include network firewalls (which provide perimeter security), Kerberos and adding security to existing network applications, secure messaging, secure payments, and World Wide Web security (including SSL). This course will also analyze security issues for electronic commerce. We will also show a videotape presentation on SATAN by Dan Farmer, one of its developers, and a videotape presentation by John Markoff and Tsutomu Shimomura on Takedown. TEXT: Building_in_Big_Brother, Lance Hoffman, and a complete set of course notes. PREREQUISITES: This course assumes a general knowledge of computers and using the Internet. WHO SHOULD ATTEND: Computer programmers, system managers, computer operations staff and managers, information technologists and managers, and teachers who want to gain insight into the capabilities, implementation and current trends in this emerging technology. COURSE SCHEDULE: INTERNET SECURITY Course dates: July 29 -- August 2, 1996 Schedule AM1: 9:00 -- 10:30 AM2: 11:00 -- 12:30 PM1: 1:30 -- 3:00 PM2: 3:30 -- 5:00 Mon AM Security Overview . Risk Analysis: Lance Hoffman . Setting up Emergency Responses to Network Incidents: Alan Fedeli Mon PM Cryptography . Cryptography 1: Whitfield Diffie . Cryptography 2: Whitfield Diffie Tue AM Cryptography . Cryptography 3: Whitfield Diffie . Cryptography 4: Whitfield Diffie Tue PM Cryptography . Cryptographic policy: Lance Hoffman . Cryptography panel: Lance Hoffman (moderator), Peter Neumann, Whitfield Diffie Wed AM Firewalls . Firewall overview and design: Tina Darmohray . Packet filtering, proxies, firewall toolkits: Tina Darmohray Wed PM SATAN: Dan Farmer by videotape Takedown: John Markoff and Tsutomu Shimomura by videotape Thu AM Kerberos: Mark Eichin Adding security to existing network applications: Mark Eichin Thu PM Security for Messaging: Dave Crocker Secure payments: Gail Grant Fri AM WWW security: Allan Schiffman SSL: Allan Schiffman Fri PM panel: Arthur Keller (moderator), Dave Crocker, Whitfield Diffie, Peter Neumann, Allan Schiffman ABOUT THE INSTRUCTORS DR. ARTHUR M. KELLER is a Senior Research Scientist at Stanford University. He is Project Manager of Stanford University's participation in CommerceNet, which is doing the first large-scale market trial of electronic commerce on the Internet. He leads the effort on smart catalogs and virtual catalogs. He was Manager of the Penguin project, to provide sharing of persistent object data among multiple applications. He is also working on managing inconsistency in federated, autonomous database systems. His publications include work on database security, databases on parallel computers, incomplete information in databases, database system implementation, hypertext databases, and computerized typesetting. DAVID H. CROCKER is a principal with Brandenburg Consulting, providing business and technical planning for distributed information products and services. He has participated in the development of internetworking capabilities since 1972, first as part of the Arpanet research community and more recently in the commercial sector. Mr. Crocker has made extensive contributions to the development of electronic mail and other Internet services. He has worked at a number of Silicon Valley companies, producing a wide range of TCP/IP, OSI, and network management products. He serves as Chairman of the non-profit Silicon Valley - Public Access Link, a community network information service. Mr. Crocker continues technical involvement in Internet standards activities for transport services, electronic mail and electronic commerce. TINA M. DARMOHRAY is a senior consultant for Information Works!, which specializes in Internet connections, firewall configurations, security audits, and Internet workshops. Previously Tina led the UNIX system administration team at Lawrence Livermore National Laboratory, where her team had responsibility for over 1000 machines. Tina is a founding board member of SAGE (USENIX System Administrators Guild) and has over a decade of experience as a UNIX system and network administrator and instructor. She received her BS/MS from the University of California at Berkeley. DR. WHITFIELD DIFFIE, who holds the position of Distinguished Engineer at Sun Microsystems, is best known for his 1975 discovery of the concept of public key cryptography, for which he was awarded a Doctorate in Technical Sciences (Honoris Causa) by the Swiss Federal Institute of Technology in 1992. For a dozen years prior to assuming his present position in 1991, Diffie was Manager of Secure Systems Research for Northern Telecom, functioning as the center of expertise in advanced security technologies throughout the corporation. Among his achievements in this position was the design of the key management architecture for NT's recently released PDSO security system for X.25 packet networks. Diffie received a Bachelor of Science degree in mathematics from the Massachusetts Institute of Technology in 1965. He is the recipient of the IEEE Information Theory Society Best Paper Award for 1979 and the IEEE Donald E. Fink award for 1981. MARK EICHIN is the primary development engineer for Cygnus Network Security, Mark Eichin has been involved in the development of the Kerberos network security system since his days as an undergraduate at MIT. He continues to work closely with MIT on the development of Kerberos. He was also involved in the design and implementation of the Zephyr Notification Service, which has been billed as one of the most complex uses of Kerberos ever seen in an application. ALAN FEDELI manages IBM network security functions including: IBM's AntiVirus products and services, phone fraud, and external network connectivity policy and security countermeasures. He also manages IBM's central Computer Emergency Response Team (CERT), which handles harmful code and network intrusions worldwide, for IBM and customers. He formed IBM's Internet Emergency Response Service (ERS) as a fee-based commercial offering. He has been a manager of technology in IBM for the past 20 years. He has managed systems programming, network software development, and in the past 7 years he has created information security businesses within IBM. He is a graduate of City College of New York, and recently earned his MBA in Organizational Behavior at Pace University. GAIL GRANT is the vice president for Business Development for Open Market, Inc., responsible for evaluation of potential technology partners and long-term technical requirements. She also is the chairman of the Network Services Working Group in CommerceNet, which is working to facilitate the development, standardization and deployment of protocols, applications and enabling technologies which provide authentication, privacy/encryption and certification services over the Internet in a secure and interoperable manner. Prior to joining OMI in 1994, Ms. Grant pioneered the Internet Alpha Program for Digital Equipment Corporation. This innovative, industry-first program generated millions in revenues and was featured in numerous publications, including Fortune Magazine, The New York Times and USA Today. Previous positions include development and development management positions at Bolt Beranek and Newman in Cambridge MA and in Cardiac Research at Mass. General Hospital in Boston MA. Ms. Grant presents regularly at conferences on the Internet, World-Wide Web and Electronic Commerce as well as recently authoring a chapter on Internet business transaction systems for Mary Cronin's upcoming book in Internet strategies to be published by Harvard Business School Press. DR. LANCE J. HOFFMAN is Professor of Electrical Engineering and Computer Science at The George Washington University in Washington, D. C. and Director of the School of Engineering's Institute on Computer and Telecommunications Systems Policy. He is known for his pioneering research on computer security and risk analysis, and for his interdisciplinary work in computer policy issues. Dr. Hoffman is the author or editor of five books and numerous articles on computer security and privacy; his new work on cryptographic policy, Building in Big Brother, is the first book devoted to the topic. He also is the editor of the well-received readings book Rogue Programs: Viruses, Worms and Trojan Horses. Dr. Hoffman has lectured around the world on computer security and privacy and on the vulnerability of society to computer systems. Dr. Hoffman was previously a National Lecturer for the Association for Computing Machinery and a Distinguished Visitor for the Institute of Electrical and Electronics Engineers. He served as general chairman of the Second Conference on Computers, Freedom, and Privacy, held in March 1992 in Washington. He is past chair of the IEEE Committee on Communications and Information Policy's Subcommittee on Information Security and Applications. Dr. Hoffman is a member of the National Advisory Board of the newsletter Privacy and American Business and a Fellow of the Association for Computing Machinery. DR. PETER G. NEUMANN is a principal scientist in the Computer Science Laboratory at SRI, where he has been since 1971, and his work is concerned with computer systems having requirements for security, reliability, human safety, and high assurance (including formal methods). He was founder and Editor of the SIGSOFT Software Engineering Notes (1976-1993), and is Chairman of the ACM Committee on Computers and Public Policy (since 1985), a Contributing Editor for CACM (since 1990), and creator (in 1985) and moderator of the ACM Forum on Risks to the Public in the Use of Computers and Related Technology. His RISKS-derived book on the benefits and pitfalls of computer-communication technology, Computer-Related Risks, is published by ACM Press and Addison Wesley. ALLAN M. SCHIFFMAN was named chief technical officer of Terisa Systems in April 1995. He was formerly chief technical officer of EIT, one of the founders of Terisa. He is principal architect of CommerceNet, a Bay Area consortium supporting electronic commerce over the Internet. His current obsession is Internet transaction security and has been working for the last year on Secure HTTP. Schiffman was previously vice president of technical strategy for ParcPlace Systems where he led the development of their well-known Objectworks\Smalltalk product family. Prior to this, he was senior MTS at Schlumberger Research and assistant director of the Fairchild Laboratory for Artificial Intelligence Research. He holds an M.S. in Computer Science from Stanford University. COURSE INFORMATION Dates: Monday-Friday, July 29-August 2, 1996 Times: Registration Sunday afternoon, July 28 Morning sessions 9:00am-12:30pm with a 30 minute break Afternoon sessions 1:30-5:00pm with a 30 minute break Lunch break 12:30-1:30pm daily Location: on the campus of Stanford University in Stanford, CA. Course Fee: $1,450 (includes instruction, complete set of course notes, break refreshments, and Tuesday night reception.) $1,575 for registration after July 15 Group Discount: A $100 discount is given to each individual when three or more register from the same organization for one of the courses. Accommodations: Housing information will be mailed at the request of the participant after enrollment. Parking permits are available at the Sunday afternoon course registration and are not included in your registration fee. Out-of-town participants will probably NOT need a car during the week. Transportation: from San Francisco International Airport: Shuttle service (Airport Connection) to the Stanford Campus approx. $17.00 each way; from San Jose International Airport: approx. $17.00 GENERAL INFORMATION Registration: Mail the registration form to the Western Institute of Computer Science, P.O. Box 1238, Magalia, CA 95954; FAX the registration form with your VISA/Mastercard number or company purchase order number to (916) 873-6697; or EMAIL your registration with company purchase order number or VISA or Mastercard number to barnhill@hudson.stanford.edu; TELEPHONE (916) 873-0575 with your company purchase order number or VISA or Mastercard numbers. CANCELLATIONS: are accepted up to 14 working days prior to the start of the course. A $100 processing fee will be assessed. After that date, no refunds will be given, but you may send a substitute in your place. If WICS is forced to cancel a course for any reason, liability is limited to the return of the paid registration fee. FOR INFORMATION: Call Western Institute of Computer Science at (916) 873-0575; email to barnhill@hudson.stanford.edu. _____________________________________________________________________________ Registration Form INTERNET SECURITY July 24-28, 1995 Registration on or before July 15 [ ] INTERNET SECURITY $1,450 Registration after July 15 [ ] INTERNET SECURITY $1,575 Name____________________________________ Title___________________________________ Company_________________________________ Address_________________________________ ________________________________________ City/State______________________________ Zip___________________ Country_________________ Work Phone (________)___________________ Home Phone (________)___________________ Electronic Mail address __________________________ on network _____________________ Total amount enclosed: $___________ Method of payment [ ] Check enclosed (payable to WICS) [ ] Visa/Mastercard #________________________________ card exp. date__________ cardholder signature___________________________________________________ [ ] Bill my company. Purchase Order #__________________________ Write billing address below. Return registration form with payment to: Western Institute of Computer Science P.O. Box 1238 Magalia, CA 95954-1238 ------------------------------------------------------------------------- Steven Weller | Technology (n): | | A substitute for adulthood. stevenw@best.com | Popular with middle-aged men.