carolyn@usenix (Carolyn Carr) (07/26/90)
UNIX Security Workshop Marriott Hotel, Portland, OR, August 27-28, 1990 The Second USENIX UNIX Security Workshop will be held in Portland, Oregon on Monday and Tuesday, August 27-28, 1990. The workshop is organized to bring researchers, system administrators and others together to discuss their needs and interests in the many aspects of computer security as they relate to the UNIX Operating System. This meeting will have elements of both a conference and a workshop; the former in that there will be presentations, the latter in that discussion and audience participation are expected. Speakers will discuss work in progress and/or work that is planned and will solicit opinions, comments and sugges- tions from other participants. There will be at least three panel sessions. Tentative Program Monday, August 27 9-10:30 Authentication I David Goldberg, MITRE The MITRE User Authentication System Daniel Klein, Software Engineering Institute, CMU A Survey of, and Improvements to, Password Security Matt Bishop, Dartmouth College An Extensible Password Changing Program Michele Crabb, NASA Ames Research Center Password Security in a Large Distributed Environment 11-12 Potpourri I Maria Pozzo, UCLA Computer Science Dept. An Automatic Policy Checker for Controlling Undesirable Program Behaviors John Linn, DEC Generic Security Service Application Program Interface Henry Teng, DEC, and David Brown, Worchester Polytechnic Institute An Expert Systems Approach to Security Inspection of UNIX 1:30-2:30 Secure Systems and Tools Raymond Wong, Oracle A Survey of Secure UNIX Operating Systems David Gill, MITRE Roles for Users and Privileges for System Processes: High Trust Mechanisms for Low Trust Systems Pat Bahn, GTE Beyond Bell-LaPadula: A Security Model for Real Applications 3:00-5:00 Access Control Marshall Abrams, Leonard LaPadula, & Ingrid Olson, MITRE Building Generalized Access Control on UNIX David Wichers, ARCA Systems, and Douglas Cook, Ronald Olsson, John Crossley, Paul Kerchen, Karl Levitt, & Raymond Lo, University of California at Davis An Access Control List Approach to Anti-Viral Security Frank Kardel, Friedrich Alexander University Frozen Files Hermann Strack, University of Karlsruhe to be arranged Panel and discussion on access control Tuesday, August 28 9-10:30 Authentication II Ana Maria De Alvare, Lawrence Livermore National Laboratory How Crackers Crack Passwords Steven Lunt, Bellcore Experiences with Kerberos Joe Tardo, Kannan Alagappan, & Richard Pitkin, DEC Public Key-based Authentication using Internet Certificates Panel and discussion on authentication 11-12 Security Considerations and the Environment Richard Neely, Ford Aerospace System Design and Verification for Secure Applications Under UNIX Gary Christoph, Los Alamos National Laboratory Security Considerations of Going to a UNIX Based Supercomputer Operating System Bjorn Satdeva, /sys/admin, inc. to be arranged 1:30-3:15 Networked Systems Mark Carson, Janet Cugini, Sohail Malik, Mythili Kannan, & Wen-Der Jiang, IBM Networked UNIX without the Superuser Jeffrey Roth, Defense Logistics Agency Hardening Anonymous FTP Jerry Carlin, Pacific Bell Gateway Security Measures Eugene Schultz, Lawrence Livermore National Laboratory UNIX Network Naivete Panel and discussion on network security 3:45-5 Potpourri II Fuat Baran, Howard Kaye, & Margarita Suarez, Columbia University Security Breaches: Five Recent Incidents at Columbia University Panel and discussion on security in Large installations ______________________________ Program Chair: Matt Bishop, Dept. of Mathematics & Computer Science, Dart- mouth College Full-time students please note: a limited number of scholarships are avail- able. For an application form contact office@usenix.org For registration information, contact: USENIX Conference Office 22672 Lambert Street, Suite 613 El Toro, CA 92630 (714) 588-8649 (714) 588-9706 (FAX)