1998 Conferences

1st CACR Information Security Workshop

Avi Rubin, AT&T Labs - Research

Security and Privacy on the Web

This talk will focus on the important aspects of security and privacy on the web. What are the threats? What are the key technologies for protecting resources and personal privacy? The first part of the talk will focus on the client. Careless design, implementation and deployment of browsers has led to some interesting and subtle vulnerabilities. The client host is further at risk because of active content such as Java applets and ActiveX controls. Several strategies for protecting resources from these programs will be presented. We then look at some tradeoffs in the protection of web servers. Finally, we explore the growing loss of privacy on the web and the technologies that can be used as countermeasures.

Speaker Bio
Aviel D. Rubin is a Senior Technical Staff Member at AT&T Labs, Research in the secure systems research department, and an Adjunct Professor of Computer Science at New York University, where he teaches cryptography and computer security. He is the co-author of the Web Security Sourcebook. Avi holds a B.S., M.S.E., and Ph.D. from the University of Michigan in Ann Arbor (89,91,94) in Computer Science and Engineering. He has served on several program committees for major security conferences and as the program chair for the 1998 USENIX security conference. He will also be the program chair for the 1999 USENIX Technical conference.