1st CACR Information Security Workshop
Avi Rubin, AT&T Labs
Security and Privacy on the Web
This talk will focus on the important aspects of security and
privacy on the web. What are the threats? What are the key
technologies for protecting resources and personal privacy?
The first part of the talk will focus on the client. Careless design,
implementation and deployment of browsers has led to some interesting
and subtle vulnerabilities. The client host is further at risk because
of active content such as Java applets and ActiveX controls. Several
strategies for protecting resources from these programs will be
presented. We then look at some tradeoffs in the protection of web
servers. Finally, we explore the growing loss of privacy on the web and
the technologies that can be used as countermeasures.
Aviel D. Rubin is a Senior Technical Staff Member at AT&T Labs,
Research in the secure systems research department, and an Adjunct
Professor of Computer Science at New York University, where he
teaches cryptography and computer security. He is the co-author of
the Web Security Sourcebook. Avi holds a B.S., M.S.E., and Ph.D.
from the University of Michigan in Ann Arbor (89,91,94) in Computer
Science and Engineering. He has served on several program committees
for major security conferences and as the program chair for the
1998 USENIX security conference. He will also be the program chair
for the 1999 USENIX Technical conference.