BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//CERN//INDICO//EN
BEGIN:VEVENT
SUMMARY:Vulnerability Assessment and Secure Coding Practices for Middlewar
 e
DTSTART;VALUE=DATE-TIME:20091207T090000Z
DTEND;VALUE=DATE-TIME:20091207T110000Z
DTSTAMP;VALUE=DATE-TIME:20130619T225332Z
UID:indico-event-74803@cern.ch
DESCRIPTION:\nSecurity is crucial in the software that we develop and use.
  This\ntutorial is relevant to anyone wanting to learn about assessing sof
 tware\nfor security flaws and for developers wishing to minimize security 
 flaws\nin software they develop.\nWe share our experience in vulnerability
  assessment of grid middleware.\nYou will learn skills critical for develo
 pers and analysts concerned\nabout software security\, and the importance 
 of independent vulnerability\nassessment.\n\n\nThe first part of this tuto
 rial covers a process to actively discover\nvulnerabilities. We show how t
 o gather information about a system and\nhow to use this to direct the sea
 rch for vulnerabilities\, and how to\nintegrate this into the development 
 cycle.\n\n\nThe second part of this tutorial examines coding practices to 
 prevent\nvulnerabilities by describing more than many types of vulnerabili
 ties\nwith examples of how they commonly arise\, and techniques to prevent
 \nthem. Most examples are in C and C++.\n\nAbout the speakersBarton Miller
 \n\nBarton Miller is Professor of Computer Sciences at the University of\n
 Wisconsin\,\nMadison.  He directs the Paradyn Tool project\, which is inve
 stigating binary\ncode instrumentation and analysis technologies for high 
 performance\ncomputing\nand cyber-security applications.  He also directs 
 the MIST vulnerability\nassessment project in collaboration with the Auton
 omous University of\nBarcelona.\nMiller has published widely in the top co
 mputer security and high\nperformance\ncomputing conferences. He founded t
 he field of fuzz testing\, widely used\nin the software engineering and co
 mputer security fields.\n\n\nMiller co-chaired the Supercomputing 2008 Tec
 hnical Program Tutorials\,\nand is co-chair of the upcoming 2010 Dagstuhl 
 Seminar on Program Development\nfor Extreme-Scale Computing.  Miller has b
 een on the editorial boards of\nIEEE\nTransactions on Parallel and Distrib
 uted Systems\, the International\nJournal of\nParallel Processing\, Concur
 rency and Computation Practice and\nExperience\, and\nComputing Systems.\n
 \n\nMiller is the chair of the IDA Center for Computing Sciences Program R
 eview\nCommittee\, has been on the Los Alamos National Laboratory Computin
 g\nCommunications and Networking Division Review Committee\, U.S. Secret\n
 Service Electronic Crimes Task Force (Chicago Area)\, and the Advisory\nBo
 ard for the International Summer Institute on Parallel Computer\nArchitect
 ures\, Languages\, and Algorithms in Prague.\n\n\nMiller received his Ph.D
 . degree in Computer Science from the University of\nCalifornia\, Berkeley
  in 1984.  He is a Fellow of the ACM.\n\nElisa Heymann\n\nElisa Heymann is
  Associate Professor of operating systems at the\nUniversidad Autonoma of 
 Barcelona (Spain). She attained her B.S. degree in computer science in 199
 2 at the University Simon Bolivar (Venezuela)\, and her MSc and PhD degree
 s from the University Autonoma of\nBarcelona in 1995 and 2001\, respective
 ly. Her research interests are in\nthe area of resource management\non dis
 tributed systems\, middleware for distributed systems/grid systems\nand co
 mputer security. She has participated in several research projects related
  with the development of management strategies for\nparallel applications 
 on distributed environments and vulnerability\nassessment for middleware.\
 n\n\nShe is author or co-author of a significant number of papers in\nscie
 ntific journals and symposiums.\n\n\nhttp://indico.cern.ch/conferenceDispl
 ay.py?confId=74803
LOCATION:CERN IT Auditorium
URL:http://indico.cern.ch/conferenceDisplay.py?confId=74803
END:VEVENT
END:VCALENDAR