Day 1 – 08 November
08:30 – 09:15 Registration
Room: Amphi Jean-Baptiste Say
09:15 – 10:15 Opening Keynote: Tackling the “identity problem”
Radia Perlman, Dell, USA
People mostly assume that “the identity problem” is well-understood, and that, given how long Internet authentication has been deployed, the world must have solved how to do that securely. This talk describes various facets of “the identity problem”; for instance, how does a website get a name, how does a website get a certificate, how does a browser know what to trust to sign certificates, how a human finds a website, how a user acquires a unique name, and how users prove they own their names. Surprisingly, there are unsolved issues with all of these aspects. As with most security problems, some people propose “blockchain” as being able to solve everything. This talk will describe what aspects of identity and authentication blockchain might address, and compare a blockchain approach with what is deployed today. (Hint: I will argue that blockchain will not be an improvement). If the talk spurs spirited debate throughout the conference, all the better.
10:15 – 11:00 Coffee Break and networking
Room: Salle des conférences
11:00 – 11:25 Presentation of the INSPIRE-5G project – Jean-Philippe Wary, Orange, France
11:25 – 11:50 Presentation of the AI@EDGE project – Roberto Riggio, UNIVPM, Italy (online)
11:50 – 12:15 Malware propagation in mobile device-to-device networks – Benedikt Jahnel, WIAS-Berlin (webex)
We introduce and discuss a versatile mathematical framework for the modelling and analysis of data transmission in a mobile pure device-to-device network that respects environment constraints such as urban street topologies. Using tools from stochastic geometry we then present results on the propagation of malware in such systems and exhibit a possible decentralized countermeasure for the removal of the malware from the system.
12:15 – 14:00 Lunch break
Room: Amphi Jean-Baptiste Say
14:00 – 15:00 Keynote: Issues in Cloud Security
Charlie Kaufman, Dell, USA
What does it mean for a public cloud to be secure? There’s the traditional concern of protecting services from bad actors on the Internet, but there is also protecting customers from other customers, protecting the cloud infrastructure from malicious customers, and even protecting the Internet from malicious customers. There is also protecting customers from the operator of the cloud infrastructure. Historically, network security was treated differently on the Internet, where you had to assume there were lots of hostile actors, and on an Intranet, where people (sometimes foolishly) assumed there were none. In recent years, the trend has been to treat all networks as hostile and to design for the worst case. But a cloud network truly is different. By a cloud network, I mean one where all routing components – including the hypervisors hosting untrusted guest software – are under the control of a single administration. In a cloud, the network can filter both what comes into endnodes and what goes out of them. Public clouds, where both other customers and the Internet at large have to be protected from bad actors on the inside, present some unique challenges. This talk looks at some of the challenges and the opportunities in this rapidly evolving space.
Room: Salle des conférences
15:00 – 15:25 Dynamic counter-measures placements for network security: a hybrid AI/OR approach – Yann Dujardin, Orange
Telecommunication network virtualization will facilitate dynamic physical resource allocations to virtual functions and services. Some recent works exploit this capacity in terms of countermeasures (CM) placements aiming at stopping/reducing cyber-attacks impacts on networks [Bazgan et al. ; Mahjoub et al, 2018]. However, the proposed solutions only consider static or bi-level cases, stating that network vulnerabilities are constant (in time). In reality, vulnerabilities can evolve in time and dynamic CM placements are more appropriate for maximal security. Finding optimal policies of (dynamic) CM placements is very hard (not tractable) since it requires solving optimization/planning algorithms with very large states space, under uncertainty. However, one can try to reduce the complexity of the problem (so the computing time) when looking only for approximate solutions. In this talk, we propose a new approach, hybriding Markov Decision Processes and Linear Programming, that can generate approximate solutions (policies) with performance guarantees, while exploiting the existing static approaches.
[Bazgan et al., 2018] Bazgan, C., Beaujean, P., & Gourdin, É. (2018, December). Relaxation and Matrix Randomized Rounding for the Maximum Spectral Subgraph Problem. In International Conference on Combinatorial Optimization and Applications (pp. 108-122). Springer, Cham.
[Mahjoub et al., 2018] Mahjoub, A. R., Naghmouchi, M. Y., & Perrot, N. (2018). A bilevel programming model for proactive countermeasure selection in complex ICT systems. Electronic Notes in Discrete Mathematics, 64, 295-304
15:25 – 15:50 Quantum Technologies for securing communications at the edge – Paolo Comi, Italtel * (to be confirmed)
Securing communications at the network edge is at the foundation of the success of cloud networking for business-critical applications. A large amount of sensitive data is produced at the edge, locally stored and moved along complex chains of distributed virtual functions. Symmetric key encryption must be introduced for overcoming the security gaps of the current asymmetric model and the problem of confidential and trusted modes for distributing symmetric encryption keys must be solved. Quantum technologies provide a solution applying the laws of physic for delivering confidential information. Quantum Key Distribution will be presented for symmetric encryption delivery required by edge and cloud networking needs.
15:50 – 16:15 What are responsibility graphs and what can they teach us about responsibility repartition? – Gaber Chrystel, Orange
16:15 – 17:00 Coffee Break and networking