5G Security and Privacy
Date: Tuesday July 10
Time: 11:00 – 6:30
Room: Camino Real
5G with vision of “everything connected” is to be deployed in integration with existing technologies by 2020. 5G has higher bandwidth, higher networking capabilities, and higher extensive signal coverage capacity, making it a possible for IoT into reality. The integration of the existing technologies with 5G is inevitable. These all lead to security and privacy as a challenging task in 5G.
Modern day adversaries’ targets include almost everything: user devices, access and core networks, home and external networks. Instead of an individual security mechanism, a systematically integrated approach is needed. 5G Security management a challenge to vertical industries, for instance, managing identities, performing authentication, defending against denial of service (DoS) attacks, and protecting confidentiality and integrity of service traffic.
|Theme: 5G Security and Privacy|
|11:05||Keynote Speaker: Dr. Anand Prasad, NEC Corporation
Topic: This is how to do it: Securing 5G Business to technology
|11:35||Speaker: Ulf Lindqvist, SRI International
Topic: Dreaming Big: Trustworthiness at Scale
|12:05||Panel Discussion: Mobile Communications Security
The unprecedented growth of mobile computing environments has created major concerns in security of mobile communication. Hence it is necessary to address important issues in security architecture for mobile communications.
Moderator: Ulf Lindqvist, SRI International
Dr. Anand Prasad, NEC Corporation
Joe Jarzombek, Synopsis, Inc.
Drew Van Duren, OnBoard Security, Inc.
|Theme: 5G Security Architecture|
|14:00||Keynote Speaker: Jeffrey Cichonski, NIST
Topic: Cybersecurity Standards, 5G and NIST.
|14:30||Speaker: David Kravitz, Vice President, Crypto Systems Research, DarkMatter
Topic: Advanced Security for IoT: Underpinning Networks of Users and Devices with Solid Trust Metrics
|15:00||Panel Discussion: Future Generation Blockchain, a Boon or Bane to Mankind?
This session will explore such topics as cryptocurrencies as hiding place for ransomware, the potential role of decentralization in managing and governing our daily lives, and ramifications of the convergence of blockchain, IoT and big data.
Moderator: David Kravitz, Vice President, Crypto Systems Research, DarkMatter
Jeffrey Cichonski, NIST
Igor Faynberg, Stevens Institute of Technology
Dilip Krishnaswamy, Reliance Jio Infocomm
|Theme: Security and Privacy of IoT|
|16:30||Speaker: Antonio Skarmeta, University of Murcia
Topic: Identities and IoT: new challenges and threats in a fully 5G connected world
|17:00||Speaker: Tarun Viswanathan, Intel
Topic: Evolving Security Needs for Communication Services Providers (CoSP)
|17:30||Panel Discussion: Security and Privacy of IoT with a Case Study in Autonomous Vehicles
The proliferation of Internet of Things (IoT) has revolutionized its use in connected automobile system, home systems and medical systems. It has created severe challenges to technologists, manufacturers, people, government and other entities. The sheer scope of IoT carries countless security and privacy implications for businesses, individuals and organizations. The proliferation of IoT devices imposes challenges of harnessing large data empowered by 5G while maintaining security and confidentiality, imposes business, social and legal challenges. This session will address some of the challenges in security and privacy of IoT with a case study in Autonomous vehicles.
Moderator: Dr. Amruthur Narasimhan, Global 5G Tutorial Coordinator
Antonio Skarmeta, University of Murcia
Tarun Viswanathan, Intel
Junaid Islam, Vidder
Dr. Anand R. Prasad, Fellow IET & IETE, is Chief Advanced Technologist, NEC Corporation, where he leads the mobile communications security activity. Anand is the chairman of 3GPP SA3, member of the governing body of GISFI and governing council member of TSDSI. He has 20+ years of experience in all aspects of mobile networking industry around the globe.
Anand has published 6 books, 50+ peer reviewed papers, is editor-in-chief of the “Journal of ICT Standardization” published by River Publishers and, most of all, he is a passionate speaker on information security.
He is recipient of the 2014 ITU-AJ “Encouragement Award: ICT Accomplishment Field” and the 2012 (ISC)2 “Asia Pacific Information Security Leadership Achievements” award as a Senior Information Security Professional.”
Jeff Cichonski is an Information Technology Specialist working with a broad array of technologies at the National Institute of Standards and Technology; working in the Applied Cybersecurity Division under the umbrella of the Information Technology Laboratory. Jeff is an active member of the standards organization 3GPP, specifically participating in the SA3 working group focusing on setting security standards for 5G cellular networks. He is also working in the area of IoT and industrial control system cybersecurity focusing on applying existing cybersecurity guidance and best practices to address requirements in this space. He has a Bachelor of Science in Information Science and Technology from the Pennsylvania State University.
David W. Kravitz is Vice President of Crypto Systems Research at DarkMatter, and heads DarkMatter’s blockchain team that is focused on providing an IoT-compatible access-controlled, auditable and privacy-preserving transaction platform. His extensive information security experience spans a wide range of application areas, including voice- and data- critical infrastructure, digital rights management, payments, smart grid, IoT, and high-value assets transfer. He began his career at the National Security Agency, where as Senior Technical Advisor he “combined his exceptional skills in protocol and algorithm design with his evaluation capabilities to profoundly enhance the security posture of communications,” as stated in the Certificate of Achievement he was awarded by the Director of NSA. He has also held senior positions at Sandia National Laboratories, CertCo/Bankers Trust Electronic Commerce, Digital Video Express, Wave Systems Corp., Motorola Labs, Certicom Research/BlackBerry, and IBM Research. He was the principal architect of the Membership Services identity management framework of the Linux Foundation’s Hyperledger Fabric project, and invented DSA, the elliptic curve variant of which, ECDSA, underlies Bitcoin and Ethereum blockchains. He serves as a Technical Advisor for CENTRI – Advanced Security for IoT, and Atonomi – The Secure Ledger of Things. He holds a Ph.D. and Masters in Electrical Engineering – Systems from University of Southern California, a Masters in Mathematical Sciences from Johns Hopkins University, and a Bachelors in Mathematics from Rutgers University.
Ulf Lindqvist is a senior technical director in the Computer Science Laboratory at SRI International. He manages research and development programs regarding infrastructure security for government and commercial clients. His areas of expertise include cybersecurity, infrastructure systems, intrusion detection in computer systems, and security for the Internet of Things and other systems that interact with the physical world.
Dr. Lindqvist leads SRI’s support for the Cyber Security Division at the U.S. Department of Homeland Security’s Science and Technology Directorate. He also leads SRI’s Internet of Things Security and Privacy Center. He has previously served in various leading roles in the security research and engineering community, including vice chair of the IEEE Cybersecurity Initiative, chair of the IEEE Computer Society’s Technical Committee on Security and Privacy, and general chair for the IEEE Symposium on Security and Privacy.
Dr. Lindqvist holds a Ph.D. in computer engineering and a M.S. degree in computer science and engineering, both from Chalmers University of Technology in Sweden. He was named an SRI Fellow in 2016.
Dr. Antonio F. Skarmeta received the M.S. degree in Computer Science from the University of Granada and B.S. (Hons.) and the Ph.D. degrees in Computer Science from the University of Murcia Spain. Since 2009 he is Full Professor at the same department and University. Antonio F. Skarmeta has worked on different research projects in the national and international area in the networking, security and IoT area, like Seinit, Deserec, Enable, Daidalos, SWIFT, IoT6, SMARTIE and SocIOtal. He is the head of the research group ANTS since its creation on 1995 and member of TDL. Actually he is also advisor to the vice-rector of Research of the University of Murcia for International projects and head of the International Research Project Office and national representative for MSCA.
He has published over 90 international papers and being member of several program committees. He has also participated in several standardization activities being co-authors of some drafts at the IETF.
Tarun Viswanathan is currently a Platform Solution Architect in Intel’s Network Platform Group and is responsible for working with Enterprise end customers to define solution architecture that helps accelerate the adoption of software-defined networking and network functions virtualization.
Tarun started his career as a Network Security Engineer and moved on to the role of a Security Architect responsible for data protection, endpoint protection and cloud security prior to taking on his current role as an Enterprise Platform Solution Architect.
Tarun holds the CISSP and CCSK certifications and has three US patents. He has been with Intel for over 17 years.
Igor Faynberg, a 2011 Bell Labs Fellow, is an industry consultant and an Adjunct Professor of Computer Science in Stevens Institute of Technology. He represents Cable Television Laboratories in the ETSI NFV ISG, where he has been chairing the Security Working Group for the past four years.
Prior to founding the Stargazers Consulting LLC in 2015, Dr. Faynberg had had various staff and management positions in Bell Labs and Alcatel-Lucent business units where he had contributed to various R&D projects, starting from the development of variants of Karmarkar algorithm for supercomputers, Intelligent Network and its interworking with the Internet, to Cloud Computing and Network Functions Virtualization. Most recently he directed a group that researched solutions for security and identity management problems and led their standardization in the ATIS, IETF, ITU-T, ISO/IEC, ETSI, and INCITS Cyber Security Committee.
Prior to joining Bell Labs in 1986, Dr Faynberg had contributed to design and development of operating systems and a hypervisor as well as a network management suite for the Sperry Distributed Communications Architecture and designed the Local Area Networking architecture and protocols for the Borroughs Network Architecture.
Dr. Faynberg holds over 50 U.S. and international patents for inventions relevant to converged services, data communications, and security, and he has over 30 refereed publications in application of computers science to communications and network security. He has co-authored three books entitled, respectively, Intelligent Network Standards, Their Applications to Services (McGraw-Hill, 1997), Converged Networks and Services: Internetworking IP With PSTN (John Wiley & Sons, 2000), and Cloud Computing—Business, Trends, and Technologies (John Wiley & Sons, 2016).
Junaid Islam is a cybersecurity expert with 30 years of experience in secure communications. His background spans field operations to the design and development of protocols. Junaid’s technical contributions have been incorporated into a broad range of commercial and government networks.
Junaid started his career in 1989 building data networks for the US and Canadian governments in South America and the Middle East. From 1993 onwards Junaid focused on developing new network protocols including the quieing algoritms for Frame Relay which became MLPP, the first IP-ATM interworking protocol which became the foundation for MPLS and the first Mobile IPv6 client for Netcentric Warfare. Currently Junaid is leading the development of Zero Trust Networks using the Software Defined Perimeter (SDP) architecture.
Joe Jarzombek is Director for Government, Aerospace & Defense Programs in Synopsys, Inc., the Silicon to Software™ partner for innovative companies developing the electronic products and software applications. He guides efforts to focus Synopsys’ global leadership in electronic design automation (EDA), semiconductor IP, and software security and quality solutions in addressing technology challenges of the public sector and aerospace and defense communities. He participates in relevant consortia, public-private collaboration groups, standards groups, and academic R&D projects to assist in accelerating technology adoption.
Previously, Joe served as Global Manager for Software Supply Chain Solutions in the Software Integrity Group at Synopsys. In that role he led efforts to enhance capabilities to mitigate software supply chain risks via testing technologies and services that integrate within acquisition and development processes; enabling detection, reporting, and remediation of defects and security vulnerabilities to gain assurance and visibility within the software supply chain.
Jarzombek has more than 30 years focused on software security, safety and quality in embedded and networked systems. He has participated in industry consortia such as ITI, SAFECode and CISQ; test and certification organizations such as Underwriters Labs’ Cybersecurity Assurance Program, standards bodies, and government agencies to address software assurance and supply chain challenges.
Prior to joining Synopsys, Jarzombek served in the government public sector; collaborating with industry, federal agencies, and international allies in addressing cybersecurity challenges. He served as the Director for Software & Supply Chain Assurance in the US Department of Homeland Security Office of Cybersecurity and Communications, and he served in the US Department of Defense as the Deputy Director for Information Assurance in the Office of the CIO and the Director for Software Intensive Systems in the Office of Acquisition, Technology and Logistics.
Jarzombek is a retired Lt Colonel in US Air Force and a Certified Secure Software Lifecycle Professional (CSSLP). He received an MS in Computer Information Systems from the Air Force Institute of Technology, and a BA in Computer Science and BBA in Data Processing and Analysis from the University of Texas – Austin.
Amruthur Narasimhan is a consultant in Information Security, Cyber Security and privacy areas. He has over 25 years of experience in System Engineering, Architecture, Technical Leadership and Management, Software Development, Communication Protocols, and Project Management. He has held various positions in multinational companies: Software Engineer Manager Chief at SAIC, Security Consultant at Northrop Grumman, President of Amrutek Services, Technical Manager at Avaya, Principal Technical Staff Member at AT&T, and Associate Professor in Department of Computer Science at Stevens Institute of Technology.
Narasimhan was chair of the IEEE conference on Mobile Security/Cyber Security and Privacy held in 2014 and 2015. He received the IEEE third Millennium Medal for contributions in Electronic Commerce and Multimedia Technology in May 2000. He also received IEEE Region 1 award for technical achievement in 2002, and for eBusiness and Internet Technologies and technical achievements for Innovation in Artificial Intelligence Technology in 1997. He has been coordinator and speaker for various IEEE conferences on VoIP security, WLAN security and Multimedia security. He was chair of IEEE NJ coast section consultant’s network, chair of IEEE NJ Coast Section PACE, Chair of IEEE NJ Coast Section (1996-2002) and Chair of IEEE NJ Computer Chapter (1993-1996).
Narasimhan has good communication skills being a coach for Dale Carnegie courses on Human relations. He has graduated as Competent Toast Master in Public Speaking from Toast Masters International. He received a Ph.D. in Computer Science from Indian Institute of Science, Bangalore, India, one of the prestigious institutions in India.
Drew Van Duren is Technical Director of IoT Security at OnBoard Security, Inc., a cybersecurity company dedicated to the safe and secure deployment of transportation systems, advanced cryptography and hardware-enhanced trusted computing. A seasoned DoD and transportation industry security professional, Drew highlights 15 years of support to commercial and government organizations in their efforts to secure vital systems through threat modeling, cryptographic key management, PKI engineering, secure software development and secure interoperable network protocol design. Originally an aerospace engineer, his experience evolved into cyber-physical risk management and communications security. He has provided extensive security expertise to the U.S. FAA Unmanned Air System (UAS) integration office and in conjunction with the RTCA developed cryptographic security requirements for unmanned aircraft that will operate in the US National Airspace System (NAS). Drew has also managed as Technical Director the two largest FIPS 140-2 (cryptographic module) testing laboratories, and has led security architecture design of multiple high assurance systems for the DoD. Drew co-authored the book, ‘Practical Internet of Things Security’ and today provides security consulting for the New York City Connected Vehicle Pilot Deployment, the world’s largest planned deployment of 10,000 connected vehicles and hundreds of smart infrastructure devices.
Advanced Security for IoT: Underpinning Networks of Users and Devices with Solid Trust Metrics: As 5G’s properties of low latency, high bandwidth, and massive connectivity enable such applications as remote surgery and instantly responsive networks of self-driving cars, it is imperative to avoid the pitfalls of garbage-in, garbage-out. This talk will tour how to utilize the confluence of blockchain, existing roots of trust, machine learning, reputation scoring, and sound cryptographic practices to safely meld our on-chain and off-chain transactional lives.
This is how to do it: Securing 5G business to technology: “Secure 5G” will take us towards a new era of innovation and transformation of society. This talk will expand on securing 5G as a business concept and as a technology. Since holistic security is a must, both standard based 3GPP 5G Phase 1 security and non-standard aspects of 5G security will be highlighted. Concluding with a glimpse to future – 3GPP 5G Phase 2 security!
Dreaming Big: Trustworthiness at Scale: What if the tens of billions of IoT devices that will be deployed within a few years actually would be trustworthy? What if we could have strong assurances that IoT devices with ubiquitous 5G connectivity could safely be trusted with our most critical tasks and our most private information? Trustworthiness at scale would enable applications in a wide range of areas where the full potential cannot be reached today because of security and privacy concerns. This talk discusses the potential of trustworthy IoT, along with a suggested outline of what would be required to accomplish the envisioned trustworthiness for IoT with 5G.
Cybersecurity Standards, 5G and NIST: Building on existing standards and strengthening cybersecurity capabilities in 5G can help build trust in many emerging digital environments. NIST is engaging in the 3GPP working groups supporting cybersecurity. In addition, NIST is considering how 5G can support secure information technology, operational technology and the Internet of Things environments. Jeffrey Cichonski will discuss NIST’s work on standards, guidelines and applied engineering efforts to build trust in technology.
Identities and IoT: new challenges and threats in a fully 5G connected world: This talk with discuss about how to extend the idea of identities to smart objects. The usage of IoT at large-scale creates the need to address adequately trust and privacy functions. In that sense, it is needed to evolve from a vision of sensors to an integrated view of smart objects forming part of our personal space, and as being shared, borrowed and, in general, having temporal associations with the users and their personal identity, while these aspects are addressed considering security and privacy rules. This bring new challenges and threats to be considered when we move from a physical to a fully virtualized world.
Evolving Security needs for Communication Service Providers (CoSP): This talk will focus on the network transformation that is taking place in CoSP infrastructure and what security requirements have to be addressed. It will also touch upon some of the security domains and technologies that Intel is involved in.
Indian Institute of