ITSA Day 2000

September 27, 2000 – 8a.m.

Reitz Union Auditorium, University of Florida

Free and open to the public.

No advanced registration.

Parking, Maps, and Hotels

Schedule of Events

Time Topic Speaker Speaker Title Company
8:00am – 8:15am Opening Remarks Kathy Bergsma Network Security Coordinator UF
8:15am – 8:30am Keynote Address and Speaker Introduction Dr. Charles E. Frazier Vice Provost for Information Technology UF
8:30am – 9:30am The Florida Computer Crime Act Tom Sadaka Assistant State Prosecutor
9:30am – 10:30am Trends in Computer Law Enforcement Bob Breeden Special Agent FDLE
10:45am- 11:30am Kerberos/Walkup Authentication/GatorLink Cookies Allen Rout, NERDC
Leo Wierzbowski, CIRCA
Eli Ben Shoshan, NERDC
11:30am – 1:00pm Lunch
1:00pm – 1:45pm Learning from Your Security Mistakes John Kida S3 Networks
2:00pm – 2:45pm Secure Network Design Tim Ryan Cisco Systems
3:00pm – 3:45pm The State of Public Key Infrastructure Today Jeff Powers Vice President, Sales Baltimore, Inc.
4:00pm – 4:45pm Anatomy of an Attack and Risk Management John Rezabek Technical Product Manager Internet Security Systems
Reitz Union Gallery: Vendors

We
have provided space to vendors in the Gallery this year for the first
time. The vendors that will be represented include Cisco, ISS, Lurhq,
Intrusion.com, Netscreen and S3 Networks. Documentation from other
vendors will be available. NERDC and CIRCA will also be represented
in the Gallery.

8:00 — Opening Remarks

Kathy Bergsma, Network Security Coordinator

8:15 — Keynote Address and Speaker – Introduction

Dr. Charles E. Frazier, Vice Provost, UF

8:30 — Session 1 – The Florida Computer Crime Act

Tom Sadaka, Assistant State Prosecutor

The Florida Computer Crime Act and its application to system
administrators will be discussed. If you are the victim, what laws can
be applied. System administrator rights, and the rights and
responsibilities of security personnel, under federal search and seizure
law as applied to computers will be discussed. The application of the
Electronic Communications Privacy Act and the Privacy Protection Act
will also be covered in this discussion.

9:30 — Session 2 – Trends in Computer Law Enforcement

Bob Breeden, FDLE

Special Agent Bob Breeden will present an overview of FDLE’s response
to computer crime in Florida and talk about the current trends that law
enforcement is seeing in this exploding arena. Breeden will talk about
the current issues that will be addressed in the coming legislative
session and will introduce Infragard, the federally sponsored program to
address infrastructure security.

10:45 — Session 3 – Kerberos/Walkup Authentication/GatorLink Cookies

Allen Rout, NERDC

Leo Wierzbowski, CIRCA

Eli Ben Shoshan, NERDC

Kerberos is the gold standard for authentication in a hostile
environment. The authentication supporting such big names as DCE and AFS, Kerberos uses strong cryptography to safeguard authentication transactions and data transfer.

Powerful protection is often complex, and Kerberos is no exception. How does Kerberos let you prove who you are without your password ever touching the network? Learn the basics of Kerberos, and why you want it protecting your passwords too.

1:00 — Session 4 – Learning from Your Security Mistakes

John Kida, S3 Networks

A fun way to experience security threats is learning from other peoples
security mistakes before they happen to you.

2:00 — Session 5 – Secure Network Design

Tim Ryan, CISCO Systems

The presentation will cover detailed network attack methodology such
as distributed denial of service, threat mitigation options, network
security design components, and specific optimizations to existing
infrastructure.

Click
here for presentation slides
| Download
Zip File
(Microsoft PowerPoint, 3.99MB zipped)

3:00 — Session 6 – The State of Public Key Infrastructure Today

Jeff Powers, Vice President of Sales, Baltimore Inc.

This talk will deal with the components that comprise a robust PKI, the
use of digital signatures and encryption and a look at the applications
that are being “PKI enabled” to provide strong security for users.

Click
here for presentation slides
| Download
Zip File
(Microsoft
PowerPoint, 124K zipped)

4:00 — Session 7 – The Anatomy of an Attack and Risk Management

John Rezabek, Technical Product Manager, Internet Security Systems (ISS)

It is uncommon to go through a day in the Internet Age without some media bestowing
the tragic news of a new network attack against a government, financial,
educational, or commercial computer system.

Although our
familiarity with hacker attacks has become common, for most, understanding
how a perpetrator compromises a system is still a mystery.

In his Anatomy
of an Attack and Risk Management presentation, John Rezabek will
provide a detailed example of how easy it is for hackers to break
into and compromise today’s networked computers. He will also illustrate
an example of how the recent DDOS (Distributed Denial of Service)
attacks function and how they can cripple a network and its services.
He will then address the importance of assessing and managing the
risks associated with e-business and Internet connectivity and what
companies can do to protect themselves against this risk. This presentation
will include real world visuals and anecdotes to detail in laymen’s
terms an attack on a fictional company’s system.

Click
here for presentation slides
| Download
Zip File
(Microsoft
PowerPoint, 1.33MB zipped)

Refreshments will be provided by Cisco.