ITSA Day 2000
September 27, 2000 – 8a.m.
Reitz Union Auditorium, University of Florida
Free and open to the public.
No advanced registration.
Schedule of Events
|8:00am – 8:15am||Opening Remarks||Kathy Bergsma||Network Security Coordinator||UF|
|8:15am – 8:30am||Keynote Address and Speaker Introduction||Dr. Charles E. Frazier||Vice Provost for Information Technology||UF|
|8:30am – 9:30am||The Florida Computer Crime Act||Tom Sadaka||Assistant State Prosecutor|
|9:30am – 10:30am||Trends in Computer Law Enforcement||Bob Breeden||Special Agent||FDLE|
|10:45am- 11:30am||Kerberos/Walkup Authentication/GatorLink Cookies||Allen Rout, NERDC
Leo Wierzbowski, CIRCA
Eli Ben Shoshan, NERDC
|11:30am – 1:00pm||Lunch|
|1:00pm – 1:45pm||Learning from Your Security Mistakes||John Kida||S3 Networks|
|2:00pm – 2:45pm||Secure Network Design||Tim Ryan||Cisco Systems|
|3:00pm – 3:45pm||The State of Public Key Infrastructure Today||Jeff Powers||Vice President, Sales||Baltimore, Inc.|
|4:00pm – 4:45pm||Anatomy of an Attack and Risk Management||John Rezabek||Technical Product Manager||Internet Security Systems|
Reitz Union Gallery: Vendors
have provided space to vendors in the Gallery this year for the first
time. The vendors that will be represented include Cisco, ISS, Lurhq,
Intrusion.com, Netscreen and S3 Networks. Documentation from other
vendors will be available. NERDC and CIRCA will also be represented
in the Gallery.
8:00 — Opening Remarks
Kathy Bergsma, Network Security Coordinator
8:15 — Keynote Address and Speaker – Introduction
Dr. Charles E. Frazier, Vice Provost, UF
8:30 — Session 1 – The Florida Computer Crime Act
Tom Sadaka, Assistant State Prosecutor
The Florida Computer Crime Act and its application to system
administrators will be discussed. If you are the victim, what laws can
be applied. System administrator rights, and the rights and
responsibilities of security personnel, under federal search and seizure
law as applied to computers will be discussed. The application of the
Electronic Communications Privacy Act and the Privacy Protection Act
will also be covered in this discussion.
9:30 — Session 2 – Trends in Computer Law Enforcement
Bob Breeden, FDLE
Special Agent Bob Breeden will present an overview of FDLE’s response
to computer crime in Florida and talk about the current trends that law
enforcement is seeing in this exploding arena. Breeden will talk about
the current issues that will be addressed in the coming legislative
session and will introduce Infragard, the federally sponsored program to
address infrastructure security.
10:45 — Session 3 – Kerberos/Walkup Authentication/GatorLink Cookies
Allen Rout, NERDC
Leo Wierzbowski, CIRCA
Eli Ben Shoshan, NERDC
Kerberos is the gold standard for authentication in a hostile
environment. The authentication supporting such big names as DCE and AFS, Kerberos uses strong cryptography to safeguard authentication transactions and data transfer.
Powerful protection is often complex, and Kerberos is no exception. How does Kerberos let you prove who you are without your password ever touching the network? Learn the basics of Kerberos, and why you want it protecting your passwords too.
1:00 — Session 4 – Learning from Your Security Mistakes
John Kida, S3 Networks
A fun way to experience security threats is learning from other peoples
security mistakes before they happen to you.
2:00 — Session 5 – Secure Network Design
Tim Ryan, CISCO Systems
The presentation will cover detailed network attack methodology such
as distributed denial of service, threat mitigation options, network
security design components, and specific optimizations to existing
3:00 — Session 6 – The State of Public Key Infrastructure Today
Jeff Powers, Vice President of Sales, Baltimore Inc.
This talk will deal with the components that comprise a robust PKI, the
use of digital signatures and encryption and a look at the applications
that are being “PKI enabled” to provide strong security for users.
4:00 — Session 7 – The Anatomy of an Attack and Risk Management
John Rezabek, Technical Product Manager, Internet Security Systems (ISS)
It is uncommon to go through a day in the Internet Age without some media bestowing
the tragic news of a new network attack against a government, financial,
educational, or commercial computer system.
familiarity with hacker attacks has become common, for most, understanding
how a perpetrator compromises a system is still a mystery.
In his Anatomy
of an Attack and Risk Management presentation, John Rezabek will
provide a detailed example of how easy it is for hackers to break
into and compromise today’s networked computers. He will also illustrate
an example of how the recent DDOS (Distributed Denial of Service)
attacks function and how they can cripple a network and its services.
He will then address the importance of assessing and managing the
risks associated with e-business and Internet connectivity and what
companies can do to protect themselves against this risk. This presentation
will include real world visuals and anecdotes to detail in laymen’s
terms an attack on a fictional company’s system.