TECHNICAL SESSIONS SPEAKERS

Tech Sessions: Wednesday, August 11 | Thursday, August 12 | Friday, August 13 | Invited Talk Speakers

Scott Borg, Chief Economist, US Cyber Consequences Unit
How Cyber Attacks Will Be Used in International Conflicts

Crispin Cowan, Senior Program Manager, Windows Core Security, Microsoft, Inc.
Windows 7 Security from a UNIX Perspective
Crispin Cowan has been in the computer business for 27 years and in security for 12 years. He was the CTO and founder of Immunix, Inc., acquired by Novell in 2005. Dr. Cowan is now a security program manager in the Microsoft Windows Core, working on security features for Windows. Dr. Cowan developed several host security technologies under DARPA funding, including prominent technologies such as the StackGuard compiler defense against buffer overflows and the LSM (Linux Security Modules) interface in Linux 2.6. Dr. Cowan also co-invented the "time-to-patch" method of assessing when it is safe to apply a security patch. Prior to founding Immunix, he was a professor with the Oregon Graduate Institute. He was the program co-chair for the 2007 and 2008 Network and Distributed System Security conferences. He holds a Ph.D. from the University of Western Ontario and a Master's in Mathematics from the University of Waterloo.

Will Drewry, Software Security Engineer, Google
Toward an Open and Secure Platform for Using the Web
Will Drewry is a Software Security Engineer at Google. Since joining Google in 2003, he has been involved in all aspects of Google's security, ranging from internal and production infrastructure, through mergers and acquisitions, to product security. He has authored a number of open source projects, co-founded oCERT, and contributed novel research to the security community. Currently he is the security lead for Chrome OS.

Dan Geer, In-Q-Tel
Vulnerable Compliance
Milestones: The X Window System and Kerberos (1988), the first information security consulting firm on Wall Street (1992), convenor of the first academic conference on electronic commerce (1995), the "Risk Management Is Where the Money Is" speech that changed the focus of security (1998), the Presidency of the USENIX Association (2000), the first call for the eclipse of authentication by accountability (2002), principal author of and spokesman for "Cyberinsecurity: The Cost of Monopoly" (2003), co-founder of SecurityMetrics.Org (2004), convener of MetriCon (2006&ndash), author of "Economics & Strategies of Data Security" (2008), and not done yet.

Roger G. Johnston, Vulnerability Assessment Team, Argonne National Laboratory
Proving Voltaire Right: Security Blunders Dumber Than Dog Snot
Roger G. Johnston, Ph.D., CPP, is a Senior Systems Engineer and Section Manager for the Vulnerability Assessment Team at Argonne National Laboratory. He was founder and head of the Vulnerability Assessment Team at Los Alamos National Laboratory (LANL) from 1992 to 2007. Roger has provided consulting, vulnerability assessments, and security solutions for over 45 government agencies and private companies. Johnston graduated from Carleton College (1977) and received M.S. and Ph.D. degrees in physics from the University of Colorado (1983). He has authored over 120 technical papers and 68 invited talks, holds 10 U.S. patents, and serves as Editor of the Journal of Physical Security. Roger is the author of Security Sound Bites: Important Ideas About Security from Smart-Ass, Dumb-Ass, and Kick-Ass Quotations.

James Lewis, Senior Fellow and Program Director at the Center for Strategic and International Studies
Docile No More: The Tussle to Redefine the Internet

David P. Reed, MIT Media Laboratory
End-to-End Arguments: The Internet and Beyond
David P. Reed's research focuses on designing systems that manage, communicate, and manipulate information shared among people. He is best known for co-developing the Internet design principle known as the "end-to-end argument" (with MIT professors J.H. Saltzer and David D. Clark) and "Reed's Law," which describes the economics of group formation in networks. Reed, with Andrew Lippman, developed the Lab's Viral Communications program; with Lippman, David D. Clark, and Charles Fine he helped to create the Communications Futures Program.

Reed's career spans both computing R&D and academia. As a vice president of R&D and chief scientist at two pioneering personal computer software companies—Software Arts, Inc. and Lotus Development Corporation—he led new product innovations and strategic technology efforts; in addition, he was a senior scientist at Interval Research Corporation and advisor to major companies and startup ventures on their technology and business strategy. Throughout this time he also pursued personal research in radio networking, distributed computing architecture, and Internet business economics. In the academic world, Reed was a faculty member in MIT's Department of Electrical Engineering and Computer Science (EECS) and worked in the Laboratory for Computer Science (LCS). He also earned his B.S., M.S., E.E., and Ph.D. degrees in EECS while conducting research at LCS and its predecessor, Project MAC.

Frank Stajano, Senior Lecturer at the University of Cambridge, UK
Understanding Scam Victims: Seven Principles for Systems Security
Frank Stajano, Ph.D., is a senior lecturer (tenured associate professor) at the University of Cambridge, UK. His research interests revolve primarily around three interconnected themes: systems security, privacy in the electronic society, and ubiquitous computing. His works on ubicomp authentication (the Resurrecting Duckling, with Ross Anderson) and on location privacy (Mix Zones, with Alastair Beresford) are widely cited. He is the author of Security for Ubiquitous Computing (Wiley, 2002). A popular public speaker, he has given invited talks and keynotes in four continents.

Before his academic appointments he worked in industry, gaining firsthand experience of startup companies, technology transfer, entrepreneurship, and patents. His academic research therefore maintains a strong practical orientation. He has been an employee of Google, Toshiba, AT&T, Oracle, and Olivetti. He was elected a Toshiba Fellow in 2000.

Outside the computer field, he is a martial arts instructor (kendo 3rd dan) and a comics scholar. His next book will be about Disney artist Giorgio Cavazzano. His personal Web page is https://www.cl.cam.ac.uk/users/fms27.

Sid Stamm, Security & Privacy Nut at Mozilla
Title TBA
Sid Stamm works on security and privacy issues at Mozilla. He holds a Ph.D. from Indiana University, where he studied Web security problems that involve both a technical and social aspect. He has authored a variety of papers and contributed to multiple books on security and privacy. Sid is a contributor to the security and privacy features in Firefox, and his current research includes ways to increase the safety of Web sites and what can be done to protect users' privacy on the Web.

Peleus Uhley, Senior Security Researcher, Adobe
The Evolution of the Flash Security Model
Peleus Uhley is a senior security researcher within the Secure Software Engineering team at Adobe. His primary focus is assisting with Adobe platform technologies, including Flash Player and AIR. Prior to joining Adobe, Peleus started in the security industry as a developer for Anonymizer, Inc., and went on to act as a security consultant for companies such as @stake and Symantec.

Kelly Ziegler, Chief Operating Officer, National Board of Information Security Examiners
Grid, PhD: Smart Grid, Cyber Security, and the Future of Keeping the Lights On
Kelly Ziegler is an emerging leader in the information security and energy fields. In her most recent position, Ms. Ziegler reported to the President and CEO of the North American Electric Reliability Corporation and held primary responsibility for External Affairs. In this role, she led efforts to address High-Impact, Low-Frequency Risks to the North American electric power grid and dealt with issues from cyber security through smart grid to renewables integration. She previously worked for Comverge, a leading smart grid company, and supported the company's successful 2007 IPO. Prior to Comverge, Ms. Ziegler held an important role in the Automotive Industry division of Fluent, Inc., a leading computational fluid dynamics software company. Ms. Ziegler is presently a candidate for an Executive MBA at Columbia University and holds two BA degrees, in English and History, from the University of Michigan.