A short tale on protecting the long tail

Presented at TROOPERS18 (2018), March 14, 2018, 2:30 p.m. (Unknown duration).

We live in an ever more connected world, surrounded by systems that we depend on for daily life. The security of these systems is paramount. This talk focuses on two research efforts to provide high-assurance protections to the legacy install-base-or the systems in the field today that are a critical part of our lives. First, we discuss how we can defend possibly vulnerable legacy software (from both source and binary) against broad classes of attack, and how this level of protection alone is not sufficient. Even with each individual component or device independently secured, the composition and configuration of these devices can have a significant impact on the security of the overall system. We explore a new research effort that focuses on how we configure the devices we buy off-the-shelf and compose them into systems we rely on.


Presenters:

  • Jacob Torrey
    Mr. Jacob Torrey joined DARPA as a program manager in May 2017. His research interests focus on securing complex systems that are composed of cyber, physical, and human processes and components. Mr. Torrey joined DARPA from Assured Information Security, Inc., where he led the Denver-based Computer Architectures group in pursuing and executing cutting-edge cyber-security research efforts. Mr. Torrey has also worked extensively in the areas of hypervisor, BIOS, UEFI, and system management mode security. Mr. Torrey holds a Bachelor of Science degree and a Master of Science in computer science from Clarkson University. He has multiple academic publications, has presented at a number of international security conferences, including Black Hat USA, TROOPERS, and INFILTRATE. Mr. Torrey also holds three patents in the areas of trusted computing and protected execution.

Links:

Similar Presentations: