Protecting Services from Security Mis-configuration

Friday, February 3, 2017 - 2:20pm to 3:10pm
Swearingen 2A31

Speaker: Dr. Ron Addie

Abstract:
It is understood that ICT security can be defined and enforced through rules. In this work, the concept of rules which define and ensure users' access to services is introduced. Examples of how service is hindered by otherwise sensible security rules are presented. The concept of service protection policies is introduced. We use ns3 and Click in simulations to check the consistency of aggregate security policy by checking that service protection rules are
valid. We show that these can improve the performance of the network experienced by users and increase network security.

Short Bio:
Ron Addie received his BSc degree from Monash University in 1972 and completed his PhD at Monash University in the area of semi-Markov queues in 1986. From 1972 to 1992, he worked in Telstra Research Laboratories where he was involved in the development of ATM, teletraffic, and network analysis and design. In 1992 he moved to the University of Southern Queensland, where he holds the position of Associate Professor. His current research interests include queueing theory for long-range dependent traffic, rare event simulation, layered network design, network analysis, design and simulation software and security of web information systems. He is the author or
co-author of many journal and conference papers, primarily in the area of communications, with more 1000
citations (according to Google Scholar).