Internet Society Frontpage

Events Membership
About the Internet Standards
Publications  Public Policy
About ISOC Education


NDSS Symposium 2001

NDSS 2001 8-9 February 2001 Sand Diego, California, USA

Network and Distributed System Security Symposium
Catamaran Resort Hotel
San Diego, California

7 February 2001 - Technical Tutorials
8-9 February 2001 - Symposium

Pre-Conference Technical Tutorials

(additional fee required)

Tutorial Schedule
Wednesday, February 7, 2001

Full Day (8:30-17:00)

Morning (8:30-12:00)

Afternoon (13:30-17:00)

Tutorial #1: Network Security Protocol Standards

This tutorial is an advanced course, a logical successor to the introductory material presented by the instructor at NDSS '98 , '99 and '00.

In this tutorial, the instructor analyzes security issues in the Internet environment, via examination of cryptographic-based, standard security protocols. The tutorial begins with a very brief review of network security concerns, terminology, and an analysis of security protocol layering issues. It then examines public-key certificate management technology standards (specifically X.509 v3). Three major IETF security protocols are examined in detail: IPsec, SSL (TLS), and S/MIME.



  • basic security concerns
  • terminology
  • mechanism overview
  • layer-by-layer analysis

Public Key Infrastructure

  • basic certificate concepts, path validation and discovery
  • X.509 v1 certificate and CRL formats
  • X.509 v3 certificates and v2 CRL formats
  • X.509 v3 certificate and v2 CRL extensions


  • security features and example topologies
  • tunnel and transport modes, nesting
  • IPsec protocols (AH & ESP)
  • access control in IPsec
  • PKIs and IPsec
  • IPsec data processing flows
  • IPsec key management (IKE)


  • SSL rationale and basic features
  • key management options
  • SSL formats and packet processing
  • how TLS differs from SSL


  • application layer security
  • SMTP, RFC 822, and MIME mail models
  • S/MIME layering & security services
  • detailed analysis of S/MIME syntax and features

Who Will Benefit from this Tutorial

  • Product developers
  • Network architects
  • Individuals responsible for network security
  • Anyone desiring an understanding of the architectura principles underlying network security technology


  • Attendees should be familiar with the Internet protocol suite and with > basic security mechanisms (e.g., symmetric and asymmetric cryptography, > digital > signatures, hash functions, ...).

Date/Time: 7 February 2001, whole day

Instructor: Dr. Steve Kent, BBN Technologies

Biography: Dr. Stephen Kent is the Chief Scientist-Information Security of BBN Technologies, a part of Verizon Communications. He has been engaged in network security R&D for over twenty years. Dr. Kent served on the Internet Architecture Board (IAB) for 10 years and on the board of directors for the International Association for Cryptologic Research (IACR) for 7 years. He chaired the Privacy and Security Research Group in the Internet Research Task Force (IRTF), the Privacy Enhanced Mail (PEM) Working Group of the in the Internet Engineering Task Force (IETF), and currently co-chairs the PKIX Working Group. He is the author of the RFCs defining AH, ESP, and the IPsec security architecture. He has served as a panel member, invited speaker, and on program committees for many security conferences and has authored numerous technical articles and two book chapters. Dr. Kent received a masters and a PhD in computer science from MIT, and is a fellow of the ACM.

Tutorial #2: Network Security Protocols: Generic tricks and emerging standards

Who are you, and should you be doing that? These are the basic questions that a system connected to a network should be pondering. Network security protocols help to answer these in a secure way. This tutorial gives an overview of how such protocols work, including the basics of cryptography, key distribution, and protocol design pitfalls. Although there are plenty of standards in terms of cryptographic algorithms, certificate formats, and protocols, there are still open problems about how to make a system that will truly scale to the Internet, and allow mutually distrustful organizations to interoperate. This tutorial emphasizes the challenges as well as the well-known technology. Once the generic issues are covered, the tutorial gives an overview and analysis of deployed and emerging standards such as Kerberos, X.509/PKIX, IPSec, and SSL.

Date/Time: 7 February 2001, whole day

Instructor: Mr. Charlie Kaufman, Iris Associates

Biography: Charlie Kaufman works for Iris Associates as Security Architect for Lotus Notes and Domino. He was a member of a National Research Council expert panel on Information Systems Trustworthiness that produced the report "Trust in Cyberspace". He participates in a number of IETF standards efforts and is chair of the Web Transaction Security working group. He is coauthor of the book "Network Security: Private Communication in a Public World" published by Prentice Hall. Previously, he was Network Security Architect for Digital Equipment Corporation. He holds over 25 patents in the fields of computer security and computer networking. He holds a B.S. from Bates College and an M.A. from Dartmouth College, both in Mathematics.

Tutorial #3: Building Secure Software: Why the standard approach to security doesn't work

These days, computer security is a hot topic. As businesses rush towards the e-commerce cliff like so many lemmings, security stops being a minor detail and starts to carry some serious weight. So it's no big surprise that security seems to be all over the place these days. Of course, since many technically-savvy people don't know very much about security, a majority of the hubbub devoted to computer security orbits around basic technology issues such as what firewalls are, when to use the DES encryption algorithm, which anti-virus product is best, or how the latest email-based attack works. The problem is, many security practitioners don't know what the problem is! Firewalls and cryptography are important, but they're not a complete solution to security. Deploying insecure systems that include both firewalls and cryptography is unfortunately common.

What lies at the core of most security problems, then? It's the software. You can have the world's best firewall, but if you let people access applications through your firewall and the software is exploitable over the network, then the firewall is irrelevant. Cryptography is rarely the weak link in a system that an attacker will try to break either. Finding security problems in the surrounding software is often much easier. Internet-enabled software applications, including those developed in-house, present the most important category of security risk encountered today, and are the target of choice for real attackers.

This tutorial is all about software security risk and how to manage it. The trick is to begin early, know your threats, design for security, and subject your design to thorough objective risk analyses and testing. My goal is to provide tips and techniques that architects, developers, and managers can use to produce Internet-based code that is as secure as possible.

Date/Time: 7 February 2001, am session

Instructor: Dr. Gary McGraw, Reliable Software Technologies, Incorporated

Biography: Gary McGraw is the Vice President of Corporate Technology at Cigital (formerly Reliable Software Technologies) where he pursues research in software security while leading the Software Security Group. He holds a dual PhD in Cognitive Science and Computer Science from Indiana University and a BA in Philosophy from UVa. He has written over fifty peer-reviewed technical publications, consults with major e-commerce vendors including Visa, Microstrategy, and the Federal Reserve, and has served as principal investigator on grants from Air Force Research Labs, DARPA, National Science Foundation, and NIST's Advanced Technology Program. Dr. McGraw serves on the Boards of Counterpane, Finjan, Netcertainty, and ChainMail, Inc. He also chairs the National Infosec Research Council's Malicious Code Infosec Science and Technology Study Group. Dr. McGraw is a noted authority on mobile code security and co-authored both "Java Security: Hostile Applets, Holes, & Antidotes" (Wiley, 1996) and "Securing Java: Getting down to business with mobile code" (Wiley, 1999) with Prof. Ed Felten of Princeton. Dr. McGraw is currently writing a book entitled "Building Secure Software" (Addison-Wesley, 2001). He regularly contributes to popular trade publications and is often quoted in national press articles.

Tutorial #4: Practical Intrusion Detection

This tutorial will provide an overview of current commercially and freely available intrusion detection software, plus address the issues associated with deploying, managing, and evolving a solution that meets the unique needs of your organization. Additionally, the tutorial will cover topics such as intrusion protection, incident response, and provide a look into the future of intrusion detection.

Date/Time: 7 February 2001, am session

Instructor: Mr. Dan Nadir, Internet Security Systems, Incorporated

Biography: Dan Nadir is a Product Line Manager at Internet Security Systems, the world's leading provider of security management solutions for e-business. In this role, Dan is responsible for setting strategic direction for the RealSecure intrusion detection product line. Dan has been involved in Unix and Internet/network security administration since 1985. While a systems/network administrator, Dan managed the project to connect a large defense contractor to the Internet. He was responsible for designing, implementing and maintaining that connection as well as monitoring for misuse. Dan also wrote the Internet acceptable use policy and was responsible for enforcing that policy. Most recently, Dan was a Technical Editor of the 2nd edition of Network Intrusion Detection, by Stephen Northcutt and Judy Novak. Dan Nadir holds a degree in Cognitive Science from the University of California, San Diego.

Tutorial #5: Biometrics

"Biometric" identification refers to the automatic identification or identity verification of living human individuals based on behavioral and physiological characteristics. The modern science of human identification dates back to the 1880's, but it has only been in the last 50 years that "automatic" identification has been possible. Automatic speaker recognition has the oldest history, but automatic fingerprint and hand identification were not far behind. In the last 10 years, the scientific community has begun to understand biometric identification as a unified area of inquiry, but no textbook or dedicated journal yet exists in the field. A basic undergraduate understanding of mathematics, probability and statistics is assumed. A background in digital signal processing will be helpful, but not required.

In this short course, we will:

  1. review the history of biometric identification and the primary literature in the field;
  2. discuss several major applications;
  3. present an overview of face, fingerprint, voice, and iris recognition algorithms;
  4. establish a methodology for comparison of biometric devices and > applications;
  5. explain common testing measures and approaches;
  6. present results of scientific tests conducted over the past decade;
  7. present existing standards for performance and performance assessment;

Date/Time: 7 February 2001, am session

Instructor: Dr. James L. Wayman, San Jose State University

Biography: Jim Wayman is a biometrics researcher at San Jose State University in San Jose, California, and Director Emeritus of the U.S. National Biometric Test Center. Dr. Wayman received the Ph.D. degree in Engineering from the University of California at Santa Barbara in 1980 and joined the faculty of the Department of Mathematics at the U.S. Naval Postgraduate School in 1981. In 1986, he became a full-time researcher for the Department of Defense in the areas of technical security and biometrics, inventing and developing a biometric system based on the acoustic resonances of the human head. Dr. Wayman holds two patents in speech processing and is the author of dozens of articles in books, technical journals and conference proceedings on biometrics, speech compression, acoustics and network control. He serves on editorial boards of two journals and on several national and international biometrics standards committees. He is a senior member of the Institute of Electrical and Electronic Engineers.

Tutorial #6: Secure Electronic Commerce Tutorial

Electronic commerce is flurishing, but security remains a critical concern, even an inhibitor for some potential businesses. This tutorial will present the major problems and solutions for secure e-commerce; our goal is that participants will gain the ability to invent, design and evaluate innovative secure e-commerce solutions. The focus on the tutorial will be on secure payments, an important and interesting area in which the tutor have made considerable contributions over the last eight years. We will also cover the important areas of business to business e-commerce, public key infrastructure and trust management for e-commerce, and security for mobile commerce.

Date/Time: 7 February 2001, pm session

Instructor: Mr. Carl Muckenhirn, Sparta, Incorporated

Biography: Coming soon.

Tutorial #7: Group Security

Multicast communications and group interactions are fast becoming critical Internet technologies. The ranges of business services that can benefit include; broadcast media delivery, interactive simulations, teleconferencing, IP Telephony, and collaborative applications. The security technologies for groups are not well served by current standard security protocols. Group security has been a research effort and has produced viable technologies to address the problems. This tutorial program will cover recent advances in multicast security. The program will include discussion of group security policy, group key management, group rekey (Logical Key Hierarchies and One-way Function Trees), and multicast source authentication.

Date/Time: 7 February 2001, pm session

Instructor: Dr. Thomas Hardjono, Nortel Networks, Incorporated, and Mr. Hugh Harney, Sparta, Incorporated

Biography: Hugh Harney works for Sparta, Inc. in Columbia, Maryland. He has been involved with multicast security research for the last 12 years. He is author of the Group Key Management Protocol (RFC 2093, 2094 and the Group Secure Association Key Management Protocol (GSAKMP). He is active in the IRTF and is co-author of the Key Management and Policy Building Blocks.