NDSS Symposium 1997
Program Chairs' Message
At this time last year, commercial entities were coming under increasing pressure to establish a presence in cyberspace and to make their services available on-line to consumers. This pressure has continued, but several high visibility attacks on Internet systems have caused a corresponding increase in pressure to solve the security problems resulting from such applications. Today one can hardly find an article about electronic commerce that doesn't discuss security in depth.
Besides concern about securing commercial applications, there is growing concern about protecting the network infrastructure itself. A recent attack against an Internet service provider highlighted the vulnerability of the network to long-awaited denial of service attacks. Though the particular attack was a brute force attack and not facilitated by compromising any routers, the results of this attack emphasized the need to protect the network, and several projects are now underway to protect the infrastructure - and especially network routers - from compromise.
Recent trends in software distribution have also made certain attacks easier to implement. In particular, the use of two technologies, Java and ActiveX, provide an easy means for an attacker to run software on a user's machine. Efforts are underway on many fronts to provide the means to certify applets as the code originally packaged and intended to be run by the user, and to constrain the actions of untrusted code to prevent behavior detrimental to the user's interests.
Finally, privacy has become an important topic on the Internet. Web users are concerned that information about their browsing might be used for marketing and other purposes that aren't authorized. The increased prevalence of "spamming" users with undesired e-mail has heightened this concern. There are several efforts underway to develop the means to protect users from intrusions upon their privacy.
This symposium was organized to encourage the wide-scale deployment of security technologies and to promote new research that can address the currently unmet security needs of the Internet community. In selecting papers and panels for the symposium, the program committee sought materials that describe promising new approaches to security problems that are practical and, to the extent possible, have been implemented.
We hope that this symposium will have a positive impact on the state of Internet security and we encourage you, as a participant in this symposium, to use this opportunity to actively participate in the dialog. Ask questions of the speakers, raise your important issues during relevant panel sessions, and let others know of your requirements, observations, and experiences in this important area.