Invariably, new technologies introduce new vulnerabilities, which often enable new attacks by increasingly potent adversaries. Yet new systems are more adept at handling well-known attacks by old adversaries than anticipating new ones. Our adversary models seem to be perpetually out of date: often they do not capture adversary attacks and sometimes they address attacks rendered impractical by new technologies.
In this talk, I provide a brief overview of adversary models beginning with those required by program and data sharing technologies ('60-'70s), continuing with those required by computer communication and networking technologies ('70s-'90s), and ending with those required by sensor network technologies ('00s ->). I argue that sensor, ad hoc, and mesh networks require new models, different from those in common use, namely those of the Dolev-Yao and Byzantine adversaries. I illustrate this with adversaries that attack perfectly sensible and otherwise correct protocols of sensor networks. These attacks cannot be countered with traditional security protocols using end-to-end design arguments and require emergent security properties as countermeasures.
Reception to follow in the second floor atrium, Siebel Center.
Virgil D. Gligor received his B.Sc., M.Sc., and Ph.D. degrees from the University of California at Berkeley. He has been at the University of Maryland since 1976, and is currently a Professor of Electrical and Computer Engineering. Over nearly 30 years, his research interests ranged from access control mechanisms, penetration analysis, and denial-of-service protection to cryptographic protocols and applied cryptography. He is currently an Editorial Board member of the ACM Transactions on Information System Security, IEEE Transactions on Dependable and Secure Computing, and IEEE Transactions on Computers. Gligor chairs the ACM Special Interest Group on Security Audit and Control. In 2005, he received the National Information Systems Security award granted by NIST and NSA in the US.