For over 50 years the dominant model of computer security has been based on logic, meaning that a system is secure or insecure in the sense that a proposition is true or false. Given the reality of today's software and network environments, with their enormous complexity as systems and the diversity of user requirements and behavior, this model is both theoretically hopeless and an empirically demonstrated failure.
The talk will present some conceptual frameworks that may prove more promising for modeling security, and further, providing answers to compelling needs such as quantitative metrics for security. Further, the new model suggests some unorthodox and discomforting approaches to creating secure software. It is intended to provoke new ideas and approaches rather than present a fait accompli using the accepted wisdom.
Reception to follow.
Jonathan M. Smith is the Olga and Alberico Pompa Professor of Engineering and Applied Science at the University of Pennsylvania, to which he recently returned after almost three years at DARPA. Smith was elected IEEE Fellow in the Class of 2001 for "contributions to the technology of high-speed networking." He was previously at Bell Telephone Laboratories and Bellcore, which he joined at the AT&T divestiture. His current research interests range from programmable network infrastructures and cognitive radios to architectures for computer augmented immune response. He serves on the President's Council of Advisors on Science and Technology Network and Information Technology Technical Advisory Group.