The workshop will consist of two days of presentations, information, and conversations about cybersecurity for cyberinfrastructure. By the end of the workshop, attendees will have a better understanding of the latest cybersecurity principles, tools, techniques, and methods for supporting the use of cyberinfrastructure in education and scientific research. Attendees will be encouraged to join and participate in developing a SAC-PA Collaboration Framework to foster collaborative activities and sharing of information and resources to protect our cyberinfrastructures.
SAC-PA workshop series is part of the NSF funded project titled: “CICI: Regional: SAC-PA: Towards Security Assured Cyberinfrastructure in Pennsylvania”. For more information on the SAC-PA project, please visit the project website: SAC-PA .
SAC-PA project members are affiliated with LERSAIS and Pitt Cyber.
Advancements in data-driven education and research depend on trustworthy and reliable cyberinfrastructure. Researchers and educators rely on a variety of networked technologies and software tools to conduct scientific research and education on our campuses. These may include local or remote instruments, high-performance computing clusters, large-scale computing grids, distributed software tools, data repositories, sensors and other critical infrastructure connected by high-speed networking. This complex, distributed, interconnected global cyberinfrastructure ecosystem presents unique cybersecurity challenges. As the systems and tools of modern science and education become increasingly more available and easier to consume, campus IT organizations will be challenged to develop and implement effective cybersecurity solutions. Smaller institutions and campuses with limited resources will be particularly challenged, but can benefit from collaboration and sharing of regional expertise and knowledge. The purpose of the workshop is to provide professionals from smaller institutions and campuses with information and exposure to the people, tools, and techniques being developed and deployed on larger campuses and scientific communities. The goal of the project is to establish a framework for regional collaboration and sharing of cybersecurity resources, expertise and information in Pennsylvania.
Office Director, Office of Cyberinfrastructure, NSF
AAAS/IEEE Fellow, ACM Distinguished Scientist
Professor, Rutgers, State University of New Jersey
Director, Rutgers Discovery Informatics Institute
Director, The Applied Software Systems Laboratory
NSF's Office of Advanced Cyberinfrastructure (OAC) seeks to foster the advanced cyberinfrastructure that is critical to the advancement of all areas of science and engineering research and education. For over a decade, OAC's (and ACI and OCI before it) investments have consistently enabled new innovations and discoveries. However, recent years are witnessing dramatic changes in nature and requirements of science applications, in the scale and pervasiveness of data, and in the landscape of technologies and resources. It is essential that the research cyberinfrastructure ecosystem evolve in response to these changes, and the HPC community, its campus leaders, researchers and professional experts all have important roles to play. This talk will present an overview of OAC and its programs and investments. It will also present a vision for evolving program and priorities to transform science in the 21st century.
Manish is Office Director of the Office of Advanced Cyberinfrastructure at NSF. He joins NSF from Rutgers, The State University of New Jersey, where he is currently a Distinguished Professor and the founding Director of the Rutgers Discovery Informatics Institute. His research interests are in the broad areas of Parallel and Distributed Computing and Computational and Data-Enabled Science and Engineering. Manish is Fellow of AAAS, Fellow of IEEE/IEEE Computer Society and ACM Distinguished Scientist.
MD, MS, FACS, FACMI
Chief Research Informatics Officer, School of Medicine, University of Pittsburgh
Visiting Professor, Department of Biomedical Informatics (DBMI)
Jonathan Silverstein, MD, MS, FACS, FACMI, serves as Chief Research Informatics Officer and Professor of Biomedical Informatics at University of Pittsburgh School of Medicine. Previously he was Chief Medical Informatics Officer at Tempus and at Kanter Health Foundation and was Vice President and Davis Family Chair of Informatics at NorthShore University HealthSystem. Earlier, Dr. Silverstein served as the associate director of the Computation Institute at the University of Chicago and Argonne National Laboratory. He is internationally known for his expertise, and federally funded research, in the application of advanced computing architectures to biomedicine and on the design, implementation and evaluation of high-performance collaboration and visualization environments for anatomic education and surgery. Dr. Silverstein is recognized as one of three founding scientific directors of the Chicago Biomedical Consortium. He was an attending general surgeon for seven years while he was a lead physician informatician for enterprise EMR deployments at the University of Chicago and the University of Illinois at Chicago. Dr. Silverstein earned his medical degree from Washington University in St. Louis and his Master of Science from the Harvard School of Public Health. Additionally, he is a Fellow of the American College of Surgeons and a Fellow of the American College of Medical Informatics.
Professor, School of Computer Science, Carnegie Mellon University
Director, Mobile Commerce Lab
Director, e-Supply Chain Management Lab
Director, MBA Track in Technology Leadership
Co-Director, MSIT in Privacy Engineering
[Subscribe mailing list to receive the release of their privacy infrastructure]
Information privacy is about our ability to control the data that is collected about us and how it is used. Traditionally, this includes publishing privacy policies and potentially providing people with some settings that enable them to control the collection and use of their information such as opt-in or opt-out settings. In practice, this approach has proven to be rather ineffective, as few people read privacy policies or take time to configure privacy settings. With the emergence of the Internet of Things, where an increasingly diverse set of everyday devices and services collect and use our information, privacy is even more difficult to support, with many users simply unaware of the presence of IoT technologies let alone what data they collect. In this presentation, I will provide an overview of research at Carnegie Mellon University on personalized privacy assistants capable of learning models of their users, selectively informing them about data collection and use practices they care about, and helping them configure any available privacy settings. An important part of this work has involved the development and deployment of an infrastructure to advertise the presence of IoT resources and their data collection and use practices. As they go about their daily activities, users rely on privacy assistants residing on their smartphones to discover the presence of IoT resources in their vicinity and to learn about data collection and use practices likely to surprise them. These assistants also enable them to discover and configure privacy settings exposed by these resources (e.g., opting into facial recognition by a network of cameras in a building, or opting out of location tracking in a mall). This technology has been successfully deployed at UC Irvine and in parts of the Carnegie Mellon University campus. We expect to release a first version of it to the public later this summer.
Norman Sadeh is a Professor in the School of Computer Science at Carnegie Mellon University
(CMU). He is director of CMU’s Mobile Commerce Laboratory and its e-Supply Chain Management
Laboratory, co-Founder of the School’s PhD Program in Societal Computing and co-Director of
the MSIT Program in Privacy Engineering. He also co-founded and for 12 years co-directed the
MBA track in Technology Leadership launched jointly by the Tepper School of Business and the
School of Computer Science in 2005. Over the past dozen years, Norman’s primary research
focus has included mobile computing, cybersecurity, online privacy, the Internet of Things,
artificial intelligence, user-oriented machine learning, and semantic web technologies.
Norman received his Ph.D. in Computer Science at CMU with a major in Artificial Intelligence
and a minor in Operations Research. He holds a MS degree in computer science from the
University of Southern California and a BS/MS degree in electrical engineering and applied
physics from the Free University of Brussels (Belgium) as “Ingénieur Civil Physicien”.
Norman’s research as well as his views on cybersecurity, privacy, mobile and IoT
technologies are often covered in the press (e.g. Wall Street Journal, Wired, New York
Times, Chronicle of Higher Education, Pittsburgh Post Gazette, Kiplinger, Huffington Post,
Fast Company, Tech Crunch).
Distinguished Professor, Department of Physics and Astronomy, University of Pittsburgh
Founding Director, the Pittsburgh Quantum Institute
The Universe is the largest known quantum computer, calculating its own evolution in real time according to the laws of quantum mechanics. Here on earth, scientists and engineers have been trying to "tame" quantum mechanics for the purpose of computation. A sufficiently powerful quantum computer could defeat all known methods of secure communication over the internet. Quantum computation can also deliver radical speedup of important problems like database searching, optimization problems and materials design. Peculiar aspects of quantum mechanics, most notably “quantum entanglement” helps form the basis of “quantum error correction” which is needed for making real quantum computers, and for implementing quantum key distribution schemes that enable secure transmission of information over public channels. Cutting-edge research in quantum computing is taking place at the University of Pittsburgh, which launched the Pittsburgh Quantum Institute back in 2012.
Dr. Jeremy Levy is a Distinguished Professor of Condensed Matter Physics at the University of Pittsburgh in the Department of Physics and Astronomy, and Founding Director of the Pittsburgh Quantum Institute. He received an A.B. degree in physics from Harvard University in 1988, and a Ph.D. degree in physics from UC Santa Barbara in 1993. After a postdoctoral position at UC Santa Barbara, he joined the University of Pittsburgh in 1996. His research interests center around the emerging field of oxide nanoelectronics, experimental and theoretical realizations for quantum computation, semiconductor and oxide spintronics, quantum transport and nanoscale optics, and dynamical phenomena in oxide materials and films. He is a Class of 2015 Vannevar Bush Faculty Fellow, a Fellow of the American Physical Society, a recipient of the 2008 Nano50 Innovator Award, and the NSF Career Award. He has received the University of Pittsburgh’s Chancellor’s Distinguished awards for research (2004, 2011) and teaching (2007).
Associate Dean for Strategic Initiatives, School of Computing and Information
Chair, Department of Information Culture and Data Stewardship
Professor, Department of Computer Science
University of Pittsburgh
Computationally-driven science, including computer security research, relies on a remarkably rich and diverse set of software and data to implement and evaluate new ideas. Ever-increasing pressure to produce results poses an impediment to accountability, which is a critical part of the scientific method. Experiments, along with their constituent software and data, may not be disseminated in a way to achieve the repeatability and/or reproducibility needed for trust, fairness and building on and comparing with previous research. In this talk, I will describe workflows and how they can play a key role in solving this “reproducibility crisis.” Workflows can seamlessly connect artifacts to all steps of the research lifecycle for easier and more transparent sharing. I will demonstrate a novel platform, OCCAM, that enables this type of sharing by directly linking experiments, specified as workflows, to the scholarly record as interactive, modifiable and executable content. Time permitting, I will show how OCCAM was used in computer security research to deploy interactive experiments for modeling access controls.
Bruce Childers is the Associate Dean for Strategic Initiatives in the School of Computing and Information, and a Professor of Computer Science at the University of Pittsburgh. His research spans the software-hardware boundary for improved energy consumption, performance and reliability. He has developed techniques at both the software layer (dynamic binary translation, compiler optimization, debugging and software testing) and the hardware layer (speed scaling, reliable cache design, storage class memory, and GPUs). It was during research in computer architecture that he grew frustrated with re-implementing published work, which was often underspecified and incomplete, for comparison. This frustration turned into positive action through the OCCAM and EASE projects to develop new approaches for reproducible science and to show the computer systems community why accountable research is important. Childers is the past steering committee chair and program chair of the ACM SIGPLAN and SIGBED Conference on Languages, Compilers, and Tools for Embedded Systems, participates on an ACM task force for scientific reproducibility, led a pilot to connect active curation platforms with the ACM Digital Library, and has given many talks on OCCAM and FAIR science. Childers is a graduate of the University of Virginia (2000, PhD) and the College of William and Mary (1991, BS).
Director of CERT Division
Software Engineering Institute
Carnegie Mellon University
Roberta G. (Bobbie) Stempfley joined the Carnegie Mellon University Software Engineering Institute as director of the SEI's CERT Division in June 2017. Stempfley previously served as director of cyber strategy implementation at MITRE Corp. and as acting assistant secretary and deputy assistant secretary, Office of Cyber Security and Communications, Department of Homeland Security. In addition to her work at DHS, Stempfley previously worked in the DoD as CIO of the Defense Information Systems Agency and as chief of the DoD Computer Emergency Response Team, which she established. Stempfley received her bachelor's degree in engineering mathematics from the University of Arizona and her master's degree in computer science from James Madison University. A recipient of many awards, she was recognized by CyberScoop as among the Top Women in Cybersecurity, by Federal Computer Week in the Fed 100, and by Information Week as one of the Top 50 Government CIOs.
Wyndham Pittsburgh University Center, 100 Lytton Avenue, Pittsburgh, PA 15213
James Joshi is a professor of School of Computing and Information at the University of Pittsburgh, and the director/founder of the Laboratory of Education and Research on Security Assured Information Systems (LERSAIS), which has been designated as a Center of Academic Excellence in Information Assurance /Cyber Defense Education and Research (CAE and CAE-R). He is an elected Fellow of the Society of Information Reuse and Integration (SIRI), a Senior member of the IEEE and a Distinguished Member of the ACM. His research interests include access control models, security and privacy of distributed systems, trust management and network security. He is a recipient of the US NSF-CAREER award in 2006. He established and has been managing the NSF CyberCorp Scholarship for Service program at Pitt since 2006.
He has served as program co-chair and/or general co-chair of several international conferences/workshops, including, ACM SACMAT(2009/10), IEEE BigData2016, IEEE/EAI CollaborateCom, IEEE IRI, IEEE CIC2015, IEEE ISM2014. He currently serves as the steering committee chair of IEEE CIC, and has served as the steering committee member of ACM SACMAT, IEEE IRI, IEEE/EAI CollaborateCom and IEEE ICME. He was a founder and co-Editor-in-chief of EAI Endorsed Transactions on Collaborative Computing. Currently, he is the EiC of the IEEE Transactions on Services Computing. He had also served in or is in the editorial board of several international journals. His work has been recognized with Best Paper award in ACM CODASPY 2011 and BigData Congress in 2017. He is a co-editor of the book titled “Information Assurance: Dependability and Security of Networked Systems” published in 2007. He has published over 120 articles as book chapters and papers in journals, conferences and workshops, and has served as a special issue editor of several journals including Elsevier Computer & Security, ACM TISSEC (now TOPS), Springer MONET, IJCIS, and Information Systems Frontiers. His research has been supported by NSF, NSA/DoD, and Cisco. Earlier in 1995, he had led the efforts to establish the first Computer Science undergraduate degree program in Nepal.
[Keynote]
Realizing a Cyberinfrastructure Ecosystem that Transforms Science [slides]NSF's Office of Advanced Cyberinfrastructure (OAC) seeks to foster the advanced cyberinfrastructure that is critical to the advancement of all areas of science and engineering research and education. For over a decade, OAC's (and ACI and OCI before it) investments have consistently enabled new innovations and discoveries. However, recent years are witnessing dramatic changes in nature and requirements of science applications, in the scale and pervasiveness of data, and in the landscape of technologies and resources. It is essential that the research cyberinfrastructure ecosystem evolve in response to these changes, and the HPC community, its campus leaders, researchers and professional experts all have important roles to play. This talk will present an overview of OAC and its programs and investments. It will also present a vision for evolving program and priorities to transform science in the 21st century.
Manish is Office Director of the Office of Advanced Cyberinfrastructure at NSF. He joins NSF from Rutgers, The State University of New Jersey, where he is currently a Distinguished Professor and the founding Director of the Rutgers Discovery Informatics Institute. His research interests are in the broad areas of Parallel and Distributed Computing and Computational and Data-Enabled Science and Engineering. Manish is Fellow of AAAS, Fellow of IEEE/IEEE Computer Society and ACM Distinguished Scientist.
[Keynote]
Biomedical data sharing to enable Learning Health Systems [slides]Jonathan Silverstein, MD, MS, FACS, FACMI, serves as Chief Research Informatics Officer and Professor of Biomedical Informatics at University of Pittsburgh School of Medicine. Previously he was Chief Medical Informatics Officer at Tempus and at Kanter Health Foundation and was Vice President and Davis Family Chair of Informatics at NorthShore University HealthSystem. Earlier, Dr. Silverstein served as the associate director of the Computation Institute at the University of Chicago and Argonne National Laboratory. He is internationally known for his expertise, and federally funded research, in the application of advanced computing architectures to biomedicine and on the design, implementation and evaluation of high-performance collaboration and visualization environments for anatomic education and surgery. Dr. Silverstein is recognized as one of three founding scientific directors of the Chicago Biomedical Consortium. He was an attending general surgeon for seven years while he was a lead physician informatician for enterprise EMR deployments at the University of Chicago and the University of Illinois at Chicago. Dr. Silverstein earned his medical degree from Washington University in St. Louis and his Master of Science from the Harvard School of Public Health. Additionally, he is a Fellow of the American College of Surgeons and a Fellow of the American College of Medical Informatics.
[Keynote]
Privacy in the Age of the Internet of Things [slides]Information privacy is about our ability to control the data that is collected about us and how it is used. Traditionally, this includes publishing privacy policies and potentially providing people with some settings that enable them to control the collection and use of their information such as opt-in or opt-out settings. In practice, this approach has proven to be rather ineffective, as few people read privacy policies or take time to configure privacy settings. With the emergence of the Internet of Things, where an increasingly diverse set of everyday devices and services collect and use our information, privacy is even more difficult to support, with many users simply unaware of the presence of IoT technologies let alone what data they collect. In this presentation, I will provide an overview of research at Carnegie Mellon University on personalized privacy assistants capable of learning models of their users, selectively informing them about data collection and use practices they care about, and helping them configure any available privacy settings. An important part of this work has involved the development and deployment of an infrastructure to advertise the presence of IoT resources and their data collection and use practices. As they go about their daily activities, users rely on privacy assistants residing on their smartphones to discover the presence of IoT resources in their vicinity and to learn about data collection and use practices likely to surprise them. These assistants also enable them to discover and configure privacy settings exposed by these resources (e.g., opting into facial recognition by a network of cameras in a building, or opting out of location tracking in a mall). This technology has been successfully deployed at UC Irvine and in parts of the Carnegie Mellon University campus. We expect to release a first version of it to the public later this summer.
Norman Sadeh is a Professor in the School of Computer Science at Carnegie Mellon University (CMU). He is director of CMU’s Mobile Commerce Laboratory and its e-Supply Chain Management Laboratory, co-Founder of the School’s PhD Program in Societal Computing and co-Director of the MSIT Program in Privacy Engineering. He also co-founded and for 12 years co-directed the MBA track in Technology Leadership launched jointly by the Tepper School of Business and the School of Computer Science in 2005. Over the past dozen years, Norman’s primary research focus has included mobile computing, cybersecurity, online privacy, the Internet of Things, artificial intelligence, user-oriented machine learning, and semantic web technologies.
Norman received his Ph.D. in Computer Science at CMU with a major in Artificial Intelligence and a minor in Operations Research. He holds a MS degree in computer science from the University of Southern California and a BS/MS degree in electrical engineering and applied physics from the Free University of Brussels (Belgium) as “Ingénieur Civil Physicien”.
Norman’s research as well as his views on cybersecurity, privacy, mobile and IoT technologies are often covered in the press (e.g. Wall Street Journal, Wired, New York Times, Chronicle of Higher Education, Pittsburgh Post Gazette, Kiplinger, Huffington Post, Fast Company, Tech Crunch).
Joel has over 30 years of experience in engineering, technology, and information security. He has extensive knowledge and experience in security penetration testing, intrusion management, computer emergency response, secure system and network design, and policy and procedure development.
Joel is currently the Director of Information Security and Chief Information Security Officer for the University of Pittsburgh where he is responsible for information protection and compliance with security and privacy regulations related to computers and networks.
Previous positions include:Director of Information Security for Wake Forest University and the Chief Information Security Officer for Wake Forest Baptist Medical Center;Director of Information Security at NextEra Energy (parent company to Florida Power & Light);Director of Information Security at AFLAC;Senior Manager at PricewaterhouseCoopers.
Joel retired from the Air Force and his last assignment was at the Air Force Information Warfare Center. While there, he helped form the AF Computer Emergency Response Center (AF CERT), developed incident response techniques and procedures, worked with law enforcement, and worked on Air Force and DoD level cyber security strategy and policy.
As the Director of Information Security/New Initiatives at Duquesne University, Tom is responsible for the strategy and operations of the University’s comprehensive and unified information (cyber) security program for Duquesne University that includes detection, prevention, incident response, and cyber security awareness. He is also responsible for Identity and Access Management and Data Governance.
Shane Filus has been with the Pittsburgh Supercomputing Center for over 15 years, first as a Network Engineer for PSC/3ROX, and currently as a Security Engineer. He is also a part of the XSEDE Operational Security group, contributes to NCSA's SDAIA project, and is a member of REN-ISAC. Shane has attended the security and training conferences of: Blackhat, Defcon, brocon, and Pittsburgh's BSides and InfraGard. His interests and expertise include: Bro Network Security Monitor, Security Onion, ELK, Vulnerability Scanning, Kerberos, firewalls, VPNs, Intelligence Sharing, Log Analysis, Incident Response, and software development/scripting.
Data Loss Prevention (DLP) continues to be a concern as institutions across the world try to gain control over the proliferation of sensitive data and how to put policy and controls around it. Data breaches continue to affect institutions, resulting in tarnished reputations and costly identity protection services to those impacted. Nearly 2 years ago, Duquesne University began an endeavor to scan, identify and secure Personally Identifiable Information (PII) across campus endpoints and servers. In this session, we will share our experiences of planning, designing, and implementing a DLP solution that helped identify millions of records and what steps we've taken to reduce the risk.
Brad has been designing, implementing and maintaining systems & security architectures for over 15 years in higher education. In his current role as Manager of Secure Integrated Infrastructure at Duquesne University, Brad is tasked with ensuring the security and integrity of on and off-campus datacenter networks and infrastructure. He is a GIAC certified Incident Responder (GCIH) with additional certifications from Red Hat, VMware and Splunk.
Michael has been in the Information Technology field for over 17 years architecting, designing, managing, and securing all facets of the entire infrastructure stack. As a Senior Information Security Engineer at Duquesne University, Michael has a deep passion for mentoring users and raising awareness on information security activities, trends, and threats. Over the course of his career, he has successfully led enterprise-wide projects from inception to completion while ensuring security compliance and employing industry best practices. Michael consistently instills a culture of security to end-users in an overall effort to harden the security posture of the University. Michael holds several certifications from Microsoft, Cisco, Comp Tia, and Splunk, in addition to several privileged account management (PAM) certifications.
New methods are required to address threats increasing in frequency, sophistication, and impact, in an increasing climate of cost constraints, and resource and skills shortage. Traditional security controls and response can’t possibly keep pace.
Private and State sponsored dark web actors are well orchestrated, using innovative AI technologies, leveraging Digital Currencies, their R&D producing wares designed to circumvent traditional security practices have changed the game. You now require innovative security approaches.
The art of effective Threat Hunting, Advanced Analytics, Incident Response, and the value of Cognitive Security are the new frontier.
Learn how to determine threats before your fences are tested, investigate non-obvious related offenses, obtain near-real-time insight and effectively trigger incident response as a single strategy.
IBM CyberSecurity Advisor, Certified Information Systems Security Professional, and recognized subject matter expert in Security Intelligence, Data Protection, Identity Access Governance, and Authorization. His unique security perspective is frequently reflected in his published articles. Consulting roles include: Lead architect for many of the largest secured authentication and authorization infrastructures. This includes Billion user authentication infrastructures.
Speaking engagements include passionate discussions correlating blended threats across physical and logical infrastructure boundaries, Cognitive Security, Threat Hunting, Security Intelligence and Response, Identity Access Management and Governance, Defense in Depth, Security Immune System, Cloud Security, and Billion User Identity Crisis.
Bio of Brian DeNoble to be here
Bio of Brian Pasquini to be here
Kenny is the Director of Public Sector for the State, Local, and Education practice at Palo Alto Networks. He holds a master’s degree in Computer Engineering Technology from the University of Mississippi. He has been in Information Technology for more than twenty years with over fifteen years dedicated to security while holding ten industry certifications from ISC2, Microsoft, Sun, and IBM, and is currently a Computer Information System Security Professional. He is an advocate and evangelist for the Public Sector and Education and an expert in public-key cryptography. He currently works with the largest Research Universities in world on information security projects spanning network, endpoint, and cloud infrastructures to meet compliance and technology requirements.
Abstract/Bio here.
Gwendolyn (Wendy) Huntoon is the president and CEO of KINBER, the Keystone Initiative for Network Based Education and Research. As Pennsylvania’s statewide research, education and community network, KINBER is a trusted technology partner providing a strategic and competitive advantage to PA organizations in the use of digital technologies and services. She is known for her work to enhance high performance networking infrastructure, technology, and services for the research community, including cyberinfrastructure deployment and network performance analysis and tuning. While at KINBER, she has expanded KINBER’s PennREN network, grown the number of connections, expanded service offerings, and enhanced the support for research and education applications and drivers. Huntoon has held a number of positions in the community, currently is a member DoE Advanced Scientific Computing Advisory Committee and serves on the Internet2 Network Architecture, Operations and Policy program advisory group. She is the Principal Investigator on the NSF funded 2016 and 2017 NSF Campus Cyberinfrastructure and Cybersecurity Innovation for Cyberinfrastructure PI Workshops as well as the CC*IIE Region: Accelerating the Adoption of Campus Cyberinfrastructure Technologies in Pennsylvania. She is the co-PI on the NSF funded Women in IT Networking at SC (WINS) project aimed at addressing the prevalent gender gap that exists in Information Technology (IT) particularly in the fields of network engineering and high performance computing (HPC). Prior to joining KINBER, she was the Director of Advanced Networking at the Pittsburgh Supercomputing Center and also served in Intenet2’s CTO’s office as the Senior Director of Research and Science Engagement.
[Keynote]
Information, Quantum Mechanics, and the Universe [slides]The Universe is the largest known quantum computer, calculating its own evolution in real time according to the laws of quantum mechanics. Here on earth, scientists and engineers have been trying to "tame" quantum mechanics for the purpose of computation. A sufficiently powerful quantum computer could defeat all known methods of secure communication over the internet. Quantum computation can also deliver radical speedup of important problems like database searching, optimization problems and materials design. Peculiar aspects of quantum mechanics, most notably “quantum entanglement” helps form the basis of “quantum error correction” which is needed for making real quantum computers, and for implementing quantum key distribution schemes that enable secure transmission of information over public channels. Cutting-edge research in quantum computing is taking place at the University of Pittsburgh, which launched the Pittsburgh Quantum Institute back in 2012.
Dr. Jeremy Levy is a Distinguished Professor of Condensed Matter Physics at the University of Pittsburgh in the Department of Physics and Astronomy, and Founding Director of the Pittsburgh Quantum Institute. He received an A.B. degree in physics from Harvard University in 1988, and a Ph.D. degree in physics from UC Santa Barbara in 1993. After a postdoctoral position at UC Santa Barbara, he joined the University of Pittsburgh in 1996. His research interests center around the emerging field of oxide nanoelectronics, experimental and theoretical realizations for quantum computation, semiconductor and oxide spintronics, quantum transport and nanoscale optics, and dynamical phenomena in oxide materials and films. He is a Class of 2015 Vannevar Bush Faculty Fellow, a Fellow of the American Physical Society, a recipient of the 2008 Nano50 Innovator Award, and the NSF Career Award. He has received the University of Pittsburgh’s Chancellor’s Distinguished awards for research (2004, 2011) and teaching (2007).
[Keynote]
Using Workflows for Reproducible Computationally-Driven ScienceComputationally-driven science, including computer security research, relies on a remarkably rich and diverse set of software and data to implement and evaluate new ideas. Ever-increasing pressure to produce results poses an impediment to accountability, which is a critical part of the scientific method. Experiments, along with their constituent software and data, may not be disseminated in a way to achieve the repeatability and/or reproducibility needed for trust, fairness and building on and comparing with previous research. In this talk, I will describe workflows and how they can play a key role in solving this “reproducibility crisis.” Workflows can seamlessly connect artifacts to all steps of the research lifecycle for easier and more transparent sharing. I will demonstrate a novel platform, OCCAM, that enables this type of sharing by directly linking experiments, specified as workflows, to the scholarly record as interactive, modifiable and executable content. Time permitting, I will show how OCCAM was used in computer security research to deploy interactive experiments for modeling access controls.
Bruce Childers is the Associate Dean for Strategic Initiatives in the School of Computing and Information, and a Professor of Computer Science at the University of Pittsburgh. His research spans the software-hardware boundary for improved energy consumption, performance and reliability. He has developed techniques at both the software layer (dynamic binary translation, compiler optimization, debugging and software testing) and the hardware layer (speed scaling, reliable cache design, storage class memory, and GPUs). It was during research in computer architecture that he grew frustrated with re-implementing published work, which was often underspecified and incomplete, for comparison. This frustration turned into positive action through the OCCAM and EASE projects to develop new approaches for reproducible science and to show the computer systems community why accountable research is important. Childers is the past steering committee chair and program chair of the ACM SIGPLAN and SIGBED Conference on Languages, Compilers, and Tools for Embedded Systems, participates on an ACM task force for scientific reproducibility, led a pilot to connect active curation platforms with the ACM Digital Library, and has given many talks on OCCAM and FAIR science. Childers is a graduate of the University of Virginia (2000, PhD) and the College of William and Mary (1991, BS).
[Keynote]
Title TBARoberta G. (Bobbie) Stempfley joined the Carnegie Mellon University Software Engineering Institute as director of the SEI's CERT Division in June 2017. Stempfley previously served as director of cyber strategy implementation at MITRE Corp. and as acting assistant secretary and deputy assistant secretary, Office of Cyber Security and Communications, Department of Homeland Security. In addition to her work at DHS, Stempfley previously worked in the DoD as CIO of the Defense Information Systems Agency and as chief of the DoD Computer Emergency Response Team, which she established. Stempfley received her bachelor's degree in engineering mathematics from the University of Arizona and her master's degree in computer science from James Madison University. A recipient of many awards, she was recognized by CyberScoop as among the Top Women in Cybersecurity, by Federal Computer Week in the Fed 100, and by Information Week as one of the Top 50 Government CIOs..
[Panel]
Using Splunk for SIEM Applications.Bio of Tim Naylor to be here...
Mary Ann Blair is the Chief Information Security Officer at Carnegie Mellon. Working with an outstanding team of information security professionals, she is responsible for the university's information security program, and identity and access management services. Prior to establishing the Information Security Office in 2004, Mary Ann served as Director of Administrative Computing at Carnegie Mellon, leading various applications development, systems integration, and systems maintenance projects over a fifteen year period. Before joining Carnegie Mellon, Mary Ann served as the Director of Data Management at the University of Pittsburgh's Epidemiology Data Center responsible for systems and services to support national, multi-center research efforts. Mary Ann is active in EDUCAUSE and its partner programs. She has served in numerous capacities including: EDUCAUSE/Internet2 Security Task Force; Program Committee for the Annual and Security Professionals Conferences; and CUMREC Board of Directors. She holds a B.S. in Psychology/Philosophy and an M.S. in Information Science, both from the University of Pittsburgh and is a Certified Information Systems Security Professional (CISSP).
Joel has over 30 years of experience in engineering, technology, and information security. He has extensive knowledge and experience in security penetration testing, intrusion management, computer emergency response, secure system and network design, and policy and procedure development. Joel is currently the Director of Information Security and Chief Information Security Officer for the University of Pittsburgh where he is responsible for information protection and compliance with security and privacy regulations related to computers and networks. Joel retired from the Air Force and his last assignment was at the Air Force Information Warfare Center. While there, he helped form the AF Computer Emergency Response Center (AF CERT), developed incident response techniques and procedures, worked with law enforcement, and worked on Air Force and DoD level cyber security strategy and policy.
As the Director of Information Security/New Initiatives at Duquesne University, Tom is responsible for the strategy and operations of the University’s comprehensive and unified information (cyber) security program for Duquesne University that includes detection, prevention, incident response, and cyber security awareness. He is also responsible for Identity and Access Management and Data Governance.
Steven Wallace brings more than 25 years of experience in network design, research, and deployment to his role as IU enterprise network architect and technical adviser. Notable accomplishments include 10 years leading IU's engineering support for Abilene (Internet2’s first high-speed backbone) and directing the university's Advanced Network Management Lab.
Christopher Keslar is a Senior Analyst within the University of Pittsburgh’s central Information Technology division (Computing Services and Systems Development). He works on strategic planning, emerging technology applications, and cyberinfrastructure to support research efforts on campus.
Chris Seiders is the Security Policy team lead with the University of Pittsburgh’s Computing Services and Systems Development department. He has been with the University for five years and works closely with the University’s research community. Chris is an ancillary reviewer on the PITT Institutional review board (IRB) performing data security reviews of IRB protocol submissions. Prior to working for the University, Chris worked for the Pennsylvania Higher Education Assistance Agency (PHEAA) for 14 years as the network security manager.
Scott Weinman is a Senior IT Security Analyst in the University of Pittsburgh’s IT Security department. Scott’s main duties include performing IT compliance reviews and providing researchers with guidance regarding securing study data. Scott has 18 years of experience implementing and reviewing finance and information technology controls in a variety of industries including healthcare and banking. Scott graduated from the University of Pittsburgh with a degree in Business Administration and from Duquesne University with a Masters of Business Administration (MBA) and a Masters in Information Systems. Scott is a Certified Information Systems Security Professional (CISSP), Certified Information Systems Auditor (CISA), and Certified Public Accountant (CPA).
Related Materials
A day does not go by without an organization making headlines for becoming a victim of a computer intrusion and often losing intellectual property. Special Agent Pirtle will discuss current technical vulnerabilities, cyber threats, and who the cyber actors are for the purpose of helping organization - including those engaged in scientific research and education - secure intellectual property. SA Pirtle will also cover the importance of information sharing through the InfraGard public-private partnership to address increasing cyberthreats.
SA Pirtle has been with the FBI for 14 years and is currently based out of the Pittsburgh field office. With a Masters in Computer Science, her experience has centered on cyber investigations and the cyber threat landscape. SA Pirtle’s investigative experience has included criminal and national security matters, both stateside and internationally. SA Pirtle currently works to secure our nation’s critical infrastructures through collaborative relationships and information sharing. The cyber and physical threats to our nation’s critical infrastructure are the focal points of her outreach with industry, academia, and government. As a Private Sector Coordinator, she is the FBI point of contact for both the InfraGard Pittsburgh Members Alliance and the InfraGard West Virginia Members Alliance.
Steve Mancini is the Chief Technical Officer (CTO) and Director of Strategic Operations for the National Cyber-Forensics and Training Alliance (NCFTA). As CTO, he oversees all IT and Security requirements for the organization. As the Director of Strategic Operations, he identifies, creates and oversees any strategic operations that overlap programs within NCFTA. He is also an adjunct professor at the University of Pittsburgh where he teaches on cyber crime and cyber security policy at both the graduate and undergraduate levels. Prior to joining NCFTA, after his retirement from the US Air Force as a decorated field grade officer, he spent several years with the Department of Homeland Security (DHS). Steve has a master’s degree in software engineering from the Air Force Institute of Technology (AFIT).
SAC-PA Project Team Members
This workshop is located at Wyndham Pittsburgh University Center
Click here to register the workshop.
SAC-PA Hotel Reservation (Click Here). Cut-off Date for the SAC-PA rate is: May 29, 2018.
You can also make reservation by contacting the in house reservation directly Monday-Friday 8AM-6PM.
If you would like to arrive outside the group arrival date (i.e., Jun 13), please contact either of
the following :
+ Mara Cerro 412-682-6251 (mcerro@wyndham.com)
+ Gabby Gassman 412-682-6200 ext. 6131 (ggassman@wyndham.com)
©2016-2018. Powered and Developed by SAC-PA.