Privacy v. Security
Susan Landau (Sun Microsystems)

In forty five minutes, this talk will quickly examine the various complexities of security and privacy: where there are they same, where they differ, what laws say, and how this all works in academia where information sharing is an important value.

Building a Linux Distribution
Matthew Miller (Boston University)

This talk will examine Boston University’s experience in developing and marketing “BU Linux”. The talk will review the goals of having a customized distribution, the benefits we have reaped from having it, and look at how successful we have been in deploying it in our community. The talk will also look at the challenges we still face in maintaining, updating, and deploying and distribution.

Patching Strategies
Paul Luppino (Tufts University)

This talk will review the strategies used to maintain patches on Microsoft systems at Tufts University. The strengths and weaknesses of these strategies will be examined along with their applicability to other platforms.

Slides from the presentation

Cyber Investigative and Forensic Response
James Burrell (Federal Bureau of Investigation)

We are unable to provide a description of the talk or the slides from this presentation due to restrictions on the release of this information. Sorry you missed it!

Identity Management
Collin Sampson (Sun Microsystems)

The Identity Management talk will be focused on the challenges and processes associated with providing users with appropriate access to services. The talk will also center around roles and responsibilities, least privileges, and separation of duties. Too often organizations have several authentication mechanisms and spend considerable time and money on user management issues. Organizations also need to easily monitor the activity of users to ensure accountability.

Slides are not available from this presentation.

Two Case Studies
John A. Grossman (Massachusetts Attorney General’s Office)

This talk will examine two real cases where law enforcement and University computer security personnel were required to interact. The studies will examine the nature of the partnerships and provide accurate expectations of the procedures and commitments involved in working with the Attorney General’s Office to investigate computer based crime.

Unfortunately, Mr. Grossman was unable to join us for the conference and present this talk. We therefore do not have slides for it.

Riding the worm: MyDoom.AC
Rich Graves (Brandeis University)

In early September, someone released two variants of MyDoom targeting two non-profit websites. Thanks to some collaboration within higher ed, one variant was isolated and documented. The talk will include an overview of the worm; speculation on how it was seeded; technical measures for protecting websites under such attack; law enforcement and ISP response (if any); and implications for free speech on the web (if any).

Slides from the presentation

Intrusion Prevention Systems: The Inside Dirt
David Escalante (Boston College)

Intrusion Prevention Systems have received a lot of hype in the security field. What are they? How are they different than other security technologies? Do they work? What do you need to know before getting one? This talk will focus on what the articles and salespeople don’t tell you about network-based Intrusion Prevention Systems based on Boston College’s implementation over the past year.

Slides from the presentation