Title: Analytical and Experimental Methods for High-Performance Network Testing
Time: 2pm at April 12, 2013
Space: ECS 243

ABSTRACT: There has been an increasing number of large-scale science and commercial applications that produce large amounts of data, in the range of petabytes to exabytes, which has to be transported over wide-area networks. Such data transport capability requires high-performance protocols together with complex end systems and network connections. A systematic analysis and comparison of such data transport methods involves the generation of throughput profiles from measurements collected over connections of different lengths. For such testing, the connections provided by production networks and testbeds are limited by the infrastructures, which are typically quite expensive. On the other hand, network emulators provide connections of arbitrary lengths at much lower costs, but their measurements only approximate those on physical connections. We present a differential regression method to estimate the differences between the performance profiles of physical and emulated connections, and then to estimate “physical” profiles from emulated measurements. This method is more general and enables: (i) an objective comparison of profiles of different connection modalities, including emulated and physical connections, and (ii) estimation of a profile of one modality from measurements of a different modality by applying a differential regression function. This method is based on statistical finite sample theory and exploits the monotonicity of parameters to provide distribution-free probabilistic guarantees on error bounds. We present an efficient polynomial-time dynamic programming algorithm to compute the underlying differential regression function. We provide a systematic analysis of long-haul InfiniBand and TCP throughput measurements over dedicated 10/40Gbps connections of several hundreds of miles. These results establish the closeness of throughput profiles generated over plain, encrypted, physical and emulated connections. In particular, our results show that robust physical throughput profiles can be derived using much less expensive emulations, thereby leading to significant savings in cost and effort.

BIOGRAPHY: Nageswara S. V. Rao is a Corporate Fellow in Computer Science and Mathematics Division, Oak Ridge National Laboratory, where he joined in 1993. He was on assignment at Missile Defense Agency as the Technical Director of C2BMC Knowledge Center during 2008-2010. He received B.Tech from National Institute of Technology, Warangal, India in Electronics and Communications Engineering in 1982, M.E. in Computer Science and Automation from Indian Institute of Science, Bangalore, India in 1984, and PhD in Computer Science from Louisiana State University in 1988. He published more than 300 technical conference and journal papers in the areas of sensor networks, information fusion and high-performance networking. He is a Fellow of IEEE, and received 2005 IEEE Technical Achievement Award for his contributions to information fusion area. His research projects have been funded by multiple federal agencies including National Science Foundation, Department of Energy, Department of Defense, Domestic Nuclear Detection Office, and Defense Advanced Research Projects Agency.

Title: Digital Identity Protection – Concepts and Issues
Time: 2pm on February 22, 2013
Space: CP 197

ABSTRACT: Digital identity management (DIM) has emerged as a critical foundation for supporting successful interaction in today’s globally interconnected society. It is crucial not only for the conduct of business and government but also for a large and growing body of electronic or online social interactions. Digital identity management is usually coupled with the notion of federation. The goal of federations is to provide users with protected environments to federate identities by the proper management of identity attributes. Federations provide a controlled method by which federation members can provide more integrated and complete services to a qualified group of individuals within certain sets of business transactions. By controlling the scope of access to participating sites, and by enabling secure, cross-domain transmission of user’s personal information, federations can make the perpetration of identity frauds more difficult, as well as reduce their frequency, and their potential impact. In this talk we will first discuss basic digital identity concepts and requirements towards DIM solutions and we will overview relevant initiatives currently undergoing in academia and industry. We will then focus on the problem of identity theft and discuss an initial solution to the problem of establishing and protecting digital identity.

BIOGRAPHY: Elisa Bertino is professor of computer science at Purdue University, and serves as Director of Purdue Cyber Center and Research Director of the Center for Information and Research in Information Assurance and Security (CERIAS). Prior to joining Purdue in 2004, she was a professor and department head at the Department of Computer Science and Communication of the University of Milan. She has been a visiting researcher at the IBM Research Laboratory (now Almaden) in San Jose, at the Microelectronics and Computer Technology Corporation, at Rutgers University, at Telcordia Technologies. Her recent research focuses on database security, digital identity management, policy systems, and security for web services. She is a Fellow of ACM and of IEEE. She received the IEEE Computer Society 2002 Technical Achievement Award and the IEEE Computer Society 2005 Kanai Award. She a member of the editorial board of IEEE Transactions on Dependable and Secure Computing, and IEEE Security & Privacy. She is currently serving as chair of the ACM Special Interest Group on Security, Audit and Control (ACM SIGSAC).