Physical and Digital Convergence: Where the Internet is the Enemy
Patrick McDaniel
Penn State University
Abstract:
The physical world is increasingly governed by digital systems. In the developed world, access to all water, food, and heat are managed on some level by computers and networks. Such systems ensure access is cost effective, efficient, and convenient. However, with this utility comes vulnerability: adversaries can use online systems against essential services and indirectly those who use them---with potentially grave results. This talk considers how the benefits of the integration of online infrastructure with traditional public services are weighed against perceived and real vulnerabilities. Experiences learned from widely known (and some not so widely known) exploits will be explored, and the recent failures and successes of the security community scrutinized. The talk will conclude by considering how the inevitable push for tighter integration can be managed to ensure that our society becomes more secure, rather than less so.
Bio:
Patrick McDaniel is the Hartz Family Career Development Assistant
Professor in the Computer Science and Engineering Department at the
Pennsylvania State University, and co-director of the Systems and
Internet Infrastructure Security Laboratory. He received his Ph.D.
from the University of Michigan in 2001 where he studied the form,
algorithmic limits, and enforcement of security policy. Prior to
joining Penn State, Patrick was a senior technical staff Member of
the Secure Systems Group at AT&T Labs-Research and Adjunct Professor
of the Stern School of Business at New York University. Patrick's recent research efforts have focused on telecommunications
security, distributed systems security, network security, language-based security, and public policy and technical issues in digital
media. Patrick is a past recipient of the NASA Kennedy Space Center
fellowship, a frequent contributor to the IETF security standards,
and has authored many papers and book chapters in various areas of
systems security. He is the co-chair of the 2007 and 2008 IEEE
Symposium on Security and Privacy, and served as the Program Chair of
the 2005 USENIX Security Symposium, the Vice Chair for Security and
Privacy for WWW 2005, and is the Chair of the Industry and Government
Track at the 2005 and 2007 ACM Computer and Communications Security
conference. Patrick is also an associate editor of the journal ACM
Transactions on Internet Technologies and a guest editor of the IEEE
Transactions on Software Engineering. Prior to pursuing his Ph.D. in
1996, Patrick was a software architect and program manager in the
telecommunications industry.