News

Agile security for cloud systems? Moti Yung to give a HAIC Talk at Aalto

Renowned security and privacy scientist and cryptographer Moti Yung will visit Aalto University, hosted by the Helsinki-Aalto Center for Information Security (HAIC) to give a public lecture on 19 June.
haic_talks_moti_yung_en.jpg

Yung is particularly known for coining the term ‘cryptovirology’ and the principles behind it. At his HAIC Talk he will explain how, in ‘the cloud era’, software design and security tool development should be able to keep up with the constantly evolving ecosystem and take note of how cloud systems keep evolving.

Adhering to what he calls “agile principles” could also protect cloud systems from attacks and breaches.

‘In an environment where software development, updates and projects are always ongoing, also the cryptography and security designer should be in a state of adaptation to the system's evolution. I will demonstrate this in my talk based on a heavily-used real-world application,’ says Yung, referring to Google’s Advertisement Exchange, which supports the company’s multi-billion-dollar digital advertising.

Designing security tools and cryptographic solutions with the ever-extending scope and inevitable scaling up of the cloud system – such as Google’s Advertisement Exchange, Yung’s focus point in the upcoming talk – would be a way to avoid overly complex changes and loads of development overhead later on.

Yung finds an analogy of the ‘agility principle’ even for keeping every-day users safe from ransomware and all other kinds of attacks.

‘The two things people often think of only as disturbances – systems updates and backups – are in fact most essential! If everyone took care of them frequently, the window of opportunity for attackers would narrow considerably,’ reminds Yung.

Yung’s work on ransomware – the hijacking of systems or data from users or organisations and issuing demands for ransom for releasing the data – also becomes increasingly relevant with the current internet of things trend. The ‘things’ will enable new kinds of security breaches and attacks and prevention tactics need to be planned well in advance.

‘The merging of computing and physical devices will lead to new attacks where ransomware will be replaced by physical consequences.’

‘Any element of the new IoT systems will be a target, and there is not enough investment in their security. Ransomware could cause a man-made disaster if we do not secure the system-level infrastructure,’ believes Yung.

He also cautions that artificial intelligence applied without safety and security in mind will lead to attacks.

Moti Yung’s HAIC Talk The Advertisement Exchange: How to Develop Agile Cryptographic Support for an Evolving Ecosystem?, 19 June at Dipoli (Lumituuli) at 6 PM:
http://www.aalto.fi/en/current/events/2018-05-07-008

The talk is open for everyone, but please sign up in advance here:
https://haic-talks.eventbrite.com

  • Published:
  • Updated:
Share
URL copied!

Related news

Research & Art Published:

New book from Professor Vesa Puttonen

The book is titled “Miten sijoitan rahastoihin” (How to invest in mutual funds).
Research & Art Published:

Professor Vesa Puttonen’s book published in Estonian

The book ”Navigating the investment minefield” by H. Kent Baker and Vesa Puttonen has been published now in Estonian by the publisher Äripäev.
Research & Art Published:

During the COVID-19 crisis, nearly half of Finnish SMEs have applied for public financing, while less than one sixth have applied for a bank loan

Researchers from Aalto University, Erasmus University (The Netherlands) and the University of St. Gallen (Switzerland) have studied Finnish SMEs' financing options and prospects in the covid-19 crisis.
Research & Art Published:

Michael Ungeheuer’s paper accepted to be published in the Journal of Banking and Finance

Finance Assistant Professor Michael Ungeheuer’s paper has been accepted for publication in the Journal of Banking and Finance.