Security Engineering Research Group

BA4WS Paper Available Online

Behavioral Attestation for Web Services (BA4WS) presented in Secure Web Services (SWS’08) at the Conference on Computers and Communications Security (CCS’08) is available online. See details here: http://doi.acm.org/10.1145/1456492.1456496.

Virtualization on Mobiles

“VMware on Monday extended its virtualization platform to the mobile phone platform with the unveiling of its VMware Mobile Virtualization Platform based on a previously unannounced acquisition it closed last month.The new platform lets mobile phone users work with multiple virtual phones at the same time, said Srinivas Krishnamurti, VMware’s director of product development management and market development.”

http://www.crn.com/networking/212001314

On Android and Java

Looking at different discussions regarding about Android, Dalvik, Java, Google and Sun, I came across this excellent article. It discusses the moves by Sun and Google on the Java and Android platforms. Also, take a look at Harmony by Apache. It’s a fork of the Java libraries and as such, should be very useful when you need “Java without Java”.

SACMAT2009 Call for Papers (CFP)

SACMAT 2009 call for papers is out:

http://www.sacmat.org/2009/date.php

*  January 16
o Deadline for submission of paper
* January 16
o Deadline for submission of panel proposal
* March 6
o Acceptance notification
* March 31
o Deadline for camera-ready copies of the accepted papers
* June 3-5
o SACMAT in Stresa, Italy

Mobilware Call for Papers (CFP)

Mobilware in Berlin, Germany:

http://www.mobilware.org/cfp.shtml

Important Dates

Paper Submission Due Date:     November 23, 2008
Workshop/Tutorial Proposals Due Date:     December 1, 2008
Notification of Acceptance:     February 1, 2009
Camera Ready Versions Due:     February 20, 2009
Conference Dates:     April 28-30, 2009

EnCoRe Project Updated

Website for the project, “Ensuring Consent and Revocation” has been udpated. Information can be seen at the project website here.

News from Blog of Trust

I came across (once again, after a long time) this blog called Blog of Trust with lots of information about Trusted Computing, Remote Attestation and mobile platforms. The author (according to the About page) is an employee of the TCG.

Two of the posts I found very interesting were:

1. “OKL4 and Android: are the pieces slotting into place?”

Describes the possibility of an MTM on Android. This seems to be a hot topic and we need to look into it in detail and soon. Read the Post here.

2. Aonix contributing PERC Ultra JVM to TECOM

TECOM is a project aimed at bringing trusted computing to the mobile platforms. See these two sites for the original TECOM page and a MarketWatch article on the project.

I would love it if one of the fresh young associates can subscribe to the Blog of Trust RSS and keep us updated on the latest developments there. It’s a very informative blog about TC.

Project Orientation Scheduled - DBAMP

Project orientation for “Dynamic Behavioral Attestation for Mobile Platforms (DBAMP)” by SERG has been scheduled for October 25, 2008 at 11:00 AM (PST). All students/participants are invited to attend the orientation. Agenda for the orientation is:

1. Introduction to SERG’s activities
2. Actors in the Project Scenario
3. Project objectives
4. Current status of the project
5. Project TODO
6. Participation of members — areas and interests

Please be there on time. We’re still trying to work out the location. In the meantime, come over to SERG lab at the specified time and we’ll take it from there.

[Please communicate this notice to anyone you know who took the interview and keep visiting this site for further notices.]

Call for Walk-in Interviews

We are pleased to announce that the research and development project titled “Dynamic Behavioral Attestation for Mobile Platforms” by Security Engineering Research Group (SERG) at IMSciences, in collaboration with Dr. Xinwen Zhang at the Samsung Information Systems America (SISA) has been formally initiated. The duration of the project is 24 months starting from the last quarter of 2008. Research objectives of the project are:
“To develop a dynamic remote attestation technique [hardware-based security mechanism] for diverse computing environments enabled by mobile platforms and to implement remote attestation on mobile platforms”.

The funding agency, National ICT R&D Fund, Pakistan is a prestigious organization which funds highly significant and state-of-the-art research and development projects in Pakistan related to information and communication technology. Benefits of participation include working in a competitive environment on bleeding edge research and development in collaboration with industry leaders in security and mobile devices, research credentials in the form of experience and research publications, an environment for learning about research activities and a handsome package.

The Project Director requires TWO experienced and skilled programmers for the full-time post of “R&D Scholar”.  Interested candidates should arrive at SERG Lab in IMSciences on Saturday October 18, 2008 at 9:00 AM along with relevant documents and skill exhibiting artifacts for a walk-in interview at the address given below:

SERG Lab, IMSciences
1-A, Sector E-5
Phase VII, Hayatabad
Peshawar, Pakistan
http://serg.imsciences.edu.pk

Dynamic Behavioral Attestation for Mobile Platforms

A new research and development project by SERG has just been approved by the National ICT R&D Fund. Details about the project can be seen on the project page at http://serg.imsciences.edu.pk/projects/dbamp

If you are in any way interested in participating in this project, do let us know. You can leave a comment here or contact one of the members of SERG through email.