DSN 2009: 39th Annual IEEE/IFIP International Conference on Dependable Systems and Networks, June 29 – July 2, 2009.

Summary:

DSN is the chosen forum for researchers around the world, for presenting the very best research results, solutions to problems, and insight into emergent new challenges. DSN has pioneered the fusion between security and dependability, understanding the need to simultaneously fight against cyber attacks, accidental faults, design errors, and unexpected operating conditions.

Secure Software Systems (coordinator)
Network Security (coordinator)

FOREVER: Fault/intrusiOn REmoVal through Evolution & Recovery
Alysson Neves Bessani, Hans P. Reiser, Paulo Sousa, Ilir Gashi, Vladimir Stankovic, Tobias Distler, Rüdiger Kapitza, Alessandro Daidone, Rafael R. Obelheiro
In Middleware (Companion),  Leuven, Belgium, pages 99-101, December 2008.

On the Effects of Diversity on Intrusion Tolerance
Alysson Neves Bessani, Rafael Obelheiro, Paulo Sousa, Ilir Gashi
Submitted to publication.
Available as Technical Report DI/FCUL TR-08-30.

JBP aims to provide a complete, modular and clear implementation of the Byzantine Paxos agreement protocol in Java programming language. Since there are several variants of this algorithm, we choose to implement Paxos at War, by Piotr Zielinski, for consensus and extended it to for total order multicast adding only one communication step and maintaining the quadratic message complexity using the usual technique proposed by Leslie Lamport in the Classical Paxos algorithm and later extended by Castro and Liskov in the BFT system.

JBP was developed because there was no implementation of a fast Byzantine fault-tolerant Total order multicast protocol in Java. Moreover, JBP implementation follow the same line of the BFT system (implemented in C), but we want to separate state management (basically, checkpoints) from the core total order multicast algorithm.

JBP is available to download, you are welcome to try it!

Ricardo Manuel dos Santos Neves Oliveira, Prometheus: Operational Optimization of Firewalls in Large Corporate Networks, Mestrado em Segurança Informática (University of Lisboa) & Master Of Science in Information Technology – Information Security (Carnegie Mellon University), December 2008.

Towards Intrusion-Tolerant Process Control Software
Hugo Ortiz, Paulo Sousa, Paulo Veríssimo
In Proceedings of the 4th Portuguese National Conference of Informatics Security in Organizations (SINO 2008 ), Coimbra, Portugal, November 2008.

Pedro Miguel Machado de Almeida, Measuring Software Diversity through Vulnerability Data, Master/Mestrado em Informática.

SINO 2008: 4th Portuguese National Conference of Informatics Security in Organizations, Nov 18-19, 2008.

Summary (in portuguese):

A Segurança Informática está na ordem do dia, no que diz respeito à segurança das organizações e indivíduos. Esta conferência constituirá uma excelente oportunidade de reflexão e discussão das diversas questões inerentes à segurança informática, quer na visão da investigação científica, quer como fórum de discussão envolvendo as empresas e instituições, para troca de experiências sobre aspectos teóricos e práticos bem como sobre projectos de I&D e experiências de adopção de diferentes tecnologias e práticas de segurança para sistemas computacionais.

O evento juntará, num fórum aberto de discussão e debate, diferentes especialistas, investigadores, consultores, administradores de sistemas, responsáveis pela segurança e outros representantes das empresas e das diversas instituições.

EDCC-7: 7th European Dependable Computing Conference, May 7-9, 2008.

Summary:

There is an increasing dependency of the society on computing services and their underlying computing systems. This dependency creates strict requirements for the delivered services. These requirements affect to the quality of service, continuous availability, survivability in the advent of catastrophic failures, confidentiality, intrusion tolerance, etc. Dependability is a concept that considers all these cross-cutting concerns and required attributes, such as reliability, availability, safety, and security, as well as human factors.

The 7th European Dependable Computing Conference aims at providing a European-hosted venue for researchers and practioners from all over the world to present and discuss their latest research achievements. Original papers are solicited on theory, techniques, systems, and tools for the design, validation, operation and evaluation of dependable computing systems. All kinds of faults are of interest, from traditional hardware and software faults to accidental and malicious human interactions.