MPI-INF Logo
Campus Event Calendar

Event Entry

What and Who

Information System Security: Beyond the Sum of its Parts Analyze, Measure, Explain, Improve

Tobias Fiebig
MMCI
Joint Lecture Series
AG 1, AG 2, AG 3, INET, AG 4, AG 5, D6, SWS, RG1, MMCI  
Public Audience
English

Date, Time and Location

Wednesday, 6 July 2022
12:15
60 Minutes
Virtual talk
Virtual
Saarbrücken

Abstract

Building secure and dependable information systems is one of the biggest challenges of the 21st century. With ransomware attacks paralyzing whole countries and digital infrastructures for health and essential services under threat, information system security is no longer an academic question, but a necessity.

In this talk, we take a look at those who build secure digital environments: System Administrators. These information workers face multi-facetted challenges, and understanding how they (can) build secure system stretches beyond methods of individual disciplines. Secure cryptographic algorithms may be of no use if their key material is accidentally published. Software updates cannot prevent a compromise if they have never been installed. An intrusion detection system may leave defenders blind if attacks hide in a storm of false positive notifications.

Following a line along prior research, we see how we have to combine methodology from various fields to scientifically approach and improve information system security. First, we see how we can analytically assess challenges for information system security. However, to quantify their impact we then have to develop and apply network measurement techniques. While security related measurements illustrate the scale of vulnerabilities—misconfigurations for example—they lack in explanatory value as to ¬why vulnerabilities occur. Using qualitative methodology here to better understand and explain the interaction of technology, organizations, and human factors then allows us to take a practical perspective on security challenges. Ultimately, this enables us to develop and advocate for solutions that do not only provide the right technology, but also ensure that this technology can be effectively used to create secure information systems.

Contact

Jennifer Müller
+49 681 9325 2900
--email hidden

Virtual Meeting Details

Zoom
997 1565 5535
passcode not visible
logged in users only

Jennifer Müller, 02/21/2022 14:29
Jennifer Müller, 02/18/2022 11:08
Jennifer Müller, 02/14/2022 15:41 -- Created document.