How To Understand Information Security

Transcription

1 Application for NOKUT Accreditation of PhD Information Security May 29, 2007

2 Foreword This is an application for accreditation of a PhD programme in information security at Gjøvik University College (GUC). Information security is a strategically important area for GUC and the region Innlandet. It is one out of six target areas in the project Innlandet 2010 which is part of the norwegian government project Innovasjon 2010 ( Innovation 2010 ). This document is structured according to the NOKUT criteria Forskrift om standarder og kriterier for evaluering og akkreditering av norsk høgre utdanning 2-3 which addresses doctoral education. Each criteria is addressed in its own section of this document. ii

3 Contents 1 Plan for the programme Regulations for the PhD programme Name of the PhD programme Information security as a PhD discipline Scientific context of information security Information security in an international context Goals, admission criteria and qualifications of graduates Mandatory and optional parts of the programme Research environment NISlab NISlab people Core tenure faculty International research context Related programmes/activities at GUC Cooperative environment Internal seminars and meetings Key faculty outside NISlab National and international networking National networks International research networks Infrastructure Working environment and conditions Library resources ICT services General technical and administrative support Quality assurance 44 iii

4 Nomenclature 46 Bibliography 47 A PhD Information Security Plan of studies 50 B Course descriptions 54 C PhD regulations 109 D PhD guidelines 122 E Survey of journals and conferences 129 F CVs of core tenure and adjunct faculty 137 G Information security journals and conferences 179 H List of publications by NISlab faculty members 190 I List of master theses in information security J Some history on terminology 199 iv

5 TODO-list (will be removed) Overall status is the document is 90% complete too brief App G - plan of studies is UNFINISHED spellchecking of entire document MOST CVs ARE MISSING SOME SIGNIFICANT INFORMATION add all sections and paragraphs labelled TBA, TODO and... Check for consistency: PhDstudent/Research fellow, use of Lasse as faculty and student, use of Prof./Dr./Nothing, static linking of cross references update our webpage Questions (will be removed) URLs in text, footnotes and refs? or only in text? change tables 4, 6 and 7 to be more like table 2 Does the document in general show that we are a good team? or a group of individuals? v

6 List of Figures 1 McCumber s information systems security model Recruitement to PhD programme vi

7 List of Tables 1 List of proposed 6000 level courses Courses linked to research areas Ratio Professor / Associate professor Core faculty involved in the PhD programme Other supporting faculty members and adjunct faculty at NISlab Current research fellows / PhD students Previous research fellows / PhD students Number of graduates from GUCs master programs Supporting faculty relevant for the PhD programme vii

8 1 Plan for the programme This chapter addresses the specific criterias addressed in 2-3 (1) of the NOKUT criterias. The actual PhD Information Security - plan of studies is in appendix A. 1.1 Regulations for the PhD programme The regulations for the PhD programme which have been approved by the board of GUC is in appendix C. The regulations resemble those in use by other universities in Norway, and will be submitted to Lovdata for registration. The regulations are accompanied by the guidelines and the contract for PhD students as mentioned in chapter six. 1.2 Name of the PhD programme The name of the programme is PhD in Information Security. 1.3 Information security as a PhD discipline Information security is in most settings defined related to the protection of information such as the old IBM definition [19]: "Information security encompasses the study of the concepts, techniques, technical measures, and administrative measures used to protect information assets from deliberate or inadvertent unauthorized acquisition, damage, disclosure, manipulation, modification, loss, or use." This definition captures the essence of information security as a discipline at any academic level: the study of how to protect information. In the academic landscape of the Norwegian Association of Higher Education Institutions categorization of scientific disciplines from 2003 [31], information security is not recognized by its name as a discipline on its own but maps closely to Matematikk og naturvitenskap (mathematics and natural sciences) Informasjons- og kommunikasjonsvitenskap (information and communication science) Sikkerhet og sårbarhet (security and vulnerability). A common definition and a scientific categorization provides us with an intial understanding of what information security is. Looking more closely at information security in an academic context, it s important to identify commonly used and agreed upon curriculas and research areas. At the undergraduate level, we find two widely known curricula for information security in the IEEE/ACM Computing Curricula [1] and in Whitman & Mattord s (Kennesaw 1

9 Figure 1: McCumber s information systems security model. Reprinted from McCumber [18]. State University) A Model Curriculum for Programs of Study in Information Security and Assurance [34]. In the most recent version of the Computing Curricula, information assurance and security is most heavily emphasized under the Information Technology program (as one out of eleven knowledge areas) and the listed topics are: fundamental aspects; security mechanisms (countermeasures); operation issues; policy; attacks; security domains; forensics; information states; security services; threat analysis model; vulnerabilities. These topics reflects some of the historical roots of information security in the US, since they are related to the widely known McCumber information systems security model from 1991 [18], shown in figure 1. An information assurance version of this model has been introduced by Maconachy et al. [16] As opposed to just covering a knowledge area in information technology, a set of courses for covering an entire B.Sc. in information security and assurance are proposed in Whitman & Mattord s model: principles of information security and assurance; applications in information security and assurance; policy and administration in information security and assurance; computer forensics; security script programming; client OS security; server OS security; incident response and contingency planning; information security 2

10 and assurance programs and strategies. Whitman & Mattord s model is to a large extent based on the body of knowledge defined in the CISSP (Certified Information Systems Security Professional) certification (see and the NSTISSC (National Security Telecommunications and Information Systems Security Committee) training standards [24, 21, 22, 23, 25]. The CISSP information security body of knowledge is: access control; application security; business continuity and disaster recovery planning; cryptography; information security and risk management; legal, regulations, compliance and investigations; operations security; physical (environmental) security; security architecture and design; telecommunications and network security. We see that much of the curricula defined at the undergraduate level is focusing on covering all aspects relevant for the information security professional/practitioner, more than the information security researcher. Looking at information security at the graduate level, we see that more topics addressing fundamental problems, theoretical foundations and abstract modelling are introduced. Typical examples of these are Advanced cryptography and Trusted computing from the M.Sc. information security at Royal Holloway, London or the courses Intrusion detection and prevention and Authentication from our own M.Sc. information security at Gjøvik University College. Some journals have more research oriented definitions/categorizations of information security. ACM Transactions on information and system security categorizes information and systems security according to the dimensions security technologies, secure systems, security applications and security policies. The International journal of information security describes their scope as theory, applications, and implementations of information security. They further categorize this as system security, network security, content protection, applications, and foundations. To visualize what information security is as a PhD discpline, we have chosen to survey journals and recent conferences for listed topics of interest. We have surveyed the following conferences and journals: ISC Information Security Conference, an annual international conference held since 1997, published in Springers Lecture Notes in Computer Science series. ACISP Australasian Conference on Information Security and Privacy, an annual international conference held since 1996, published in Springers Lecture Notes in Computer Science series. IFIP-SEC IFIP TC-11 International Information Security Conference, an annual international conference held since 1983, published in Springers IFIP International Federation for Information Processing series. IEEE-SP IEEE Symposium on Security and Privacy, an annual international conference held since 1980, published by IEEE. 3

11 ACM-CCS ACM Conference on Computer and Communications Security, an annual international conference held since 1993, published by ACM. IJIS International Journal of Information Security, Springer, publishes quarterly with its first volume in TISSEC ACM Transactions on Information and System Security, ACM, publishes quarterly with its first volume in TDSC IEEE Transactions on Dependable and Secure Computing, IEEE, publishes quarterly with its first volume in IJICS International Journal of Information and Computer Security, InderScience, is a forthcoming journal. IET-IS IET Information Security, Institution of Engineering and Technology, publishes quarterly with its first volume in The criterias for selecting these conferences and journals were significance, distinctiveness and information security scope. Its important to note that certain information security topics might be emphasized differently at different levels of education. What is considered as the most important topics whan providing hands-on training to information security professionals or practitioners might not be as important when educating researchers at the PhD level. In other words, there are many important but solved problems in information security that is not necessarily a typical target of research. After gathering all the listed topics of interest in these journals and conferences, we have (starting with the most frequent occurring topics of interests) performed clustering based on our perception of scientific similarity. This will of course never be perfect since we dont have any precise definition of each topic of interest, but it should be a realistic approximation to a description of information security as an area of research. We ended up with information security described in terms of the following major areas (the entire survey is documented in appendix B): Information Security Management (ISM) Risk Analysis and Management for Complex Environments, Information security as part of corporate governance, Information security management: future visions, International information security standards: new regulations, Security management, Security policy, Security control measures, Trust management policies, Security and Privacy in IT outsourcing, Threat assessment, Vulnerability assessment for integrated environments, Security of ecommerce, ebusiness and egovernment, Evaluation and certification, Economics of information security and privacy, Ethics and social issues, Educational activities: Incorporating security, privacy and trust, Metrics for information security 4

12 System security (SS) Database and system security, Access control, Secure operating systems, Accounting and audit, Data and application security, Identity and Trust Management & Models, Authorization, Security in information flow, Architectures for InfoSec, Privacy and Trust, Data/System intergrity, Java and XML security, Inference and Controlled disclosure, Language-based security, Secure end systems, Software protection, System management and administration, Formal methods in security, Malware and viruses, Security for mobile code, web browsers and servers, Anti-virus and anti-hacker measures, Software testing, validation and verification, Security modelling and architectures, Security, privacy and trust in systems development methods, Selfchecking software systems, Tamper-resistant software, Trusted computing, Software aging and rejuvenation, Use of COTS components, Intrusion detection, tolerance and prevention, Authentication and identification, Biometrics, Authentication and non-repudiation, Identity management, Secure hardware and smartcards, Usable security Cryptology (CR) Cryptographic protocols and function, Applied Cryptography, Cryptography, Design and analysis of cryptographic algorithms, Multi-party computation and threshold cryptography, Quantum cryptography, Assurance incl. cryptanalysis and formal methods Network security (NS) Key management, Network and communcation security, Network and wireless security, Mobile, Ad Hoc and Sensor Network Security, PKI and PMI, Distributed systems security, Peer-to-peer network security, Internet security, Broadcast encryption and traitor tracing, Digital signature schemes, Key distribution, Key establishment protocols, Security agents, Transaction security, Secure protocols, Telecom applications, Secure location services, Security of grid computing, Firewalls, Electronic cash, security Privacy (PRIV) Anonymity and pseudonymity, Privacy-enhancing technologies, Private searches, Electronic surveillance, Health applications, Legal and privacy issues, RFID and sensor networks: security, privacy and trust, Security and Privacy in pervasive/ubiquitous computing Attacks and forensics (AF) Computer forensics, Attacks and prevention of online fraud, Attack models, Electronic fraud related to phishing, Fraud management in advanced network infrastructures, Hacker and terrorist detection, Penetration technologies, Computer crime prevention and detection Information warfare and critical infrastructure protection (IWCIP) Infra-structure security, Advanced application infrastructures: Security, privacy and trust, Security infrastructures 5

13 Content protection (CP) Information hiding and watermarking, Steganography: new applications, Copyright protection, Digital rights management, Intellectual property protection Dependable computing (DC) Recovery and survivable operations, Availability, performability and survivability, Safety-critical systems, Dependability, Robust networks, Software security and reliability engineering, Denial of service, Assurance of service These are the nine areas we use to describe our approach to information security, which reappear several times in this document. Please note that these nine areas are not necessarily equally sized. We have not made any attempt at weighting their coverage or importance with respect to each other, we only contend that these represent a sufficiently logical grouping for us to desribe the area of information security as we perceive it A word about terminology Terminology is different dependent on geographic location and roles/positions. We consider the following terms to be treated roughly as identical: Information security Information systems security Information assurance We separate these terms from the ones commonly addressing only the technical aspects: IT security Data security Computer security For more details on terminology related to information security, please see appendix H. 1.4 Scientific context of information security Information security has its roots in the disciplines of mathematics and computer science, where the early efforts in protecting information in computer systems took place in the 1960 s and 1970 s [32, 33, 28, 4]. Of course, protecting information in general has been a topic of research in cryptography for thousands of years back. During the 80 s and 90 s information security evolved naturally into a larger and wider area with stronger ties to the other disciplines: Psychology usability of security mechanisms, social engineering (manipulation of humans with the purpose of accessing information, usability and acceptability of biometrics [10] Economy incentives in the design and deployment of computer systems [3] Law legal and regulatory aspects, privacy issues [14, 29] 6

14 Organizational sciences effectiveness of policy, organizational culture, management involvement in security [15] Electrical engineering image and signal processing for content protection [7], telecommunication applications, hardware devices [11] Information security is a cross-discipline area but maintains its strong roots in mathematics and computer science, especially when it comes to defining it as an area for PhD research. The important disctinctions to make for information security is to separate it as a discpline from the more general field of safety and security. Information security is about protecting information, it is not about protecting people. 1.5 Information security in an international context The discipline of information security has grown out of worldwide needs for information security professionals at different levels of education. Bishop [5] described in his 2000 talk at the colloquium for information systems security education (CISSE) five levels of education in information security: public awareness, training, undergraduate education, masters level education and doctoral work. Public awareness is about reapetedly telling the public things like to update the software on their home computers and never open unknown attachments. This has become increasingly important the last ten years as more and more people have broadband connections to the internet. Government funded institutions like Norsk Senter for Informasjonssikring (NorSIS, located in Gjøvik) have this as a major activity. Training is most commonly perceived as learning to perform a specific and concrete task, e.g. configuring a firewall or performing evalution of products according to given standards/checklists. Training often leads to certifications. This is where we in the information security discipline encounter the relations between training and education. The american National Training Standards documents (dating back to 1994 [24]) from the Committee for National Security Systems (CNSS) are closely linked to content of many bachelors education in information security. They are linked in the sense that for an american academic institution to be accredited as a Center of Excellence in Information Assurance Education, they have to document that they cover at least the content of the National Training Standards. International certifications in information security have been around since 1978 [13]. The most widely known are probably CISSP (Certified Information Systems Security Professional) from (ISP) 2, and CISA (Certified Information Systems Auditor) and (Certified Information Security Manager) CISM from ISACA. The body of knowledge described under these certifications are used in curricula development at both the bachelor and (partially) masters level. However bachelors and master level courses differs from training and certifications with more breadth, depth and focus on the underlying principles, but it is interesting to observe the close links between academic education and professional training and certifications in information security. 7

15 Most bachelors programmes have arrived after the year 2000, while Royal Holloway at the University of London have had their Master of Science in Information Security since As the academic community in information security has rapidly grown the last ten years, several arenas for curricula development and issues related to education of information security graduates have formed: CISSE Colloquium for Information Systems Security Education [9] has been held annually since WECS Workshop on Education in Computer Security [8] has been held in seven times in the period 1997 to WISE IFIP World Conference on Information Security Education [20] was held in 1999, 2001, 2003 and InfoSecCD ACM annual conference on Information security curriculum development was held in 2004, 2005 and 2006 [37, 35, 36] In the widely known IEEE/ACM Computing Curricula, Security and Cryptography was identified as one out of twelve topics with increased importance in 2001??. Former president of the ACM Peter J. Denning lists Data security as one of the core technologies of computing in his CACM paper Great principles of computing from 2003??. Among working groups, special interest groups and technical committees in professional organizations we find the following key groups related to information security: ACM SIGSAC The ACM Special Interest Group on Security, Audit and Control IFIP TC11 The IFIP Technical Committee 11 on Security and Protection in Information Systems IEEE CS TCSP The IEEE Computer Society Technical Committee on Security and Privacy IEEE CS TFIA The IEEE Computer Society Task Force on Information Assurance Information security has developed a substantial body of significant research efforts over the last 30 years. The earliest papers were related to the development of timesharing multiuser computer system [32, 33]. The first major academic forum dedicated to information security is most likely the annual IEEE symposium on security and privacy which was initiated in 1980, with the 27th conference arranged in may Information security shares the charateristics of computer science and engineering in that it is a typical discipline in which its more common to publish at conferences than journals [27, 12]. There are very low acceptance rates at several information security conferences, some examples can be seen on the following webpages: 8

16 1.6 Goals, admission criteria and qualifications of graduates Goals The goal of the PhD programme in information security at GUC is that the candidate will conduct independent research that leads to a scientific dissertation of international standard. In addition the candidate will receive advanced training in theories and methods which will provide a foundation for independent and objective thinking with respect to research in own field of study. The graduated candidate will be qualified for research activities and other forms of labour with high scientific requirements Admission In order to be admitted to a doctors programme, the applicant must normally have a five-year Masters degree or equivalent, which the university college has approved as basis for admission to the Ph.D. programme in question. As a general rule the following must be fulfilled: Average grade for the Bachelor degree must be A, B or C Average grade for Subjects at Master level must be A or B The Master s thesis must have grade A or B Qualifications of graduates A graduate from the study programme PhD in information security will be qualified primarly for high level research positions in industry as well as teaching and research positions in academia. 1.7 Mandatory and optional parts of the programme The educational section included in the Ph.D. programme must comprise at least 30 credits and include among other topics ethics and philosophy of science. Courses on the Bachelors degree level can not be included in the educational section. Up to 10 credits can be approved as courses on the Masters degree level. If such courses are seen as necessary previous knowledge for other courses or the research project, they must be taken in addition to the 30 credits. See also section 4.2 of 4 in the PhD regulations in appendix C. Table 1 shows the list of proposed courses at the 6000 level. Mandatory courses for all areas of research are IMT6011 Ethics and Legal Aspects of Scientific Research, IMT6021 Methodology of Scientific Research and IMT6031 Probability and Statistics. Table 2 shows how 9

17 Course code IMT6011 IMT6021 IMT6031 IMT6041 IMT6051 IMT6061 IMT6071 IMT6081 IMT6091 IMT6101 IMT6111 IMT6121 IMT6131 IMT6141 IMT6151 IMT6161 IMT6171 IMT6181 IMT6191 IMT6201 IMT6211 IMT6221 Table 1: List of proposed 6000 level courses. Course name Ethics and Legal Aspects of Scientific Research Methodology of Scientific Research Probability and Statistics Computational Methods and Complexity Discrete Mathematics Pattern Recognition Computational Intelligence Biometrics Digital Forensics Advanced Graph Theory and Combinatorics Error Correcting Codes Wireless Network Security Computation in Number Theory and Elliptic Curves Foundations of Cryptography Dynamics of Computer Security Incident Response Teams Game Theory Uncertainty Artificial Intelligence and Intrusion Detection Cryptographic Primitives Design and Analysis of Cipher Systems Network Security Advanced Topics of Machine Intelligence the courses support the different research areas. Detailed course descriptions can be found in appendix B. It is important to note that these are stuffed courses and targetted at PhD students, meaning that courses where the content include some topics typically found at a lower educational level (such as IMT6041 and IMT6051), the amount of material included is significantly larger than a what an lower-level course would include. The textbooks chosen are also typically not used at a lower-level. All courses are five credits, making room for six courses in this educational section of the PhD programme. 1.8 Research environment Research in information security is by its very nature not bound to strict subdisciplines in computer science and mathematics but rather can be thought of as a set of cross- 10

18 Table 2: Courses linked to research areas. Course code ISM SS CR NS PRIV AF IWCIP CP DC IMT6011 X X X X X X X X X IMT6021 X X X X X X X X X IMT6031 X X X X X X X X X IMT6041 X IMT6051 X X X X X X X X X IMT6061 X X X IMT6071 X X X IMT6081 X X X IMT6091 X IMT6101 X X X IMT6111 X IMT6121 X IMT6131 X IMT6141 X X IMT6151 X IMT6161 X X IMT6171 X IMT6181 X IMT6191 X IMT6201 X IMT6211 X IMT6221 X X 11

19 cutting questions which draws on a large number of sub-fields for both the identification of research questions and for ultimately addressing those questions. This cross-cutting and at times interdisciplinary research field (as described earlier, information security research may require elements of fields as disparate as organizational psychology and statistical physics) also, however, implies that it cannot be captured adequately by a single faculty member or even a small group of faculty members. In order to be able to provide a rich environment in which such questions can be pursued adequately, it is therefore imperative to have a sufficiently large and diverse faculty, which will be capable of covering the core areas of information security on one hand and, through their national and international networks, be able to draw upon specialists in ancillary areas in the pursuit of individual research questions. It should be noted that the information security faculty at GUC is already one of the largest such academic groups worldwide; even though several other groups may have more faculty listing an interest in information security, they tend not to be devoted to it on a full-time basis. This combination of a sizable faculty and a wide-ranging international network (see also section 4.2) provides a fertile ground for PhD (and also MSc) students wishing to pursue either independent research strands or choosing a research topic guided by the long-range research arcs of individual faculty members. More important, however, is the fact that the doctoral students themselves form a critical mass of research interest that engenders cross-fertilization in the form of reading groups, informal and formal seminars and collaborative research. This mutual support extends not only to the investigation of relevant research but also to the vetting and critical review of ideas and concepts and, together with the guidance and support from supervisors and other faculty members is a key component in the matrix of the research environment. While some research is best conducted in the form of individual investigations, it will frequently be beneficial to form collaborations with other researchers and research groups in order to be able to address more complex issues that would be beyond the abilities and resources of an individual doctoral student or even a local group. Where possible, we therefore encourage collaborations and participation in international networks, whether in the form of formal projects or more ad hoc exchanges. Moreover, these activities, along with attending relevant workshops and conferences and exchanges with other facultes serve a dual purpose in exposing doctoral students not only to different cultures but also to different research cultures, which is a key qualification in an environment in which collaborative, trans-national research is of increasing importance not only in the academic realm but also rapidly becoming the norm in other areas, including industrial research. The latter aspect of research cultures (as opposed to national cultures a student may be exposed to in the course of a visit to a partner university) also elucidates another aspect 12

20 of the environment to which doctoral students are to be exposed. There is a significant difference along the spectrum from purely academic, often solitary investigations to the type of large-scale applied research more commonly found in government facilities and industrial research and development. Where possible, students are therefore exposed to several of these operational styles. The insight into these styles along with their matching of a student s research interests and personality may prove valuable in its own right in their subsequent careers. 13

21 2 NISlab The information security group at GUC is the Norwegian Information Security laboratory, NISlab 1. The group conducts international competitive research in several areas of information security, supervises PhD research projects in this field and teaches courses in information security at the master and bachelor level. Activities related to information security at GUC were initiated in spring 2001 in reaction to a request by the major norwegian telephone company Telenor that is having a high demand of experts with background in various areas of information security. In the course of a pilot study, great demands were also recognized in the other Norwegian companies. Subsequently, the project for establishing a program Master of Science in Information Security at GUC was launched in 2002 and successfully finalized with the NOKUT accreditation in August The project received strong financial and personal support from norwegian industries mainly Telenor, Norsk Tipping, PricewaterhouseCoopers, Thales, DnB NOR and Sparebanken Hedmark. NISlab is remaining its strong and important link to industry via the Bluelight network 2 that was established in NISlab people At NISlab, the core faculty behind the PhD program is eleven faculty members of which eight have full-time and three have adjunct positions (table 3 and 4). Out of the eleven faculty members behind the programme, seven are professors (five of them have fulltime positions and two are adjunct.) In addition, there are four associate professors 3 (three full-time and one adjunct). People-wise this computes to a professor ratio of 64% while position-wise the same ratio is 63%. Other supporting faculty members and adjunct faculty in the information security discipline are shown in table 5. Further nine positions for research fellows are installed at NISlab due to the successful acquisition of founded research projects (compare section 2.3). These fellows conducted their PhD-research project with NISlab, but receive their PhD courses and promotion at another institution in Norway or even abroad. Current research fellows / PhD students are listed in table 6. Graduated research fellows / PhD students who have been supervised by NISlab faculty are listed in table Note that these positions relate to førsteamenuensis, the Norwegian term for a research associate professor, which is qualified for supervising PhD students. 14

22 Table 3: Ratio Professor / Associate professor. Position full-time adjunct total number Professors Associate professors Faculty members Table 4: Core faculty involved in the PhD programme. Name Position / (Add. Affiliations) Profile Slobodan Petrović Professor - SS, CR, NS Einar Snekkenes Professor - ISM, SS, CR, NS Chik How Tan Professor (NTU, Singapore) CR, NS Stephen D. Wolthusen Professor (RHUL, Fraunhofer) SS, NS, AF, IWCIP, CP Christoph Busch Jan A. Audestad Jose J. Gonzalez Katrin Franke Patrick Bours Erik Hjelmås Lasse Øverlier Professor (HDA, Fraunhofer) Professor (20%) (Telenor, NTNU) Professor (20%) (HiA) Associate professor - Associate professor - Associate professor - Associate professor (20%) (FFI) SS, CP NS, IWCIP ISM, IWCIP SS, AF SS, CR SS PRIV Table 5: Other supporting faculty members and adjunct faculty at NISlab. Name Position Profil Tor Arne Folkestad Assistant professor in charge of BSc InfoSec Espen Torseth Assistant professor (20%) perimeter security Morten Schjelderup Lecturer (20%) security management Roger Johnsen Military officer information warfare 15

23 Table 6: Current research fellows / PhD students. Name Profil Start Est. finish Supervisor(s) Geir Olav Dyrkolbotn SS Snekkenes Nils Kalstad Svendsen IWCIP, NS Wolthusen / Audestad Lasse Øverlier PRIV, NS Snekkenes Kirsi Helkala SS Snekkenes Davrondzhon Gafurov SS Snekkenes Janne Hagen ISM Snekkenes Vitaly Pavlenko ISM Snekkenes Frode Gilberg ISM Snekkenes / Petrović Knut Wold SS, CR Tan NN AF Franke NN SS Busch Table 7: Previous research fellows / PhD students. Name Profil Institution Year Supervisor Hanno Langweg SS University of Bonn 2007 Snekkenes 2.2 Core tenure faculty In order to gather the necessary knowledge and top-notch-research competence of different information security areas it was essential to establish a core faculty with members from different educational, research and industrial background. The members of NISlab were chosen according to the following requirements: Proven excellence in relevant research, Sound educational background and records, Didactic abilities, Industrial and / or International collaborations. The best possible partners who meet these criteria cannot be found in Norway alone, therefore it was decided to establish a faculty with members from abroad. Nine of the eleven core faculty members received their higher education or conduced research in at least one further country outside Norway. Four of them were / are affiliated with universities in the USA or United Kingdom that are considered to be at the highest international level. In the short- and long-term perspective, NISlab is gaining from these international experiences, especially when setting up and conducting research, developing teach- 16

24 ing courses and through international collaboration and exchange. Exemplarily mentioned be Professor Chik How Tan who had his paper Analysis of Improved Signcryption Scheme With Key Privacy [30] appear among the top 25 hottest articles in Information Processing Letters in July - September Professor Einar Snekkenes raised founded research projects yielding to five research fellow / PhD student positions at NISlab. PhD-student Lasse Øverlier got his paper Locating Hidden Servers [26] accepted at the 2006 IEEE Symposium on Security and Privacy where the acceptance rate was 12.7%. Another example is the Master student Anders Wiehe who got his paper Quantitative Analysis of Efficient Antispam Techniques [38] together Erik Hjelmås and Stephen D. Wolthusen nominated for best paper award at the Seventh Annual IEEE SMC Information Assurance Workshop (2006). And, Master student Tarjei Mandt got his paper Certificateless Authenticated Two-Party Key [17] together with Chik How Tan accepted at 11th Annunal Asian Computing Science Conference (2006) where the acceptance rate was 23%. All core faculty members with their specific competencies, which are essential for the PhD program are shown in table 4. A short biography of each of the core faculty members together with maximal five relevant publications accompanied with the corresponding research profile is given below. Slobodan Petrović received his BSc, MSc and PhD degrees from Faculty of Electrical Engineering, University of Belgrade, Serbia in 1986, 1989, and 1994, respectively. From 1986 to 2000 he was working in Instute of Applied Mathematics and Electronics, Belgrade, Serbia as a researcher, project manager and head of Department of analysis and synthesis of data protection systems. At the same time, Dr Petrovic participated in various computer science and artificial intelligence research projects at the Mathematical Institute, Belgrade, Serbia. From 2000 to 2004 he was with Department of Information Theory and Coding, Institute of Applied Physics, Madrid, Spain, where he participated in two research projects regarding cryptology and intrusion detection systems. In 2004 he joined Gjøvik University College, where he is a professor of information security at NISlab, Department of Computer Science and Media Technology. He is currently teaching Cryptology and Intrusion Detection and Prevention at the Master s level at Gjøvik University College. His research interests include cryptology, intrusion detection and prevention, pattern recognition and combinatorial optimization. He published more that 25 papers in prestigious international journals and conferences. Prof. Petrović is a member of International Association for Cryptologic Research (IACR) and the Spanish-Iberoamerican Cryptologic Research Network (CRIPTORED). Selected publications (with the corresponding categories): [SS] SEEBERG, V. E., AND PETROVIĆ, S. A new classification scheme for anonymization of real data used in ids benchmarking. In Proceedings Second International Conference on Availability, Reliability and Security (ARES 2007) (to appear) (2007). 17

25 [CR] BOJANIĆ, S., CAFFARENA, G., PETROVIĆ, S., AND NIETO-TALADRIZ, O. FPGA for pseudorandom generator cryptanalysis. Microprocessors and Microsystems 30, 2 (Mar. 2006), [CR] PETROVIĆ, S., AND FÚSTER-SABATER, A. Clock control sequence reconstruction in the ciphertext only attack scenario. In Proceedings of the 6th International Conference on Information and Communications Security (ICICS 2004), Málaga, Spain, October (Berlin, Germany, Oct. 2004), vol of Lecture Notes in Computer Science, Springer-Verlag, pp [NS] ÁLVAREZ, G., AND PETROVIĆ, S. A new taxonomy of web attacks suitable for efficient encoding. Computers and Security 22, 5 (2003), [CR] GOLIĆ, J., AND PETROVIĆ, S. Correlation attacks on clock-controlled shift registers in keystream generators. IEEE Transactions on Computers 45, 4 (1996), Einar Snekkenes received... Selected publications (with the corresponding categories): todo... Chik How Tan received the B.Sc. (Honours) degree in mathematics from National University of Singapore in 1984, the M.Sc. degree and Ph.D. degrees in mathematics from the University of Wisconsin-Madison, USA in 1990 and 1992 respectively. He is a professor of information security at faculty for computer science and media technology, Gjøvik University College. From January 2004 to July 2005, he was an associate professor at school of electrical and electronic engineering, Nanyang Technological University (NTU), Singapore and as an assistant professor from September 2000 to December Prior to joining NTU, he worked in DSO National Laboratories, Singapore for more than twelve years in Information Security. He has more than twelve years of working experience in cryptography, wireless communication security and network security. His working experiences include research, design and development of secure communication systems and secure information system, and projects management. he was also a security consultant to DigiSafe Pte Ltd, Singapore from January 2001 to July Furthermore, he was also a Director of the Centre for Information Security at NTU from 1 Apr 2003 to 31 Mar His current research interests include cryptography, wireless communication security, network security and security engineering. Prof. Chik How Tan is an affiliated member of IEICE, a committee member of National Grid Initiative Security Working Group, Singapore from Aug 2003 to Aug 2005, a committee member of A*STARÕs (in Singapore) Thematic Strategic Research Programme in Information Security in Selected publications (with the corresponding categories): 18

26 [CR] TAN, C. H. Signature scheme in multi-user setting. IEICE Transactions on Fundamentals E89-A, 1 (May 2006), [CR] TAN, C. H. Analysis of improved signcryption scheme with key privacy. Inf. Process. Lett. 99, 4 (Aug. 2006), [CR] TAN, C. H., YI, X., AND SIEW, C. K. New signature schemes based on 3rd order shift registers. IEICE Transactions on Fundamentals E85-A, 1 (Jan. 2002), [NS] TEO JOSEPH, C. M., AND TAN, C. H. Authenticated Dynamic Group Key Agreement for Autoconfigurable Mobile Ad Hoc Networks. IEICE Trans Commun E89-B, 9 (Sept. 2006), [NS] YI, X., SIEW, C. K., TAN, C. H., AND YE, Y. A secure conference scheme for mobile communications. IEEE Transactions on Wireless Communications 2, 6 (Nov. 2003), Stephen D. Wolthusen received a degree in computer science (Dipl.-Inform. (TU)) in 1999, and his Ph.D. (summa cum laude) in theoretical computer science in 2003, both from the Technical University Darmstadt, Germany. From 1999 to 2005 he was with the security technology department at Fraunhofer-IGD, first as a member of the academic staff and then as Deputy Division Chief; he retains an affiliation with the institute as senior scientist in the same department. Since 2006 he also holds an appointment on the faculty of the Department of Mathematics in the Information Security Group at Royal Holloway, University of London, UK. In 2005 he was appointed as Associate Professor at Høgskolen i Gjøvik and was promoted to Professor in He is the author of several books, has edited multiple conference proceedings volumes and also holds several German and international patents. His current research interests are the application of formal methods to the modeling and simulation of critical infrastructures, host and network forensics, and network security, particularly tactical and MANET security. Prof. Wolthusen is vice chair of the IEEE Task Force on Information Assurance, a member of the IEEE Standardization Committee on Information Assurance, and a member of IEEE, ACM, the German Gesellschaft für Informatik, and the American Mathematical Society and is initiator and inaugural program chair of two IEEE conference series on information assurance and on critical infrastructure protection. Selected publications (with the corresponding categories): [CP] ARNOLD, M., SCHMUCKER, M., AND WOLTHUSEN, S. D. Techniques and Applications of Digital Watermarking and Content Protection. The Artech House Computer Security Series. Artech House, Norwood, MA, USA,

27 [AF] WOLTHUSEN, S. D. Molehunt: Near-line semantic activity tracing. In Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop, United States Military Academy (West Point, NY, USA, June 2005), IEEE Press, pp [IWCIP] WOLTHUSEN, S. D. Modeling critical infrastructure requirements. In Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, United States Military Academy (West Point, NY, USA, June 2004), IEEE Press, pp [NS] DAHL, O. M., AND WOLTHUSEN, S. D. Modeling and execution of complex attack scenarios using interval timed colored petri nets. In Proceedings of the Fourth IEEE International Workshop on Information Assurance (IWIA 2006) (Royal Holloway, UK, Apr. 2006), IEEE Press, pp [IWCIP] SVENDSEN, N. K., AND WOLTHUSEN, S. D. Multigraph dependency models for heterogeneous critical infrastructures. In Proceedings of the First Annual IFIP WG International Conference on Critical Infrastructure Protection (to appear) (2007). Christoph Busch received... Selected publications (with the corresponding categories): todo... Jan A. Audestad received... Selected publications (with the corresponding categories): todo... Jose J. Gonzalez received... Selected publications (with the corresponding categories): todo... Katrin Franke received a diploma in electrical engineering from the Technical University Dresden, Germany in 1994 and her Ph.D. in artificial intelligence from the Groningen University, The Netherlands in From she was with the department of security technology at Fraunhofer IPK. The institute belongs to the Fraunhofer Society, a non-profit organization, conducting applied research on behalf of industrial and governmental entities. Since 1996 she has worked as a project manager, in charge of founded research and industrial projects. These projects have brought forth software modules and software systems, now operating in banks in Germany, the United Kingdom, South Africa and Jamaica as well 20

28 as in forensic laboratories in Germany. In January 2007 she joined the Norwegian Information Security Laboratory at Gjøvik University College and is now holding the position of an associate professor in information security. She is conducting teaching and research mainly in the fields of computational forensics, biometrics, document and handwriting analysis, computer vision and computational intelligence. Dr. Katrin Franke is a member of the World Federation on Soft Computing (WFSC), the International Association of Pattern Recognition (IAPR-TC11) and the International Graphonomic Society (IGS). She has published several scientific journal articles, peerreviewed conference papers and edited books. Selected publications (with the corresponding categories): [AF] SCHOMAKER, L., FRANKE, K., AND BULACU, M. Using codebooks of fragmented connected-component contours in forensic and historic writer identification. Pattern Recognition Letters 28, 6 (2007), [AF] FRANKE, K., AND SCHOMAKER, L. Robotic writing trace synthesis and its application in the study of signature line quality. Journal of Forensic Document Examination 16, 3 (2004), [SS] K. FRANKE, J. R. D. S., AND KÖPPEN, M. Soft biometrics: Soft computing for biometric applications. International Journal of Fuzzy Systems 4, 2 (2002), [SS] FRANKE, K., ZHANG, Y.-N., AND KÖPPEN, M. Static signature verification employing a kosko-neuro-fuzzy approach. In AFSS (2002), N. R. Pal and M. Sugeno, Eds., vol of Lecture Notes in Computer Science, Springer, pp [AF] FRANKE, K., AND KÖPPEN, M. A computer-based system to support forensic studies on handwritten documents. IJDAR 3, 4 (2001), Patrick Bours received his MSc degree in Mathematics from the Eindhoven University of Technology in 1990 and his PhD degree in Mathematics from the same univerisity in He holds a postdoc and an associate professor position at the information security section of Gjøvik University College. His responsibilities include teaching an authentication course and performing research. His currect project is entitled "Authentication in a Health Service Environment". Before this he worked for 10 years for the Netherlands National Communication Security Agency as a policy member in the area of cryptology. Selected publications (with the corresponding categories): [SS] GAFUROV, D., SNEKKENES, E., AND BOURS, P. Gait authentication and identification using wearable accelerometer sensor. In Proceedings of the IEEE Workshop on Automatic Identification Advanced Technologies (AutoID 2007) (to appear) (2007). 21

29 Erik Hjelmås received the B.Sc. degree in computer science from Hedmark University College in 1994 and the M.Sc. degree in information science from the University of Pittsburgh in After joining Gjøvik University College in 1996 he also joined the University of Oslo 1997 as a research scholar leading to the Dr.scient. degree in informatics in He is an associate professor (førsteamanuensis) of computer science at faculty for computer science and media technology, Gjøvik University College, conducting teaching and research in system administration and information security with a focus on practical aspects. He is the primary author of the widely cited journal paper Face Detection: A Survey, (Computer Vision and Image Understanding, 83:3, 2001) and has published six other refereed international publications. His specific research areas of interest are mainly system administration and security, but also identity management, authentication and biometrics. Dr. Hjelmås is the recipient of Kallerudprisen 2006 for innovation and value creation in the Gjøvik region. He is a member of AAAI. Selected publications (with the corresponding categories): [ISM] HJELMÅS, E., AND WOLTHUSEN, S. D. Full-spectrum information security education: Integrating B.Sc., M.Sc. and Ph.D. programs. In submitted to InfoSecCD 06 (2006), pp. x x. [NS] WIEHE, A., HJELMÅS, E., AND WOLTHUSEN, S. D. Quantitative analysis of efficient antispam techniques. In Proceedings from the Seventh Annual IEEE SMC Information Assurance Workshop, United States Military Academy, West Point, NY, USA, June (West Point, NY, USA, June 2006), IEEE Press, pp Accepted for publication. [SS] KOSMERLJ, M., FLADSRUD, T., HJELMÅS, E., AND SNEKKENES, E. Face recognition issues in a border control environment. In Proceedings of Advances in Biometrics, International Conference, ICB 2006, Hong Kong, China, January 5 7 (2006), D. Zhang and A. K. Jain, Eds., vol of Lecture Notes in Computer Science, Springer, pp Lasse Øverlier received... Selected publications (with the corresponding categories): todo International research context As indicated in section 1.8, research in information security is an inherently crosscutting field which also affords rich opportunities for international collaboration both 22

30 in the core information security area and also in pulling together research areas both within the disciplines of mathematics and computer science and beyond (e.g. biological and medical sciences in case of biometrics or electrical engineering and applied physics for investigating the tamper-resistance of cryptographic devices). The breadth of experiences required to tackle some of these fascinating research topics is unlikely to be possible to assemble at the national level, let alone at one single college or university: Even though GUC does not have the natural sciences faculty and faciltiies at its disposal, it is well positioned to take advantage of the international network of its faculty members to provide a much broader basis for such joint research than would even be feasible at a large research university. Several faculty members have been involved or even leading large-scale collaborative research projects involving academic, government, and industrial entities in Europe, the U.S. and Canada, and also in Japan and South Korea and have also spent time as visiting professors or scientists overseas, establishing strong collaborative networks as elaborated in section 4.2. Given that such collaborations are viable (and valuable) only among equals, the requirement for conducting research relevant and of sufficient quality to merit interest at an international level is to be taken as a given; indeed all faculty members routinely publish in highly relevant international channels for their respective areas of specialization and in some cases are also editors and program committee chairs for several of these channels. Networks also afford visits by both doctoral students and researchers to other research laboratories and university departments and vice versa; this may be the case for both longer-term visits and short-term, more intense workshop-type events focused on obtaining strategically relevant outcomes or joint research. In addition, the establishment of the Norwegian Information Security Lectures provides a forum for exposing students and faculty alike to new research and ideas, providing an additional valuable source of inspiration. The precise mechanics of this international exchange of ideas and conduct of research at levels that is in itself internationally relevant can take several forms; typically some form of third-stream income may be required for such efforts. This can e.g. take the form of national research grants that involves the participation of researchers from other countries, but more importantly can also include the funding instruments made available through both the European framework programs (i.e. FP7 for the 7-year period beginning in 2007), particularly its ICT and Security aspects and also through the European Research Council (ERC) currently in formation. The instruments available under these programs each have different objectives, but all instruments include stronger networking and collaboration among European academics (and in many cases also with research and applied research in industry and government) as part of their core objectives. Several faculty members have been or are currently involved in EU-funded activities, 23

31 including networks of excellence (e.g. the ECRYPT network of excellence) and integrated projects (e.g. the 3D FACE project). Beyond these activities, which, although lasting several years in many cases, are temporally limited, a key strength of the group is the fact that several faculty members (in addition to the Professor II faculty at the national level) hold dual international appointments and have ties to other internationally renowned research institutions. As described in section 4.2, Christoph Busch holds a dual appointment at Hochschule Darmstadt in Germany and Stephen Wolthusen also holds a dual appointment at Royal Holloway, University of London, UK. Moreover, both Dr. Busch and Dr. Wolthusen retain an affiliation with the Security Technology Department at Fraunhofer-IGD, a German national applied research laboratory of the Fraunhofer Society. 24

32 Figure 2: Recruitement to PhD programme. 3 Related programmes/activities at GUC Gjøvik University College has offered undergraduate education in computer science since 1975, and general technical/engineering education since the campus was constructed in The current state of relevant study programs for the PhD program is shown in figure 2. The primary internal source of recruitment to the PhD program is of course the masters program in information security, but students might just as well enter the program from media technology. Table 8 shows number of graduated master students from these programs. It is important to note that most PhD students currently at NISlab are recruited from other institutions. Only Frode P. Gilberg is recruited from GUCs own programs. However, during the last rounds of PhD grants that were awarded there four other applicants from GUCs own programs. PhD students who arrive at NISlab will get the feeling that they are entering an active and creative research environment. Gjøvik University College is a small institution and 25

33 Table 8: Number of graduates from GUCs master programs. Study program MSc Information Security N/A MSc Media Technology cannot offer all the advantages of a large university, but all the primary characteristics of a good research environment are present as explained in the following sections. 3.1 Cooperative environment PhD students make good use of the entire research group NISlab. Good examples of this are joint publications such as [1] GAFUROV, D., HELKALA, K., AND SØNDROL, T. Biometric gait authentication using accelerometer sensor. Journal of Computers 1, 7 (2006). [2] GAFUROV, D., HELKALA, K., AND SØNDROL, T. Gait recognition using acceleration from MEMS. In Proceedings of The First International Conference on Availability, Reliability and Security (ARES 2006) (2006), pp where Gafurov and Helkala are PhD students and Søndrol is a master student. An important fact here is that several master student have been successful at publishing papers based on their thesis, thus are at a scientific level where they are good resources for PhD students: [1] DAHL, O. M., AND WOLTHUSEN, S. D. Modeling and execution of complex attack scenarios using interval timed colored petri nets. In Proceedings of the Fourth IEEE International Workshop on Information Assurance (IWIA 2006) (Royal Holloway, UK, Apr. 2006), IEEE Press, pp [2] GAFUROV, D., SNEKKENES, E., AND BUVARP, T. E. Robustness of biometric gait authentication against impersonation attack. In OTM Workshops (1) (2006), Lecture Notes in Computer Science, Springer, pp [3] KOSMERLJ, M., FLADSRUD, T., HJELMÅS, E., AND SNEKKENES, E. Face recognition issues in a border control environment. In Proceedings of Advances in Biometrics, International Conference, ICB 2006, Hong Kong, China, January 5 7 (2006), D. Zhang and A. K. Jain, Eds., vol of Lecture Notes in Computer Science, Springer, pp [4] MANDT, T. K., AND TAN, C. H. Certificateless authenticated two-party key. In 11th Annunal Asian Computing Science Conference (ASIAN06), (to appear) (2007), vol. 4xxx of Lecture Note in Computer Science, Springer Verlag. 26

34 [5] SEEBERG, V. E., AND PETROVIĆ, S. A new classification scheme for anonymization of real data used in ids benchmarking. In Proceedings Second International Conference on Availability, Reliability and Security (ARES 2007) (to appear) (2007). [6] WIEHE, A., HJELMÅS, E., AND WOLTHUSEN, S. D. Quantitative analysis of efficient antispam techniques. In Proceedings from the Seventh Annual IEEE SMC Information Assurance Workshop, United States Military Academy, West Point, NY, USA, June (West Point, NY, USA, June 2006), IEEE Press, pp Accepted for publication. where Dahl, Buvarp, Kosmerlj, Fladsrud, Mandt, Seeberg and Wiehe are master students. The second entry is also an example of a joint publication between a professor (Snekkenes), a PhD student (Gafurov) and a master student (Buvarp). We have also had master students publish a paper based on course work within the masters program (not based on their thesis): [1] HASLE, H., KRISTIANSEN, Y., KINTEL, K., AND SNEKKENES, E. Measuring resistance to social engineering. In Information Security Practice and Experience: First International Conference, ISPEC 2005, Singapore, April (2005), vol of Lecture Notes in Computer Science, Springer, pp And of course we have examples of joint faculty publications with or without PhD students (in addition to the examples listed among the master students): [1] GAFUROV, D., SNEKKENES, E., AND BOURS, P. Gait authentication and identification using wearable accelerometer sensor. In Proceedings of the IEEE Workshop on Automatic Identification Advanced Technologies (AutoID 2007) (to appear) (2007). [2] HJELMÅS, E., AND WOLTHUSEN, S. D. Full-Spectrum Information Security Education: Integrating B.Sc., M.Sc., and Ph.D. Programs. In Proceedings of the Third Annual Conference on Information Security Curriculum Development (ACM InfoSecCD) (Kennesaw, GA, USA, 2006), ACM Press, pp Internal seminars and meetings At NISlab we have formal meetings once a week (usually Friday mornings) where we have every second week scientific or administrative topics. These scientific topics are part of what we call Graduate seminars and announced with published lecture notes on our web pages. In total we have the following series of scientific seminars and meetings: Norwegian Information Security Lectures A loose series of seminars by national and international researchers in the field of information security 27

35 Graduate Seminar General seminar for NISlab faculty and graduate students, typically at the Ph.D. level Industry Seminar Presentations by companies addressing recent technology or methodology advances in their products Ad hoc Seminars and Reading Groups Typically organized in response to a perceived need in a research field of interest to several graduate students and/or faculty members An overview of previous and upcoming seminars can be seen on our webpage: Key faculty outside NISlab Information security is inter-disciplinary, and support from other academic disciplines are often needed. Some of the key people and their research areas are listed in table 9. Førsteamanuensis Ole Lund and førstelektor Frode Volden from the Media Design group have already been involved in several master thesis projects, both on usability aspects of security and on design of questionaires and experiments. Professor Rune Hjelsvold in Media Technology have valuable background in multimedia, databases and XML, and is a key person when it comes to topics like database security and digital rigths management systems. In the faculty of engineering there is a strong group on Geographical Information Systems, especially represented by førsteamanuensis Erling Onstein and førsteamanuensis Rune S. Ødegård who have shown interest in quality and security of geographical data in recent years. In addition (as you can see from the rest of table 9) Gjøvik University College has a large group of highly competent faculty in signal and image processing, pattern recogntion and related areas. One of the current PhD students at NISlab, Geir Olav Dyrkolbotn, cooperated with førsteamanuensis Arne Wold recently on analyzing data from experiments with smart cards. 28

36 Table 9: Supporting faculty relevant for the PhD programme. Name Position Comment Ole Lund Associate professor Usability Frode Volden Associate professor Usability Rune Hjelsvold Professor Media technology Jon Yngve Hardeberg Professor Signal and image processing Faouzi Alaya Cheikh Associate professor Signal and image processing Erling Onstein Associate professor Geo. information systems Rune S. Ødegård Associate professor Geo. information systems Ivar Farup Associate professor Physics/Image processing Are Strandlie Associate professor Physics/Pattern recognition Arne Wold Associate professor EE/Signal processing Vegar Johansen Associate professor EE/Image processing Øyvind Kolås Lecturer Open source 29

37 4 National and international networking 4.1 National networks Over the last five years Gjøvik has grown into the role as the town everyone talks about in Norway when it comes to information security, and information security is stated as one of the seven key areas in the Norwegian governments plan for Inner Norway towards 2010 [2]. When the information security activities at Gjøvik University College and Gjøvik Science Park (Gjøvik Kunnskapspark) got started in 2001, the key regional and national companies providing financial and scientific support was Telenor, Norsk Tipping, Thales, PricewaterhouseCoopers, DnB NOR and Sparebanken Hedmark. These companies (together with NISlab and Gjøvik Science Park) formed the basis of what is now known as the Bluelight network [6], operated from Gjøvik Science Park. The Bluelight network is an innovation cluster of more than 40 companies with strong interests in information security. NISlab through Erik Hjelmås is part of the steering committee. Together with other key companies and institutions in ICT in Inner Norway the Bluelight network applied for status as National Center of Expertise (NCE) in A new NCE application is being prepared for In addition to Bluelight and NISlab (Gjøvik University College), Gjøvik (and campus Kallerud) is also the home of NorSIS The Norwegian Center for Information Security is a government funded unit of four full-time employees working on creating public awareness about information security. KiNS The information security network for municipalities in Norway has more than 100 members and its purpose is to contribute to improved information security in all municipalities and counties. Sector The Security Incubator in Gjøvik Science Park is a unit which helps everyone with a business idea in security to pursue and develop that idea into a company. It is one out of very few security focused incubators world-wide. Since 2003, we have had close cooperation with the Section for information technology and administrative systems (SITAS), Faculty of Law, University of Oslo in the course Legal aspects of information security in the masters program (specifically through professor Dag Wiese Schartum). We also have close ties to the army at Jørstadmoen (Lillehammer), through teaching and research collaboration. One of the army officers at Jørstadmoen, Major Roger Johnsen, head of the information security group, is a frequent guest lecturer at NISlab, and five of his officers have completed the masters program. Erik Hjelmås is Gjøvik University College representative in the Norwegian National Council for Computer Science (Nasjonalt fagråd for informatikk) and attends the annual Norwegian computer science conference (Norsk Informatikk konferanse) every 30

38 year. Patrick Bours is a frequent external examinor in information security at NTNU. Stephen D. Wolthusen has research collaborations with Lillehammer University College (critical infrastructure) and also with Sintef/Trondheim on an EU FP7 proposal. And of course, through our adjunct positions we have formal connections with NorSIS, FFI, NTNU, Telenor and Høgskolen i Agder. Since the rest of the national networking worth mentioning is naturally related to the only norwegian professor at NISlab it is described in the following section by itself National networks for Einar Snekkenes In the following, the term network is interpreted as the set of individuals and organizations with which there has been significant professional interactions. As a result of external activities the network is continuously expanded. The network currently consists of: past colleagues past contract research customers peers in various groups and committees colleagues from joint national and international projects peers at Norwegian colleges and universities peers at government and private research institutes past MSc and PhD students local community organizations Government organizations National interest groups and networks Past colleagues Dr Snekkenes has been active in ICT R&D from the mid eighties. He has been a researcher at the STK/Alcatel research center in Oslo, Norwegian Defence Research Establishment (Forsvarets Forskningsinstitutt) at Kjeller and as a research director at the Norwegian Computing Center (Norsk Regnesentral - NR). Many of the colleagues in these organizations have later moved on to other ICT R&D organizations, but this network has been maintained through joint R&D projects and annual informal gatherings. Telenor R&D being located next door to FFI, facilitated some additional contacts. 31

39 Past contract research customers Being responsible for information security and electronic commerce R&D project acquisition and delivery at NR, there were extensive interactions with many prospects and customers. In particular, dr Snekkenes has been working with financial sector organizations and other high value operations. Peers in various groups and committees Dr Snekkenes is and has been active in many different information security groups and committees. He has been appointed as a board member of the Norwegian Research Council (Forskningsrådet) ICT Security programme IKT SoS. Dr Snekkenes was the proposer and member of the Privacy (Elektroniske Spor og Personvern) initiative of Norwegian Board of Technology (Teknologirådet). Other appointments include FITS (Forum for IT sikkerhet), established by the Norwegian Department of Trade and Industry and the national defense crypto advisory group. Colleagues from joint national and international projects Dr Snekkenes has contributed to many national projects. While at FFI, there were many interactions with the national defense information security industry - most notably Thales and Kongsberg Defense Communications (KDC). Later, as a contributor to the BAS5 project, managed by FFI, contacts have been established with many of the government departments and the Critical Infrastructure players. Peers at at Norwegian colleges and universities Norwegian Computing Center is co-located with the department of Informatics (IFI) at Oslo University. Dr Snekkenes established contacts with their formal methods group, including participation in joint seminars. Dr Snekkenes has been working with several of the academic information security and crypto members of staff at Høgskolen i Agder (external examiner). Dr Snekkenes has informal interactions with the reliability group at University of Stavanger (paper exchanges), NTNU (external examiner), University of Tromsø(external examiner) and Section for Information Technology and Administrative Systems(AFIN), Faculty of Law, University of Oslo (Seminar contribution and a joint project). Past MSc and PhD students Dr Snekkenes has been supervising MSc students at Oslo University, and 30+ MSc students (as of 2006) at HIG. Some student projects have included cooperations with various parts of the police, the Department of Justice and the military. This network of past students is utilized when recruiting external examiners, and as useful contacts for the students working on MSc and PhD projects. Peers at government and private research institutes Dr Snekkenes has been interacting with much of the Norwegian ICT contract research community including SINTEF, Norwegian Computing Center and Norwegian Center for Telemedicine. 32

40 Local community organizations Dr Snekkenes has been interacting with staff at Gjøvik Science Park (GKP), NORSIS and various local businesses(information security and electronics). Government organizations Dr Snekkenes has been interacting with staff at Norwegian National Security agency (Nasjonal Sikkerhetsmyndighet - NSM), including NORCERT and several of the defense related organizations including the signals Lab at Jørstadmoen (supervising a PhD student). He has also been working with staff at the Data Inspectorate (Datatilsynet) and Direktoratet for sammfunnssikkerhet og beredskap (DSB). National interest groups and networks Dr. Snekkenes is participating in the Bluelight information security network and the ISF (IT- SikkerhetsForum) networks. 4.2 International research networks Slobodan Petrović is affiliated with the Institute of Applied Physics, Department of Information Theory and Coding of the Supreme Research Council of Spain through participation in various projects. He was a post-doctoral researcher in the same institution between 2000 and Prof. Petrović is also affiliated with the Carlos III University of Madrid through the research and teaching collaboration with the Information Security Group and the Department of Informatics. He is a member of the International Association for Cryptologic Research (IACR) and the Spanish-Iberoamerican Crypto Network (Criptored). Dr. Petrović is a reviewer or regular reviewer of several prestigious international journals and conferences, for example, IEEE Transactions on Vehicular Technology, Information Sciences, Australasian Conference on Information Security and Privacy, etc. Einar Snekkenes is an active member of the ESORICS (European Symposium On Research in Computer Security) network, both as a long running member of the steering committee, session chair, conference organizer, chairman of the programme committee and a regular member of the programme committee. He is also been a reviewer and member of the programme committee for the Nordsec conference several times and a reviewer and member of the 2007 ACM Conference on Computer and Communication Security. Dr Snekkenes has been a guest editor for the International Journal on Information Security. Dr. Snekkenes has been actively promoting the international profile of NISlab by recruiting and supervising PhD students from Russia and Tadjekistan. He has also recruited international external examiners for MSc thesis evaluation. Dr. Snekkenes has initiated several joint activities with FOI (Swedish Defence Research Agency) including project proposals, exchange of research reports and visits and coop- 33

41 eration with researchers at Karlstad University to establish a joint health/information security research project. He has has established a cooperation with Bonn University, on the supervision of a PhD student (Hanno Langweg). and has several links with NRL (Naval Research Laboratory, USA) including exchange of preprints and a 1 year visit by one of his PhD students (Lasse Øverlier. Dr. Snekkenes has been a member of a PhD examination board at Universite de Paris XI, U.F.R. Scientifique d Orsay. Dr. Snekkenes is a member of IEEE, IEEE Computer society, IEEE Reliability society and the ACM. Chik How Tan is a reviewer or regular reviewer of the several international journals which includes top-tier journals, for example, IEEE Transactions of Communications, IEEE Selected Areas on Communications (Special Issue), IEEE Transaction on Circuits and Systems Part I, IEEE Transaction on Circuits and Systems Part II, IEEE Communications Letters and Information Processing Letters. The other journals are Journal of Systems and Software, Information Science, Multimedia System, EURASIP Journal on Wireless Communications and Networking, International Journal of Information Technology and Journal of Communications and Networks. He also serves as a reviewer for many conferences, for example, Asiacrypt 2001, Cybersecurity 2003, ACM PE-WASUN 2005, PAKDD 2006 and SSN 2007 (part of 21st IPDPS). Dr. Tan is also co-supervising a PhD student in Nanyang Technological University, Singapore. Stephen Wolthusen also holds a joint appointment at both GUC and at the Information Security Group, Department of Mathematics at Royal Holloway, University of London (a college of the University of London, UK) and, in addition, is senior researcher with the Security Technology Department of the Fraunhofer-Institute IGD in Darmstadt, Germany Dr. Wolthusen currently coordinates the research activities of the ISG at Royal Holloway in a large, long-term (10 year) multi-university project on the future of military networks jointly funded by the UK Ministry of Defence and the U.S. Department of Defense, where his collaborators include researchers at the University of Maryland (College Park, MD, USA), Columbia University (NY, USA), IBM T.J. Watson Laboratories (Hawthorne, NY, USA), Roke Manor Research (Roke Manor, UK), the University of York (UK), Imperial College and University College (also University of London, UK), as well as researchers from the the UK Defence Science and Technology Laboratories and the U.S. Army Research Laboratory. Previously he acted as liaison between the Security Technolgy Department at Fraunhofer- IGD and the IGI Institute in Seoul, South Korea, a joint research establishment between Fraunhofer Society and the Ministry of Information and Communication of Republic of Korea after coordinating the inaugural research plans for the newly formed institute. 34

42 Dr. Wolthusen is a member of the IEEE and IEEE Computer Society and active within IEEE as the vice chair of the IEEE Task Force on Information Assurance and also as a member of the IEEE Standardization Committee on Information Assurance. In these roles he was initiator and inaugural program chair for the IEEE/ACM workshops International Workshops on Information Assurance (IWIA) and International Workshops on Critical Infrastructure Protection (IWCIP). Moreover, he is also a member of the Association for Computing Machinery (ACM), the American Mathematical Society (AMS) and the German Gesellschaft für Informatik (GI). Within GI, Dr. Wolthusen is on the executive committee of the special interest group on critical infrastructure protection (FG KRITIS) and inaugural program chair of the conference CIP Europe. Among the current research collaborators of Dr. Wolthusen are BA Systems (UK), the German Bundesamt für Sicherheit in der Informationstechnik (BSI), the Forschungsgesellschaft für Angewandte Naturwissenschaften (FGAN), ArmaSuisse and Swisscom (Switzerland), the University of Bonn and TU Darmstadt, Germany. Christoph Busch holds a joint appointment with Hochschule Darmstadt (a University of Applied Sciences in Darmstadt, Germany) in the Media department and is also affiliated with the Fraunhofer-Institute IGD in Darmstadt, Germany. Through his affiliation with Fraunhofer IGD, he is the chair of the working group on biometrics at the German standardization organization (DIN) and ex officio also the German representative in the ISO/IEC JTC1 SC37 biometrics committee. In addition, Prof. Busch is also chair of the biometrics working group of the TeleTrust Association, a German non-profit association active at both technical and policy levels. He is also current and founding member of the board of the CAST-Forum (the Competence Center for Applied Security Technology), also a German non-profit organization devoted to promoting research and education in information security along with technology transfer and networking between academia, industry, and government. Jan Arild Audestad TBA... Jose J. Gonzalez Jose J. Gonzalez is jointly with Dr. Eliot Rich and Dr. Guido Schryen chair of the minitrack Cyber Threats, Emerging Risks and Systemic Concerns at Hawaii International Conference on System Sciences (HICSS). The minitrack is on its third year. Dr. Gonzalez is also leader (jointly with Dr. Jose M. Sarriegi) of the Security Special Interest Group of the System Dynamics Society. The SIG was founded by Dr. Gonzalez in 2003 and it has resulted in an increasing interest in information security among system scientists with recent recognition in IEEEs Computer Magazine, November 2006 (Denis Trcek Security Models: Refocusing on the Human Factor. Computer, 39(11), ). 35

43 Dr. Gonzalez is project manager for several projects that involve international (and national networks). The AMBASEC-project, A Model-Based Approach to Security Culture, is founded by the Research Council of Norway. AMBASEC consists of postdoctoral and doctoral PhD research positions at Agder University College. AMBASEC is intertwined with SINTEFs IRMA-project - SINTEF being Scandinavias largest independent applied research institute. In addition to the collaboration with IRMA/SINTEF, the AMBASEC project involves researchers from the State University of New York at Albany. ISECBIDAT - Improving Security by Improving Data, is financed by the Research Council of Norway through the bilateral cooperation programme BILAT. Through ISECBIDAT collaborative agendas have been forged between three Norwegian institutions (Gjøvik University College, Agder University College, SINTEF) and four American institutions (State University of New York at Albany; CERT Coordination Center at Carnegie Mellon University; Argonne National Laboratories; Florida State University). As follow-up of ISECBIDAT research proposals for the SAMRISK-programme of the Research Council of Norway, for the EUs 7th Framework Programme, Security, and for USAs National Foundation Programme Cyber Trust will be submitted in 2007 and The security proposal targeting the EUs 7th Framework Programme will involve the following European institutions: Gjøvik University College, Agder University College, SINTEF, Tecnun at the University of Navarra, SEI Europe at Frankfurt, Josef Stefan Institute in Slovenia and Royal Holloway, University of London. Through funding from the Socrates programme Dr. Gonzalez is supervisor (jointly with Dr. Sarriegi) of a PhD student at Tecnun, University of Navarra. Katrin Franke is an active member of the World Federation on Soft Computing (WFSC), the International Graphonomic Society (IGS), the International Association for Pattern Recognition (IAPR), Technical Committee 11 Reading Systems and the IEEE Computer Society. >From she was a member of the World-Wide-Web Consortium (W3C) where she contributed to the international standardization of InkML, an Xml-application for handwriting data. She was the project coordinator of several German and international research projects and enjoyed collaborative projects with several industrial companies and governmental institutions. Since 2000 Katrin Franke has regularly written reviews for research organizations, scientific journals and international conferences, as, for example, the Netherlands Organization for Scientific Research (NWO, the Dutch Research Council), IEEE Journal on Pattern Analysis and Machine Intelligence (PAMI), International Journal for Document Analysis and Recognition (IJDAR). She is a member of several international program committees and is involved in the organization of international conferences on pattern recognition and computational intelligence. 36

44 Patrick Bours has supervised graduate and post-graduate students of Eindhoven University of Technology and is currently supervising an exchange student from Portugal who is doing his MSc thesis in biometrical authentication. He is also in contact with an international company called "Passfaces" to define future MSc projects. He has been a member of various international working groups of NATO and EU. Erik Hjelmås was a visiting research scholar for eight months at the Center for automation research, University of Maryland during his doctoral research. He has previous research collaborations with Dr. Boon Kee Low, University of Edinburgh, and is currently developing a joint research project with the privacy and security group at Karlstad University. Lasse Øverlier Lasse Øverlier was visiting researcher at the Naval Research Laboratory (Washington DC, USA) for a year ( ), working mainly together with Paul Syverson in Catherine Meadows group at Center for High Assurance Computer Systems, CHACS. He has previously also been technical manager and coordinator of several EU research projects within the ESPRIT Program cooperating with German, Greek, Italian, French, English and Dutch companies. He is also cooperating with researchers at NATO C3 Agency (NC3A) (The Hague, Netherlands) for common areas of interest within traffic flow confidentiality. 37

45 5 Infrastructure 5.1 Working environment and conditions Work space Every PhD student will have access to a work space. He/she will have a desk, chair and some storage room. PhD students that only are present part of the week can share a desk with other PhD students. Some PhD students will have an office of their own, while others share an office with one or two other people (either PhD students or permanent staff) Work equipment Every PhD student will have his own computer, either a desktop or a laptop, for his personal use. This computer will be equipped with standard software and more software can be installed by either IT department or by the student himself. All other equipment needed by the student must be applied for. A black-and-white printer is available on the network close to the offices. A colour printer is available on the network but a bit further away. A PhD student has a "personal" budget of NOK during his PhD studies to cover costs for buying special equipment, software, travelling, etc. All PhD students will have access to a phone in their office. Those who share a room will also share the phone. Other ordinary office equipment, like paper, pens, markers, paper-clips, scissors, staplers and perforating-machines, are readily available for all employees. Some of them are shared between all employees Laboratories and equipment PhD students have access to all laboratories and all equipment inside the laboratories. No distinction is made between PhD students and permanent staff. We have a flexible lab environment. The last few years it has mainly be used as an authentication lab, however it can easily be adjusted based on ongoing projects. Upcoming lab facilities are planned for forensics, sandbox and high performance computing environments HEVN One of the applications running on the network is called HEVN (Hvem-Er-hVor-Når). This is an electronic agenda that can be consulted by other employees from GUC. All PhD students are required to keep HEVN up to date to keep other colleagues informed about their whereabouts. 38

46 5.1.5 Other services PhD students can use the same services as all permanent staff. These services include a personnel room with daily newspapers, a kitchen with a coffee machine and a water boiler for tea, and special employees toilets. Furthermore can the PhD students use a fitness room and a table-tennis table for recreation. PhD students can, like the permanent staff, book meeting rooms when needed and use the full equipment that is available at GUC, like projectors. Furthermore they can when needed also order books or articles from the library. 5.2 Library resources The library serves the information and research needs of Gjøvik University College (GUC) community and supports international scholarly communication through its collections and services. Our primary goal is to support undergraduate and graduate education programs and deliver up-to-date library services to our users. However, we deliver library services to other users in Oppland and Hedmark regions Library Staff There are four librarians, one library assistant and two student assistants. Two librarians have master degrees in library and information science, two have bachelor degrees in library science Library collections The library collections encompass more than volumes, 500 serials and periodicals, 6365 e-journals and 15 databases. Library holdings include a variety of subject areas such as: civil and mechanical engineering, electrical and electronic engineering, communications technology, computer science, information technology, media technology, graphic design, nursing and allied health sciences, and radiology. The library holdings covering computer science and information technology is up-to-date and very satisfactory. Students and faculty members may recommend books and other materials for purchase Databases The library subscribes to a number of databases and electronic journals. Below are the databases relevant to computer science and media technology: 39

47 IEEE Xplore The database contains a comprehensive collection of full text documents, providing access to most highly cited journals in computer science, information technology, electrical engineering and electronics. It contains more than 1,000,000 documents and is updated weekly. ACM Digital Library and Guide The ACM Digital Library is a comprehensive collection of ACM publications online, including a 50 year archive of over 40 ACM journals, magazines, and peer-reviewed articles as well as ACM conference proceedings and ACM SIG newsletters. It contains over 1.4 million pages of text, with full-text articles from ACM publications dating back to the 1950s. SpringerLink Springer Link is one of the world s leading interactive databases for high-quality journals, book series, books and reference works. It covers a variety of subject areas including computer science. SpringerLink is a powerful central access point for researchers and scientists. Lecture Notes in Computer Science Online It contains full text conference proceedings. All volumes are published simultaneously in printed version and electronically, most of them in time for conferences. It contains over 35,000 papers written by over 50,000 individual scientists and professionals. ISI Web of Knowledge Institute for Scientific Information (ISI) database includes Science Citation Index Expanded, Social Sciences Citation Index and Arts and Humanities Citation Index. It is an integrated Web-based platform, provides high quality content and the tools to access, analyze, and manage research information. These tools include: cross-product searching, links to full text, citation alerts, personal journal lists, and personal bibliographic management. Academic Search Elite This multi-disciplinary database covers almost every area of academic study. More than 100 journals have PDF images back to This database is updated on a daily basis via EBSCOhost. It offers more than 2,000 serials in full text, including more than 1,500 peer-reviewed titles. HighWire Press (A division of the Stanford University Libraries) It hosts the largest repository of high impact, peer-reviewed content, with 1005 journals and 3,899,677 full text articles from over 130 scholarly publishers Library Website The library Website is designed to help students to find information about library hours, library instruction courses, information about general policies, interlibrary loan (ILL), information about writing techniques and documentation styles such as MLA, APA, Chicago, access to librarys database BIBSYS, access to subscribed and free databases, and e-journals. Students have access to library holdings through the library website whether they are at campus or at home. It is possible to search electronic sources such as e-books and full text journals off-campus by HTTP Proxy standard. 40

48 5.2.5 BIBSYS Bibsys database is the librarys online catalogue of holdings. It offers researchers and students at Norwegian universities and colleges easy access to library collections of member institutions via user friendly search interfaces, including ordering and borrowing functions Inter Library Loan (ILL) There is possibility of ILL when the library holdings are not sufficient in certain subjects. ILL service provides all students and the faculty members retrieval of items from other libraries free of charge including from libraries in other countries General research assistance The library plays an important role in improving the information literacy skills of both undergraduate and graduate students. The library staff provides research support to faculty members and graduate students. The librarian in charge of library tutorials is available to assist faculty and graduate students with their research questions and projects. All librarians provide hands-on instruction with the librarys online databases Library tutorials 1.Introduction to library resources: It is a basic introduction course to the library services, library website, the librarys database BIBSYS and a quick overview of databases, e-journals and e-books. 2.Literature search in BIBSYS and databases: How to search effectively in BIBSYS, how to find books, how to locate full text of specific journal articles, how to set up customized alert profiles. This course also covers writing techniques and documentation styles. 3.Database search skills: It is an advanced course that teaches more complex search techniques. It covers analysing the assignment topic, choosing an appropriate database, understanding the database structure, forming a search strategy, completing the search, evaluating the search results and its sources critically and using the information retrieved ethically and legally Research Documentation GUC Library uses Bibsys ForskDok database to register research done at our institution. 51 Norwegian institutions use ForskDok to document research and enable access to their research and development work. Researchers register their own work, however, librarians give assistance to those who need help. The library is responsible for quality control of data registered in ForskDok. 41

49 5.3 ICT services The department of IT services at GUC (ITGUC) provides services and offers support to all faculty, students and administrative personnel. Efficient and proper use of information technology is a key component of most activities in an institution of higher education. ITGUC is committed to making sure all users of IT services at GUC feel comfortable with the stability, availability, security and support of these services. IT- GUC has 10 employees and always a large group of student assistants affiliated with them General information about IT at GUC GUC have a high capacity internet link (redundant gigabit ethernet) to the norwegian ISP for all academia in Norway: UNINETT. UNINETT administrates a router at GUC as part of the UNINETT autonomous system. The internal network at GUC is based on high capacity link-layer switches (with wired gigabit links) and a large wireless network (captive portal access). The server infrastructure consists of a high capacity network attached storage (NAS) and a large set of physical and virtual servers running mostly GNU/Linux and Microsoft Windows. The physical infrastructure is carefully planned to be scalable and redundant in all components. ITGUC offers all users of GNU/Linux, Microsoft Windows and Macintosh computers support through (RT-based helpdesk system), phone and physical presence. ITGUC handles all purchase of ICT equipment, and manages all software licences. ITGUC also provides all the typical services offered in academic environments: printing, remote access (VPN), office phones, fax machines and audio-visual equipment in meeting rooms, classrooms and auditoriums ICT support for PhD students In addition to the general support all users need, PhD students typically require specific services to support their research activities. ITGUC offers proxy services (web browsing through proxy.hig.no), which is extremely useful for PhD students since it allows them to have remote access to library resources where access is restricted based on IP addresses (which is the case for many digital libraries such as IEEE and ACM) ITGUC maintains licences for bibliography software such as EndNote, and can arrange for support for PhD students in use of typical software for scientific writings such as LaTeX-based software packages. 42

50 Another commonly used IT service for PhD students is high performance computing (HPC). ITGUC does not currently have its own HPC environment, but always have powerful workstations available for PhD students. If necessay, ITGUC can support in getting access to the grid environment NorduGrid. ITGUC is also part of a joint application (together with the several faculty members in information security and engineering) for scientific equipment to the Norwegian Research Council for HPC hardware. ITGUC can also provide directly research-related support in terms of data collections and test environments. One recent such project was quantitative analysis of efficient antispam techniques which resulted in one of ITGUC employees publishing a paper (which was also nominated for best paper award) together with two faculty members in information security [38]. 5.4 General technical and administrative support PhD-students will be supported by GUCs administrative and technical support sections. Section of academic affairs is headed by a director of academic affairs and a staff of 17 administrative case officers. The section is organized in four different support teams. The Recruiting, marketing and information team provides GUC with professional support regarding recruiting of students and developing information brochures and pamphlets about GUCs programme of studies. This team is also editing GUCs WebPages and are responsible for public relations matters. The Registrars office is responsible for enrollment of students, exam plans, registering of student records and issuing diplomas. GUC uses FS (Felles Systemet) as database for keeping student records. PhD students will be registered in this system. GUC use ClassFronter as learning management system. The Student services team is organized with a front desk, as a first line services where all students can make enquiries and get support on all kinds of issues. Back office support teams also provides students support: Students counselling office, student health care office, student priest office, international office, dormitory services, day care centre etc. The Academic support team provides administrative support to GUCs faculties on quality assurance, developing of academic programmes and on research and development activities. 43

51 6 Quality assurance GUC has established a Research and Development counselling and advisory body that provides the college management with advice in all issues related to R&D. The body is also responsible for regulations and follow up actions regarding PhD-students enrolment and progress. More specific, GUC has developed an institutional Quality System (QS) which was accredited by the Norwegian Agency of Quality Assurance in Education (NOKUT) August NOKUT will do annual reaccreditation of GUCs quality system in approximately 6 year cycles. GUCs QS consists of a library of procedures, routines and regulations concerning academic and administrative activities at the college 4. For daily usage an online version was set up supporting employees and students in the implementation of the QS. Quality assurance routines concerning PhD-students will be included in the GUCs QS. In addition to the existing routines special regulations will be set up for PhD students. Level one of these regulations is the Norwegian law that applies to all Norwegian Universities and University Colleges 5. The next levels cover local regulations and consist of following elements: doctoral degree regulations, guidelines for PhD students, PhDstudent contract and mentoring. In more detail: Doctoral degree regulations for Gjøvik University College are attached in Appendix C. The document gives regulations on the application process, on registration and appointment of an academic advisor, the criteria for the research project, the theoretical syllabus and the disputation process. The document was approved by the board of Gjøvik University College on February 23rd, The document will be submitted to Lovdata 6 for registration within March Guidelines for PhD-students at Gjøvik University College are attached in Appendix C. The guidelines establish routines for the PhD-students-progress report and follow-up actions from GUC. Provided services and infrastructure such as office facilities and ICT facilities, funding of travels are also given in this document. PhD-student contract GUC establishes a signed contract with each PhD student stating the rights and the responsibilities for both parties. This contract is in addition to the employee contract and focuses on the PhD-student status. Regularities concern education and research aspects as for example ECTS courses to be taken, research topic, su- 4 G. Dæhlin, N. Rui (2006). Kvalitetssystem for GUC - Metodikk for systematisk utvikling av kvalitet i utdanningene ved høgskolen i Gjøvik, Versjon 1, Høgskolen i Gjøviks notatserie, 2006 nr 5, ISSN

52 pervising, conflict management and specific regularities on the exploitation of research results (Appendix C). Mentoring GUC installs mentoring for each PhD student. The mentor is supposed to be a discussion partner in terms of career planning and to serve as a negotiator in case of conflicts between the PhD student and the supervisor. 45

53 Nomenclature FFI HiA Forsvarets forskningsinstitutt (Norwegian Defence Research Establishment) Høgskolen i Agder (Agder University College) NTNU Norges teknisk-naturvitenskaplige universitet (The Norwegian University of Science and Technology) 46

54 Bibliography [1] 2005, S. C. C. Information technology 2005 (draft). Oct [2] 2010, I. Innlandet Feb [3] ANDERSON, R., AND MOORE, T. The economics of information security. Science 314, 5799 (2006), [4] BELL, D. E., AND LAPADULA, L. J. Secure computer systems: Mathematical foundations. Tech. Rep. MITRE Technical Report 2547, Volume I, MITRE Corporation, [5] BISHOP, M. Academia and education in information security: Four years later. In Proceedings of the 4th Colloquium for Information Systems Security Education (2000). [6] BLUELIGHT. Bluelight - enabling security business. Feb [7] BUSCH, C., FUNK, W., AND WOLTHUSEN, S. D. Digital watermarking: From concepts to real-time video applications. IEEE Computer Graphics and Applications 19, 1 (Jan./Feb. 1999), [8] CISR. Seventh workshop on education in computer security (wecs7). (Retrieved June ). [9] CISSE. Colloquium for information systems security education. Nov [10] CRANOR, L. F., AND GARFINKEL, S. Security and Usability: Designing Secure Systems that People Can Use. O Reilly, [11] DYRKOLBOTN, G. O., AND SNEKKENES, E. A wireless covert channel on smart cards. In Information and Communications Security, 8th International Conference, ICICS 2006, Raleigh, NC, USA, December 4-7, 2006, Proceedings (2006), Lecture Notes in Computer Science, Springer, pp [12] HARTVIGSEN, G. Forskerhåndboken. HøyskoleForlaget AS, [13] ISACA. Certification overview. Feb [14] JANSEN, A., AND SCHARTUM, D. W., Eds. Informasjonssikkerhet: Rettslige krav til sikker bruk av IKT. Fagbokforlaget,

55 [15] KNAPP, K. J., MARSHALL, T. E., RAINER, K. R., AND FORD, N. F. Information security: management s effect on culture and policy. Information Management & Computer Security 14, 1 (2006), [16] MACHONACHY, W. V., SCHOU, C. D., RAGSDALE, D., AND WELCH, D. A model for information assurance: An integrated approach. In Proceedings of the 2001 IEEE Workshop on Information Assurance and Security (2001), United States Military Academy, West Point. [17] MANDT, T. K., AND TAN, C. H. Certificateless authenticated two-party key. In 11th Annunal Asian Computing Science Conference (ASIAN06), (to appear) (2007), vol. 4xxx of Lecture Note in Computer Science, Springer Verlag. [18] MCCUMBER, J. Information systems security: A comprehensive model. In Proceedings of the 14th National Computer Security Conference (1991), pp [19] MCDANIEL, G. IBM dictionary of computing. McGraw-Hill, Inc., New York, NY, USA, [20] MEPHI. Ifip world conference on information security education. May [21] ON NATIONAL SECURITY SYSTEMS, C. C. Cnssi national information assurance training standard for senior systems managers, dated june [22] ON NATIONAL SECURITY SYSTEMS, C. C. Cnssi national information assurance training standard for system administrators (sa), dated march [23] ON NATIONAL SECURITY SYSTEMS, C. C. Cnssi information assurance training standard for information systems security officers, dated april [24] ON NATIONAL SECURITY SYSTEMS, C. C. Nstissi national training standard for information systems security (infosec) professionals, dated 20 june [25] ON NATIONAL SECURITY SYSTEMS, C. C. NSTISSI national training standard for systems certifiers, dated december [26] ØVERLIER, L., AND SYVERSON, P. Locating hidden servers. In Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P 06), Berkeley/Oakland, California, USA, May (2006), IEEE Computer Society, pp [27] PATTERSON, D. A. The health of research conferences and the dearth of big idea papers. Commun. ACM 47, 12 (2004),

56 [28] SALTZER, J. H., AND SCHROEDER, M. D. The protection of information in computer systems. Proceedings of the IEEE 63, 9 (Sept. 1975), [29] SCHARTUM, D. W., AND BYGRAVE, L. A. Personvern i informasjonssamfunnet - en innføring i vern av personopplysninger. Fagbokforlaget, [30] TAN, C. H. Analysis of improved signcryption scheme with key privacy. Inf. Process. Lett. 99, 4 (Aug. 2006), [31] UHR. Norsk inndeling av vitenskapsdisipliner. Sept [32] WARE, W. H. Security and privacy in computer systems. In Proceedings of the AFIPS Spring Joint Computer Conference (1967 SJCC) (Atlantic City, NJ, USA, Apr. 1967), vol. 30, AFIPS, AFIPS Press, pp Chairman s introduction to the SJCC session. [33] WARE, W. H. Security and privacy: similarities and differences. In Proceedings of the AFIPS Spring Joint Computer Conference (1967 SJCC) (Atlantic City, NJ, USA, Apr. 1967), vol. 30, AFIPS, AFIPS Press, pp [34] WHITMAN, M., AND MATTORD, H. A draft model curriculum for programs of study in information security and assurance. May [35] WHITMAN, M. E., Ed. Proceedings of the 2nd Annual Conference on Information Security Curriculum Development (Kennesaw, GA, USA, Sept. 2005), ACM, ACM Press. [36] WHITMAN, M. E., Ed. Proceedings of the 3rd Annual Conference on Information Security Curriculum Development (Kennesaw, GA, USA, Sept. 2006), ACM, ACM Press. [37] WHITMAN, M. E., AND WOSZCZYNSKI, A., Eds. Proceedings of the 1st Annual Conference on Information Security Curriculum Development (Kennesaw, GA, USA, Oct. 2004), ACM, ACM Press. [38] WIEHE, A., HJELMÅS, E., AND WOLTHUSEN, S. D. Quantitative analysis of efficient antispam techniques. In Proceedings from the Seventh Annual IEEE SMC Information Assurance Workshop, United States Military Academy, West Point, NY, USA, June (West Point, NY, USA, June 2006), IEEE Press, pp Accepted for publication. 49

57 A PhD Information Security Plan of studies 50

58 This document will be updated based on translated version of PhD regulations and final version of application. 1 Name of the program PhD Information Security (PhD Informasjonssikkerhet). 2 Admission requirements... 3 Duration, scope and level The program must be completed within eight years of admission. 4 Goals and objectives The core objective of a doctoral program is to encourage and assist doctoral students in the conduct of their studies which should exhibit increasing independence from external guidance, leading to a clearly identifiable individual contribution to the academic body of knowledge that is not hemmed in excessively by formal requirements and structural elements that serve more as restraints than as guidance. 5 Target applicants Any candidate with a relevant masters degree. 6 Composition The course and seminar offerings are primarily intended as guidance and for providing the requisite background and intellectual tools for the conduct of research, therefore frequently concentrating on foundational aspects at the expense of more concrete research-related issues. The latter is more appropriately covered in the course of seminars and reading groups since this format allows a more immediate adaptation to current research and requirements of the doctoral students while many of the lectures focus more on general tools and approaches that can be adapted to the specific research needs of the individual student. The PhD program requires at least 30 credits of coursework where at least 20 have to be at the 6000-level or equivalent from other universities offerings (10 credits can be 1

59 at the 4000 or 5000 level). The coursework has to include courses in ethics and scientific methodology. 7 Internationalization The PhD program is international in every way. Students are encouraged to spend at least three months abroad. 8 Accreditation The PhD program will be submitted to NOKUT for separate accreditation. 9 Courses The following table lists the courses and seminars and their corresponding major areas. Mandatory courses for all are IMT6011, IMT6021 and IMT6031. Course code Course name IMT6011 Ethics and Legal Aspects of Scientific Research IMT6021 Methodology of Scientific Research IMT6031 Probability and Statistics IMT6041 Computational Methods and Complexity IMT6051 Discrete Mathematics IMT6061 Pattern Recognition IMT6071 Computational Intelligence IMT6081 Biometrics IMT6091 Computer Forensics IMT6101 Advanced Graph Theory and Combinatorics IMT6111 Error Correcting Codes IMT6121 Wireless Network Security IMT6131 Computation in Number Theory and Elliptic Curves IMT6141 Foundations of Cryptography IMT6151 Dynamics of Computer Security Incident Response Teams IMT6161 Game Theory IMT6171 Uncertainty IMT6181 Artificial Intelligence and Intrusion Detection IMT6191 Cryptographic Primitives IMT6201 Design and Analysis of Cipher Systems IMT6211 Network Security IMT6221 Advanced Topics of Machine Intelligence 2

60 Course code ISM SS CR NS PRIV AF IWCIP CP DC IMT6011 X X X X X X X X X IMT6021 X X X X X X X X X IMT6031 X X X X X X X X X IMT6041 X IMT6051 X X X X X X X X X IMT6061 X X X IMT6071 X X X IMT6081 X X X IMT6091 X IMT6101 X X X IMT6111 X IMT6121 X IMT6131 X IMT6141 X X IMT6151 X IMT6161 X X IMT6171 X IMT6181 X IMT6191 X IMT6201 X IMT6211 X IMT6221 X X 3

61 B Course descriptions 54

62 Contents 1 Lectures IMT6011: Ethics and Legal Aspects of Scientific Research IMT6021: Methodology of Scientific Research IMT6031: Probability and Statistics IMT6041: Computational Methods and Complexity IMT6051: Discrete Mathematics IMT6061: Pattern Recognition IMT6071: Computational Intelligence IMT6081: Biometrics IMT6091: Computer Forensics IMT6101: Advanced Graph Theory and Combinatorics IMT6111: Error Correcting Codes IMT6121: Wireless Network Security IMT6131: Computation in Number Theory and Elliptic Curves IMT6141: Foundations of Cryptography IMT6151: Dynamics of Computer Security Incident Response Teams IMT6161: Game theory IMT6171: Uncertainty Seminars IMT6181: Artificial Intelligence and Intrusion Detection IMT6191: Cryptographic Primitives IMT6201: Design and Analysis of Cipher Systems IMT6211: Network Security IMT6221: Advanced Topics of Machine Intelligence

63 1 Lectures The following is mainly intended as a list of topics for courses; the precise duration for each lecture and divisions into individual modules (e.g. 5 and 10 ECTS modules) is something that may change as necessary from one year to the next. Also, it should be noted that not all courses need to be offered in each academic year. 2

64 1.1 IMT6011: Ethics and Legal Aspects of Scientific Research Level Doctorate Major Area Common ECTS Credits 5 ECTS Credits. This course is mandatory for doctoral students. Prerequisites None. Objectives After the course, the students should have acquired: 1. The principles of good scientific practice 2. Understanding of ethical issues posed by the conduct of research itself. Content Ethical and legal aspects are playing an increasing role in academia in general, but also are playing a growing role in many of the specific research fields associated with information security. This course therefore divides into two thematic areas, namely the general aspects of ethics and academic integrity in scientific practice and the specific problem areas touched upon by research in information security. Academic integrity and the observance of the principles of good scientific practice are crucial elements in any academic endeavor. These principles can be neglected or violated in several different ways ranging from lack of care in the application of scientific methods or in documenting data, to serious scientific misconduct through deliberate falsification, plagiarization or 3

65 outright fraud. In many of these cases, established practices and local traditions or gradual transitions may obscure the fact that boundaries of good conduct are about to be crossed. This course therefore aims to inform students about types of misconduct and ethical conundra and to enable them to form sound ethical judgments even in ambiguous situations. The second core element of this course covers the ethical problems posed by the conduct of research itself such as the proper experiments and experimental data involving human subjects and the procedures and mechanisms available to safeguard against misuses or other ethical lapses. Moreover, emphasis is also placed on the outcomes of research in information security. Such outcomes may include the erosion of privacy owing to improved techniques for surveillance, eavesdropping, or other security-related information gathering and analysis or the provision of offensive capabilities that may arise from some of this research. Key Topics Plagiarism Privacy issues Handling of experiments and experimental data involving human subjects Evaluation Term paper. Notes on Literature The U.S. National Academies of Sciences have issued a booklet on ethics and conduct for scientists and researchers, which is freely available from NAS [1]. Several philosophical aspects, including the issues involving human subjects, are also covered in [3], with the latter issues being the specific topic of [2]. Recommended Literature [1] GRIFFITHS, P. A., Ed. On Being A Scientist: Responsible Conduct In Research. United States National Academy of Sciences, Washington D.C., USA,

66 [2] ROMM, N. R. A. Accountability in Social Research: Issues and Debates. Kluwer Academic Press, New York, NY, USA, [3] ZIMAN, J. M. An Introduction to Science Studies: The Philosophical and Social Aspects of Science and Technology. Cambridge University Press, Cambridge, UK,

67 1.2 IMT6021: Methodology of Scientific Research Level Doctorate Major Area Common ECTS Credits 5 ECTS Credits. This course is mandatory for doctoral students. Prerequisites None. Objectives After the course, the students should have acquired: 1. Ability to write academic papers independently 2. Comprehension of scientific methods and mathematical and engineering research techniques. Content This course encompasses general techniques for writing technical reports and research papers and also covers the rules, publication guidelines, and traditions with a particular emphasis on computer science and mathematical sub disciplines relevant to information security. Some aspects of the theory of science and epistemology as required to provide a solid foundation for the comprehension of the scientific method and also mathematical research techniques are also required. In addition, auxiliary information such as research and information retrieval is also covered while the course can only offer an overview of common research methods in computer science, software engineering, and mathematics; more detailed techniques are typically left to individual seminars and reading groups. 6

68 Key Topics How to write academic papers The anatomy of a dissertation Dealing with literature Design and conduct of experiments Design and conduct of surveys and qualitative studies Academic writing styles Evaluation Term paper. Notes on Literature A reasonably general introduction to research methodology with a slight bias in favor of physical sciences is provided by Booth et al. [1] while Polya s classic [5] is more concerned with mathematical problem solving strategies and heuristics. In addition, Higham [2] and Knuth et al. [3] focus on specific problems found in mathematically oriented material while a more general overview of techniques for research and writing dissertationtype materials, albeit focused on the humanities is provided by Turabian [6]. One of the most frequently used reference works for academic writing and publishing is [4]; while this volume contains large amounts of material mainly of interest to scholars in the humanities, it is nevertheless an accepted reference in many other fields. Recommended Literature [1] BOOTH, W. C., WILLIAMS, J. M., AND COLOMB, G. G. The Craft of Research, 2nd ed. University of Chicago Press, Chicago, IL, USA, [2] HIGHAM, N. Handbook of Writing for the Mathematical Sciences, 2nd ed. Society for Industrial and Applied Mathematics, Philadelphia, PA, USA, [3] KNUTH, D. E., LARRABEE, T., AND ROBERTS, P. M. Mathematical Writing. Mathematical Association of America, Philadelphia, PA, USA,

69 [4] MAHAN, M. D. F., Ed. The Chicago Manual of Style, 15th ed. University of Chicago Press, Chicago, IL, USA, [5] POLYA, G. How to Solve It, 2nd ed. Princeton University Press, Princeton, NJ, USA, [6] TURABIAN, K. L. A Manual for Writers of Term Papers, Theses, and Dissertations, 6th ed. University of Chicago Press, Chicago, IL, USA,

70 1.3 IMT6031: Probability and Statistics Level Doctorate Major Area Common ECTS Credits 5 ECTS Credits. This course is mandatory for doctoral students. Prerequisites None. Objectives After the course, the students should have acquired: 1. Understanding of fundamental aspects of probability theory and mathematical statistics 2. Understanding of techniques and approaches to modelling and inference 3. Understanding of fundamental aspects of stochastic processes. Content In this course, the fundamental aspects of probability theory and mathematical statistics are covered before moving on to studies of techniques and approaches to modeling and inference, supplemented by fundamental aspects of stochastic processes. Probability and statistics are very important in a number of areas of applied computer science, particularly where simulations and experiments are conducted and appropriate inferences and hypotheses must be derived. 9

71 Key Topics Sample space and event Permutations Probability and measure Conditional probability Independence and Bayes Theorem Principle of Maximum Likelihood Law of large numbers Distributions and density Markov chains Random Walk A survey of applied statistics Statistical methods Foundations of stochastics Classifiers Machine-learning based classifiers Evaluation Written examination. Notes on Literature Most of the topics are covered in the reference [1]. The reference [2] provides basic background on probability. Basic statistics and statistical modeling is covered by [4], while methods and techniques of statistical inference are discussed by Cox [3]. Shao provides some valuable additional theoretical background and perspective, including measure theory in [7] with additional material on hypothesis testing in [6]. Stochastic processes are covered by Karlin [5]. 10

72 Recommended Literature [1] FALMAGNE, J.C. Lectures in Elementary Probability Theory and Stochastic Processes. McGraw-Hill, [2] GRINSTEAD, C.M., AND SNELL L.J. Introduction to Probability. American Mathematical Society, [3] COX, D. R. Principles of Statistical Inference. Cambridge University Press, Cambridge, UK, [4] FREEDMAN, D. Statistical Models. Cambridge University Press, Cambridge, UK, [5] KARLIN, S., AND TAYLOR, H. M. A First Course in Stochastic Processes, 2nd ed. Academic Press, San Francisco, CA, USA, [6] LEHMANN, E. L., AND ROMANO, J. P. Testing Statistical Hypotheses, 3rd ed. Springer-Verlag, Heidelberg, Germany, [7] SHAO, J. Mathematical Statistics, 2nd ed. Springer-Verlag, Heidelberg, Germany,

73 1.4 IMT6041: Computational Methods and Complexity Level Doctorate Major Area Dependable Computing ECTS Credits 5 ECTS Credits. Prerequisites some mathematical maturity may be desirable. Objectives After the course, the students should have acquired: 1. Advanced understanding of core models and mechanisms behind the design and analysis of algorithms 2. Ideas of application of computational methods in the fields of automata and languages 3. Advanced understanding of complexity theory. Content This course encompasses the core models and mechanisms required for the design and analysis of algorithms and particularly computational models. To this end, models of computation, Turing machines, recursive functions, Church s thesis, λ calculi, decidability, and computability, are covered. Beyond this core, denotational semantics and the logic of programs are covered as well as applications to automata, formal languages, program verification, and programming languages. A final component of the course provides an overview of complexity theory including analytical techniques and an introduction to complexity hierarchies. 12

74 Key Topics Fundamentals of computer science theory Finite automata Analytical techniques for complexity Models of computation: Turing machines, λ calculi, and transformations between computational models Complexity theory Semantics of programs Evaluation Written examination. Notes on Literature Reviews of core techniques, including mathematical tools for use in algorithm development and analyisis are covered in [2] with some aspects of automata and language theory being covered in [3] while intractability is covered in [1]. Detailed coverage of complexity theory and complexity hierarchies including computational models are then covered by [4]. Recommended Literature [1] GAREY, M. R., AND JOHNSON, D. S. Computers and Intractability, 2nd ed. W.H. Freeman, San Francisco, CA, USA, [2] GRAHAM, R. L., KNUTH, D. E., AND PATASHNIK, O. Concrete Mathematics, 2nd ed. Addison-Wesley, Resding, MA, USA, [3] HOPCROFT, J. E., MOTWANI, R., AND ULLMAN, J. D. Introduction to Automata Theory, Languages, and Computation, 3rd ed. Addison-Wesley, Reading, MA, USA, [4] PAPADIMITRIOU, C. H. Computational Complexity. Addison-Wesley, Resding, MA, USA,

75 1.5 IMT6051: Discrete Mathematics Level Doctorate Major Area Common ECTS Credits 5 ECTS Credits. Prerequisites None. Objectives After the course, the students should have acquired: 1. Understanding of the most important topics of linear algebra and abstract algebra 2. Understanding of the most important topics of combinatorics, including fundamentals of graph theory, as well as fundamentals of combinatorial optimization algorithms. Content This course provides an introductory survey of discrete mathematical tools that students primarily interested in applications will require and is also intended to assist students entering the Ph.D. program from courses of study in which discrete mathematics was not a core part of the curriculum. In the course, a rigorous introduction to core topics of abstract algebra is provided through an introduction to linear algebra. The second part of the course is concerned with the introduction of key concepts of combinatorics, including aspects of graph theory and its applications. 14

76 Key Topics Review of linear algebra Fundamentals of abstract algebra Core aspects of combinatorics, including fundamentals of graph theory Selected combinatorial algorithms, including algorithms on graphs. Evaluation Written examination. Notes on Literature Core concepts of discrete mathematics, including topics from number theory, generating functions, and asymptotics used in the analysis of algorithms are covered by [3]. Basic linear algebra at the undergraduate level is covered in [5] while Greub covers more advanced topics such as inner product spaces and unitary spaces [4]. Abstract algebra is covered by [1]. Elements of combinatorics are reviewed in [6], while a brief introduction to core concepts in graph theory and algorithms on graphs is covered in [2]. Recommended Literature [1] BHATTACHARYA, P. B., JAIN, S. K., AND NAGPAUL, S. R. Basic Abstract Algebra, 2nd ed. Cambridge University Press, Cambridge, UK, [2] GIBBONS, A. Algorithmic Graph Theory. Cambridge University Press, Cambridge, UK, [3] GRAHAM, R. L., KNUTH, D. E., AND PATASHNIK, O. Concrete Mathematics, 2nd ed. Addison-Wesley, Resding, MA, USA, [4] GREUB, W. Linear Algebra, 4th ed. Springer-Verlag, Heidelberg, Germany, [5] LANG, S. Linear Algebra, 3rd ed. Springer-Verlag, Heidelberg, Germany, [6] VAN LINT, J. H., AND WILSON, R. M. A Course in Combinatorics. Cambridge University Press, Cambridge, UK,

77 1.6 IMT6061: Pattern Recognition Level Doctorate Major Area System Security, Attacks and Forensics, Content Protection ECTS Credits 5 ECTS Credits. Prerequisites IMT6031. Objectives After the course, the students should have acquired: 1. Understanding of parametric and nonparametric classification techniques 2. Understanding of modern classification techniques like algorithms for training neural networks, genetic algorithms and so on 3. Understanding of unsupervised learning and cluster analysis. Key Topics Parametric classification techniques Nonparametric classification techniques Linear discriminant functions Neural networks Stochastic methods Unsupervised learning and clustering 16

78 Content The course offers a student fundamental knowledge in the field of classification. Both parametric and nonparametric classification techniques are covered, linear classifiers and support vector machines, multilayer neural networks, stochastic classification methods that include genetic algorithms and simulated annealing, as well as unsupervised learning and clustering. Evaluation Written examination. Notes on Literature Pattern recognition and classification techniques are discussed in [2] with additional aspects of statistical learning covered in [3]. Kernel-based approaches including support vector machines are discussed by Shawe-Taylor and in [4] and [1]. Recommended Literature [1] CRISTIANINI, N., AND SHAWE-TAYLOR, J. An Introduction to Support Vector Machines and Other Kernel-based Learning Methods. Cambridge University Press, Cambridge, UK, [2] DUDA, R. O., HART, P. E., AND STORK, D. G. Pattern Classification, 2nd ed. Wiley-Interscience, New York, NY, USA, [3] HASTIE, T., TIBSHIRANI, R., AND FRIEDMAN, J. H. The Elements of Statistical Learning. Springer-Verlag, Heidelberg, Germany, [4] SHAWE-TAYLOR, J., AND CRISTIANINI, N. Kernel Methods for Pattern Analysis. Cambridge University Press, Cambridge, UK,

79 1.7 IMT6071: Computational Intelligence Level Doctorate Major Area System Security, Attacks and Forensics, Content Protection ECTS Credits 5 ECTS Credits. Prerequisites IMT6031 and IMT6061 or equivalents. Objectives The new requirements that actual security systems need to comply with, such as reliability, high recognition rates, tolerance for imprecision and uncertainty, call for the use of powerful computing technologies. In this context Computational Intelligence (CI) is increasingly being used for the development of computer-based applications in real-life, ambiguous environments. The aim of this course is to lay the foundations and to encourage further discussions on the employment of CI in intelligent system design and application. Students will learn fundamental of CI-methods in order to apply it for finding patterns and regularities in large amounts of data, as well as using such patterns for making better decisions. Applications can be spam and intrusion detection, biometric recognition, forensic investigation, visual object recognition and video surveillance, network optimization and routing, task scheduling, data mining, and many others. Content CI is a branch of the study of artificial intelligence, which aims to use learning, adaptive, or evolutionary computation to create programs that mimic the remarkable human capability of making decisions. It has emerged in the recent past as a collection of several models of computation, which 18

80 work synergistically and provide the capability of flexible information processing. The principal constituents of CI are Fuzzy Logic, Artificial Neural Networks [3, 4, 6], Evolutionary Computing [2, 5, 7, 8], Probabilistic Reasoning, Chaos Theory and parts of Machine-Learning Theory [1, 9, 10]. CI is more than a mélange of these disciplines; it is a partnership, in which each of the partners contributes a distinct methodology for addressing problems in its own domain [11]. Key Topics Artificial Neural Networks Fuzzy Logic Evolutionary Computation including Evolutionary Strategy and Genetic Algorithms Evolutionary and Genetic Programming Swarm Intelligence Hybrid Intelligent Systems Evaluation End-term exam. Notes on Literature Fuzzy Logic and Artificial Neural Networks are covered in [3, 4, 6], good references on Evolutionary Computing are [2, 5, 7, 8], while information on Probabilistic Reasoning, Chaos Theory and parts of Machine-Learning Theory can be found in [1, 9, 10]. General information on CI as a discipline can be found in [11]. Recommended Literature [1] R.O. Duda, P.E. Hart, and D.G. Stork. Pattern Classification. John Wiley & Sons, Inc., [2] L.J. Fogel, A.J. Owen, and M.J. Walsh. Artificial Intelligence through Simulated Evolution. Wiley, New York,

81 [3] S. Haykin. Neuronal Networks: A Comprehensive Foundation. Macmillan College Publishing Co., [4] R. Hecht-Nielsen. Neurocomputing. Addison-Wesley Publishing Company, Reading, MA, [5] J.H. Holland. Adaptation in Natural and Artificial Systems. University of Michigan Press, [6] T. Kohonen. Self-Organizing Maps, 2nd edition. Springer Verlag, [7] J.R. Koza. Genetic Programming: On the Programming of Computers by Means of Natural Selection. MIT Press, [8] J.R. Koza. Genetic Programming II: Automatic Discovery of Reusable Programs. MIT Press, Cambridge, London, [9] J. Schürmann. Pattern Classification: A Unified View of Statistical and Neural Approaches. John Wiley & Sons, Inc., New York, [10] S. Watanabe. Knowing and Guessing: A Quantitave Study of Inference and Information. John Wiley & Sons, Inc., New York, London, Sydney, Toronto, [11] L.A. Zadeh. Fuzzy logic, neural networks and soft computing. Communications of the ACM, 37(3):77 84,

82 1.8 IMT6081: Biometrics Level Doctorate Major Area System Security, Privacy, Information Security Management ECTS Credits 5 ECTS Credits. Prerequisites None. Objectives After the course, the students should have acquired: 1. Knowledge about common statistical tools for biometrics 2. Insight into advantages and disadvantages of use of selected types of biometrics 3. Understanding of multimodal biometrics 4. Knowledge of ethical and privacy issues in biometrics. Content In this course, several key aspects of biometrics are covered. The course begins with an overview of applied statistics and hypothesis tests as well as other common statistical tools for biometrics, and then covers selected types of biometrics, particularly fingerprint, face, and iris recognition techniques. To this end, the relevant physiological and medical features, their variability, and potential problems are discussed before analyzing different approaches for each of the attributes to be investigated. In each case, not only benign applications are covered but also potential attacks along 21

83 the entire processing chain. The use of multimodal biometrics, both using different sensor types for the same feature and using different attributes, is also discussed in the context of robustness against attacks and improving the overall accuracy of the recognition process. The course concludes with a discussion of the ethical and privacy-related issues in biometrics, along with possible limitations and techical mitigation mechanisms such as match-on-card approaches and biometric template protection. IMT6031 is recommended as an accompanying module for this course; although some concepts of applied statistics and decision theory are revisited in this course, students will benefit from the more rigorous treatment of the subject matter in IMT6031. Key Topics Fingerprint recognition Iris recognition Face recognition in two and three dimensions Multimodal biometrics Attack mechanisms Evaluation Written examination. Notes on Literature A survey of biometrics, its origins and applications is provided by Wayman et al. in [3]; issues surrounding fingerprint recognition are covered in the text by Maltoni et al. [2], while core areas of face recognition biometrics are described in the textbook by Li and Jain [1] Recommended Literature [1] LI, S. Z., AND JAIN, A. K., Eds. Handbook of Face Recognition. Springer- Verlag, Heidelberg, Germany, [2] MALTONI, D., MAIO, D., JAIN, A. K., AND PRABHAKAR, S. Handbook of Fingerprint Recognition. Springer-Verlag, Heidelberg, Germany,

84 [3] WAYMAN, J., JAIN, A., MALTONI, D., AND MAIO, D., Eds. Biometric Systems. Springer-Verlag, Heidelberg, Germany,

85 1.9 IMT6091: Computer Forensics Level Doctorate Major Area Attacks and Forensics ECTS Credits 5 ECTS Credits. Prerequisites Understanding of computer hardware, operating systems and communications software; creative problem-solving and investigative skills; an appreciation of relevant aspects of the law. Objectives Computer Forensics (CF) is the study of the detection and investigation of crime committed on or via computers and computer networks. Examples of computer-related criminal activity include intellectual property theft, copyright offenses, industrial espionage, obstruction, financial fraud and tax evasion, harassment, child pornography, damage assessment following an incident, and more general criminal cases, since many criminals simply store information on computers, intentionally or unwittingly. Due to increasing awareness of the importance of computer-based evidence in criminal cases, there is an expanding need for computer professionals with the abilities to reliably handle sensitive and irreplaceable materials, to investigate those materials in an sophisticated manner, to develop top-notch investigation methods, and then to present / defend appropriate expert reports to legal personnel. The aim of this course is to educate students on the special demands as well as on the methods and the tools used in Computer Forensics. Crime scenes studied cover private homes and public environments like financial institutions and software companies. Also discussed in the course is the development of new technologies for computer-crime investigation since the prosperous research domain demands experts developing next-generation equipment and tools. 24

86 Content The lecture focuses on a wide range of possible forensic investigations like: (a) Responding to live incidents, (b) Determine whether an attack has actually occurred (c) Analyzing violate data, non-violate data and files of unknown origin, (d) Safely performing and documenting forensic duplications, (e) Collecting and analyzing network-based evidence, (f) Reconstructing Web browsing and activity, as well as (g) Duplicating and analyzing the content of PDAs and flash memory devices [1]. In addition, techniques and tools for the analysis of computer crimes are introduced. Key Topics Live Incident Response Network-based Forensics Acquiring a Forensic Duplication Online-based Forensics Mobile Device Forensics Forensic Analysis Techniques Creating a Complete Forensic Toolkit. Evaluation End-term exam. Notes on Literature A very good textbook on this subject is [1]. It covers all the topics enumerated for this course. Recommended Literature [1] K.J. Jones, R. Bejtlich, and C.W. Rose. Real Digital Forensics - Computer Security and Incident Response. Addison-Wesley Publishing Company, Reading, MA,

87 1.10 IMT6101: Advanced Graph Theory and Combinatorics Level Doctorate Major Area System Security, Dependable Computing, Information Warfare and Critical Infrastructure Protection. ECTS Credits 5 ECTS Credits. Prerequisites IMT6051 or equivalent. Objectives After the course, the students should have acquired: 1. Understanding of principles of classical combinatorics 2. Knowledge about various combinatorial structures, such as graphs, etc. 3. Knowledge about algebraic techniques applied in combinatorics. Content The course begins with classical combinatorics, including counting functions (arbitrary, injective or surjective functions with domain and range either distinguishable or indistinguishable) and enumerations (sets, multisets, permutations, multiset permutations, partitions, set partitions, and compositions). Applications to Bell numbers, Stirling numbers of the first and second kinds, and Eulerian numbers are covered as well as the recurrence relations and bijective methods in proofs. Algebraic techniques covered include generating functions, particularly ordinary and exponential generating functions and applications to partition 26

88 problems. Gaussian polynomials are covered in connection with partitions, the lattice of subspaces of a vector space over a finite field, and the q-binomial Theorem. This course also covers core aspects of graph theory and combinatorics. Beginning with Hamiltonian and Euler circuits and flows including the Max- Flow Min-Cut theorem, integral flows and Menger s theorem, approaches to extremal problems are examined together with selected aspects of Ramsey theory and representation mechanisms. Graph topologies as well as both random and power-law graphs are covered along with selected tools on graph morphology. Key Topics Classical combinatorics Algebraic techniques for combinatorics Graphs and graph types Cuts, flows and extremal problems Matrix theory and the Laplacian of graphs Random graphs and power-law graphs Evaluation Written examination. Notes on Literature Basic combinatorics is gently covered by Bogart [3] while algebraic techniques are covered by Aigner [1]. Fundamentals of graph theory is covered by the texts of Diestel [5] and Bollobás [4]; some advanced aspects are discussed by Godsil and Royle [6], while topics related to directed graphs are more specifically dealt with by Bang-Jensen and Gutin [2]. Recommended Literature [1] AIGNER, M. Combinatorial Theory. Springer-Verlag, Heidelberg, Germany, [2] BANG-JENSEN, J., AND GUTIN, G. Digraphs. Springer-Verlag, Heidelberg, Germany,

89 [3] BOGART, K. P. Combinatorial Theory, 3rd ed. Brooks Cole, Belmont, CA, USA, [4] BOLLOBÁS, B. Modern Graph Theory. Springer-Verlag, Heidelberg, Germany, [5] DIESTEL, R. Graph Theory, 3rd ed. Springer-Verlag, Heidelberg, Germany, [6] GODSIL, C., AND ROYLE, G. Algebraic Graph Theory. Springer-Verlag, Heidelberg, Germany,

90 1.11 IMT6111: Error Correcting Codes Level Doctorate Major Area Dependable Computing ECTS Credits 5 ECTS Credits. Prerequisites None. Objectives After the course, the students should have acquired: 1. Understanding of the coding problem and mathematical fundamentals of possible solutions 2. Understanding of block codes and convolutional codes 3. Ideas about new directions in error control coding: quantum error correcting codes, turbo codes and codes for correcting insertion and deletion errors. Content This course gives students detailed information about techniques of error control coding. Starting from the classical techniques, block codes and convolutional codes, new directions in error control coding are also studied, such as quantum codes, turbo codes, etc. Special codes for channels with insertion and deletion errors are also introduced, for which definition of appropriate distances (edit-distances) is necessary. 29

91 Key Topics The coding problem, linear codes and their most important representatives Cyclic codes, BCH codes Convolutional codes - the Viterbi algorithm, list decoding, sequential decoding Advanced concepts: Iterative decoding and turbo codes, quantum error corecting codes, codes for correcting insertion and deletion errors. Evaluation Written examination. Notes on Literature An excellent survey of the coding theory is given in Van Lint s book [3]. Peterson and Weldon [4] wrote a classical but stil very useful book about block and convolutional codes. A very detailed survey of convolutional codes is given in [2], while one of the newest books that gives detailed insight into the field is [1]. Recommended Literature [1] HUFFMAN, W., PLESS, V. Fundamentals of Error-Correcting Codes, Cambridge University Press, Cambridge, U.K., [2] JOHANNESSON, R., ZIGANGIROV, K. Fundamentals of Convolutional Coding, IEEE Press, [3] VAN LINT, J. H. Introduction to Coding Theory, 3rd ed. Springer-Verlag, Heidelberg, Germany, [4] PETERSON, W., WELDON, E. Error-Correcting Codes - Revised, 2nd ed. The MIT Press, Boston, U.S.A.,

92 1.12 IMT6121: Wireless Network Security Level Doctorate Major Area Network Security ECTS Credits 5 ECTS Credits. Prerequisites None. Objectives This course is to provide basic knowledge on wireless network security. This will be useful for those who wish to know more about wireless network security. Content Key Topics Wireless network security fundamentals WLAN security IEEE i security IEEE sensor network security Security in wireless ad hoc networks Security in wireless MAN Key management in wireless ad hoc networks Key management in sensor networks 31

93 Evaluation Written examination and assignments. Notes on Literature [1][2][3][4] Recommended Literature [1] YANG, X., XUEMIN, C., AND DING-ZHU, D. Wireless Network Security, Springer-Verlag, [2] VACCA, J. Guide to Wireless Network Security, Springer-Verlag, [3] DONGGANG, L., PING, N. Security of Wireless Sensor Networks, Springer-Verlag, [4] YANG, X. Link Layer Security in Wireless LAN, Wireless PAN, and Wireless MANs, Springer-Verlag,

94 1.13 IMT6131: Computation in Number Theory and Elliptic Curves Level Doctorate Major Area Cryptology ECTS Credits 5 ECTS Credits. Prerequisites Introduction to Number Theory. Objectives This course is to provide basic knowledge on computational number theory and elliptic curves. This will be useful for understanding how the cryptosystem is implemented based on number theory or elliptic curve. Content Extended Euclidean algorithm, Montgomery method, deterministic primality testing, Finding generators in Z_pˆ*, quadratic residues and quadratic reciprocity, Matrices, Polynomial arithmetic, finite fields arithmetic, efficient and secure arithmetic of elliptic curve against side channel attacks. Key Topics Basic number arithmetic Finite fields arithmetic Efficient and secure arithmetic Elliptic curves 33

95 Evaluation Written examination and assignments. Notes on Literature The finite fields arithmetic, efficient and secure arithmetic are covered in [2], while the rest is from [1]. Recommended Literature [1] SHOUP, V. A Computational Introduction to Number Theory and Algebra, Cambridge University Press, Cambridge, U.K., [2] COHN, H., FREY, G., EDS. Handbook of Elliptic Curve and Hyperelliptic Curve Cryptography, Chapman & Hall/CRC,

96 1.14 IMT6141: Foundations of Cryptography Level Doctorate Major Area Cryptology, Privacy ECTS Credits 5 ECTS Credits. Prerequisites Cryptology. Objectives This course is to provide theoretical concepts on cryptographic security, for example, the security definition of encryption and signature and its security proof, etc. This will provide student a sound foundation in cryptography research. Content Security definition - information theory, computational complexity and practical security. Encryption. Signature. Cryptographic protocols. One way Functions and their assumptions. Pseudorandom generator. Provably secure encryption. Provably secure signature. Key Topics Security definition Encryption Signature Cryptographic protocols 35

97 One way Functions and their assumptions Pseudorandom generator Provably secure encryption Provably secure signature Evaluation Written examination. Notes on Literature Most of the topics are covered in the reference [1]. The reference [4] will provide more understanding on cryptographic protocols, encryption and signature. The reference [2] covers security proof of Cramer-Shoup encryption scheme. The reference [3] gives more information on pseudorandom generators. Recommended Literature [1] DELFS, H., AND KNEBL, H. Introduction to Cryptography. Springer- Verlag, Heidelberg, Germany, [2] MAO, W. Modern Cryptography: Theory and Practice. Prentice Hall, [3] GOLDREICH, O. Foundations of Cryptography: Volume I Basic Tools. Springer-Verlag, Heidelberg, Germany, (First Print) [4] GOLDREICH, O. Foundations of Cryptography: Volume II Basic Applications. Springer-Verlag, Heidelberg, Germany,

98 1.15 IMT6151: Dynamics of Computer Security Incident Response Teams Level Doctorate Major Area Security management ECTS Credits 5 ECTS Credits. Prerequisites IMT4111 or similar. Objectives The course provides insight into current research topics in CSIRTs. The candidates shall be able to do research work related to incident response handling, CSIRTs and IDS (Intrusion Detection Systems) Content In-depth review of current implementations of Computer Security Incident Response Teams (CSIRTs). Model-based analysis of selected CSIRTs based on cases from literature and/or organizations (if available). The role of CSIRTs as emergent Cyber Security Reporting Systems. Key Topics Current implementations of Computer Security Incident Response Teams (CSIRTs) Model-based analysis of selected CSIRTs The role of CSIRTs as emergent Cyber Security Reporting Systems. 37

99 Evaluation Approved exercises and oral presentation. Notes on Literature [1][2][3][4][5]. Recommended Literature [1] KILLCRECE, G., KOSSAKOWSKI, K., RUEFLE, R., AND ZAJICEK, M. Organizational Models for Computer Security Incident Response Teams (CSIRTs). Carnegie-Mellon University, Software Engineering Institute, [2] KILLCRECE, G., KOSSAKOWSKI, K., RUEFLE, R., AND ZAJICEK, M. State of the Practice of Computer Security Incident Response Teams (CSIRTs). Carnegie-Mellon University, Software Engineering Institute, [3] SAWICKA, A., GONZALEZ, J., AND QIAN, Y. Managing a CSIRT The 23rd International Conference of the System Dynamics Society, Boston, MA, [4] WIIK, J., GONZALEZ, J., AND KOSSAKOWSKI, K. Limits to Effectiveness of Computer Security Incident Response Teams (CSIRTs) The 23rd International Conference of the System Dynamics Society, Boston, MA, [5] KOSSAKOWSKI, K., WIIK, J., AND GONZALEZ, J. Effectiveness of Proactive CSIRT Services International Conference on IT-Incident Management and IT-Forensics, Stuttgart,

100 1.16 IMT6161: Game theory Level Doctorate Major Area Security management, Information Warfare and Critical Infrastructure Protection ECTS Credits 5 ECTS Credits. Prerequisites None. Objectives After the course, the students should have acquired: 1. Understanding of the mathematical fundamentals of Game Theory 2. Understanding of different types of games (static/dynamic) and information availability (complete/incomplete) 3. Understanding of attack-defend settings in a game theoretic settings and how this applies to information security Content This course gives students detailed information about the mathematical modeling of interactions between non-cooperating parties. This includes concepts such as utility and rationality. The course will introduce the students to different game styles (static/dynamic) and address how information availability (complete/incomplete) can affect games. Techniques for equilibrium analysis including Nash equilibrium will be explained. 39

101 Key Topics Static games of complete information, including Nash equilibrium Dynamic games of complete information Static games of incomplete information Dynamic games of incomplete information Evaluation Project (case study in information security) and oral examination Notes on Literature The course will use selected sections from the book by Fudenberg and Tirole[1]. Recommended Literature [1] FUDENBERG, D., AND TIROLE, J. Game Theory. The MIT Press,

102 1.17 IMT6171: Uncertainty Level Doctorate Major Area Security management/risk management ECTS Credits 5 ECTS Credits. Prerequisites None. Objectives After the course, the students should have acquired: 1. Understanding of mathematical and logical aspects of uncertainty. 2. Understanding of different types uncertainty and how this can be modeled. 3. Understanding of uncertainty as it applies to information security. Content This course will introduce the student to classical possibility and probability theories. Principles of imprecise probabilities and measures of uncertainty will be explained. Other topics to be covered by this course will be hidden Markov models. 41

103 Key Topics Classical possibility-based uncertainty theory Classical probability based uncertainty theory Generalized measures of imprecise probabilities Measures of uncertainty and information Hidden Markov models. Evaluation Project (case study in information security) and oral examination Notes on Literature The course will use selected sections from the book by Klir[1]. Recommended Literature [1] KLIR, G. J. Uncertainty and Information - Foundations of generalized information theory. Wiley, Seminars As with lectures, the following is mainly intended as a list of topics to be covered. The seminar format allows for a more rapid adaptation to student requirements and can typically augment selected textbooks with primary research literature. Typical seminars will be 5 ECTS point modules. Also as with lectures, not all seminars may to be offered in each academic year. 42

104 2.1 IMT6181: Artificial Intelligence and Intrusion Detection Level Doctorate Major Area System Security ECTS Credits 5 ECTS Credits. Prerequisites IMT6061 or equivalent. Objectives After the seminar, the students should have acquired: 1. Understanding of anomaly detection as a pattern recognition problem 2. Knowledge about application of learning systems like neural networks in intrusion detection 3. Knowledge about application of clustering in intrusion detection. Content This seminar offers knowledge about application of various artificial intelligence techniques in intrusion detection, especially in anomaly detection. After the introduction/revision of basic concepts in intrusion detection, anomaly detection is defined in a form of a pattern recognition problem. Then two branches of solutions to this problem are studied: the first one uses artificial intelligence systems with learning, such as neural networks, while the second one tries to apply various clustering algorithms in intrusion detection. 43

105 Key Topics Introduction to intrusion detection and prevention Anomaly detection as a pattern recognition problem Learning intrusion detection Cluster analysis and intrusion detection Evaluation Written examination Notes on Literature This is a relatively new area of research and no book covers the subject as a whole. However, some elements of application of artificial intelligence in intrusion detection can be found in a book by Bace [1]. Otherwise, a lot of articles are available, for example [2, 3, 4] and many others that view the anomaly detection problem from various aspects. Recommended Literature [1] BACE, R. Intrusion Detection. Macmillan Technical Publishing, Indianapolis, USA, [2] LIAO, Y., VEMURI, V. Use of K-Nearest Neighbor Classifier for Intrusion Detection, Computers and Security, Vol. 21, No 5, pp , [3] GORODETSKY, V., KARSAEV, O., AND SAMOILOV, V. On-Line Update of Situation Assessment Based on Asynchronous Data Streams, Proceedings of the 8th International Conference on Knowledge-Based Intelligent Information and Engineering Systems Lecture Notes in Artificial Intelligence, Vol. 3213, pp Springer-Verlag, [4] FOREST, S., HOFMEYR, S., SOMAYAJI, A., AND LONGSTAFF, T. A Sense of Self for Unix Processes, Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp IEEE Computer Society Press,

106 2.2 IMT6191: Cryptographic Primitives Level Doctorate Major Area Cryptology ECTS Credits 5 ECTS Credits. Prerequisites IMT3701 Cryptology Objectives After the seminar, the students should have acquired: 1. Understanding of number theoretical requirements for common cryptographic primitives 2. Understanding reduction among number theoretic problems 3. Understanding of elliptic curves and lattice theory 4. Knowledge about identity-based and certificateless public key cryptography. Content This seminar begins with the core number theoretical requirements required for common cryptographic primitives, along with factoring and discrete logarithm problems and a discussion of reductions among number-theoretic problems. The arithmetic of lattices and elliptic curves will also be covered. In this course, only elliptic curves defined over fields of arithmetic interest, such as algebraic number fields and finite fields will be covered. In this context, Tate and Weil pairings and their applications to new schemes such as identity-based and certificateless public key cryptography are also covered. 45

107 Key Topics Lattices Pairings Elliptic Curves Finite fields Threshold schemes Permutation mechanisms Identity-based and certificateless public key cryptography Evaluation Written examination. Notes on Literature Elementary algorithmic number theory is covered by Bach and Shallit in [1] alongside computational number theory aspects covered by Cohen in [2] and [3]. Salomaa provides a detailed overview of classical public-key primitives for RSA-type and knapsack problems [6] that is augmented by the material in [4], while Silverman discusses the arithmetic of elliptic curves in [7] and [8]. Lattice problems are covered by Micciancio [5]. For some of the advanced topics such as Tate and Weil pairings, no usable textbooks exist as yet, requiring the use of primary research papers for their discussion. Recommended Literature [1] BACH, E., AND SHALLIT, J. Algorithmic Number Theory. MIT Press, Cambridge, MA, USA, [2] COHEN, H. A Course in Computational Algebraic Number Theory. Springer-Verlag, Heidelberg, Germany, [3] COHEN, H. Advanced Topics in Computational Number Theory. Springer- Verlag, Heidelberg, Germany, [4] GARRETT, P., Ed. Public Key Cryptography. No. 62 in Proceedings of Symposia in Applied Mathematics. American Mathematical Society, Providence, RI, USA,

108 [5] MICCIANCIO, D., AND GOLDWASSER, S. Complexity of Lattice Problems, vol. 671 of The Kluwer International Series in Engineering and Computer Science. Kluwer Academic Publishers, Boston, MA, USA, Mar [6] SALOMAA, A. Public-Key Cryptography. Springer-Verlag, Heidelberg, Germany, [7] SILVERMAN, J. H. The Arithmetic of Elliptic Curves. Springer-Verlag, Heidelberg, Germany, [8] SILVERMAN, J. H. Advanced Topics in Arithmetic of Elliptic Curves. Springer-Verlag, Heidelberg, Germany,

109 2.3 IMT6201: Design and Analysis of Cipher Systems Level Doctorate Major Area Cryptology ECTS Credits 5 ECTS Credits. Prerequisites IMT3701 Cryptology Objectives After the seminar, the students should have acquired: 1. Knowledge about symmetric cipher design and cryptanalysis techniques 2. Knowledge about methods of public-key system design and cryptanalysis. Content This seminar covers the theoretical foundations and the practical considerations of design and cryptanalysis of symmetric and asymmetric ciphers. The seminar begins with the exposition of advanced Boolean function theory (spectral theory, Walsh-Haddamard transform), as well as advanced concepts of resiliency and almost perfectly non-linear functions. Then elements of incorporating hard mathematical problems in the design of publickey ciphers are given. Each topic includes elements of cryptanalysis of the corresponding structures. Finally, examples of design of various cipher systems are presented, as well as the analysis of their resistance to various attacks. This is carried out in a form of case studies. 48

110 Key Topics Stream cipher design and cryptanalysis Block cipher design and cryptanalysis Public-key ciphers design and cryptanalysis Case studies Evaluation Written examination. Notes on Literature The main body of literature for this seminar are various articles. Classical books about design of symmetric ciphers are [1] and [2]. They can serve well for the exposition of the symmetric cipher part of the course. The book [3] is a good source of information about design of public-key systems. For some cryptanalysis techniques, books are available, like [4]. Recommended Literature [1] RUEPPEL, R. Analysis and Design of Stream Ciphers. Springer-Verlag, Heidelberg, Germany, [2] BEKER, H. AND PIPER, F. Cipher Systems: the Protection of Communications. Northwood Publications, London, [3] SALOMAA, A. Public-Key Cryptography. Springer-Verlag, Heidelberg, Germany, [4] BIHAM, E., AND SHAMIR, A. Differential Cryptanalysis of the Data Encryption Standard. Springer-Verlag, Heidelberg, Germany,

111 2.4 IMT6211: Network Security Level Doctorate Major Area Network Security ECTS Credits 5 ECTS Credits. Prerequisites None. Key Topics Attacks on routing protocols Wireless network security Peer-to-peer structures Content In this seminar, key aspects of network security are covered, beginning with adversarial modeling for routing attacks in fixed and wireless networks and a discussion of attacks and attack mechanisms in either case. Routing protocols are a focal area of this seminar. In case of fixed networks, the seminar will concentrate on exterior gateway protocols whereas for wireless networks, several proposed protocols illuminating selected securityrelated aspects will be highlighted. At higher levels of abstraction, security issues related to peer-to-peer and more generally overlay networks will also be covered together with discussions of attacks and defensive mechanisms related to these approaches. 50

112 Objectives After completing this seminar, students will have 1. Knowledge of routing protocols in the areas of interior and exterior gateway protocols for fixed-line networks 2. An understanding of the threats and adversaries to routing protocols in particular together with general network-specific attack mechanisms 3. Knowledge of routing protocols for wireless networks (particularly ad hoc networks, including mobility aspects) 4. Appreciation of the risks and attacks specific to wireless ad hoc networks 5. Knowledge of defensive mechanisms and protocols for countering selected network, particularly routing-related, threats. Evaluation Oral examination. Notes on Literature Foundations of routing protocols are covered by Perlman [3] and Huitema [1], while the most widely used IGP protocol (OSPF) and BGP protocol (BGP) are discussed in [2] and [4], respectively. The focus of the seminar will, however, be on the discussion of seminal and current research in the areas described above and will hence focus on papers from the primary literature. These will be selected in a timely manner either before the start of the seminar or in response to student interest during the seminar. Recommended Literature [1] HUITEMA, C. Routing in the Internet, 2nd ed. Prentice Hall, Englewood Cliffs, NJ, USA, [2] MOY, J. T. OSPF: Anatomy of An Internet Routing Protocol. Addison- Wesley, Reading, MA, USA, [3] PERLMAN, R. Interconnections: Bridges, Routers, Switches, and Internetworking Protocols, 2nd ed. Addison-Wesley, Reading, MA, USA,

113 [4] ZHANG, R., AND BARTELL, M. BGP Design and Implementation. Cisco Press, San Francisco, CA, USA,

114 2.5 IMT6221: Advanced Topics of Machine Intelligence Level Doctorate Major Area System Security, Attacks and Forensics ECTS Credits 5 ECTS Credits Prerequisites Lecture on Computational Intelligence and / or Pattern Recognition. Objectives The principal objective of this seminar is to provide a solid basis for student s own computational method designs and empirical experiments. Not only the feasibility of Machine Intelligence as toolset for real-life applications is discussed, but new computational algorithmic are to be designed in order to study the impact of this technology. In this way students will learn to design their own intelligent system approach and to apply it in the appropriate manner. Content By attending this seminar, Computational Intelligence and Pattern Recognition students will reinforce their knowledge of modeling and assessment methods, including statistical testing and performance bounds. They will learn to apply state-of-the-art methods of data preprocessing, feature selection, classifier generation and combination. Students will gain practical insides and tools, which are essential to efficiently perform data analysis, classification and optimization. The hands-on project shall be related to the doctoral study. In detail, students are asked 53

115 to select their own application, to specify and select / implement their own algorithm, to define and conduct experiments, to discuss the obtained results and to draw the final conclusion on these results. Key Topics Selected Computing Theorems Feature Spaces and the Curse High Dimensionality Multi-Objective Optimization Multi-Classifier Systems Applications like Soft Biometrics Genetic Programming for Automatic Filter Design Fuzzy Morphology Evaluation The project will be a report (maybe a scientific paper) on some area in machine intelligence the student finds most interesting. He / she can either report on some novel experiments after applying an algorithm on a data set or attempt a theoretical analysis. The report must include a short survey of related work with the corresponding list of references. Notes on Literature Recommended standard textbooks are similar to those used in the lecture on Computational Intelligence and Pattern Recognition. In addition, recent scientific articles will be recommended that support the specific study area. 54

116 C PhD regulations 109

117 Regulation for the degree of Philosophiae doctor (Ph.D.) at Gjøvik University College Issued by the board at Gjøvik University College on 22 February 2007, pursuant to the Act of 1 April 2005 no. 15 relating to universities and colleges 3-3 and Scope and extent This regulation applies to the doctors degree programme leading to the degree of philosophiae doctor (Ph.D.). The regulation states rules on admission, execution and completion of the Ph.D. programme at Gjøvik University College. 1.1 Objective of the Ph.D. programme The Ph.D. programme qualifies for research activity at a high academic level and for other work which requires extensive scientific insight. 2. Admission 2.1 The applicants formal qualification In order to be admitted to a doctors programme, the applicant must normally have a five-year Masters degree or equivalent, which the university college has approved as basis for admission to the Ph.D. programme in question. As a general rule the following must be fulfilled: Average grade for the Bachelor degree must be A, B or C Average grade for Subjects at Master level must be A or B The Master s thesis must have grade A or B 2.2 Plan for the Ph.D. programme The application must include: Description of the research project Work schedule for the execution of the programme 1

118 Plan of financing Statement of required infrastructure Statement of the need for supervision and suggestion for possible supervisors Plans (if any) for periods of study at other, including foreign, research institutions or businesses Plan for passing on technical content Documentation of the education which forms the basis for admission Information on possible restrictions regarding intellectual property right in order to protect others rights. The educational plan, hereunder the description of the research project, must account for topics, problem issues and choice of theory and method. Upon applying, the applicant can deliver a draft of the project description, but a complete project description must be delivered within 3 months after admission. The head of the faculty can set another deadline upon request. The project description should normally be prepared in cooperation with the main supervisor. If the applicant plans to write the thesis in another language than the one which is approved according to item 5.1 in the regulation, he/she must send an application for approval of this together with the plan for the programme. The university college can make their own application form for admission to Ph.D. programmes. 2.3 Admission decision The decision regarding admission is based on a collective evaluation of the project description, the applicants formal qualifications and the plan for the Ph.D. programme, hereunder schedule, plan of financing, approved supervisor(s) and the applicants access to other necessary technical and material resources at the research institution which he/she will be connected to. Admission can be granted subject to financing, supervision capacity, preparation of individual educational plan, additional education and agreements concerning intellectual property rights. When admission is granted, a supervisor will be appointed, the responsibility for taking care of other needs outlined in the application will be determined, and the contract period including start date and duration will be determined. Any extension of the contract period must be related to the candidates rights as an employee or be agreed upon. Admission may be denied if agreements concerning intellectual property rights prevent publication and open presentation or are so unreasonable that the university college should not be part of the project. 2

119 2.4 Admission procedure Applications for admission are sent to the university college which according to supplementary provisions approves the applicants plan for the programme and appoints the supervisor(s). The decision concerning admission is made by a committee headed by the faculty dean. The university college determines criteria for ranging qualified applicants in cases where the number of applicants exceeds the admission capacity. If an applicants project indicates connection to several faculties, there should also be obtained a statement from the relevant faculty/-ies before admission. 3. Contract The admission to an organised Ph.D. programme is formalised by a written contract. The contract is made between the Ph.D. student, the supervisor(s) and the faculty. The contract states the parties mutual rights and duties. The contract must state the topic for the thesis, the contract period, the plan of financing, supervision conditions, work place and training. If the Ph.D. student is related to another work place, there must be made a contract which regulates the working conditions, hereunder time for the Ph.D. work, operating equipment and need for scientific equipment. The contract must secure that the Ph.D. student participates regularly in an active research environment and make arrangements so that the research programme can be completed within the time agreed. The Ph.D. programme is a supervised programme. This implies that the Ph.D. student must be resident at campus during a period agreed upon by GUC and the Ph.D. student. Considerable changes in the terms of the contract must be submitted to the head of the faculty. The head of the faculty approves the change in agreement with the rector. If there is a considerable breach of contract, the university college may decide that a Ph.D. student must leave the Ph.D. programme before he/she has completed it. 4. Ph.D. programme 4.1 Standard duration The Ph.D. programme must be arranged so that it normally can be completed within a three-year efficient research education period. Of this period, at least one semester must be reserved for organised teaching (courses etc.). The teaching part must be completed when the thesis is delivered. When there are special academic considerations, the faculty may approve another period of duration. The programme shall regardless of duration lead to the same level of expertise. 3

120 The contract period can be extended if the candidate must have a leave of absence which follows the candidates rights as employee or if the candidate takes on other tasks at Gjøvik University College in addition to the research education. Such tasks must be clarified between the candidate and the supervisor. The Ph.D. programme shall be completed (date of thesis presentation) within eight years after admission. Leaves of absence are not included. The decision that the maximum period of study has been exceeded and that the education must be interrupted, is made by the faculty and can be appealed according to the Public Administration Act Educational section The educational section included in the Ph.D. programme must comprise at least 30 credits and include among other things ethics and philosophy of science. Courses on the Bachelors degree level can not be included in the educational section. Up to 10 credits can be approved as courses on the Masters degree level. If such courses are seen as necessary previous knowledge for other courses or the research project, they must be taken in addition to the 30 credits. Examinations which at the time of admission were older than 5 years can not be included in the educational section. Previous exams incorporated in the educational section must have grade A or B. It is a prerequisite that courses included in the educational section are not a part of the admission requirement or previous completed programmes at the same time. The faculty is responsible for offering all Ph.D. students education at a high scientific level. If the faculty responsible for the Ph.D. programme does not arrange the whole educational section alone, it must arrange for the students participation in corresponding educational activities at another faculty or institution which offer approved Ph.D. education. The education can be offered partly as regularly lectures/seminars, partly as shorter, intensive meetings or as other types of activities approved by the faculty. In courses where there does not exist a suitable course offer, individual reading curriculum can be approved as part of the course programme. Everyone who has been admitted to a Ph.D. programme must follow the educational programme. The student must document that he/she has acquired the required knowledge. Such documentation can be obtained through compulsory practical exercises, written or oral tests, lecture, seminar, science and/or popular science article, conference presentation or another form approved by the faculty. The faculty may exempt students from participation in parts of the educational section if corresponding requirements have been fulfilled at another institution which offers approved education. Students may in special cases get full or partial exemption from such participation if other education or research-related experience which gives corresponding qualification can be documented. 4

121 4.3 Period of study abroad The Ph.D. student must normally spend at least three months of the programme at a recognized educational or research institution abroad where it is possible to work on problem issues in the research project/thesis. 4.4 Supervision The Ph.D. programme is a supervised programme. The Ph.D. student is supposed to have regular contact with his/her supervisors and participate in a research group. An agreement regulating the supervision is to be signed. At least one of the supervisors, normally the main supervisor, has to be a GUC employee. GUC is obliged to assign each Ph.D. student with two supervisors. The supervisors must have a Ph.D. degree in the actual field of research. The Dean of the faculty appoints the supervisors. 4.5 Quality assurance The university college shall have a system for quality assurance and follow-up of the Ph.D. education. The system shall comprise measures to uncover lack of progression in the Ph.D. work and deficiencies in the educational section or supervision, as well as routines to follow up uncovered deficiencies. The system shall comprise annual and separate reports from the Ph.D. student and supervisor, and be organised so that double reporting is avoided. 5. Thesis 5.1 Thesis requirements The thesis shall be an independent, scientific work which fulfils international standards within the subject area. The thesis must contribute to the development of new scientific knowledge and be at a level which indicates that it could be published as a part of the scientific literature in the subject area. A part of a joint work is accepted as thesis if the Ph.D. students independent effort can be identified and documented. The thesis can be a monography or a compilation of research articles tied together with an introduction and a summary of important result and conclusions. The thesis should preferably be written in English or Norwegian. If the student wishes to use another language, he/she must apply for special permission to do this upon admission, cf. item

122 5.2 Work that is not approved Work which has been approved as basis for previous examinations can not be accepted for evaluation unless the work is included as a smaller part of a thesis which consists of several connected works. A work or parts of a work which previously has been approved or not approved for the doctors degree at an institution in Norway or abroad can not be accepted for evaluation even though the work is submitted in a revised version. 5.3 New submission A Ph.D. thesis which has not been approved at a previous evaluation can be evaluated in a revised version no sooner than six months after the institution has decided to reject the thesis. A thesis may only be re-evaluated once. 5.4 Public accessibility The thesis must be publicly available no later than two weeks prior to the presentation. There may be no restrictions to the announcement and publishing of a Ph.D. thesis, with the exception of a previously agreed postponing of the dates for announcement/publishing. Such postponing may take place when the research education partly or in its entirety is financed by an external party so that the external party may come to a decision on patent protection/commercialisation. An external party can not set the condition that the whole or parts of the Ph.D. thesis not can be made public or be published Rights to use results The candidates rights to use own results, patented inventions, copyrights etc. are regulated by the university colleges general regulations in this area and the regulations stated in the Act respecting the right to employees inventions. The university college can freely use the parts of the Ph.D. thesis which the candidate alone has copyright to, in addition to other literature which is a result of the work on the thesis and which the candidate alone has copyright to, when producing copies for use in the university colleges teaching and research activities. The candidate shall be named in such copies according to legislation and good practice. 6

123 6. Termination before agreed time 6.1 Voluntary termination The candidate and the university college may agree that the Ph.D. programme is terminated before the contract period expires. On such voluntary termination of the Ph.D. programme, a separate contract shall state how issues related to employment conditions, financing, rights to results etc. will be taken care of. If the voluntary termination is due to the candidates wish to change project or programme, the candidate must apply for new admission based on the new project. 6.2 Compulsory termination The head of the faculty may decide compulsory termination of the Ph.D. programme before the contract period expires. Such compulsory termination may be decided if one or more of the following conditions exist: Repeated and substantial breaches by the candidate with regards to the duty to inform, follow-up and report Considerable delays in the research work progress so that it creates justified doubt whether the candidate will be able to complete the project within the deadline. The considerable delay must be due to circumstances which the candidate is in control of Considerable delay in the execution of the educational section due to circumstances which the candidate is in control of Breaches of the research-ethical guidelines which are applicable to the subject area Behaviour of a candidate which breaches the trust which must exist between the university and the candidate during the execution, hereunder criminal offences related to the execution of the Ph.D. programme. 7. Evaluation The doctors degree is awarded based on: Approved scientific thesis and a satisfactory defence in a public presentation Approved completion of the educational programme, possible other approved qualification Approved trial lecture on a given topic 7

124 8. Submission The application to get the thesis evaluated is submitted to the university college together with the number of copies which the university college requires. The thesis must also be submitted electronically. In addition to the application, the candidate must also submit documentation that the educational programme is completed. If the thesis is approved for presentation, an additional number of copies must be submitted according to supplementary provisions. Together with the thesis, the candidate submits a short summary which can be used as a press release. 9. Appointment of evaluation committee Based on the suggestion from the faculty in question, the rector appoints an expert evaluation committee of at least three members to evaluate the trial lecture(s), the thesis and its defence. The rector appoints the head of the committee. At least one of the committee members must have no affiliation to Gjøvik University College. If possible, at least one committee member should come from a teaching institution abroad. The committee should, if possible, have both genders represented. The members must have a doctors degree or be a qualified professor. The rules regarding competence in the Public Administration Act 6 apply for the committee members, cf. 10. The appointed supervisor can not be a member of the evaluation committee, but may be summoned to meetings to account for the supervision and the work on the thesis. The Ph.D. candidate is informed of the composition of the committee. 10. The committees recommendation and consideration of the recommendation 10.1 Withdrawal and revision A submitted work can not be withdrawn before a final decision is made to whether or not it is worthy of being defended for the doctors degree. When the work is submitted, the candidate can only do formal revisions, provided that he/she submit an overview over all revisions made in the submitted work. The overview must be submitted no later than one month prior to the presentation. The university college may nevertheless accept revision of the thesis based on the evaluation committees temporary comments. The deadline for such revision is normally no longer than 6 months. 8

125 10.2 Recommendation The committee gives its reasoned recommendation, possibly with individual statements, on whether or not the work is worthy to defend the doctors degree. Dissents must be reasoned. The committee may require that the candidates background material and supplementary or explanatory additional information are presented. The evaluation committees recommendation, including any dissents and individual statements, is presented to the university college and will as soon as possible be sent to the Ph.D. candidate who has 14 days to give written comments to the recommendation. If the candidates comments may have significance for the approval of the thesis, the comments should be presented to the evaluation committee before the head of the faculty makes a decision on the merits Recommendation with dissent If there is any dissent in the committee, rector may without further evaluation make a decision in the case, request further clarification from the evaluation committee, or appoint two new experts who make individual statements about the thesis. The candidates comments are attached. After this, the rector will make a decision in the cased based on the recommendation and the obtained statements Deadlines The committees recommendation must be ready no later than three months after the committee received the thesis. The university college may occasionally set a later deadline. If the committee accepts revision of the thesis, a new deadline is set from the date the new thesis is received Processing the committees recommendation The evaluation committees recommendation, including possible comments, is considered by the university college. The head of the faculty may approve a recommendation when it unanimously concludes that the candidate is allowed to present the thesis. The candidate is informed of the result of the process. 11. Trial lecture and presentation If the thesis is approved as defence for the doctors degree, the Ph.D. programme is completed by: 9

126 a) a public trial lecture and b) a public presentation. The trial lecture must be on a given topic and last for 45 minutes. The topic for the trial lecture is decided by the evaluation committee and announced to the candidate 14 days prior to the lecture. The presentation will normally be held within six months after the thesis has been submitted for evaluation. The trial lecture must be held prior to the presentation and preferably on the same day. The lecture and the presentation are held in the same language as the thesis or in another language which is accepted according to the regulation. The evaluation committee evaluates the trial lecture which must be found satisfactory. If the evaluation committee finds the trial lecture satisfactory, the candidate can defend his/her thesis in a presentation. The presentation must be public. There shall normally be two ordinary opponents. The two ordinary opponents must be members of the evaluation committee and be appointed by the university college or the committee itself. In special cases, there may be appointed opponents who have not been members of the committee. The presentation is chaired by the head of the faculty or a person empowered by him/her. The chairperson of the presentation will briefly explain the thesis and the trial lecture and the evaluation of these. Thereafter, the candidate will explain the purpose and the results of the scientific investigation. The university college may decide that the first ordinary opponent explains this. The first ordinary opponent initiates the discussion, and the other ordinary opponent finishes the presentation. Others present who wish to participate in the discussion must during the presentation notify the chairperson within a time which the chairperson decides and states when he/she opens the presentation. The presentation lasts normally not more than two hours. After the presentation, the evaluation committee will submit a report to the faculty in which it explains how it has evaluated the trial lecture and the defence of the thesis. The report will conclude with whether or not the tests are evaluated as passed/failed. The university college reports the approved result to the board of the university college. If the trial lecture and/or the presentation are not approved, the candidate can try again no sooner than six months later. 12. Conferral of degree and diploma The board confers a doctors degree on the candidate based on the report from the evaluation committee and the faculty that the trial lecture and presentation are approved. 10

127 The university college issues a diploma and a certificate. The diploma will include the date of conferral and information on the Ph.D. programme and the thesis title. In addition, the candidate will get a Ph.D. certificate which will include the title of the thesis and trial lecture together with information on the academic educational programme which the Ph.D. candidate has participated in and the name of the supervisors. 13. Appeal 13.1 Appeal on admission/application processing Rejection on application for admission after item 2 can be appealed in accordance with the regulations in the Public Administration Act 28. A reasoned appeal is submitted to the university college. If the rejection is maintained, the appeal will be sent without groundless stop to the university colleges appeal committee for consideration Appeal on approval of the educational programme If there are appeals on rejections on approval of courses or other parts of the educational programme, cf. item 4.2, item 12.1 applies correspondingly. If there are appeals on results on special examinations or tests, the Universities and Colleges Act 5-1 and 5-3 applies Appeal on rejection on application for evaluation or refusal of approval of thesis, trial lecture or defence Rejection of approval of the thesis, trial lecture or defence can be appealed according to the regulations in the Public Administration Act 28. A reasoned appeal is submitted to the university college. The university college considers the basis for the decision against the reasoning. If the decision is maintained, the appeal is submitted to the university colleges appeal committee for decision. The appeal committee may try all sides of the appealed decision. If the lower instance or appeal committee find reason for it, a committee or individuals may be appointed to make an evaluation of the decision made and the criteria it is based on, or to make a new or supplementary expert evaluation Appeal on decision concerning compulsory termination of the Ph.D. programme By appealing on a decision on compulsory termination of the Ph.D. programme, cf. section 3, 3, section 12.1 applies correspondingly. 11

128 14. Supplementary provisions Rector stipulates supplementary provisions to this regulation after proposal from the university college. 15. Commencement The regulation is valid from 23 February

129 D PhD guidelines 122

130 Employment guidelines and working conditions for Ph.D. research fellows at Gjøvik University College 1 Background Guidelines for employment of research fellows have been prepared pursuant to the Universities and Colleges Act of 1 April 2005 no. 15, 6-4, subsection four, cf. Regulations stipulated by the Ministry of Education and Research on 31 January 2006 and the ministrys letter of 7 April Ph.D. research fellows are individuals registered in Ph.D. programmes at Gjøvik University College or another university or university college who has the right to confer doctors degree. Research fellows can be divided into 4 groups based on type of financing: 1. Financed based on own budget limits by funds earmarked Ph.D. scholarship from the Ministry of Education and Research. 2. Financed by the Research Council of Norway (NFR). 3. Financed by other external source (excl. NFR). 4. Financed by own fixed employees through own budget limits, so that employees have the opportunity to complete a Ph.D. programme. In addition, the university college can cooperate with Ph.D. research fellows who are financed in another way. These are not affected by these guidelines, but may on an individual basis get office desk, supervision etc. if this is seen as appropriate for Gjøvik University College. 2 Main principle New research fellows are placed in a technical environment which has its own capacity and competence on supervision on Ph.D. level. There must be focus on strategic considerations and evaluation of how the research fellow may strengthen Gjøvik University Colleges areas of commitment. 3 Announcement Available research fellow positions at Gjøvik University College are announced in accordance with the regulations in the Civil Service Act and in the staff regulations. The announcement must always include: 1

131 3.1 Purpose of the employment The Ph.D. programme is a research education which aims to educate independent researchers on an international level in cooperation with national and international research environments, and which will result in a formal doctors degree during the employment period. The Ph.D. programme aims to fulfil existing and future needs for competence in research, development, supervision and teaching at universities and university colleges, other public and private institutions, businesses and organisations. 3.2 Employment conditions Admission to a Ph.D. programme is a condition for employment in a research fellow position. Admission to a Ph.D. programme and final plan for the research education must be approved and contractual no later than 3 three months after employment. The applicant must prior to the employment prepare a project outline for how the research education will be completed. The outline must state the research fellow period and the in per cent distribution of work hours for duty work and research. The plan must also name the responsible academic supervisor and describe the outlines of the supervision which is assumed appropriate for the individual research fellow. If the research fellow is registered in a Ph.D. programme at another institution than Gjøvik University College, there must be appointed both a local supervisor at Gjøvik University College and a supervisor from the other Ph.D.-approved institution. Both the supervisor and the research fellow are responsible for reporting any problems concerning the execution of the plan to the head of the faculty and the personnel director. Transition to another Ph.D. programme can only be made after agreement with the employer. In order to be admitted to a Ph.D. programme, the applicant must have a Masters degree or equivalent. Documented other scientific works will also be emphasized. Furthermore, the applicant must document strong professional background from his/her previous study and have a weighed average grade equivalent to B or better during the last two years (corresponding to 120 credits) from the Masters degree programme or equivalent education. The position is announced with moderate allocation according to sex quota. The announcement must always include the following section: Gjøvik University College wishes to recruit women to research. If two or more applicants are approximately equally qualified, women will be preferred. The announcement text and position report must be approved by the Employment committee for teaching and research positions. 2

132 4 Employment contract for research fellows in Ph.D. programmes The employment contract will state the deadline for admission and which Ph.D. programme the research fellow is affiliated with. Normal term of years is four years with 25 % duty work. The employment period must comprise three man-labour years with pure research education. If Gjøvik University College in special cases decides to employ a research fellow in a 50 % position or more in the whole or parts of the period, the employment period may be extended so that the research education corresponds to three ordinary man-labour years. The employment authority decides the total period in each individual case. There will be made proper considerations when it comes to the extent of the duty work, necessary time frame and plan for execution of the project and the financing basis of the project. In special cases, a three-year employment period without duty work may be offered. A shorter period than three years for the research education may be agreed if the research fellow already has completed parts of his/her research education or when the employment is based on previous employment in a educational position (research fellow, scientific assistant or similar), so that the total research education period amounts to three years. The distribution of the work duty between research education and duty work must be stated in the employment contract. The content of the duty work in addition to the research work should also be stated. Duty work in addition to the research work should as far as possible be relevant for the doctors degree. Administrative duties are limited and should normally not comprise more than 10 % of the total annual work hours. Gjøvik University College stipulates its own guidelines for the content of the duty work and the distribution of work tasks in the employment period. The employer must see to that the work tasks do not exceed the fixed framework. 5 Working year and holidays The working year for research fellows is based on the working year for other state employees, currently 37.5 hours/week, and holiday and holiday allowance according to the provisions of the Act relating to holidays as it is practiced for other civil servants. 6 Leaves of absence and extension As a rule, the employment period for research fellows can not be terminated. Exceptions are leaves of absence pursuant to laws or the main wage agreement and the prin- 3

133 cipal agreement for civil servants. This applies primarily to sick leaves, maternity leaves, compassionate leaves, emergency leaves, leaves due to military service and leaves due to organisational assignments. These leaves shall not be included in the calculation of the employment period. After a leave of absence, the employment continues until the end of the employment period in accordance with section 1. If the employment period is over and it is necessary to extend the period in order to complete the research education, a supplementary employment contract for a shorter time period may be signed. Sick leaves or other leaves of absence which are shorter than two weeks do not give grounds for extension of the employment period. Leaves of absence due to temporary scientific positions, scholarships for studies abroad etc. may also be granted when it makes continuation of the research education possible for at least half the time within the framework of the ordinary work period. The employment period in the research fellow position is adjusted so that the total time amounts to three years. The Ministry has otherwise in letter of 7 April 2006 given some specifications regarding research fellows rights in connection with leaves of absence. This applies to circumstances which have prevented the progression of the research fellows education. Such circumstances may be special social burdens or unpredictable work-related obstacles which the research fellow can not be blamed for. The employment committee may in special cases extend the employment period provided that the research fellow will be able to complete the research education within the extended time period. In each case, there must be made a specific evaluation of the extent of the delay, and this evaluation forms the basis for extending the employment period. The decision regarding extension of the employment period is made by the employment committee after proposal from the nomination authority. 7 Dismissal If an admission contract is not presented within the deadline stated in the employment contract, the university college may consider terminating the employment contract. Transition to another Ph.D. programme than the employment contract implies, if not agreed with the employer, may give reason for dismissal. Lacking reports of progression, serious lack of progression or failure to execute the duty work, cf. section 10, may give grounds for dismissal when the circumstances are caused by the research fellow. In addition, the provisions of the Civil Service Act, except 10, applies. 1. 4

134 8 Binding time period and reimbursement of own employees in a Ph.D. programme For research fellows who get funds according to section 1, 2 or 3 (se ch. 1), it is not common to require binding time period. For research fellows who get funds according to section 4, the binding time period should correspond to the employment period, cf. section 9.11, ch. 3, 9, no. 1, page 281 in the State Personnel Handbook If the condition for compulsory duty is not fulfilled, reimbursement of allocated scholarship funds will be required, cf. section 9.11, ch. 3, 9, no. 1, page 281 in the State Personnel Handbook If a part of the compulsory duty is served, the reimbursement requirement may be reduced accordingly. If the employee is prevented from completing the education within reasonable time and this is not caused by the employee himself/herself, the employer may consider removing the requirement for compulsory duty and reimbursement. 9 Supervision The research fellow must have an internal supervisor who is responsible for the execution of the Ph.D. programme. If the research fellow is registered in a Ph.D. programme at another institution than Gjøvik University College, the cooperating university/university college will normally also appoint a supervisor. The supervisor(s) is appointed by the university college itself. When several supervisors are appointed, there must be one main supervisor. The main supervisor is responsible for the supervision. The research fellow and the supervisor(s) must be in regular contact. The internal supervisor(s) must also cooperate with the supervisor at the cooperating university/university college. 10 Reporting Each year, within 15 December, an annual report on the progression of the organised research education must be submitted. The research fellow and the internal supervisor are collective responsible for the annual report, but will submit their own report every four months. The report must be written on separate prepared forms and be submitted to the FoU secretary who will pass it on to the head of the faculty. 5

135 11 The university colleges offers to the research fellow Newly employed research fellows are registered in the states wage scale in position code 1017, and will get wage increase according to achieved seniority. The wage positioning also applies to own employees. Code 1378 may be considered for especially qualified applicants. The research fellow will be ensured appropriate working conditions with office desk, equipment, telephone, funds etc. For trips, literature, laptop etc., a minimum of NOK 25,000 is allocated each year in a 100 % research fellow position, which will be used after agreement with the closest superior. The amount may upon agreement with the head of the department be accumulated and must be covered by project funds. The amount is reduced according to in per cent reduced positions. If the employed research fellow get a research article accepted at a conference, GUC normally give the research fellow the opportunity to participate at the conference. 12 Implementation The new guidelines are implemented on 23 February All research fellows must receive the guidelines upon employment. 6

136 E Survey of journals and conferences 129

137 1 Journals and conferences To visualize what information security is as a PhD discpline, we have chosen to survey journals and recent conferences for listed topics of interest. We have surveyed the following conferences and journals: ISC Information Security Conference, an annual international conference held since 1997, published in Springers Lecture Notes in Computer Science series. ACISP Australasian Conference on Information Security and Privacy, an annual international conference held since 1996, published in Springers Lecture Notes in Computer Science series. IFIP-SEC IFIP TC-11 International Information Security Conference, an annual international conference held since 1983, published in Springers IFIP International Federation for Information Processing series. IEEE-SP IEEE Symposium on Security and Privacy, an annual international conference held since 1980, published by IEEE. ACM-CCS ACM Conference on Computer and Communications Security, an annual international conference held since 1993, published by ACM. IJIS International Journal of Information Security, Springer, publishes quarterly with its first volume in TISSEC ACM Transactions on Information and System Security, ACM, publishes quarterly with its first volume in TDSC IEEE Transactions on Dependable and Secure Computing, IEEE, publishes quarterly with its first volume in IJICS International Journal of Information and Computer Security, InderScience, is a forthcoming journal. IET-IS IET Information Security, Institution of Engineering and Technology, publishes quarterly with its first volume in Initial categorization Figures 1 and 2 shows the raw listings of topics of interest, where the only merging of topics has been based on syntax differences or obvious semantic similarities. A 1 indicates the presence of the topic of interest (row) at the specific conference in its most recent year or journal (column). 1

138 Figure 1: Overview of topics occurring in conferences and journals, part one of two. 2

139 Figure 2: Overview of topics occurring in conferences and journals, part two of two. 3

140 Starting with the most frequently occurring topics of interest, we have iterated through all of them classifying each as either belonging to an existing cateogory or creating a new one. This has lead to the following proposed categorization of areas: 2.1 Areas Database and system security Access control, Secure operating systems, Accounting and audit, Data and application security, Identity and Trust Management & Models, Authorization, Security in information flow, Architectures for InfoSec, Privacy and Trust, Data/System intergrity, Java and XML security, Inference/Controlled disclosure, Language-based security, Secure end systems, Software protection, System management and administration, Formal methods in security, Malware and viruses, Security for mobile code, web browsers and servers, Anti-virus and anti-hacker measures, Software testing, validation and verification, Security modelling and architectures, Security, privacy and trust in systems development methods, Self-checking software systems, Tamper-resistant software, Trusted computing, Software aging and rejuvenation, Use of COTS components, Intrusion detection, tolerance and prevention, Authentication and identification, Biometrics, Authentication and non-repudiation, Identity management, Secure hardware and smartcards, Usable security Risk Analysis and Management for Complex Environments Information security as part of corporate governance, Information security management: future visions, International information security standards: new regulations, Security management, Security policy, Security control measures, Trust management policies, Security and Privacy in IT outsourcing, Threat assessment, Vulnerability assessment for integrated environments, Security of ecommerce, ebusiness and egovernment, Evaluation and certification, Economics of information security and privacy, Ethics and social issues, Educational activities: Incorporating security, privacy and trust, Metrics for information security Cryptographic protocols and function Applied Cryptography, Cryptography, Design and analysis of cryptographic algorithms, Multi-party computation and threshold cryptography, Assurance incl. cryptanalysis and formal methods, Quantum cryptography Key management Network and communcation security, Network and wireless security, Mobile, Ad Hoc and Sensor Network Security, PKI and PMI, Distributed systems security, Peer-to-peer network security, Internet security, Broadcast encryption and traitor tracing, Digital signature schemes, Key distribution, Key establishment protocols, Security agents, Transaction security, Secure protocols, Telecom applications, Secure location services, Security of grid computing, Firewalls, security, Electronic cash 4

141 Anonymity and pseudonymity Privacy-enhancing technologies, Private searches, Electronic surveillance, Health applications, Legal and privacy issues, RFID and sensor networks: security, privacy and trust, Security and Privacy in pervasive/ubiquitous computing Computer forensics Attacks and prevention of online fraud, Attack models, Electronic fraud related to phishing, Fraud management in advanced network infrastructures, Hacker and terrorist detection, Penetration technologies, Computer crime prevention and detection Information warfare and critical infrastructure protection Infrastructure security, Advanced application infrastructures: Security, privacy and trust, Security infrastructures Information hiding and watermarking Steganography: new applications, Copyright protection, Digital rights management, Intellectual property protection Recovery and survivable operations Avalability, performability and survivability, Safetycritical systems, Dependability, Robust networks, Software security and reliability engineering, Assurance of service, Denial of service 2.2 Areas/topics left out due to generality or unclearness Change management systems for security implementations, Commercial and industry security, Interoperability and composition, Modelling methods (Markov chains, Petri nets), QoS, Security engineering, System tradeoffs, Confidentiality protection, Integrity of service 3 Rephrased/finalized versions of areas Since the algorithm from the previous section not necessarily generates the best overall category names, we propose to rename some of the categories based on what is more widely known categories of information security (typically names of graduate level courses, or listed category names in journals). 3.1 Areas of information security Information Security Management Risk Analysis and Management for Complex Environments, Information security as part of corporate governance, Information security management: future visions, International information security standards: new regulations, Security management, Security policy, Security control measures, Trust management policies, Security and Privacy in IT outsourcing, 5

142 Threat assessment, Vulnerability assessment for integrated environments, Security of ecommerce, ebusiness and egovernment, Evaluation and certification, Economics of information security and privacy, Ethics and social issues, Educational activities: Incorporating security, privacy and trust, Metrics for information security System security Database and system security, Access control, Secure operating systems, Accounting and audit, Data and application security, Identity and Trust Management & Models, Authorization, Security in information flow, Architectures for InfoSec, Privacy and Trust, Data/System intergrity, Java and XML security, Inference/Controlled disclosure, Language-based security, Secure end systems, Software protection, System management and administration, Formal methods in security, Malware and viruses, Security for mobile code, web browsers and servers, Anti-virus and anti-hacker measures, Software testing, validation and verification, Security modelling and architectures, Security, privacy and trust in systems development methods, Self-checking software systems, Tamper-resistant software, Trusted computing, Software aging and rejuvenation, Use of COTS components, Intrusion detection, tolerance and prevention, Authentication and identification, Biometrics, Authentication and non-repudiation, Identity management, Secure hardware and smartcards, Usable security Cryptology Cryptographic protocols and function, Applied Cryptography, Cryptography, Design and analysis of cryptographic algorithms, Multi-party computation and threshold cryptography, Quantum cryptography, Assurance incl. cryptanalysis and formal methods Network security Key management, Network and communcation security, Network and wireless security, Mobile, Ad Hoc and Sensor Network Security, PKI and PMI, Distributed systems security, Peer-to-peer network security, Internet security, Broadcast encryption and traitor tracing, Digital signature schemes, Key distribution, Key establishment protocols, Security agents, Transaction security, Secure protocols, Telecom applications, Secure location services, Security of grid computing, Firewalls, Electronic cash, security Privacy Anonymity and pseudonymity, Privacy-enhancing technologies, Private searches, Electronic surveillance, Health applications, Legal and privacy issues, RFID and sensor networks: security, privacy and trust, Security and Privacy in pervasive/ubiquitous computing Attacks and forensics Computer forensics, Attacks and prevention of online fraud, Attack models, Electronic fraud related to phishing, Fraud management in advanced network infrastructures, Hacker and terrorist detection, Penetration technologies, Computer crime prevention and detection Information warfare and critical infrastructure protection Infrastructure security, Advanced application infrastructures: Security, privacy and trust, Security infras- 6

143 tructures Content protection Information hiding and watermarking, Steganography: new applications, Copyright protection, Digital rights management, Intellectual property protection Dependable computing Recovery and survivable operations, Availability, performability and survivability, Safety-critical systems, Dependability, Robust networks, Software security and reliability engineering, Denial of service, Assurance of service 7

144 F CVs of core tenure and adjunct faculty 137

145 Curriculum Vitae - Slobodan PETROVIĆ Home address Helgerudvegen 105B, N-2816, Gjøvik, Norway Office address NISlab, Faculty of Computer Science and Media Technology, Gjøvik University College, P. O. Box 191, N-2802 Gjøvik [email protected] Phone Web slobodanp Citizenship Serbian Date of birth November 14th 1962 Languages Serbian (native), English, Norwegian, Spanish, French Education 1994 PhD, Faculty of Electrical Engineering, University of Belgrade, Serbia 1989 MSc, Faculty of Electrical Engineering, University of Belgrade, Serbia 1986 BSc, Faculty of Electrical Engineering, University of Belgrade, Serbia Academic and professional interest Cryptology Intrusion Detection Systems Network Security Combinatorial Optimization Graph Theory Operations Research Cluster Analysis Artificial Intelligence Information Theory Spread spectrum Automatic theorem proving Number Theory Bioinformatics Employment 2004 present Professor of Information Security, Gjøvik University College, Department of Computer Science and Media Technology Researcher, Institute of Applied Physics, Madrid, Spain (work by contract) Project manager and consultant for cryptography and data security in the private company NetSet (Network Security Technologies) in Belgrade, Serbia (smart cards, PKI, intrusion detection, Java security). Also Teaching business computing at the Faculty of Financial management and Insurance in Belgrade, Serbia Researcher, Institute of Applied Physics, Madrid, Spain (work by contract) Researcher, Institute of Applied Mathematics and Electronics, Belgrade, Serbia

146 Publications SEEBERG, V. E., AND PETROVIĆ, S. A new classification scheme for anonymization of real data used in ids benchmarking. In Proceedings Second International Conference on Availability, Reliability and Security (ARES 2007) (to appear) (2007). BOJANIĆ, S., CAFFARENA, G., PETROVIĆ, S., AND NIETO-TALADRIZ, O. FPGA for pseudorandom generator cryptanalysis. Microprocessors and Microsystems 30, 2 (Mar. 2006), PETROVIĆ, S., AND FÚSTER-SABATER, A. A ciphertext only attack on stream ciphers with irregular clocking. In Proceedings of the 2nd IASTED International Conference on Communications Systems and Networks, Málaga, Spain, September 8 10 (Calgary, Canada, Sept. 2003), ACTAPRESS, pp FÚSTER-SABATER, A., AND PETROVIĆ, S. Approximating cryptanalysis to graph theory, invited talk. International Workshop on Intelligent Systems (EISI 2003), University of La Laguna, Tenerife, Spain, Nov ÁLVAREZ, G., AND PETROVIĆ, S. A new taxonomy of web attacks suitable for efficient encoding. Computers and Security 22, 5 (2003), FÚSTER-SABATER, A., PETROVIĆ, S., AND HERNÁNDEZ, L. A ciphertext only attack on a class of pseudorandom generators. In Proceedings of the 2nd Iberoamerican Conference on Information Security (CIBSI 2003), Mexico D.F., Mexico (2003), pp ÁLVAREZ, G., AND PETROVIĆ, S. A taxonomy of web attacks. In Proceedings of the 3rd International Conference on Web Engineering, Oviedo, Spain, July (Berlin, Germany, 2003), vol of Lecture Notes in Computer Science, Springer-Verlag, pp PETROVIĆ, S. Reconstruction of the initial state of the subgenerator in a class of pseudorandom sequence generators. In Proceedings of the 7th National Conference on Cryptology and Information Security, Oviedo, Spain (Sept. 2002), pp PETROVIĆ, S., AND FÚSTER-SABATER, A. An improved cryptanalysis of the a5/2 algorithm for mobile communications. In Proceedings of the IASTED International Conference on Communications Systems and Networks, Málaga, Spain, September 9 12 (Calgary, Canada, Sept. 2002), ACTAPRESS, pp PETROVIĆ, S., AND FÚSTER-SABATER, A. Cryptanalysis of the algorithm A5/2 for mobile telephony. In Proceedings of the 1st Iberoamerican Conference on Information Security, Morelia, Mexico (2002). PETROVIĆ, S., FÚSTER-SABATER, A., AND DURÁN, R. The use of edit-distances in cryptanalysis. In Proceedings of the 5th World Multiconference on Systemics, Cybernetics and Informatics (SCI 2001), Orlando (Florida), U.S.A., July (Calgary, Canada, July 2001), ACTAPRESS, pp PETROVIĆ, S. Correlation attack on a clock-controlled shift register generator containing a function with memory. In Proceedings of the 6th National Conference on Cryptology and Information Security, La Laguna, Tenerife, Spain (Sept. 2000). PETROVIĆ, S., ÁLVAREZ, G., ORFILA, A., AND CARBÓ, J. Labelling clusters in an intrusion detection system using a combination of clustering evaluation techniques. In Proceedings of the 39th Hawaii International Conference on System Sciences, Kauai, Hawaii, U.S.A. (Jan. 2006), IEEE Computer Society Press. PETROVIĆ, S., AND FÚSTER-SABATER, A. Cryptanalysis of the A5/2 algorithm. Cryptology eprint Archive, Report 2000/52, PETROVIĆ, S. Clustering unequal length binary data using graph-theoretic techniques. In Proceedings of the 4th Balkan Conference on Operational Research, Thessaloniki, Greece, October (Oct. 1997). 2

147 GOLIĆ, J., AND PETROVIĆ, S. Correlation attacks on clock-controlled shift registers in keystream generators. IEEE Transactions on Computers 45, 4 (1996), GOLIĆ, J., AND PETROVIĆ, S. Constrained many-to-one string editing with memory. Information Sciences - Informatics and Computer Science 86, 1 3 (Sept. 1995), PETROVIĆ, S. Determining specific edit-distances by means of the operations research methods. In Proceedings of the 3rd Balkan Conference on Operational Research, Thessaloniki, Greece, October (Oct. 1995), vol. 2, pp PETROVIĆ, S., AND GOLIĆ, J. String editing under a combination of constraints. Information Sciences 74, 1 2 (Oct. 1993), GOLIĆ, J., AND PETROVIĆ, S. A generalized correlation attack with a probabilistic constrained edit-distance. In Proceedings of EUROCRYPT 92, Balatonfüred, Hungary, May (Berlin, Germany, 1993), vol. 658 of Lecture Notes in Computer Science, Springer-Verlag, pp GOLIĆ, J., AND PETROVIĆ, S. Constrained edit-distance for a memoryless function of strings. Invited introductory paper, Proceedings of the 2nd National Conference on Cryptology, Madrid, Spain, Oct PETROVIĆ, SLOBODAN, M. M. A comparison between the silhouette index and the davies-bouldin index in labelling ids clusters (to appear). In Proceedings of the 11th Nordic Workshop on Secure IT-systems, NORDSEC 2006 (2006), pp. pp PETROVIĆ, S., ÁLVAREZ, A. O., AND CARBÓ, J. Labelling ids clusters by means of the silhouette index. In Proceedings of the the IX Spanish Conference on Cryptography and Information Security (2006), pp PETROVIĆ, S., ÁLVAREZ, G., ORFILA, A., AND CARBÓ, J. Fast predictor-corrector intrusion detection system based on clustering. In Proceedings of the 8th National Conference on Cryptology and Information Security, Leganés (Madrid), Spain (Sept. 2004), pp PETROVIĆ, S., AND FÚSTER-SABATER, A. Clock control sequence reconstruction in noisy generators with irregular clocking. In Proceedings of the 3rd IASTED International Conference on Communications Systems and Networks, Málaga, Spain, September 1 3 (Calgary, Canada, Sept. 2004), ACTAPRESS, pp PETROVIĆ, S., ÁLVAREZ, G., ORFILA, A., AND CARBÓ, J. Fast predictor-corrector intrusion detection system based on clustering. In Proceedings of the 8th National Conference on Cryptology and Information Security, Leganés (Madrid), Spain (Sept. 2004), pp PETROVIĆ, S., AND FÚSTER-SABATER, A. Clock control sequence reconstruction in the ciphertext only attack scenario. In Proceedings of the 6th International Conference on Information and Communications Security (ICICS 2004), Málaga, Spain, October (Berlin, Germany, Oct. 2004), vol of Lecture Notes in Computer Science, Springer-Verlag, pp PETROVIĆ, S., AND FÚSTER-SABATER, A. Clock control sequence reconstruction in generators with irregular clocking. In Proceedings of the 8th National Conference on Cryptology and Information Security, Leganés, Madrid, Spain (2004), pp Research projects and grants Implementation of intrusion detection systems through intelligent mobile agents, Ministry of Science and Technology of Spain Cryptographic protection of copyright in digital networks, Autonomous Community of Madrid, Spain Mathematical logic, combinatorics and information processing: fundamentals and applications of computer science, Methematical Institute, Belgrade, Serbia 3

148 Applied research in computer science and artificial intelligence, Mathematical Institute, Belgrade, Serbia Applied research in algebra and discrete mathematics, Mathematical Institute, Belgrade, Serbia 1989 Applied research in artificial intelligence, Mathematical Institute, Belgrade, Serbia Teaching Cryptology (IMT 3701), autumn 2006 Cryptology (IMT 4052), autumn 2005 Intrusion Detection and Prevention (IMT 4741), autumn 2006 Intrusion Detection and Prevention (IMT 5151), autumn 2005 Students PhD Master Knut Bjørnstad Jørgen Belsaas Stole Botnen Joachim Deisz Ivar Kjærem Frøydis Leirdal Steinar Lieungh Bjarte Malmedal Bjarne Mangnes Terje Mjømen Lars-Otto Nymoen Tore Larsen Orderløkken Robert Rinnan Jan Vidar Simonsen Fredrik Skarderud Roar Sollie Håvard Hasli Hossein Hayati Karun Jan Inge Trontveit Mats Erik Smestad Tom Nilsen Turid Herland Vidar Grønland Vidar Seeberg Odd Christian Hauge Roger Storløkken Stian Skjølsvik Morten Sporild Awards and nominations Member of International Association for Cryptologic Research (IACR) and Spanish-Iberoamerican Crypto Network (CRIPTORED) 4

149 Professional activities Reviewer for IEEE Transactions on Vehicular Technology, Information Sciences, Asiacrypt, Australasian Conference on Information Security and Privacy. 5

150 Curriculum Vitae - Stephen D. WOLTHUSEN Home address 45 Trumpsgreen Avenue, Virginia Water, Surrey GU25 4EP, United Kingdom Office address NISlab, Faculty of Computer Science and Media Technology, Gjøvik University College, P. O. Box 191, N-2802 Gjøvik [email protected], [email protected] Phone Web Citizenship Germany Date of birth May 22th 1974 Languages English, German Education 2003 Dr.-Ing. (Ph.D.), summa cum laude, Technische Universität Darmstadt (Darmstadt University of Technology), Fachbereich Informatik (Computer Science department) Diplom-Informatiker (TU) (approx. equiv. M.Sc.), Technische Universität Darmstadt (Darmstadt University of Technology), Fachbereich Informatik (Computer Science department). Academic and professional interest Information assurance and security Formal methods for specification and verification Operating systems, security of operating systems Network and distributed systems security Cryptology, particularly algebraic cryptoanalytic techniques History of computing Employment 2007 present Full professor, Norwegian Information Security Laboratory, Gjøvik University College, Norway (part-time) present Lecturer, Information Security Group, Department of Mathematics, Royal Holloway, University of London, UK Associate professor, Norwegian Information Security Laboratory, Gjøvik University College, Norway. Part-time position from 2006 onward present Senior scientist at the security technology department at Fraunhofer-IGD Deputy department head of the security technology department at Fraunhofer-IGD. Principal scientist and head of information assurance group Research staff member in the security technology department at Fraunhofer-IGD.

151 Publications Books Book Chapters Edited Volumes ARNOLD, M., SCHMUCKER, M., AND WOLTHUSEN, S. D. Techniques and Applications of Digital Watermarking and Content Protection. The Artech House Computer Security Series. Artech House, Norwood, MA, USA, WOLTHUSEN, S. D. Access and use control using externally controlled reference monitors. ACM Operating Systems Review 36, 1 (2002), WOLTHUSEN, S. D. Netzwerksicherheit. IRB Verlag, Sept. 2004, ch. Electronic Business: Innovationen, Anwendungen und Technologien, pp WOLTHUSEN, S. D. Grundschutz für Praxis-Systeme. Deutsches Medizin Forum, Ober Mörlen, Germany, 2004, pp BUSCH, C., AND WOLTHUSEN, S. D. IT-Sicherheit für den Mittelstand: Leitfaden zum Thema IT-Sicherheit. No. 38 in Schriftenreihe der Landesinitiative hessen-media. Hessisches Ministerium für Wirtschaft, Verkehr und Landesentwicklung, Sept. 2002, ch. IT- Sicherheit - wie geht das?, pp COLE, J. L., AND WOLTHUSEN, S. D., Eds. Proceedings of the Fourth IEEE International Workshop on Information Assurance (IWIA 2006) (Royal Holloway, UK, Apr. 2006), IEEE Press. WOLTHUSEN, S. D. Molehunt: Near-line semantic activity tracing. In Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop, United States Military Academy (West Point, NY, USA, June 2005), IEEE Press, pp HÄMMERLI, B. M., AND WOLTHUSEN, S. D., Eds. Proceedings of CIP Europe: Critical Infrastructure Protection (Bonn, Germany, Sept. 2005), Gesellschaft für Informatik. WOLTHUSEN, S. D. Trustworthiness in security policy mechanisms for network-centric warfare environments. In Proceedings, NATO Workshop on Information Security for NEC (The Hague, The Netherlands, Apr. 2005), NATO Research and Technology Organization. COLE, J. L., AND WOLTHUSEN, S. D., Eds. Proceedings of the Second IEEE International Workshop on Information Assurance (IWIA 2004) (Charlotte, NC, USA, Apr. 2004), IEEE Press. WOLTHUSEN, S. D. Review of d. a. peled: software reliability methods springerverlag texts in computer science. ACM Computing Reviews, Mar Refereed Publications WOLTHUSEN, S. D. Automated Extraction of Behavioral Profiles from Document Usage. BT Technology Journal 25, 1 (Jan. 2007), SVENDSEN, N. K., AND WOLTHUSEN, S. D. Multigraph dependency models for heterogeneous critical infrastructures. In Proceedings of the First Annual IFIP WG International Conference on Critical Infrastructure Protection (to appear) (2007). WOLTHUSEN, S. D. Molehunt: Near-line semantic activity tracing. In Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop, United States Military Academy (West Point, NY, USA, June 2005), IEEE Press, pp WOLTHUSEN, S. D. Gis-based command and control infrastructure for critical infrastructure protection. In Proceedings of the First IEEE International Workshop on Critical Infrastructure Protection (IWCIP 2005) (Darmstadt, Germany, Nov. 2005), IEEE Press, pp

152 GRAF, F., AND WOLTHUSEN, S. D. A capability-based transparent cryptographic file system. In Proceedings of CYBERWORLDS 2005 (Singapore, Nov. 2005), IEEE Press, pp LIKAVEC, J., AND WOLTHUSEN, S. D. Enforcing messaging security policies. In Proceedings of the Third IEEE International Workshop on Information Assurance (IWIA 2005) (Washington D.C., USA, Mar. 2005), IEEE Press, pp WOLTHUSEN, S. D. Trustworthiness in security policy mechanisms for network-centric warfare environments. In Proceedings, NATO Workshop on Information Security for NEC (The Hague, The Netherlands, Apr. 2005), NATO Research and Technology Organization. WOLTHUSEN, S. D. Modeling critical infrastructure requirements. In Proceedings from the Fifth Annual IEEE SMC Information Assurance Workshop, United States Military Academy (West Point, NY, USA, June 2004), IEEE Press, pp WOLTHUSEN, S. D. Self-inflicted vulnerabilities. Naval War College Review LVII, 3/4 (Summer/Autumn 2004), WOLTHUSEN, S. D. Defensive information warfare and the protection of critical infrastructures. In Proceedings of the XVI International Amaldi Conference of Academies of Science and National Scientific Societies on Problems of Global Security, Trieste, Italy, November (Trieste, Italy, Nov. 2004), pp WOLTHUSEN, S. D. Tempering network stacks. In Proceedings of the NATO RTO Symposium on Adaptive Defense in Unclassified Networks, Toulouse, France, April 2004 (Toulouse, France, Apr. 2004), NATO Research and Technology Organization. WOLTHUSEN, S. D. A distributed multipurpose mail guard. In Proceedings from the Fourth Annual IEEE SMC Information Assurance Workshop, United States Military Academy (West Point, NY, USA, June 2003), IEEE Press, pp SVENDSEN, N. K., AND WOLTHUSEN, S. D. Connectivity models of interdependency in mixed-type critical infrastructure networks. Information Security Technical Report (to appear) (2007). BUSCH, C., AND WOLTHUSEN, S. D. Information warfare: Threats to critical infrastructures. In Proceedings of the XV International Amaldi Conference of Academies of Science and National Scientific Societies on Problems of Global Security (Helsinki, Finland, Sept. 2003), pp WOLTHUSEN, S. D., AND PREDIGER, F. Reencryption das konzept für den umfassenden dokumentenschutz. In D-A-CH Security: Bestandsaufnahme und Perspektiven. Gemeinsame Arbeitskonferenz GI OCG BITKOM SI TeleTrusT (Erfurt, Germany, Mar. 2003), Kluwer Academic Publishers, pp WOLTHUSEN, S. D. Goalkeeper: Close-in interface protection. In Proceedings 19th Annual Computer Security Applications Conference (ACSAC 03), Las Vegas, NV, USA, December 8 12 (Las Vegas, NV, USA, Dec. 2003), IEEE Press, p WOLTHUSEN, S. D. Distributed intrusion detection for policy-controlled heterogeneous environments. In Proceedings from the Third Annual IEEE SMC Information Assurance Workshop, United States Military Academy (West Point, NY, USA, June 2002), IEEE Press, pp WOLTHUSEN, S. D. Embedding policy-controlled id sensors within host operating system security enforcement components for real time monitoring. In Proceedings of the NATO RTO Symposium on Real Time Intrusion Detection Symposium (RTID) (Estoril, Portugal, May 2002), NATO Research and Technology Organization. Publication RTO-MP BUSCH, C., AND WOLTHUSEN, S. D. Sensitivity labels and invisible identification markings in human-readable output. In Proceedings of Electronic Imaging 2002 (San Jose, CA, 3

153 USA, Jan. 2002), The International Society for Optical Engineering (SPIE), pp WOLTHUSEN, S. D. Access and use control using externally controlled reference monitors. ACM Operating Systems Review 36, 1 (2002), WOLTHUSEN, S. D. Layered multipoint network defense and security policy enforcement. In Proceedings from the Second Annual IEEE SMC Information Assurance Workshop, United States Military Academy (West Point, NY, USA, June 2001), IEEE Press, pp RADEMER, E., AND WOLTHUSEN, S. D. Transparent access to encrypted data using operating system network stack extensions. In Communications and Multimedia Security Issues of the New Century: Proceedings of the IFIP TC6/TC11 Fifth Joint Working Conference on Communications and Multimedia Security (CMS 01) (Darmstadt, Germany, May 2001), R. Steinmetz, J. Dittman, and M. Steinebach, Eds., IFIP, Kluwer Academic Publishers, pp BUSCH, C., AND WOLTHUSEN, S. D. Tracing data diffusion in industrial research with robust watermarking. In Proceedings of the 2001 Fourth Workshop on Multimedia Signal Processing (MMSP 01) (Cannes, France, Oct. 2001), J.-L. Dugelay and K. Rose, Eds., IEEE Press, pp WIEHE, A., HJELMÅS, E., AND WOLTHUSEN, S. D. Quantitative analysis of efficient antispam techniques. In Proceedings from the Seventh Annual IEEE SMC Information Assurance Workshop, United States Military Academy, West Point, NY, USA, June (West Point, NY, USA, June 2006), IEEE Press, pp Accepted for publication. WOLTHUSEN, S. D. Security policy enforcement at the file system level in the windows nt operating system family. In Proceedings 17th Annual Computer Security Applications Conference (ACSAC 01) (New Orleans, LA, USA, Dec. 2001), IEEE Press, pp BUSCH, C., GRAF, F., WOLTHUSEN, S. D., AND ZEIDLER, A. A system for intellectual property protection. In Proceedings of the World Multiconference on Systemics, Cybernetics, and Informatics (SCI 2000) /Int l Conf. on Information Systems Analysis and Synthesis (ISAS 2000) (Orlando, FL, USA, July 2000), pp BUSCH, C., RADEMER, E., SCHMUCKER, M., AND WOLTHUSEN, S. D. Concepts for a watermarking technique for music scores. In Proceedings of the Visual rd International Conference on Visual Computing (Mexico City, Mexico, Sept. 2000). BUSCH, C., GRAF, F., AND WOLTHUSEN, S. D. Courseware needs security. In Proceedings of ICCE, 7th International Conference on Computers in Education (Chiba, Japan, Nov. 1999). BUSCH, C., FUNK, W., AND WOLTHUSEN, S. D. Digital watermarking: From concepts to real-time video applications. IEEE Computer Graphics and Applications 19, 1 (Jan./Feb. 1999), WOLTHUSEN, S. D. On the limitations of digital watermarks. In Proceedings of the World Multiconference on Systemics, Cybernetics, and Informatics (SCI 98) /Int l Conf. on Information Systems Analysis and Synthesis (ISAS 98), Orlando, FL, July (Orlando, FL, USA, July 1998). WOLTHUSEN, S. D. Digital watermarking: Ready for the real world? In Proceedings of IT 98 (Moscow, Russia, Feb. 1998), pp WOLTHUSEN, S. D. Revisionssichere protokollierung in standardbetriebssystemen. Datenschutz und Datensicherheit LVII, 5 (May 2006), WOLTHUSEN, S. D. Risikomanagement, sicherheitspolitiken und technische verfahren zur durchsetzung von sicherheitspolitiken (i). IT-Sicherheit & Datenschutz, 4 (Mar. 2006), WOLTHUSEN, S. D. Windows Device Interface Security. Information Security Technical Report 11, 4 (Dec. 2006),

154 DAHL, O. M., AND WOLTHUSEN, S. D. Modeling and execution of complex attack scenarios using interval timed colored petri nets. In Proceedings of the Fourth IEEE International Workshop on Information Assurance (IWIA 2006) (Royal Holloway, UK, Apr. 2006), IEEE Press, pp WOLTHUSEN, S. D. Risikomanagement, sicherheitspolitiken und technische verfahren zur durchsetzung von sicherheitspolitiken (ii). IT-Sicherheit & Datenschutz, 4 (Apr. 2006), HJELMÅS, E., AND WOLTHUSEN, S. D. Full-spectrum information security education: Integrating B.Sc., M.Sc. and Ph.D. programs. In submitted to InfoSecCD 06 (2006), pp. x x. Presentations and Public Appearances Working session on nonproliferation of weapons of mass destruction and sensitive technologies of the Deutsche Gesellschaft für Auswärtige Politik (German Council on Foreign Relations). Invited talk Technologiekontrolle jenseits der Nichtverbreitungspolitik: Gefährdung und Sicherung kritischer Infrastrukturen im Informationszeitalter. Berlin, Germany, September 12, Conference Corporate Digital Security, organized by Marcus Evans Corporation. Invited presentation Sicherheitspolitiken und ihre Umsetzung (Security Policies and their Implementation). Cologne, Germany, November 3rd-4th, Workshop GeoSec Sicherheit für Geodaten Geodaten für die Sicherheit (GIS for Security) of the CAST-Forum, Darmstadt, Germany. Invited presentation Techische Schutzmaßnahmen für Infomationssysteme (Technical Protection Controls for GIS). April 1st, IEEE Information Assurance Standards Workshop Invited presentation Software Engineering Issues, NIST, Gaithersburg, MD, USA, December 4th, Workshop Medizin und IT-Sicherheit (Health Care and IT Security) of the CAST- Forum, Darmstadt, Germany. Invited presentation Grundschutz für Praxis-Systeme (Baseline Security for Private Practice). June 26th, Workshop Netzwerksicherheit (Network Security) of the CAST-Forum, Darmstadt, Germany. Invited presentation Tagungsbericht IWIA 2003, IEEE-Aktivitäten im Bereich Information Assurance (Conference Report IWIA 2003, IEEE Information Assurance Activities). April 24th, First IEEE International Workshop on Information Assurance. Invited presentation IEEE Activities in Information Assurance, Darmstadt, Germany, March 24th, First IEEE International Workshop on Information Assurance. Closing panel presentation Challenges in Information Assurance, Darmstadt, Germany, March 24th, Workshop IT Sicherheits-Engineering (IT Security Engineering) of the CAST-Forum, Darmstadt, Germany. Invited presentation Information Assurance. September 20th, Workshop Web-Security of the CAST-Forum, Darmstadt, Germany. Invited presentation Gefahren bei Webangeboten (Threats for Web Services). August 16th, Workshop Sicherheit von Betriebssystemen / Firewalls (Operating System and Firewall Security) of the CAST-Forum, Darmstadt, Germany. Invited presentation Politikbasierte Sicherungsmechanismen für verteilte Systeme (Policy-based security mechanisms for distributed systems). July 12th, Online-Tag des Hessischen Wirtschaftsministeriums (IT forum of the Hessian state ministry of economy), Wiesbaden, Germany. Invited presentation Firewalls: Einordnung und Grenzen (Firewalls: Their role and limitations). November 15th, Seminar Sicherheit im Electronic Business (Security in electronic business), Stuttgart, Germany. Invited presentation TCP/IP Firewalling: Stand der Technik, Herausforderungen, und Entwicklungen (TCP/IP Firewalling: State of the art, challenges, and recent 5

155 developments). October 12th, IBM Crypto Council, Poughkeepsie, NY, USA. Lecture CIPRESS: Cryptographic Intellectual Property Rights Enforcement System. September 19th, n-tv Finanzplatz (n-tv Finance, a national/european satelite news network). Initially broadcast July 7th, 2000: Panel discussion Chancen und Risiken im Internet-Wertpapierhandel (Opportunities and risks in Internet-based financial trading) Participants: Matthias Kröner, member of the board, Direktanlage-Bank; Patrick Zeigerer, member of the board, net.ipo; Stephen Wolthusen, Fraunhofer-IGD. Workshop Web Security of the CAST-Forum, Darmstadt, Germany. Invited presentation Gefahren bei WWW-Angeboten (Threats for Web Services). June 29th, hamburger dialog Effizienz der Kommunikation: Neue Vielfalt Neue Chancen (Efficiency in communication: Diversity and Opportunities). May 8th, 2000, Congress Centrum Hamburg, Germany. Panel discussion: Neue Techniken und Datensicherheit. Geht das? (New Technology and Data Security). Participants: Ulrich Kühn, Hamburgischer Datenschutzbeauftragter (Data privacy controller for the state of Hamburg, Germany); Wau Holland, Chaos Computer Club, Germany; Stephen Wolthusen, Fraunhofer-IGD. Workshop Firewalls of the CAST-Forum, Darmstadt, Germany. Invited presentation Firewalls: Elemente einer Sicherheitsarchitektur (Firewalls: Elements of a security architecture). March 17th, Workshop Firewalls of the CAST-Forum, Darmstadt, Germany. Invited presentation Anwendungsorientierte Evaluierung von Firewalls (Application-oriented evaluation of firewalls). March 17th, CeBIT 2000, Hannover, Germany. Lecture Firewalls in der Praxis (Firewalls in practice) February 28th, Institut für Maritime Systeme und Strömungstechnik (Institute for Naval Systems and Hydrodynamics), Rostock, Germany. Invited presentation Sicherheitsaspekte bei der Kommunikation sensibler Daten über das Internet (Security aspects in communicating classified data over the Internet). February 24th, Industrie- und Handelskammer (Darmstadt chamber of commerce) Darmstadt, Germany. Invited presentation Understanding & Implementing Internet Security. September 3rd, Various lectures on IT security aspects in the medical sector in cooperation with the ZGDV e.v., Darmstadt, Germany und der Deutschen Dermatologischen Gesellschaft (German Association of Dermatologists). Various interviews on national TV on IT security issues. Various interviews on national and local radio on IT security issues. Various interviews by national and European print media on IT security issues. Patents International Patent (with E. Rademer and C. Busch) PCT/DE01/01333: Method for Integrating Hidden Information in a Set of Notes. Priority: May 15th, Granted: November 22nd, German Patent (with C. Busch) DE : Verfahren und Einrichtung zur automatischen Markierung von Ausdrucken einer Datenverarbeitungsanlage. Priority: November 22nd, Granted: August 8th, 2002 German Patent : Vorrichtung und Verfahren zur Etablierung einer Sicherheitspolitik in einem verteilten System. Priority: September 20th, Granted: Septemebr 20th,

156 Teaching Graduate course Network Security at Royal Holloway, University of London, UK Graduate course Information Security and Security Architecture at Gjøvik University College, Norway. Created detailed syllabus and course materials Graduate course (with D. Schadt and B. Hämmerli) Schutz kritischer Infrastrukturen und Informationssicherheit at the University of Bochum, Germany Graduate seminar (with P. Ebinger, J. Likavec, U. Pinsdorf, and J. Peters) Sicherheit in mobilen Ad-Hoc-Netzen at Darmstadt University of Technology, Germany Graduate (Hauptdiplom) course Netzwerksicherheit at Darmstadt University of Technology. Created lecture notes and course materials (see Courses Developed), developed written and oral exams. Maximum class size: 120 students plus 6 continuing professional education students from the CAST continuing education certificate program in Information Security. The 2005 course was given together with W. Böhmer, U. Pinsdorf, J. Peters, and P. Ebinger. PhD students 2006 present Nils Kalstad Svendsen (HiG). Modeling and Simulation of Critical Infrastructures 2006 present Richard McEvoy (RHUL). Concurrency-Based and Probabilistic Mechanisms for Forensics and Intrusion Detection 2006 present Steffen Reidt (RHUL). Distributed Security Services in a Tactical Network Environmnent 2006 present Ziyad Al-Salloum (RHUL). Topology-Controlled Worms for Network Security Professional activities Program Committees Program committee chair, Fourth IEEE International Workshop on Information Assurance. Royal Holloway, UK (IWIA 2006) Program committee chair, First IEEE International Workshop on Critical Infrastructure Protection. Darmstadt, Germany (IWCIP 2005) Program committee chair, Symposium on Critical Infrastructure Protection. Bonn, Germany (CIP Europe 2005) Convener, Session Dual Use Technologies in Information Warfare, XVI International Amaldi Conference of Academies of Science and National Scientific Societies on Problems of Global Security. Trieste, Italy (2004). Program committee chair, Third IEEE International Workshop on Information Assurance. Washington D.C., USA (IWIA 2005) Program committee chair, Second IEEE International Workshop on Information Assurance. Charlotte, North Carolina, USA (IWIA 2004) Co-chair, First IEEE International Workshop on Information Assurance. Darmstadt, Germany (IWIA 2003) 1 Fall semester(s) 2 Summer semester(s) Program committee, 3rd GI Incident Management and IT-Forensics Conference. Stuttgart, Germany (IMF 2007) Program committee, 8th Annual IEEE SMC Information Assurance Workshop. United States Military Academy, West Point, New York, USA (IAW 2007) Program committee, International Conference on Security and Cryptography. Barcelona, Spain (SECRYPT 2007) Program committee, 10th Information Security Conference. Valparaiso, Chile (ISC 2007) 7

157 Program committee, First International Workshop on Next Generation Networks for First Responders and Critical Infrastructures New Orleans, LA, USA (IPCCC 2007). Program committee, ARES Workshop on Secure Software Engineering. Vienna, Austria (SecSE 2007) Program committee, 4th GI/IEEE Workshop on Detection of Intrusions and Viruses & Vulnerability Assessment. Lucerne, Switzerland (DIMVA 2007) Program committee, 3rd Information Security Practice and Experience Conference, Hong Kong, China (ISPEC 2007) Program committee, 1st International Workshop on Critical Information Infrastructure Security, Samos, Greece (CRITIS 06) Program committee, 7th Annual IEEE SMC Information Assurance Workshop. United States Military Academy, West Point, New York, USA (IAW 2006) Program committee, 2nd GI Incident Management and IT-Forensics Conference. Stuttgart, Germany (IMF 2006) Program committee, 3rd GI/IEEE Workshop on Detection of Intrusions and Viruses & Vulnerability Assessment. Berlin, Germany (DIMVA 2006) Program committee, 2nd IEEE Workshop on Dependability and Security in Sensor Networks and Systems, Columbia, Maryland, USA (DSSNS 2006) Program committee, 3rd International Security Conference, Düsseldorf, Germany (2005). Program committee, GI Workshop Sicherheit in komplexen, vernetzten Umgebungen. Bonn, Germany (2005) Program committee, 6th Annual IEEE SMC Information Assurance Workshop. United States Military Academy, West Point, New York, USA (IAW 2005) Program committee, 2nd GI/IEEE Workshop on Detection of Intrusions and Viruses & Vulnerability Assessment. Vienna, Austria (DIMVA 2005) Program committee, 2nd International Security Conference, Berlin, Germany (2004). Program committee, 5th Annual IEEE SMC Information Assurance Workshop. United States Military Academy, West Point, New York, USA (IAW 2004) Program committee, GI/IEEE Workshop on Detection of Intrusions and Viruses & Vulnerability Assessment. Dortmund, Germany (DIMVA 2004) Program committee, 4th Annual IEEE SMC Information Assurance Workshop. United States Military Academy, West Point, New York, USA (IAW 2003) Review committees Annual Computer Security Applications Conferences (ACSAC), Editorial and Review Service Member, Steering Committee IEEE International Security in Storage Workshops Member, Editorial Board of Information Security Technical Report (Elsevier Science) Reviewer for ACM Computing Reviews Reviewer for computers & graphics journal (Elsevier Science) Reviewer for IEEE Wireless Communications Magazine Reviewer for Computer Communications journal (Elsevier Science) Other Service Balloter, IEEE Standards Association Institute Coordinator, German Academic Exchange Service IAESTE Program ( ) 8

158 Curriculum Vitae - Erik HJELMÅS Home address Bondelivegen 16, N-2816 Gjøvik Office address NISlab, Faculty of Computer Science and Media Technology, Gjøvik University College, P. O. Box 191, N-2802 Gjøvik [email protected] Phone Web erikh/ Citizenship Norway Date of birth November 25th 1972 Languages Norwegian, English Education 2005 Dr. scient., University of Oslo, Department of Informatics 1996 M.Sc., University of Pittsburgh, Department of Information Science 1994 Cand. mag. (B.Sc. equivalent), Telemark University College (91 92, mathematics), Hedmark University College (92 94, computer science) Academic and professional interest System administration and security Identity management Authentication Biometrics Employment 2005 present Førsteamanuensis (associate professor), Gjøvik University College, Department of Computer Science and Media Technology Stipendiat (research scholar), University of Oslo, Department of Informatics Visiting Research Scholar, University of Maryland, Institute for Advanced Computer Studies, Center for Automation Research Høgskolelektor (assistant professor), Gjøvik University College, Department of Electrical Engineering and Science Systems Engineer Assistant, The Norwegian Army (electronic warfair) Teaching Assistant, Hedmark University College (mathematics). Publications WIEHE, A., HJELMÅS, E., AND WOLTHUSEN, S. D. Quantitative analysis of efficient antispam techniques. In Proceedings from the Seventh Annual IEEE SMC Information Assurance Workshop, United States Military Academy, West Point, NY, USA, June (West Point, NY, USA, June 2006), IEEE Press, pp Accepted for publication.

159 KOSMERLJ, M., FLADSRUD, T., HJELMÅS, E., AND SNEKKENES, E. Face recognition issues in a border control environment. In Proceedings of Advances in Biometrics, International Conference, ICB 2006, Hong Kong, China, January 5 7 (2006), D. Zhang and A. K. Jain, Eds., vol of Lecture Notes in Computer Science, Springer, pp HJELMÅS, E., AND WOLTHUSEN, S. D. Full-Spectrum Information Security Education: Integrating B.Sc., M.Sc., and Ph.D. Programs. In Proceedings of the Third Annual Conference on Information Security Curriculum Development (ACM InfoSecCD) (Kennesaw, GA, USA, 2006), ACM Press, pp HJELMÅS, E., AND LOW, B. K. Face detection: A survey. Computer Vision and Image Understanding 83, 3 (Sept. 2001), HJELMÅS, E., AND FARUP, I. A comparison of face/non-face classifiers. In Proceedings of the 3rd International Conference on Audio- and Video-Based Biometric Person Authentication, AVBPA 2001, Halmstad, Sweden, June 6 8 (2001), pp HJELMÅS, E. Biometric systems: A face recognition approach. In Proceedings of the Norwegian Conference on Informatics, Trondheim, Norway, November (2000), pp HJELMÅS, E., AND WROLDSEN, J. Recognizing Faces from the Eyes Only. In Proceedings of the 11th Scandinavian Conference on Image Analysis, SCIA 99, Kangerlussuaq, Greenland, June 7 11 (1999), pp Teaching Data Communication and Network Security (Spring 2007) Data Communication and Network Security (Fall 2006) System Administration (Fall 2006) Data Communication and Network Security (Fall 2005) System Administration (Fall 2005) System Administration (Fall 2004) System Administration (Fall 2003) Computer System Security (Spring 2003) Network and System Administration (Fall 2002) Computer System Security (Spring 2002) IT for lærere ( ) Artificial Intelligence (fall 1997) Introduction to Computer Science (fall 1996) Master students Fladsrud, Tom. Face Recognition in a border control environment: Non-zero Effort Attacks Effekt on False Acceptance Rate. Master Thesis, Gjøvik University College, Hauge, Erling Olai. Antispam-drifting i stor skala. Master Thesis, Gjøvik University College, Wiehe, Anders. Comparing Anti Spam Methods. Master Thesis, Gjøvik University College, Awards and nominations Kallerudprisen 2006 (for outstanding innovation and value creation in the Gjøvik region) 2

160 Nominated for best paper award with A. Wiehe and S. D. Wolthusen at Seventh Annual IEEE SMC Information Assurance Workshop, 2006 Nominated for Studiekvalitetsprisen at Gjøvik University College in 2004 and 2005 Professional activities IEEE Transactions on Pattern Analysis and Machine Intelligence IEEE Transactions on Neural Networks IEEE Transactions on Systems, Man and Cybernetics - Part B Vision Research Electronics and Telecommunications Research Institute (ETRI) Journal Journal on Applied Signal Processing Pattern Analysis and Applications 3

161 Curriculum Vitae - Patrick Adrianus Helena BOURS Home address Ringveien 16, N-2816, Gjøvik, Norway Office address NISlab, Faculty of Computer Science and Media Technology, Gjøvik University College, P. O. Box 191, N-2802 Gjøvik [email protected] Phone Citizenship Dutch Date of birth June 16th 1967 Languages Dutch, English Education PhD, Eindhoven University of Technology, Department of Mathematics and Computer Science, Section of Discrete Mathematics, Graduated Cum Laude Extra courses 2004 Network Fundamentals 2002 Software Security Analysis, Njama 2001 Programming in C IDA Pro Basics 1998 Seminar on International Negotiations, Clingendael 1998 Project management, De Hart & Pol 1997 Basic course in C programming Language, CompuTrain 1994 Computer Algebra, EIDMA Mini-course 1994 Signal processing and coding for digital magnetic recording, EIDMA Mini-course Employment 2005 present Researcher and teacher, Gjøvik University College, Department of Computer Science and Media Technology Senior Policy Maker and Scientific Head Researcher, Netherlands National Communications Security Agency PhD studies, Eindhoven University of Technology and Philips Research Laboratories Second part of my master s thesis, Eindhoven University of Technology First part of my master s thesis, National Aerospace Laboratory Teaching Assintantship, Eindhoven University of Technology Publications BOURS, P. A. H. On the construction of perfect deletion-correcting codes using design theory. Designs, Codes and Cryptography 6, 1 (July 1995), BOURS, P. A. Codes for correcting insertion and deletion errors, BOURS, P. A. H. Construction of fixed-length insertion/deletion correcting runlengthlimited codes. IEEE Transactions on Information Theory 40, 6 (1994),

162 LOUS, N. J. C., BOURS, P. A. H., AND VAN TILBORG, H. C. A. On maximum likelihood soft-decision decoding of binary linear codes. IEEE Transactions on Information Theory 39, 1 (1993), 197. BOURS, P. A. H., JANSSEN, J. C. M., VAN ASPERDT, M., AND VAN TILBORG, H. C. A. Algebraic decoding beyond BCH of some binary cyclic codes, when e>bch. IEEE Transactions on Information Theory 36, 1 (1990), 214. Research projects and grants Philips sponsored part of mye work on my PhD studies Professional activities Administrative experience Leading teams, conisting of experts in differenc fields, for the evaluation of security products Leading a team for the development of a true random number and prime generator, which is used to generate keys for Duch governmental security equipment Organisation of international meetings 2

163 Curriculum Vitae - Chik How TAN Home address Livegen 4, N-2816, Gjøvik, Norway Office address NISlab, Faculty of Computer Science and Media Technology, Gjøvik University College, P. O. Box 191, N-2802 Gjøvik [email protected] Phone (Office), (Cell) Citizenship Singapore Date of birth September 19th 1959 Languages English, Chinese Education 1992 Ph. D in mathematics, University of Wisconsin, Madison, USA 1990 MA in mathematics, University of Wisconsin, Modison, USA 1984 B. Sc. (Honours), mathematics. National University of Singapore 1983 B. Sc. in mathematics. National University of Singapore Academic and professional interest Cryptography Cryptanalysis Shift register sequences Coding theory Network security Wireless communications security Embedded system security Web services security Grid computing security Electronic commerce security Employment 2005 present Professor of Information Security, Gjøvik University College, Department of Computer Science and Media Technology Associate Professor, School of EEE, Nanyang Technological University, Singapore Assistant Professor, School of EEE, Nanyang Technological University, Singapore Director, Centre For Information Security, School of EEE, Nanyang Technological University, Singapore Security consultant (part-time), Digisafe Pte Ltd, Singapore Principal Member of Technical Staff, Dso National Laboratories, Singapore Lab Head, Dso National Laboratories, Singapore Analyst and Senior Analyst, Dso National Laboratories, Singapore Part-time tutor, Open University, Singapore Part-time lecturer, Singapore Polytechnic

164 Publications Referred Journal Papers TAN, C. H. Signature scheme in multi-user setting. IEICE Transactions on Fundamentals E89-A, 1 (May 2006), TEO JOSEPH, C. M., AND TAN, C. H. Authenticated Dynamic Group Key Agreement for Autoconfigurable Mobile Ad Hoc Networks. IEICE Trans Commun E89-B, 9 (Sept. 2006), YI, X., AND TAN, C. H. Security of kuwakado-tanaka transitive signature scheme for directed trees. IEICE Transactions on Fundamentals E87-A, 4 (Oct. 2004), TAN, C. H. Key substitution attacks on some provably secure signature schemes. IEICE Transactions on Fundamentals E87-A, 1 (Jan. 2004), YI, X., SIEW, C. K., AND TAN, C. H. A secure and efficient conference scheme for mobile communications. IEEE Transactions on Vehicular Technology 52, 4 (July 2003), TAN, C. H., YI, X., AND SIEW, C. K. On the n-th order shift register based discrete logarithm. IEICE Transactions on Fundamentals E86-A, 5 (May 2003), TAN, C. H., YI, X., AND SIEW, C. K. A new provably secure signature scheme. IEICE Transactions on Fundamentals E86-A, 10 (Oct. 2003), YI, X., SIEW, C. K., TAN, C. H., AND YE, Y. A secure conference scheme for mobile communications. IEEE Transactions on Wireless Communications 2, 6 (Nov. 2003), TAN, C. H., YI, X., AND SIEW, C. K. New signature schemes based on 3rd order shift registers. IEICE Transactions on Fundamentals E85-A, 1 (Jan. 2002), YI, X., TAN, C. H., AND SIEW, C. K. A new block cipher based on chaotic tent map. IEEE Transaction on Circuits and Systems Part I 49, 12 (Dec. 2002), YI, X., TAN, C. H., AND SIEW, C. K. Id-based key agreement for multimedia encryption. IEEE Transactions on Consumer Electronics 48, 2 (2002), YI, X., TAN, C. H., AND SIEW, C. K. Fast encryption for multimedia. IEEE Transactions on Consumer Electronics 47, 1 (2001), TAN, C. H. On waters signature scheme. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. E89-A, 10 (Oct. 2006), TEO JOSEPH, C. M., TAN, C. H., AND NG, J. M. Security analysis of provably secure constant round dynamic group key agreemen. IEICE Trans. on Fundamentals of Electronics, Communications and Computer Sciences E89-A, 11 (Nov. 2006), TAN, C. H. Security analysis of signcryption scheme from q-diffie-hellman problems. IEICE Transactions on Fundamentals E89-A, 1 (Jan. 2006), TAN, C. H. A new signature scheme without random oracles. International Journal of Security and Networks Vol 1, 3/4 (Dec. 2006), TEO JOSEPH, C. M., TAN, C. H., NG, AND MEE, J. Low-power authenticated group key agreement for heterogeneous wireless networks. International Journal of Security and Networks 1, 3/4 (Dec. 2006), TAN, C. H. Key substitution attacks on provably secure short signature schemes. IEICE Transactions on Fundamentals E88-A, 2 (Feb. 2005), TAN, C. H. On the security of signcryption scheme with key privacy. IEICE Transactions on Fundamentals E88-A, 4 (Apr. 2005), TAN, C. H., YI, X., AND SIEW, C. K. On diffie-hellman problems in 3rd order shift register. IEICE Transactions on Fundamentals E87-A, 5 (May 2004),

165 Referred Conference Papers MANDT, T. K., AND TAN, C. H. Certificateless authenticated two-party key. In 11th Annunal Asian Computing Science Conference (ASIAN06), (to appear) (2007), vol. 4xxx of Lecture Note in Computer Science, Springer Verlag. TAN, C. H., AND TEO JOSEPH, C. M. Protection against web-based password phishing. In Third International Conference on Information Technology: Next Generations (ITNG 2007) (to appear) (2007), The IEEE Computer Society Press. TAN, C. H., AND TEO JOSEPH, C. M. An authenticated group key agreement for wireless networks. In IEEE Wireless Communications & Networking Conference 2005 (2005), vol. 4, pp TEO JOSEPH, C. M., AND TAN, C. H. Energy efficient and scalable group key agreement for large ad hoc network. In The 2nd ACM International Workshop on Performance Evaluation of Wireless Ad Hoc, Sensor, and Ubiquitous Networks (PE-WASUN 2005) (2005), pp HOU, X., AND TAN, C. H. Fair traceable off-line electronic cash in wallets with observers. In The 6th International Conference on Advance Communication Technology 2004 (2004), pp TAN, C. H., YI, X., AND SIEW, C. K. Signature scheme based on composite discrete logarithm. In IEEE Fourth International Conference on Information, Communications & Signal Processing and Fourth Pacific-Rim Conference on Multimedia (ICICS-PCM 2003) (Dec. 2003). TAN, C. H., YI, X., AND SIEW, C. K. A CCA2 secure key encapsulation scheme based on 3rd order shift registers. In The 8th Australasian Conference on Information Security and Privacy ACISP 03 (2003), vol of Lecture Notes in Computer Science, Springer-Verlag, pp YI, X., TAN, C. H., SIEW, C. K., AND OKAMOTO, E. A new encryption scheme based on discrete logarithm problem. In The International Conference on Fundamentals of Electronics, Communications and Computer Sciences, Tokyo, Japan, March (2002). TAN, C. H., YI, X., AND SIEW, C. K. Computation of signature schemes based on 3rd order shift registers. In The International Conference on Fundamentals of Electronics, Communications and Computer Sciences, Tokyo, Japan, March (2002). YI, X., TAN, C. H., SIEW, C. K., AND SYED, M. R. A new encryption algorithm for high throughput multimedia. In 2001 Information Resources Management Association International Conference, Canada, May (2001). TAN, C. H., YI, X., AND SIEW, C. K. Signature schemes based on 3rd order shift registers. In The 6th Australasian Conference on Information and Privacy (2001), vol of Lecture Notes in Computer Science, Springer-Verlag, pp TAN, C. H., YI, X., AND SIEW, C. K. Secured wireless lan IEEE In The Third International Conference on Information, Communication & Signal Processing (ICICS 2001), Singapore, October (2001). TEO JOSEPH, C. M., TAN, C. H., AND NG, J. M. Authenticated group key agreement against dos in heterogeneous wireless networks. In IEEE Wireless Communications and Networking Conference 2007 (to appear) (2007). YI, X., TAN, C. H., AND SIEW, C. K. A new authenticated key agreement. In The Third International Conference on Information, Communication & Signal Processing (ICICS 2001), Singapore, October (2001). TAN, C. H. Period and linear complexity of cascaded clocked-controlled generators. In Sequences and Their Applications Proceedings of SETA 98, Discrete Mathematics and Theoretical Computer Science (1999), Springer-Verlag, pp TAN, C. H. Insider-secure hybrid signcryption scheme without random oracles. In Proceedings of the 1st International Workshop on Advances in Information Security, part of 3

166 International Conference on Availability, Reliability and Security 2007 (ARES 2007) (to appear) (2007). TAN, C. H., AND TEO JOSEPH, C. M. Energy-efficient id-based group key agreement protocols for wireless networks. In The International Workshop on Security in Systems and Networks (SSN2006), in conjunction with the 20th IEEE International Parallel and Distributed Processing Symposium (IPDPS 2006) (2006). TEO JOSEPH, C. M., TAN, C. H., AND NG, J. M. Low-power group key agreement for heterogeneous wireless networks. In Symposium of Computer and Network Security, part of International Wireless Communications and Mobile Computing Conference 2006 (IWCMC 2006) (2006), The ACM Press. TAN, C. H. A secure signature scheme. In Symposium of Computer and Network Security, part of International Wireless Communications and Mobile Computing Conference 2006 (IWCMC 2006) (2006), The ACM Press. TAN, C. H. Chosen ciphertext security from identity-based encryption without strong condition. In Advances in Information and Computer Security, First International Workshop on Security, IWSEC 2006 (2006), Lecture Notes in Computer Science, Springer, pp TAN, C. H. Public-key encryption from id-based encryption without one-time signature. In OTM Workshops (1) (2006), Lecture Notes in Computer Science, Springer, pp HOU, X., AND TAN, C. H. A new electronic cash model. In IEEE International Conference on Information Technology: Coding and Computing ITCC 2005 (2005), pp Teaching Network Security, Master Course in HIG Wireless Communications Security, Master Course in HIG Network Security and Management, Master course in NTU Electronic Commerce Technology, Undergraduate course in NTU Computer Security, Undergraduate course in NTU Mathematics in Computing, Open University (Part-time) Engineering Mathematics, Singapore Polytechnic (Part-time) Statistics, Singapore Polytechnic (Part-time) Students PhD students Master students Chee Meng Teo, Joseph, Secure Group Key Agreement in Wireless Networks, Nanyang Technological University, Singapore (04 present). Expected to be graduated in December Knut Wold, Countermeasures of Side-channel attacks on FPGA, Gjøvik University College (Jan 07 present). Xiosong Hou, Design and analysis of electronic cash, Nanyang Technological University, Singapore (02 05). Master of Engineering (mainly by research). 12 other Master of Science (mainly by coursework) students (graduated). 4

167 Professional activities Academic Services Reviewer of journals IEEE Transactions of Communications, IEEE Selected Areas on Communications (Special Issue), IEEE Transaction on Circuits and Systems Part I, IEEE Transaction on Circuits and Systems, Part II, IEEE Communications Letters, Information Processing Letters, Journal of Systems and Software, Information Science, Multimedia System, Applied Mathematic Letters, EURASIP Journal on Wireless Communications and Networking, Journal of Communications and Networks, International Journal of Computer Systems Science and Engineering Reviewer of Conferences Asiacrypt 2001, Cybersecurity 2003, ACM PE-WASUN 2005, PAKDD 2006, SSN 2007 (part of 21st IPDPS) National Services Reviewer of a NSTB s (now called A*STAR), Singapore (equivalent to Norwegian Research Council) research project on Information Security for five years (S$5 million 20 million Kroner) in 1994 Committee member of A*STAR s Thematic Strategic Research Programme in Information Security in 2003 Committee member of National Grid Initiative Security Working Group from 2003 to Aug 2005 Identify research areas in information security programme for Infocomm Development Authority, Singapore in 2004 A judge of Tan Kah Kee Young Scientist Awards (Open category, IT),

168 Curriculum Vitae - Katrin FRANKE Home address Jonas-Lies-Gate 19, N-2815 Gjøvik, Norway Office address NISlab, Faculty of Computer Science and Media Technology, Gjøvik University College, P. O. Box 191, N-2802 Gjøvik [email protected] Phone (office), (mobile) Web Citizenship Germany Date of birth November 1st 1969 Languages German (native speaker), English (fluent), Russian (school) Education Doctorial Dissertation at the Artificial Intelligence Institute, Faculty of Mathematics and Natural Sciences, University of Groningen, The Netherlands Study and Master degree (Diplom-Ingenieur) in Electrical Engineering / Information Technology with focus on system and circuit design at the Technical University Dresden Banking profession (Finanzkaufmann), National Bank of East-Germany (Staatsbank der DDR) in Leipzig. Academic and professional interest Computer Vision: Adaptive filter design, Mathematical Morphology and color image processing. Computational Intelligence: Fuzzy Logic, Neural Networks, and Evolutionary Computation. Robotics: Simulation of human handwriting. Biometrics: Writer identification, forensic handwriting and signature analysis, psychomotor aspects of handwriting, physical and biomechanical interaction processes. Document processing, selective background and foreground segmentation, stamp-imprint analysis. Knowledge engineering using extensible Markup Language (XML) for handwriting and document analysis. Software and system design. Employment 2007 present Associate Professior in Information Security, Gjøvik University College, Department of Computer Science and Media Technology Research engineer, and since 96 Project manager, Fraunhofer Institute for Production Systems and Design Technology (IPK) in Berlin, Department of Security Technology. In charge of research and industrial projects on computer vision and computational intelligence for document processing and handwriting analysis, in particular signature verification in finance and forensic applications.

169 Student researcher, Fraunhofer Institute for Integrated Circuits, Branch Lab for Automation of Circuit and System Design (IIS/EAS) in Dresden, Department Modeling and Simulation. Design, implementation and simulation of digital filter models for the multi-level-simulator KOSIM, as well as study and simulation of cross talk in coupled conductors Bank employee, Headquarter of the National Bank East-Germany (Staatsbank der DDR) in Berlin. Publications TODO SCHOMAKER, L., FRANKE, K., AND BULACU, M. Using codebooks of fragmented connected-component contours in forensic and historic writer identification. Pattern Recognition Letters 28, 6 (2007), CHEE, Y.-M., FRANKE, K., FROUMENTIN, M., MADHVANATH, S., MAGAÑA, J.-A., RUSSELL, G., SENI, G., TREMBLAY, C., WATT, S. M., AND YAEGER, L. Ink markup language. World Wide Web Consortium, Working Draft WD-InkML , Oct FRANKE, K., ZHANG, Y.-N., AND KÖPPEN, M. Static signature verification employing a kosko-neuro-fuzzy approach. In AFSS (2002), N. R. Pal and M. Sugeno, Eds., vol of Lecture Notes in Computer Science, Springer, pp FRANKE, K., AND DEL SOLAR, J. R. Soft-biometrics: Soft-computing technologies for biometric-applications. In AFSS (2002), N. R. Pal and M. Sugeno, Eds., vol of Lecture Notes in Computer Science, Springer, pp K. FRANKE, J. R. D. S., AND KÖPPEN, M. Soft biometrics: Soft computing for biometric applications. International Journal of Fuzzy Systems 4, 2 (2002), VEENHUIS, C., AND FRANKE, K. A semantic model for evolutionary computation, July FRANKE, K., AND KÖPPEN, M. A computer-based system to support forensic studies on handwritten documents. IJDAR 3, 4 (2001), FRANKE, K., AND NICKOLAY, B. Fuzzy image processing by using dubois and prade fuzzy norms, July FRANKE, K. A framework for document pre-processing in forensic handwriting analysis, Oct FRANKE, K., KÖPPEN, M., AND NICKOLAY, B. Fuzzy image processing by using dubois and prade fuzzy norms. In ICPR (2000), pp FRANKE, K. Towards an universal approach to background removal in images of bankchecks, July FRANKE, K., AND ROSE, S. Ink-deposition analysis using temporal (online) data, HENNIGER, O., AND FRANKE, K. Biometric user authentication on smart cards by means of handwritten signatures. In ICBA (2004), D. Zhang and A. K. Jain, Eds., vol of Lecture Notes in Computer Science, Springer, pp FRANKE, K., AND SCHOMAKER, L. Robotic writing trace synthesis and its application in the study of signature line quality. Journal of Forensic Document Examination 16, 3 (2004), KÖPPEN, M., FRANKE, K., AND NICKOLAY, B. Fuzzy-Pareto-Dominance Driven Multiobjective Genetic Algorithm. In Proceedings of the 10th IFSA World Congress (IFSA 2003) (Istanbul, Turkey, June 2003), pp FRANKE, K., SCHOMAKER, L., VEENHUIS, C., TAUBENHEIM, C., GUYON, I., VU- URPIJL, L., ERP, M. V., AND ZWARTS, G. WANDA: A generic framework applied in, Oct

170 FRANKE, K., SCHOMAKER, L., VEENHUIS, C., TAUBENHEIM, C., GUYON, I., VU- URPIJL, L., VAN ERP, M., AND ZWARTS, G. WANDA: A generic framework applied in forensic handwriting analysis and writer identification. In HIS (2003), A. Abraham, M. Köppen, and K. Franke, Eds., vol. 105 of Frontiers in Artificial Intelligence and Applications, IOS Press, pp HENNIGER, O., AND FRANKE, K. Biometrische benutzerauthentisierung auf smartcards mittels handschriftlicher unterschriften. In GI Jahrestagung (Schwerpunkt "Sicherheit - Schutz und Zuverlässigkeit") (2003), R. Grimm, H. B. Keller, and K. Rannenberg, Eds., vol. 36 of LNI, GI, pp FRANKE, K. Soft-biometrics: Soft-computing for biometric-applications, July Founded research projects Vision ID II. Visual identification of ID and secure documents, by the Programm zur Förderung von Forschung, Innovationen und Technologien (ProFIT), Investitionsbank Berlin (IBB) Project volume: Euro Partner: Bundesdruckerei GmbH, Berlin, Germany. Position: Team leader at Fraunhofer IPK (until Dec. 2006) CHL 01/011. Face recognition and signature verification using Soft Computing, by the joint Program of Scientific Cooperation of CONICYT (Chile) and the Federal Ministry of Education and Research (BMBF, Germany) Project volume: - Travel expense - Partner: Universidad de Chile, Santiago, Chile. Position: Team leader at Fraunhofer IPK Wanda, B /02. FISH-new, Modules 2002: Modular program library and graphical user interface for acquisition, annotation and storage of digitized handwriting, by the Federal Ministry for the Interior on request of the Bundeskriminalamt - Federal German Police Office Project volume: Euro Partner: International Unipen Foundation, Nijmegen University, The Netherlands, University of Groningen, The Netherlands. Position: Team leader ZAVIR, UMTS_153. On the assignment of activities in virtual environments, by the Program: IT-Security: Increment of trust ability and reliability in IT-systems of the Federal Ministry of Education and Research (BMBF, Germany) Project volume: Euro Partner: Fraunhofer SIT, Fraunhofer IGD, Fraunhofer IIS. Position: Team leader at Fraunhofer IPK Stampiglia, FhG-OEF. Software module for the analysis of German custom stamps on documents, by the Fraunhofer program Operative Eigen- forschung Project volume: Euro Partner: German Customs (Zollkriminalamt) Position: Team leader ASPA, IBB. Research and development on the acquisition and processing of historical documents, by the IKT-Programm of the Senat Berlin Project volume: Euro Position: Team leader at Fraunhofer IPK 1998 Kanji, FhG-OEF. Software module for the analysis of Asian handwriting, by the Fraunhofer program Operative Eigenforschung Project volume: Euro Position: Team leader 1997 ESD, GZ:IX/B Ge. Modular system for the elimination of noise signals in paper documents, by the Federal Ministry for the Interior on request of the Bundeskriminalamt - Federal Criminal Police Office Project volume: Euro Position: Team leader MOSAD, FhG-SEF. Modular system for the analysis of handwriting on paper documents, by the Fraunhofer program Strategische Eigenforschung Project volume: Euro Position: Team leader Teaching 2006 Lecturer. Modeling and Analysis of Handwriting. Technical University in Berlin, Germany 3

171 Lecturer. Exercise and laboratory courses in Fundamentals of Electrical Engineering. University of Traffic Systems in Dresden, Germany. Professional activities TODO 4

172 Curriculum Vitae - Einar Arthur SNEKKENES Home address Furuveien 18, 1417, Lørenskog Office address NISlab, Faculty of Computer Science and Media Technology, Gjøvik University College, P. O. Box 191, N-2802 Gjøvik [email protected] Phone Citizenship Norwegian Date of birth July 26th 1961 Languages Norwegian (native speaker), English (fluent), some German and French Education Dr Philos (PhD), University of Oslo, Computer Science, communications security BSc (Hons), UMIST (UK), Computation. Recognised by NTH/NTNU as equivalent to Siv.ing. Academic and professional interest Computer security Communications security Protocol security analysis Applied and theoretical computer science Software development and programming Digital electronics and embedded programming. Risk Assessment Interactive information security simulation Employment 2002 present Professor of Information Security Gjøvik University College, Department of Computer Science and Media Technology Research director, Norsk Regnesentral (Norwegian Computing Center) Managing director, Shield Data AS Norwegian Defence Research Establishment (FFI), Kjeller, Norway Project manager, MACS, Conception, development and marketing of technology (hardware and software) for secure network integration (MACS). Associated project management, recruitment and team building Participated in security study ( Sikkerhet i endesystemer ), with CHOD (FO/S) and NODECA (FTD) 1997 Managed a study investigating the need for integration of Norwegian Military CCI Systems Developed theory for analysis of protocol security 1994 Participated as the FFI representative in a study of the need for a common IT strategy for National defence

173 Participated in the development of a Norwegian crypto algorithm (NSK) Research engineer, Alkatel STK Information security, methods for analysis of cryptographic protocols 1988 Expert systems Methods and tools for software development 1995, 5 months Programmer/systems analyst. Participated in the development of system specification and was responsible for the software development for a currency broker communications terminal 1984, 1 month Programmer, Scanvest Ring AS. Extended an operating system used in a telecommunication automatic queue distribution switch Technical trainee, Gustav A. Ring System Maskiner AS. Design of electronic circuits. Publications (selected) KOSMERLJ, M., FLADSRUD, T., HJELMÅS, E., AND SNEKKENES, E. Face recognition issues in a border control environment. In Proceedings of Advances in Biometrics, International Conference, ICB 2006, Hong Kong, China, January 5 7 (2006), D. Zhang and A. K. Jain, Eds., vol of Lecture Notes in Computer Science, Springer, pp GAFUROV, D., SNEKKENES, E., AND BUVARP, T. E. Robustness of biometric gait authentication against impersonation attack. In OTM Workshops (1) (2006), Lecture Notes in Computer Science, Springer, pp SNEKKENES, E. Authentication in open systems. In Proceedings of the IFIP WG 6.1 Tenth International Symposium on Protocol Specification Testing and Verification X (1990), North Holland, pp DYRKOLBOTN, G. O., AND SNEKKENES, E. A wireless covert channel on smart cards. In Information and Communications Security, 8th International Conference, ICICS 2006, Raleigh, NC, USA, December 4-7, 2006, Proceedings (2006), Lecture Notes in Computer Science, Springer, pp HASLE, H., KRISTIANSEN, Y., KINTEL, K., AND SNEKKENES, E. Measuring resistance to social engineering. In Information Security Practice and Experience: First International Conference, ISPEC 2005, Singapore, April (2005), vol of Lecture Notes in Computer Science, Springer, pp LANGWEG, H., AND SNEKKENES, E. A classification of malicious software attacks. In Proceedings of 23rd IEEE International Performance, Computing, and Communications Conference, Phoenix, AZ, USA, April (2004), IEEE Computer Society, pp SNEKKENES, E. Concepts for personal location privacy policies. In Proceedings of the ACM Conference on Electronic Commerce (EC 01), Tampa, Florida, USA, October (2001), ACM Press, pp SNEKKENES, E. Roles in cryptographic protocols. In Proceedings of the 1992 IEEE Computer Society Symposium on Research in Security and Privacy (1992), IEEE Computer Society Press, pp SNEKKENES, E. Exploring the BAN approach to protocol analysis. In Proceedings of the 1991 IEEE Computer Society Symposium on Research in Security and Privacy (1991), IEEE Computer Society Press, pp GAARDER, K., AND SNEKKENES, E. Applying a formal analysis technique to the CCITT X.509 strong two way authentication protocol. Journal of Cryptology 3, 2 (1991), GAARDER, K., AND SNEKKENES, E. On the formal analysis of PKCS authentication protocols. In AUSCRYPT 90: Proceedings of the international conference on cryptology on Advances in cryptology, Sydney, Australia (1990), Springer-Verlag, pp LNCS

174 Edited books and journals SNEKKENES, E. Preface to the special issue on ESORICS International Journal of Information Security 4, 3 (2005), SNEKKENES, E., AND GOLLMANN, D., Eds. Computer Security - ESORICS 2003, 8th European Symposium on Research in Computer Security, Gjøvik, Norway, October (2003), vol of Lecture Notes in Computer Science, Springer. Presentations (selected) 2005 Measuring Resistance to Social Engineering 2001 Concepts for Personal Location Privacy Policies, ACM Conference on Electronic Commerce (EC 01), Tampa, Florida 2001 Elektronisk betaling - Studiemøtet i elektronikk 2001, Lillehammer 2000 MODPEX security issues. Microsoft Research, Combridge, England 1997 MACS: Multi level secure architecture with COTS, AFCEA, Oslo 1996 Sikker integrasjon av systemer med forskjellig gradering: Utfordringer og ønsker, FTD, Hafjell 1996 Secure Network Integration: Is it Possible in Practice?, NRL, Washington DC 1993 Specifying cryptographic protocols, Cambridge University, Cambridge (UK) 1992 Roles in cryptographic protocols, IEEE, Oakland, California 1991 Exploring the BAN approach to protocol analysis IEEE, Oakland, California 1990 Authentication in open systems, IFIP, Ottawa, Canada Research projects and grants Security reporting founded by Norwegian Research Council ( NOK) BAS 5 Effectiveness of information security measures (Partner/subcontractor of FFI founded by Norwegian Research Council/FFI ( NOK) Security of approaches to Personall authentication founded by Norwegian Research Council ( NOK) Authentication in a Health Service Context founded by Norwegian Research Council ( NOK) Teaching Courses lectured 2004 Authentication Security metrics PhD students 2006 Frode Gilberg. Information security simulation 2006 Vitality Pavlenko. Security reporting as foundation for security risk management and security awareness 2005 Janne Hagen. Measuring Effectiveness of Information Security Measures 2005 Davarondzhon Gafurov. Security of Approaches to Personnel Authentication 2004 Geir Olav Dyrkolbotn. Smart Cards- Robustness against Electromagnetic Side-Channel Attacks 2004 Lase Øverlier. Anonymizing Networks 2004 Kirsti Helkala. Authentication in a health service context 2003 Hanno Langweg. Measuring Software Resistance Against Malicious Software Attacks 3

175 Professional activities 2007 Member of ESORICS 2007 Program committee present Member of the board of the Research Council of Norway research programme IKT-SoS (ICT Security and vulnerability) 1994 present Member of the ESORICS steering and program committees 2007 Member of ACM CCS program committee 2006 Session chair, ESORICS Member of the Nordsec program committee 2006 Member of the ESORICS program committee 2005 Member of the Nordsec program committee 2003 Program committee Chair for ESORICS Member of Forum for IT sikkerhet (Nærings- og handelsdepartementet - stortingsmelding nr. 7) Member of project advisory board for Norwegian Defence Research Establishment (FFI) Contributing writer to Business Standard 2000 Member of program committee for the information security conference IFIP I-NetSec01, Leuven, Belgium 1998 Session leader for the security session at Studiemøtet i Elektronikk Head of the Norwegian delegation to the NATO military message handling security group Supervisor for MSc student Member of the Norwegian Military Crypto Advisory Board 1994 Session leader for ESORICS 94 in Brighton (UK) and 96 in Rome Member of a PhD examination board at Universite de Paris XI, U.F.R. Scientifique d Orsay 4

176 Curriculum Vitae - Christoph BUSCH Home address TODO Office address Hochschule Darmstadt, Faculty of Media, Campus Dieburg - Max-Planck-Str.2, N Dieburg Germany [email protected] Phone Web busch/ Citizenship German (TODO) Date of birth TODO Languages German, English (TODO) Education TODO Academic and professional interest Biometrics Development of Media Systems Image Analysis Wavelets Clusteranalysis Neuronale Networks Employment TODO Publications YANG, B., SCHMUCKER, M., NIU, X., BUSCH, C., AND SUN, S.-H. Integer-DCTbased reversible image watermarking by adaptive coefficient modification. In Security, Steganography, and Watermarking of Multimedia Contents (2005), E. J. Delp and P. W. Wong, Eds., vol of Proceedings of SPIE, SPIE, pp YU, L., SCHMUCKER, M., BUSCH, C., AND SUN, S.-H. Cumulant-based image fingerprints. In Security, Steganography, and Watermarking of Multimedia Contents (2005), E. J. Delp and P. W. Wong, Eds., vol of Proceedings of SPIE, SPIE, pp GROSS, E. M., HOPGOOD, F. R. A., BENEDENS, O., AND BUSCH, C. Towards blind detection of robust watermarks in polygonal models, Jan BENEDENS, O., AND BUSCH, C. Towards blind detection of robust watermarks in polygonal models. Comput. Graph. Forum 19, 3 (2000).

177 BUSCH, C., NAHRSTEDT, K., AND PITAS, I. Guest Editors introduction: Image security. IEEE Computer Graphics and Applications 19, 1 (Jan./Feb. 1999), BUSCH, C., FUNK, W., AND WOLTHUSEN, S. Digital watermarking: From concepts to real-time video applications. IEEE Computer Graphics and Applications 19, 1 (Jan./Feb. 1999), BUSCH, C., ROTH, V., AND MEISTER, R. Perspectives on electronic commerce with mobile agents, Feb BUSCH, C., DRNER, R., FREYTAG, C., AND ZIEGLER, H. Feature based recognition of traffic video streams for online route tracing, Mar BUSCH, C. Guest Editor s introduction. Computers and Graphics 22, 4 (Aug. 1998), 397?? BUSCH, C., AND DEBES, E. Wavelet transform for analyzing fog visibility. IEEE Intelligent Systems 13, 6 (1998), BUSCH, C. Wavelet based texture segmentation of multi-modal tomographic images. Computers & Graphics 21, 3 (1997), BUSCH, C. Inter-patient analysis of tomographic data. In CBMS (1997), IEEE Computer Society, pp VOIGT, M., YANG, B., AND BUSCH, C. High-capacity reversible watermarking for 2D vector data. In Security, Steganography, and Watermarking of Multimedia Contents (2005), E. J. Delp and P. W. Wong, Eds., vol of Proceedings of SPIE, SPIE, pp BUSCH, C., AND EBERLE, M. Morphological operations for color-coded images. Comput. Graph. Forum 14, 3 (1995), BUSCH, C., AND SCHMERER, M. Ein verfahren zur texturanalyse basierend auf multiplen waveletbasen. In DAGM-Symposium (1995), G. Sagerer, S. Posch, and F. Kummert, Eds., Informatik Aktuell, Springer, pp BUSCH, C., GRAF, F., WOLTHUSEN, S., AND ZEIDLER, A. System for intellectual property protection, June YANG, B., SCHMUCKER, M., FUNK, W., BUSCH, C., AND SUN, S.-H. Integer DCTbased reversible watermarking for images using companding technique. In Security, Steganography, and Watermarking of Multimedia Contents (2004), E. J. Delp and P. W. Wong, Eds., vol of Proceedings of SPIE, SPIE, pp ARNOLD, M., BUSCH, C., AND SCHMUCKER, M. Szenario-basierte testverfahren zur zertifizierung von wasserzeichen. In GI Jahrestagung (Schwerpunkt "Sicherheit - Schutz und Zuverlässigkeit") (2003), R. Grimm, H. B. Keller, and K. Rannenberg, Eds., vol. 36 of LNI, GI, pp ARNOLD, M., DAUM, H., AND BUSCH, C. Comparative study on fingerprint recognition systems - project biofinger. In BIOSIG (2003), A. Brömme and C. Busch, Eds., vol. 31 of LNI, GI, pp SALAMON, R., DAUM, H., BUSCH, C., AND PRETZEL, A. Benchmarking of face recognition systems - project bioface. In BIOSIG (2003), A. Brömme and C. Busch, Eds., vol. 31 of LNI, GI, pp NIU, X., SCHMUCKER, M., AND BUSCH, C. Video watermarking resisting to rotation, scaling, and translation, May BUSCH, C., AND WOLTHUSEN, S. D. Tracing data diffusion in industrial, Jan BUSCH, C., RADEMER, E., SCHMUCKER, M., AND WOLTHUSEN, S. Concepts for a watermarking technique for music scores, Nov

178 Research projects and grants TODO Teaching Biometric Systems System Development Media System Design Project 4 Digital Watermarking Security and Application of Mobile Agent Systems Network Security Signal Processing PhD and Master students TODO Awards and nominations TODO Professional activities Dean of Teaching in the faculty Media at h_da Chair of standardization committee DIN NI37 Member of the standardization committee ISO/IEC JTC1 SC37 Member of the CEN Biometrics Focus Group Member international advisory council of the BSI Member of the International Biometrics Advisory Council of EBF Vice chair of working group BIOSIG of the GI Chair of the working group 6 of the TeleTrust association Co-Founder and member of board of CAST-Forum 3

179 Curriculum Vitae - Jan Arild AUDESTAD Home address H N Hauges vei 47 C, 1523 Moss Office address NISlab, Faculty of Computer Science and Media Technology, Gjøvik University College, P. O. Box 191, N-2802 Gjøvik [email protected] Phone Citizenship Norwegian Languages Norwegian, English Education 1965 Master degree in theoretical physics, NTH Employment present Senior advisor in techno-economic strategy, Telenor ASA 2003 present Adjunct professor in information security, Gjøvik University College, Department of Computer Science and Media Technology 1993 present Adjunct professor in distributed processing, department of Telematics, NTNU Publications AUDESTAD, J. A., GAIVORONSKI, A. A., AND WERNER, A. S. Strategy evaluation under market uncertainty for a network provider in presence of competing virtual operators, Feb AUDESTAD, J. A. Telecommunications, databases, and evolution. Lecture Notes in Computer Science 2209 (2001), 1?? THANH, D. V., STEENSEN, S., AND AUDESTAD, J. A. Mobility management and roaming with mobile agents. Lecture Notes in Computer Science 1818 (2000), 123?? HERSTAD, J., THANH, D. V., AND AUDESTAD, J. Mobile communication and interaction in context. In Proceedings of the 1999 International Conference on Intelligent User Interfaces (IUI-99) (N.Y., Jan ), M. Maybury, Ed., ACM Press, pp TOMASGARD, A., DYE, S., WALLACE, S. W., AUDESTAD, J. A., STOUGIE, L., AND VLERK, M. H. V. D. Distributed, Apr TOMASGARD, A., AUDESTAD, J. A., DYE, S., STOUGIE, L., VLERK, M. H. V. D., AND WALLACE, S. W. Modelling aspects of distributed processing in telecommunication networks, May TOMASGARD, A., DYE, S., WALLACE, S. W., AUDESTAD, J. A., STOUGIE, L., AND VLERK, M. H. V. D. Modelling in distributed telecommunications networks, May TOMASGARD, A., DYE, S., WALLACE, S. W., AND AUDESTAD, J. A. Stochastic optimization models for distributed communications networks, May

180 2

181 Curriculum Vitae - Jose J. GONZALEZ Home address Grooseveien 36, N-4876, Grimstad, Norway Office address NISlab, Faculty of Computer Science and Media Technology, Gjøvik University College, P. O. Box 191, N-2802 Gjøvik (TODO) [email protected] Phone Citizenship Spanish Date of birth 1944 Languages Spanish, German, Norwegian, English Education 1978 Dr. techn. (PhD), Norwegian Technical University, Norway 1970 Dr. rer. nat.(phd), Natural Science/Physics, University of Kiel, Germany 1970 Dipl. Phys (MSc, Physics, University of Kiel, Germany Employment 2005 present Adjenct professor ( Professor II ) of Information Security, Gjøvik University College, Department of Computer Science and Media Technology present Professor of Information Security and System Dynamics, Agder University College, Department of Information and Communications Technology, Faculty of Technology and Science 2003 present Senior consultant (part-time), ProspectSim Senior consultant (part-time), Powersim Corporation Senior consultant (full-time), Powersim Corporation Senior consultant (part-time), Powersim Corporation Professor of Computer Science, Agder College Director, Agder College, Department of Computer Science Director, Agder College, Department of Industrial Economics Associated professor, Agder College Assistant professor, Norwegian Technical University Research fellow, University of Kiel, Germany, Department of physics Publications SVEEN, F. O., SARRIEGI, J. M., RICH, E., AND GONZALEZ, J. J. Toward viable information security reporting systems, QIAN, Y., AND GONZALEZ, J. J. Adapting group model building methods to improve information security data. In Proceedings of the 24th International Conference of the System Dynamics Society, Nijmegen, The Netherlands, July (2006), The System Dynamics Society.

182 GONZALEZ, J. J., WINTHER, R., GRAN, B. A., AND DAHLL, G. Towards a cyber security reporting system a quality improvement process. In Proceedings of the 24th International Conference on Computer Safety, Reliability, and Security, SAFECOMP 2005, Fredrikstad, Norway, September (Heidelberg, 2005), vol of Lecture Notes in Computer Science, Springer, pp QIAN, Y., GONZALEZ, J. J., AND SVEEN, F. O. Defining complex problems in organization using group model-building and system archetypes. In The Sustainable Development of Asia Pacific, Shanghai, China, November 4 6 (2005). RICH, E., MARTINEZ-MOYANO, I. J., CONRAD, S., CAPPELLI, D. M., MOORE, A. P., SHIMEALL, T. J., ANDERSEN, D. F., GONZALEZ, J. J., ELLISON, R. J., LIPSON, H. F., MUNDIE, D., SARRIEGUI, J. M., SAWICKA, A., STEWARD, R., TORRES, J. M., WEAVER, E. A., AND WIIK, J. Simulating insider cyber-threat risks: A model-based case and a case-based model. In Proceedings of the 23rd International Conference of the System Dynamics Society, Boston, USA, July (2005), The System Dynamics Society. SAWICKA, A., GONZALEZ, J. J., AND QIAN, Y. Managing CSIRT capacity as a renewable resource management challenge: An experimental study. In Proceedings of the 23rd International Conference of the System Dynamics Society, Boston, USA, July (2005), The System Dynamics Society. GONZALEZ, J. J., QIAN, Y., SVEEN, F. O., AND RICH, E. Helping prevent information security risks in the transition to integrated operations. Telektronikk 101, 1 (2005), WIIK, J., GONZALEZ, J. J., AND KOSSAKOWSKI, K.-P. Limits to effectiveness of computer security incident response teams (csirts). In Proceedings of the 23rd International Conference of the System Dynamics Society, Boston, USA, July (2005), The System Dynamics Society. GONZALEZ, J. J., AND SAWICKA, A. System dynamics student projects as quality improving process. In The 22nd International Conference of the System Dynamics Society, Oxford, UK, July (2004). WIIK, J., GONZALEZ, J. J., LIPSON, H. F., AND SHIMEALL, T. J. Dynamics of vulnerability - modeling the life cycle of software vulnerability. In Proceedings of the 22nd International Conference of the System Dynamics Society, Oxford, UK, July (2004), The System Dynamics Society. ANDERSEN, D. F., CAPPELLI, D. M., GONZALEZ, J. J., MOJTAHEDZADEH, M., MOORE, A. P., RICH, E., SARRIEGUI, J. M., SHIMEALL, T. J., STANTON, J. M., WEAVER, E. A., AND ZAGONEL, A. Preliminary system dynamics maps of the insider cyber-threat problem. In The 22nd International Conference of the System Dynamics Society, July (Oxford, UK, 2004). SAWICKA, A., AND GONZALEZ, J. J. Choice under risk in IT-environments according to cumulative prospect theory, vol. 35. Norwegian Academic Press, Kristiansand, Norway, 2003, pp RICH, E., AND GONZALEZ, J. J. Maintaining security and safety in high-threat e- operations transitions. In Hawaii International Conference on System Sciences, Hawaii, January 4 7 (2006). GONZALEZ, J. J. From Modeling to Managing Security: A System Dynamics Approach, vol. 35 of Forskningsserien. Norwegian Academic Press, Kristiansand, Norway, MELARA, C., SARRIEGUI, J. M., GONZALEZ, J. J., SAWICKA, A., AND COOKE, D. L. A system dynamics model of an insider attack on an information system, vol. 35. Norwegian Academic Press, Kristiansand, Norway, 2003, pp GONZALEZ, J. J., AND SAWICKA, A. The Role of Learning and Risk Perception in Compliance, vol. 35. Norwegian Academic Press, Kristiansand, Norway, 2003, pp GONZALEZ, J. J., AND SAWICKA, A. Modeling instrumental conditioning the behav- 2

183 ioral regulation approach. In Proceedings of the 36th Hawaii International Conference on System Sciences (HICSS 36), Big Island, Hawaii, January 6 9 (Washington, DC, USA, 2003), vol. 3, IEEE Computer Society, p GONZALEZ, J. J., AND SAWICKA, A. Modeling compliance as instrumental conditioning. In Fifth International Conference on Cognitive Modeling (ICCM 2003), Bamberg, Germany, April (2003), pp RYDZAK, F., BREISTRAND, L. S., SVEEN, F. O., QIAN, Y., AND GONZALEZ, J. J. Exploring resilience towards risks in eoperations in the oil and gas industry. In Proceedings of the 25th International Conference on Computer Safety, Reliability, and Security, SAFE- COMP 2006, Gdansk, Poland, September (2006), Lecture Notes in Computer Science, Springer-Verlag. SVEEN, F. O., QIAN, Y., HILLEN, S. A., RADIANTI, J., AND GONZALEZ, J. J. A dynamic approach to vulnerability and risk analysis of the transition to eoperations. In Proceedings of the 24th International Conference of the System Dynamics Society, Nijmegen, The Netherlands, July (2006), The System Dynamics Society. HILLEN, S. A., SVEEN, F. O., AND GONZALEZ, J. J. Using dynamic stories to communicate information security. In Proceedings of the 24th International Conference of the System Dynamics Society, Nijmegen, The Netherlands, July (2006), The System Dynamics Society. GONZALEZ, J. J., AND SAWICKA, A. Compliance - a tension between conditioning and cognition. Technology, Instruction, Cognition and Learning 3 (2006), WIIK, J., GONZALEZ, J. J., AND KOSSAKOWSKI, K.-P. Effectiveness of proactive CSIRT services. In Proceedings of the 18th Annual FIRST Conference, Baltimore, Maryland, USA, June (2006), Forum of Incident Response and Security Teams (FIRST). RADIANTI, J., SVEEN, F. O., AND GONZALEZ, J. J. Assessing risks of policies to patch software vulnerabilities. In Proceedings of the 24th International Conference of the System Dynamics Society, Nijmegen, The Netherlands, July (2006), The System Dynamics Society. SVEEN, F. O., GONZALEZ, J. J., AND SANDERS, R. L. Applying generic system archetypes to a beyond the core challenge. In Proceedings of the 23rd International Conference of the System Dynamics Society, Boston, USA, July (2005), The System Dynamics Society. Research projects and grants Recent projects founded by the Norwegian Research Council Project manager AMBASEC (A Model-based Approach to Security Culture). AM- BASEC aims at PhD and postdoctoral fellowships and it addresses security incident response and management. Project partners: SINTEF ( IRMA) and the Norwegian Oil Industry Association (OLF). Project manager /V30 Disseminating Insights from Complex Models to a Broader Audience. Postdoctoral project, Dr. Agata Sawicka. Project manager ISECBIDAT Improving Security by Improving Data. Project partners: CERT Coordination Center at Carnegie Mellon University; State University of New York at Albany and The Critical Infrastructure Modeling and Simulation Group at Sandia National Laboratories. SINTEF and Gjøvik University College in Norway. Co-manager. DAADppp: Assessment of Decision-Makers Performance in Complex Dynamic Microworlds. Collaboration with the University of Mainz, Germany. 3

184 Recent projects founded by industry A multinational company with roots in Sweden (SCA Packaging, has funded a PhD project on New Generation of Dynamic Planning Tools ( ) to develop a methodology encompassing the flexibility and user-friendliness of spreadsheets with dynamic simulation capabilities and enhanced data quality and security. In addition to the PhD project (PhD fellow is former co-founder of Powersim Co. and architect for the Powersim software, Magne Myrtveit) SCA Packaging has funded several minor projects (including Mastger-theses). The projects have involved the former CEO of SCA Packaging UK, John Williams, who has been promoted to CEO of SCA Packaging at the headquarters in Brussels. In addition, several managers and SCA Packagings research director have participated in the projects Professional activities Jointly with Dr. Eliot Rich, co-chair of mini-track on Cyber-threats and Emergent Vulnerabilities at the 39th Annual HICSS conference in January Commitment renewed for the 40th HICSS in January Commitment renewed for the 41st HICSS in January Organizer of Group Model Building Workshops, May 2005, in Grimstad and September 2005 in Bergen. Participants: University at Albany, Agder University College, SINTEF, Norwegian Oil Industry Association. Co-organizer of 2nd annual Workshop on System Dynamics Modeling for Information Security in February of 2004, at CERT/CC, Software Engineering Institute, Carnegie Mellon University. This invitational workshop had participants from institutions, including Carnegie Mellon University, Syracuse University, University at Albany, Worcester Polytechnic Institute, Sandia National Labs (all USA), and Agder University College and TECNUN, University of Navarra (both Europe). The workshop developed the research framework for the current application to NSF. Organizer of 1st annual Workshop on System Dynamics Modeling for Information Security in February of 2003, at Agder University College, Norway. This invitational workshop had participants from Agder University College, TECNUN, University of Navarra, University of Mainz (all from Europe) and University of Calgary (Canada). The workshop had a follow-up in the Security session at the International System Dynamics Conference in New York, July The papers from the workshop and the Security session were collected in a book (Gonzalez, Jose J, ed From Modeling to Managing Security: A System Dynamics Approach. Vol. 35, Research Series. Kristiansand, Norway: Norwegian Academic Press). In turn, papers from this book motivated researchers from CERT Coordination Center, Software Engineering Institute, Carnegie Mellon University and University at Albany among others to participate in the 2nd annual Workshop on System Dynamics Modeling for Information Security in February of Leader of SIG Security Dynamics, System Dynamics Society. As such, convener and chair of the Security sessions at the International Conferences of the System Dynamics Society in New York (2003), Oxford (2004), Boston (2005) and Nijmegen (2006). Co-organizer and local host of NATO Advance Study Institute on Automating Instructional Design: Computer-Based Development and Delivery Tools in July of 1993, at Agder University College, Norway. This NATO ASI was highly successful in shaping cross-disciplinary alliances involving learning theory, instructional design and system dynamics. Co-founder of Powersim and co-developer of system dynamics modeling tools ( Powersim software is ranked, together with Vensim and ithink, as leading system dynamics modeling tool. Involved in initiatives and projects to contain the spread of AIDS in various European countries. This was an important spin-off of my scientific activity of modeling 4

185 the spread of HIV. Apart from speeches, writings, etc addressed to the general public, public health authorities and Members of Parliament in several European countries, I coauthored teachware in English, French, German, Italian Norwegian and Spanish for use in schools and in public education. Co-authored one paper at Spektrum der Wissenschaft, Scientific American (Germany) about the epidemiology of AIDS. Authored about twenty essays on science for the general reader in Norwegian. 5

186 G Information security journals and conferences 179

187 Information security journals This is a list of the major journals we consider the most relevant for information security. It is most likely not complete since new journals appear quite frequently, but this should be a good snapshot for January 2007: Computers & Security (Elsevier) Computer Fraud & Security (Elsevier) Information Processing Letters (Elsevier) International Journal of Information Security (Springer) Journal of Cryptology (Springer) Designs, Codes and Cryptography (Springer) ACM Transactions on Information and Systems Security IEEE Transactions on Dependable and Secure Computing IEEE Security & Privacy Computer Law & Security Report (Elsevier) Information Security Technical Report (Elsevier) International Journal of Critical Infrastructure Protection (Elsevier) Journal of Computer Security (IOS) Information Management and Computer Security (Emerald) Cryptologia IEEE Transactions on Information Forensics and Security Int. Journal of Security and Networks (Inderscience) Int. Journal of Information and Comp. Security (Inderscience) IEICE Trans. on Fund. of Electronics, Communications & Comp. Sc. IET Information Security 1

188 Information security conferences This list is to a large extent based on the list maintained by Marcus Granado and Markus Kuhn at the Security Group, Computer Laboratory, University of Cambridge, available from ACISP Australasian Conference on Information Security and Privacy ACM-MSW ACM Multimedia Security Workshop ACNS Applied Cryptography and Network Security ACSAC Annual Computer Security Applications Conference AES Conference on the Advanced Encryption Standard AINA International Conference on Advanced Information Networking and Applications AISW Australasian Information Security Workshop ARSPA Automated Reasoning for Security Protocols Analysis AReS International Conference on Availability, Reliability and Security ASIACRYPT Advances in Cryptology AUSCERT Asia Pacific Information Technology Security Conference BCS Bellua Cyber Security BioAW Biometric Authentication Workshop CALP International Colloquium on Automata, Languages and Programming CAMSECWEST CamSecWest/core CARDIS Smart Card Research and Advanced Application IFIP Conference CAV Computer Aided Verification CCC Chaos Communication Congress CCS ACM Conference on Computer and Communications Security CEAS Conference on and Anti-Spam CERIAS Annual CERIAS Research Symposium 2

189 CERICS Workshop on Current and Emerging Research Issues in Computer Security CHES Workshop on Cryptographic Hardware and Embedded Systems CHINACOM International Conference on Communications and Networking in China CIIW CRIS International Workshop on Critical Information Infrastructures CIS International Conference on Computational Intelligence and Security CMS IFIP Conference on Communications and Multimedia Security CRYPTO Advances in Cryptology Cyprus-Infosec Cyprus Infosec DEFCON DEFCON DEXA-ECWEB International Conference on Electronic Commerce and Web Technologies (DEXA) DEXA-EGOV EGOV Conference within the Dexa Conference Framework DEXA-TRUSTBUS Trust and Privacy in Digital Business DFRWS Digital Forensics Workshop DIMACS Center for Discrete Mathematics & Theoretical Computer Science DIMVA Detection of Intrusions and Malware & Vulnerability Assessment DRM Digital Rights Management Conference DRM-TICS Digital Rights Management: Technology, Issues, Challenges and Systems E-smart International Conference on Research in Smart Cards EBUSINESS International Conference on New Methods, Tools & Technologies in International E-Business EC ACM Conference on Electronic Commerce ECIW European Conference on Information Warfare and Security ECRYPT-CRYPTOHW Summer school on cryptographic hardware, side-channel and fault attacks ECRYPT-RLWC ECRYPT Workshop on RFID and Light-Weight Crypto EICAR EICAR Annual Conference ESAS European Workshop on Security and Privacy in Ad-Hoc and Sensor Networks 3

190 ESCAR Embedded Security in Cars ESOP European Symposium on Programming ESORICS European Symposium on Research in Computer Security ETRICS International Conference on Emerging Trends in Information and Communication Security EUROCRYPT Advances in Cryptology EUROPKI European PKI Workshop Research and Applications EWSN European Workshop on Wireless Sensor Networks FAST International Workshop on Formal Aspects in Security and Trust FC Financial Cryptography FCS Foundations of Computer Security FDTC Workshop on Fault Diagnosis and Tolerance in Cryptography FIRST FIRST Global Computer Security Network conference FLAIRS Florida Artificial Intelligence Research Society Conference FOIKS Third International Symposium on Foundations of Information and Knowledge Systems FOSAD International School on Foundations of Security Analysis and Design FSE Fast Software Encryption Workshop GAN Workshop on Grids and Advanced Networks GSC Global Security Challenge Conference HITB Hack In The Box I-NetSec Privacy and Anonymity Issues in Networked and Distributed Systems I3E IFIP Conference on e-commerce, e-business, and e-government IAS International Symposium on Information Assurance and Security IASTED-CNIS IASTED International Conference on Communication, Network and Information Security ICDCS International Conference on Distributed Computing Systems ICEIS-PBA International Workshop on Protection by Adaptation 4

191 ICETE International Conference on E-Business and Telecommunication Networks ICGeS International Conference on Global E-Security ICICS International Conference on Information and Communications Security ICISC International Conference on Information Security and Cryptology ICONS International Conference on Network Security and Workshop ICoEC International Conference on E-Commerce IEE-CS IEE Conference on Crime and Security: The Technical Fight IEE-ICDP IEE International Symposium on Imaging for Crime Detection and Prevention IEEE-CCNC IEEE Consumer Communications and Networking Conference IEEE-CEC IEEE Conference on E-Commerce Technology IEEE-CSFW IEEE Computer Security Foundations Workshop IEEE-DASC IEEE Symposium on Dependable, Autonomic, and Secure Computing IEEE-DSSNS IEEE Workshop on Dependability and Security in Sensor Networks and Systems IEEE-EEE IEEE International Conference on e-technology, e-commerce and e-service IEEE-GLOBECOM IEEE GlobeCom IEEE-ICC IEEE Symposium on Network Security and Information Assurance IEEE-IWIA IEEE International Information Assurance Workshop IEEE-PERCOM IEEE International Conference on Pervasive Computing and Communications IEEE-PERSEC IEEE International Workshop on Pervasive Computing and Communication Security IEEE-POLICY IEEE International Workshop on Policies for Distributed Systems and Networks IEEE-SCC IEEE Symposium on Computer and Communications IEEE-SECON IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks IEEE-SISW IEEE Security in Storage Workshop 5

192 IEEE-SP IEEE Workshop on Security and Privacy IEEE-TC IEEE Transactions on Computers IEEE-Ubisafe IEEE International Symposium on Ubisafe Computing IFIP-119 Annual IFIP WG 11.9 International Conference on Digital Forensics IFIP-DBSEC IFIP WG 11.3 Working Conference on Data and Applications Security IHW Information Hiding Workshop IMA-ICCC IMA International Conference on Cryptography and Coding IMF International Conference on IT-Incident Management & IT-Forensics INDOCRYPT International Conference on Cryptology in India IS2 Information Security Summit ISC Information Security Conference ISCF Information Security and Computer Forensics ISNG Information Systems: New Generations ISPEC Information Security Practice and Experience Conference ISSA Information Security South Africa ISSSE Internation Symposium on Secure Software Engineering ITA International Conference on Internet Technologies and Applications ITCC International Conference on Information Technology: Coding and Computing IWAP International Workshop for Applied PKI IWCIP IEEE International Workshops on Critical Infrastructure Protection IWWST International Workshop in Wireless Security Technologies InfoSeCon International Information Security Conference LATIN Latin American Theoretical INformatics LSAD Workshop on Large Scale Attack Defense LSPI International Conference on Legal, Security and Privacy Issues in IT Law MATA International Workshop on Mobility Aware Technologies and Applications MCIS Mexican Conference on Informatics Security 6

193 MMM-ACNS Mathematical Methods, Models and Architectures for Computer Networks Security MOBIHOC ACM International Symposium on Mobile Ad Hoc Networking and Computing MOBIQUITOUS Annual International Conference on Mobile and Ubiquitous Systems MOBIS IFIP TC8 Working Conference on Mobile Information Systems MOBISYS International Conference on Mobile Systems, Applications, and Services MYCRYPT International Conference on Cryptology in Malaysia NDSS Network and Distributed System Security Symposium NIST-HASH NIST Cryptographic Hash Workshop NIST-RNG NIST Random Number Generator Workshop NSPW New Security Paradigms Workshop Nordsec Nordic Workshop on Secure IT-Systems OSCDT Optical Security and Counterfeit Deterrence Techniques OSDI Symposium on Operating System Design and Implementation OTM-IS International Workshop on Security P2PECON Workshop on Economics of Peer-to-Peer Systems PERVASIVE International Conference on Pervasive Computing PET Workshop on Privacy Enhancing Technologies PKC International Workshop on Practice and Theory in Public Key Cryptography PKIRD Annual PKI R&D Workshop PODC Annual ACM SIGACT-SIGOPS Symposium on Principles of Distributed Computing PSD Privacy in Statistical Databases QoP Quality of Protection Security Measurements and Metrics RAID International Symposium on Recent Advances in Intrusion Detection RFIDSec Workshop on RFID Security RSA RSA Conference 7

194 SAC Annual ACM Symposium on Applied Computing SACMAT ACM Symposium on Access Control Models and Technologies SAFECOMP International Conference on Computer Safety, Reliability and Security SANE International System Administration and Network Engineering Conference SAPIFBS Workshop: Security and Privacy in Future Business Services SASEMAS International Workshop on Safety and Security in Multiagent Systems SASN ACM Workshop on Security of Ad Hoc and Sensor Networks SBRC Brasilian Symposium on Computer Networks SCC International ITG Conference on Source and Channel Coding SCW Securing Cyberspace Workshop SDM Workshop on Secure Data Management SEC IFIP International Information Security Conference SECOVAL Workshop on the Value of Security through Collaboration SECURECOMM International Conference on Security and Privacy for Emerging Areas in Communication Networks SHARCS Special-purpose Hardware for Attacking Cryptographic Systems SKLOIS-CISC SKLOIS Conference on Information Security and Cryptology SKM Secure Knowledge Management Workshop SOUPS Symposium on Usable Privacy and Security SP International Workshop on Security Protocols SPC International Conference on Security in Pervasive Computing SPPC Workshop on Security and Privacy at the Conference on Pervasive Computing SRUTI Workshop on Steps to Reducing Unwanted Traffic on the Internet SSI International Symposium on System and Information Security SSWMC Security, Steganography, and Watermarking of Multimedia Contents STACS International Symposium on Theoretical Aspects of Computer Science STD3S International Workshop on Security and Trust in Decentralized/Distributed Data Structures 8

195 STM Security and Trust Management SWING PhD School on Security for Wireless Networking SecCulture Security Culture Workshop SecPerU International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing SecQoS Workshop on Security and QoS in Communication Networks Secure-Madnes Secure Mobile Ad-hoc Networks and Sensors TCC Theory of Cryptography Conference TCS IFIP International Conference on Theoretical Computer Science TPHOLS International Conference on Theorem Proving in Higher Order Logics TRIDENTCOM IEEE/Create-Net Conference on Test beds and Research Infrastructures for the Development of Networks and Communities TRISC Texas Regional Infrastructure Security Conference TRUST International Workshop on Trustworthiness, Reliability and services in Ubiquitous and Sensor networks TSPUC International Workshop on Trust, Security and Privacy for Ubiquitous Computing UKUBINET UK-UbiNet Workshop USENIX-EC USENIX Workshop on Electronic Commerce USENIX-SEC USENIX Security Symposium VIETCRYPT International Conference on Cryptology in Vietnam WCA Workshop on Cryptographic Algorithms and Their Uses WCAN Workshop on Cryptography for Ad hoc Networks WEIS Annual Workshop on Economics of Information Security WHOLES Wholes Workshop: A Multiple View of Individual Privacy in a Networked World WIA Workshop on Information Assurance WISA International Workshop on Information Security Applications WISE ACM Workshop on Wireless Security 9

196 WISP International Workshop on Security Issues with Petri Nets and other Computational Models WITS IFIP WG 1.7 Workshop on Issues in the Theory of Security WORM Workshop on Recurring Malcode WOSIS International Workshop on Security in Information Systems WPES Workshop on Privacy in the Electronic Society WSAC Annual Workshop on Selected Areas in Cryptography WSNS International Workshop on Wireless and Sensor Networks Security WTCISS World Telecommunications Congress WWW WWW Conference itrust International Conference on Trust Management 10

197 H List of publications by NISlab faculty members 190

198 NISlab Publications This is the complete list of publications by NISlab faculty and PhD students where the papers have been written while at NISlab. References [1] COLE, J. L., AND WOLTHUSEN, S. D., Eds. Proceedings of the Fourth IEEE International Workshop on Information Assurance (IWIA 2006) (Royal Holloway, UK, Apr. 2006), IEEE Press. [2] DAHL, O. M., AND WOLTHUSEN, S. D. Modeling and execution of complex attack scenarios using interval timed colored petri nets. In Proceedings of the Fourth IEEE International Workshop on Information Assurance (IWIA 2006) (Royal Holloway, UK, Apr. 2006), IEEE Press, pp [3] DYRKOLBOTN, G. O., AND SNEKKENES, E. A wireless covert channel on smart cards. In Information and Communications Security, 8th International Conference, ICICS 2006, Raleigh, NC, USA, December 4-7, 2006, Proceedings (2006), Lecture Notes in Computer Science, Springer, pp [4] GAFUROV, D., HELKALA, K., AND SØNDROL, T. Biometric gait authentication using accelerometer sensor. Journal of Computers 1, 7 (2006). [5] GAFUROV, D., HELKALA, K., AND SØNDROL, T. Gait recognition using acceleration from MEMS. In Proceedings of The First International Conference on Availability, Reliability and Security (ARES 2006) (2006), pp [6] GAFUROV, D., SNEKKENES, E., AND BOURS, P. Gait authentication and identification using wearable accelerometer sensor. In Proceedings of the IEEE Workshop on Automatic Identification Advanced Technologies (AutoID 2007) (to appear) (2007). [7] GAFUROV, D., SNEKKENES, E., AND BUVARP, T. E. Robustness of biometric gait authentication against impersonation attack. In OTM Workshops (1) (2006), Lecture Notes in Computer Science, Springer, pp [8] GONZALEZ, J. J., SARRIEGI, J. M., AND GURRUTXAGA, A. A framework for conceptualizing social engineering attacks. In Critical Information Infrastructures Security, First International Workshop (2006), Lecture Notes in Computer Science, Springer, pp [9] GRAF, F., AND WOLTHUSEN, S. D. A capability-based transparent cryptographic file system. In Proceedings of CYBERWORLDS 2005 (Singapore, Nov. 2005), IEEE Press, pp

199 [10] HÄMMERLI, B. M., AND WOLTHUSEN, S. D., Eds. Proceedings of CIP Europe: Critical Infrastructure Protection (Bonn, Germany, Sept. 2005), Gesellschaft für Informatik. [11] HÄMMERLI, B. M., AND WOLTHUSEN, S. D., Eds. Proceedings of the First IEEE International Workshop on Critical Infrastructure Protection (IWCIP 2005) (Darmstadt, Germany, Nov. 2005), IEEE Press. [12] HASLE, H., KRISTIANSEN, Y., KINTEL, K., AND SNEKKENES, E. Measuring resistance to social engineering. In Information Security Practice and Experience: First International Conference, ISPEC 2005, Singapore, April (2005), vol of Lecture Notes in Computer Science, Springer, pp [13] HELKALA, K. Authentication in norwegian health services. In Proceedings of the International Symposium on Health Informatics and Bioinformatics, Turkey 07 (to appear) (2007). [14] HJELMÅS, E., AND WOLTHUSEN, S. D. Full-Spectrum Information Security Education: Integrating B.Sc., M.Sc., and Ph.D. Programs. In Proceedings of the Third Annual Conference on Information Security Curriculum Development (ACM InfoSecCD) (Kennesaw, GA, USA, 2006), ACM Press, pp [15] KOSMERLJ, M., FLADSRUD, T., HJELMÅS, E., AND SNEKKENES, E. Face recognition issues in a border control environment. In Proceedings of Advances in Biometrics, International Conference, ICB 2006, Hong Kong, China, January 5 7 (2006), D. Zhang and A. K. Jain, Eds., vol of Lecture Notes in Computer Science, Springer, pp [16] LANGWEG, H. Building a trusted path for applications using COTS components. In Proceedings of NATO RTO IST Panel Symposium on Adaptive Defence in Unclassified Networks, Toulouse, France, April (2004), pp [17] LANGWEG, H. If you stretch it too far, it breaks challenges of biased technology. In Risks and Challenges of the Network Society: Proceedings of the Second IFIP 9.2, 9.6/11.7 Summer School, Karlstad, Sweden, August 4 8, 2003 (2004), P. Duquenoy, S. Fischer-Hübner, J. Holvast, and A. Zuccato, Eds., vol. 2004:35 of Karlstad University Studies, pp [18] LANGWEG, H. Framework for malware resistance metrics. In QoP 06: Proceedings of the 2nd ACM workshop on Quality of protection (New York, NY, USA, 2006), ACM Press, pp [19] LANGWEG, H. Malware attacks on electronic signatures revisited. In Proceedings of Sicherheit 2006 : Jahrestagung Fachbereich Sicherheit der Gesellschaft für Informatik, Magdeburg, Germany, February (2006), J. Dittmann, Ed., Lecture Notes in Informatics, Gesellschaft für Informatik, pp

200 [20] LANGWEG, H., AND SNEKKENES, E. A classification of malicious software attacks. In Proceedings of 23rd IEEE International Performance, Computing, and Communications Conference, Phoenix, AZ, USA, April (2004), IEEE Computer Society, pp [21] MANDT, T. K., AND TAN, C. H. Certificateless authenticated two-party key. In 11th Annunal Asian Computing Science Conference (ASIANâĂŹ06), (to appear) (2007), vol. 4xxx of Lecture Note in Computer Science, Springer Verlag. [22] ØVERLIER, L., BREKNE, T., AND ÅRNES, A. Non-expanding transaction specific pseudonymization for IP traffic monitoring. In 4th International Conference on Cryptology and Network Security (CANS 2005), Xiamen, China, December (2005), pp [23] ØVERLIER, L., AND SYVERSON, P. Locating hidden servers. In Proceedings of the 2006 IEEE Symposium on Security and Privacy (S&P 06), Berkeley/Oakland, California, USA, May (2006), IEEE Computer Society, pp [24] ØVERLIER, L., AND SYVERSON, P. Valet services: Improving hidden servers with a personal touch. In Proceedings of The 6th Workshop on Privacy Enhancing Technologies, Cambridge, UK, June (2006). [25] PETROVIĆ, SLOBODAN, M. M. A comparison between the silhouette index and the davies-bouldin index in labelling ids clusters (to appear). In Proceedings of the 11th Nordic Workshop on Secure IT-systems, NORDSEC 2006 (2006), pp. pp [26] PETROVIĆ, S., ÁLVAREZ, A. O., AND CARBÓ, J. Labelling ids clusters by means of the silhouette index. In Proceedings of the the IX Spanish Conference on Cryptography and Information Security (2006), pp [27] PETROVIĆ, S., ÁLVAREZ, G., ORFILA, A., AND CARBÓ, J. Labelling clusters in an intrusion detection system using a combination of clustering evaluation techniques. In Proceedings of the 39th Hawaii International Conference on System Sciences, Kauai, Hawaii, U.S.A. (Jan. 2006), IEEE Computer Society Press. [28] SEEBERG, V. E., AND PETROVIĆ, S. A new classification scheme for anonymization of real data used in ids benchmarking. In Proceedings Second International Conference on Availability, Reliability and Security (ARES 2007) (to appear) (2007). [29] SNEKKENES, E. Preface to the special issue on ESORICS International Journal of Information Security 4, 3 (2005), [30] SNEKKENES, E., AND GOLLMANN, D., Eds. Computer Security - ESORICS 2003, 8th European Symposium on Research in Computer Security, Gjøvik, Norway, October (2003), vol of Lecture Notes in Computer Science, Springer. [31] SVEEN, F. O., SARRIEGI, J. M., RICH, E., AND GONZALEZ, J. J. Toward viable information security reporting systems,

201 [32] SVENDSEN, N. K., AND WOLTHUSEN, S. D. Connectivity models of interdependency in mixed-type critical infrastructure networks. Information Security Technical Report (to appear) (2007). [33] SVENDSEN, N. K., AND WOLTHUSEN, S. D. Multigraph dependency models for heterogeneous critical infrastructures. In Proceedings of the First Annual IFIP WG International Conference on Critical Infrastructure Protection (to appear) (2007). [34] TAN, C. H. Analysis of improved signcryption scheme with key privacy. Inf. Process. Lett. 99, 4 (Aug. 2006), [35] TAN, C. H. Chosen ciphertext security from identity-based encryption without strong condition. In Advances in Information and Computer Security, First International Workshop on Security, IWSEC 2006 (2006), Lecture Notes in Computer Science, Springer, pp [36] TAN, C. H. A new signature scheme without random oracles. International Journal of Security and Networks Vol 1, 3/4 (Dec. 2006), [37] TAN, C. H. On waters signature scheme. IEICE Trans. Fundam. Electron. Commun. Comput. Sci. E89-A, 10 (Oct. 2006), [38] TAN, C. H. Public-key encryption from id-based encryption without one-time signature. In OTM Workshops (1) (2006), Lecture Notes in Computer Science, Springer, pp [39] TAN, C. H. A secure signature scheme. In Symposium of Computer and Network Security, part of International Wireless Communications and Mobile Computing Conference 2006 (IWCMC 2006) (2006), The ACM Press. [40] TAN, C. H. Security analysis of signcryption scheme from q-diffie-hellman problems. IEICE Transactions on Fundamentals E89-A, 1 (Jan. 2006), [41] TAN, C. H. Signature scheme in multi-user setting. IEICE Transactions on Fundamentals E89-A, 1 (May 2006), [42] TAN, C. H. Insider-secure hybrid signcryption scheme without random oracles. In Proceedings of the 1st International Workshop on Advances in Information Security, part of International Conference on Availability, Reliability and Security 2007 (ARES 2007) (to appear) (2007). [43] TAN, C. H., AND TEO JOSEPH, C. M. Energy-efficient id-based group key agreement protocols for wireless networks. In The International Workshop on Security in Systems and Networks (SSN2006), in conjunction with the 20th IEEE International Parallel and Distributed Processing Symposium (IPDPS 2006) (2006). [44] TAN, C. H., AND TEO JOSEPH, C. M. Protection against web-based password phishing. In Third International Conference on Information Technology: Next Generations (ITNG 2007) (to appear) (2007), The IEEE Computer Society Press. 4

202 [45] TEO JOSEPH, C. M., AND TAN, C. H. Energy efficient and scalable group key agreement for large ad hoc network. In The 2nd ACM International Workshop on Performance Evaluation of Wireless Ad Hoc, Sensor, and Ubiquitous Networks (PE-WASUN 2005) (2005), pp [46] TEO JOSEPH, C. M., AND TAN, C. H. Authenticated Dynamic Group Key Agreement for Autoconfigurable Mobile Ad Hoc Networks. IEICE Trans Commun E89-B, 9 (Sept. 2006), [47] TEO JOSEPH, C. M., TAN, C. H., NG, AND MEE, J. Low-power authenticated group key agreement for heterogeneous wireless networks. International Journal of Security and Networks 1, 3/4 (Dec. 2006), [48] TEO JOSEPH, C. M., TAN, C. H., AND NG, J. M. Low-power group key agreement for heterogeneous wireless networks. In Symposium of Computer and Network Security, part of International Wireless Communications and Mobile Computing Conference 2006 (IWCMC 2006) (2006), The ACM Press. [49] TEO JOSEPH, C. M., TAN, C. H., AND NG, J. M. Security analysis of provably secure constant round dynamic group key agreemen. IEICE Trans. on Fundamentals of Electronics, Communications and Computer Sciences E89-A, 11 (Nov. 2006), [50] TEO JOSEPH, C. M., TAN, C. H., AND NG, J. M. Authenticated group key agreement against dos in heterogeneous wireless networks. In IEEE Wireless Communications and Networking Conference 2007 (to appear) (2007). [51] WIEHE, A., HJELMÅS, E., AND WOLTHUSEN, S. D. Quantitative analysis of efficient antispam techniques. In Proceedings from the Seventh Annual IEEE SMC Information Assurance Workshop, United States Military Academy, West Point, NY, USA, June (West Point, NY, USA, June 2006), IEEE Press, pp Accepted for publication. [52] WOLTHUSEN, S. D. Gis-based command and control infrastructure for critical infrastructure protection. In Proceedings of the First IEEE International Workshop on Critical Infrastructure Protection (IWCIP 2005) (Darmstadt, Germany, Nov. 2005), IEEE Press, pp [53] WOLTHUSEN, S. D. Information sharing and decision support for C(I)IP. In Proceedings of CIP Europe: Critical Infrastructure Protection (Bonn, Germany, Sept. 2005), Gesellschaft für Informatik, pp [54] WOLTHUSEN, S. D. Revisionssichere protokollierung in standardbetriebssystemen. Datenschutz und Datensicherheit LVII, 5 (May 2006), [55] WOLTHUSEN, S. D. Risikomanagement, sicherheitspolitiken und technische verfahren zur durchsetzung von sicherheitspolitiken (i). IT-Sicherheit & Datenschutz, 4 (Mar. 2006),

203 [56] WOLTHUSEN, S. D. Risikomanagement, sicherheitspolitiken und technische verfahren zur durchsetzung von sicherheitspolitiken (ii). IT-Sicherheit & Datenschutz, 4 (Apr. 2006), [57] WOLTHUSEN, S. D. Secure visualization of GIS data. In Proceedings from the Seventh Annual IEEE SMC Information Assurance Workshop, United States Military Academy, West Point, NY, USA, June (West Point, NY, USA, June 2006), IEEE Press, pp Accepted for publication. [58] WOLTHUSEN, S. D. Sichere geo-webdienste. Business Geomatics 1, 2 (2006), 35. [59] WOLTHUSEN, S. D. Windows Device Interface Security. Information Security Technical Report 11, 4 (Dec. 2006), [60] WOLTHUSEN, S. D. Automated Extraction of Behavioral Profiles from Document Usage. BT Technology Journal 25, 1 (Jan. 2007), [61] WOLTHUSEN, S. D. The role of mathematics in information security education. In Proceedings 5th IFIP TC11.8 World Conference on Information Security Education, WISE5 (to appear) (2007). 6

204 I List of master theses in information security

205 Master theses information security Name Thesis Supervisor Hasle Hågen Aspect-oriented programming and security Snekkenes Holm Ola Risk management of information systems in dynamic enviroments Snekkenes Kintel Ketil Using hash values to identify fragments of evidence Snekkenes Kosmerlj Marijana Passport of the future - Biometrics against Identity Theft Snekkenes Mathisen Johnny Measuring Information Security Awareness Snekkenes Målbakken Ole Kristian Towards Measuring Legal Compliance Snekkenes Nygård Arne Roar Risikostyrt informasjonssikkerhet i driftskontrollsystem Snekkenes Simonsen Geir En prosess for Sikkerhets Metrikk Program Snekkenes Stamland Frank-Arne Is BS 7799 worth the effort Snekkenes Torseth Espen Private and Accountable Storage in Distributed and Dynamic Environements Audestad Tvenge Morten Using Benchmarking to improve IDS configurations Snekkenes Wold Gullik Key factors in making Information Security Policies effective Snekkenes 2005 Name Thesis Supervisor Bakås Tone Hoddø Good Practice in Measuring Information Security Level Volden Belsaas Jørgen Measuring security in a grid computing environment Petrović Botnen Ståle Metric for Measuring Security in Peer-to-Peer Software Petrović Dahl Ole Martin Using Coloured Petri Nets in Penetration Testing Hjelmås Deisz Joachim Internet filtering and how it affects security, efficiency and thriving in Norwegian companies Petrović Fladsrud Tom Face Recognition in a border control environment: Non-zero Effort Attacks' Effekt on False Acceptance Rate Hjelmås Gjerde Randi Browser eavesdropping Øverlier Gravnås Henning User's trust in Biometric Authentication Systems Helkala Hagen Jan-Erik Measure data quality in a Human Realtion environment Audestad Hauge Erling Olai Antispam operations in large scale Hjelmås Kjærem Ivar Benchmarking CSIRT work processes Petrović Kristiansen Yngve Remote Assessment of Client Trustworthiness Snekkenes Leirdal Frøydis Authentication and usability Petrović Lieungh Steinar Rate Vulnerability Reducing Measures for Home Offices Based on a Cost Effectiveness Analysis Petrović Malmedal Bjarte Using Netflows for slow portscan detection Petrović Mangnes Bjarne The use of Levenshtein distance in computer forensics Petrović Mjømen Terje Assessing countermeasures against spyware Petrović Moe Sverre A Mobile Single Sign-On Solution: Authenticating the Personal User Snekkenes Nymoen Lars-Otto Measuring Security in Environments Petrović Olsen Ole Kasper Adversary Modelling Snekkenes Orderløkken Tore Larsen Security Incident handling and reporting Petrović Rinnan Robert Benefits of Centralized Log file Correlation Petrović Rotmo Britt Karin Does security policies have any effect used as isolated security mechanisms? Volden Simonsen Jan Vidar Patch Management Security Petrović Skarderud Fredrik L. Protecting Sensitive Data on a PC by a Custom Algorithm Petrović Sollie Roar S. Security and usability assessment of several authentication technologies Petrović Søndrol Torkjel Using the Human Gait for Authentication Snekkenes Ween Morten Framework for formulation of portable information security requirements Snekkenes Wiehe Anders Comparing Anti Spam Methods Hjelmås 2006 Name Thesis Supervisor Awan Haneef A Qualitative Study of Information Security Initiatives in Anglosphere and Nordic Countries Jose Berget Ståle Jonny Authentication in Mobile Ad-hoc network (MANET) Tan Buvarp Tor Erik Hip movement based Authentication - How will imitation affect the results? Snekkenes Byfuglien Mats A mobile single sign-on system Snekkenes Egeberg Tommy Storage of sensitive data in a Java enabled cell phone Snekkenes Gilberg Frode Petter Can Network Security be Fun? An agent-based Simulation Model and Game proposal Snekkenes + Torseth Grønland Vidar Ajaxon Building IDS rules by means of a honeypot Petrović Hasli Håvard The use of Situation Assessment in a Wireless Intrusion Detection System Petrović Hayati-Karun Hossein Security Incidents Handling and Organisational Models Petrović Herland Turid The use of k-best path algorithms in clock control sequence reconstruction Petrović Jahr Stian Security versus Power Consumption Snekkenes Knashaug Kenneth Questions regarding the protection of privacy when introducing biometrics into the Norwegian passports Volden Kristiansen Tommy Trusted Path in Client-server application Hanno Mandt Tarjei Kristoffer Certificateless Authenticated Two-Party Key Agreement Protocols Tan Moe Espen Langvegg Signature based authentication using acceleration Snekkenes Nilsen Tom Managing the development of secure electronic banking Petrović Pettersen Jon Fredrik Vulnerability study of selected parts of Norwegian biometric passports Snekkenes Seeberg Vidar Evenrud Anonymization of real data for IDS benchmarking Petrović Skar Rune Linchausen Systemdynamisk tilnærming for risikoanalyse av transformasjonen til Nettverksbasert forsvar Gonzalez + Johnsen Smestad Mats Erik Kernighan-Lin Heuristic in an IDS Petrović Storvik Eskild Consequences of centralizing ICT systems within a health care organization Svendsen Terkelsen Harald Data collection on security flaws caused by design errors Langweg Trontveit Jan Inge Clock Control Sequence Reconstruction in the Generalized Shrinking Generator Petrović Vesterås Brita Analysis of Key Agreement Protocols Tan

206 J Some history on terminology 199

207 Some history on terminology Communication security or COMSEC has been employed since antiquity [21, 9, 10, 11], even using cryptographic and steganographic techniques, although the use of mathematical techniques is strictly an achievement of the twentieth century concomitant with the introduction of electronic communication. Whether used for personal privacy, commercial, diplomatic, intelligence, or military purposes, the objectives of as well as the need for COMSEC were well-defined along the entire gamut of applications. Historically, these objectives could be accomodated by relatively simple mechanisms and devices (e.g. using commercial code books or link encryption devices) which permitted viewing the transmission mechanism as an abstract channel (at least since the publication of [46, 45, 43, 44]) ensuring through appropriate mechanisms the protection from transmission errors, jamming, and so forth. However, particularly in defense and intelligence applications additional considerations beyond the obvious cipher discipline (also known as cryptosecurity) issues had to be made to achieve additional objectives or to ensure operation in adverse environments. These considerations [33] particularly include emission security (formerly also known as emanations security (EMSEC)) since adversaries can be assumed to have the capability to eavesdrop on sonic, electromagnetic, or optical emanations generated by equipment processing the communications to be encrypted 1. This aspect not only had to be considered by the equipment for processing the communications but also had to take possible EMSEC violations on the part of the COMSEC mechanism itself into account. This recognition (as e.g. caused by the observation of faint crosstalk between field telephones in World War I [30] or plaintext- and ciphertext-carrying signals [13, 18, 57, 1] in intercepts of communications thought by the originator to be consisting only of ciphertext signals) extended the scope of COMSEC significantly beyond merely ensuring the physical security of equipment, material, and documents. Emanations issues discussed in the open literature range from simple serial transmission protocols [47] to CRT displays (only partly obsoleted by the move to LCD units since even digital video interfaces generate high frequency signals that can be intercepted) [51, 16] and optical status displays found on communications equipment [26]. In addition, the presence of any detectable or trackable signal, whether protected by cryptographic means or otherwise, is frequently undesirable since an adversary can learn of the fact that communications are taking place and derive adequate intelligence from this information or can utilize the signals to locate the origins of a signal; the denial of such information to adversaries is included in the definition of COMSEC in the form of transmission security (TRANSEC). Besides obvious approaches such as limiting 1 Historically, EMSEC protection has also been known by the code name TEMPEST [31] which is defined as an unclassified synonym for compromising emanation [32]. 1

208 transmission duration, one of the most common techniques for reducing the usable signal energy available to adversaries for detecting the origin of transmission while at the same time providing additional benefits in the form of resistance to signal jamming is spread-spectrum communication, which is also used extensively in civilian wireless telecommunications for this reason alone. The term spread-spectrum communication encompasses a number of signaling techniques in which the transmitted bandwidth is significantly larger than required by the data rate and the transmitted bandwidth is determined by a function independent of the message which is known to both sender and receiver [38, 42, 7]. Indeed, one of the earliest descriptions of spread-spectrum techniques in a 1935 patent application by P. Kotowski and K. Dannehl explicitly described an encryption device based on the combination of broadband noise with the payload signal [22]. Both EMSEC and TRANSEC introduced the need to consider the overall communication system s properties and therefore to control configurations and, even more importantly, also changes in configurations during the operational lifetime of a communication system, an issue that recurred in computer security with severe consequences. However, despite these intricate considerations, the models used in historical COMSEC must still be considered relatively simple, not least because protective measures for many of the aspects of COMSEC were based in well-understood physical problems, protection for which could be provided by approximate engineering approaches such as shielding and spread-spectrum communication. In contrast to this situation, the introduction of general purpose computers soon injected significant levels of complexity into the protection and security of such systems that were not amenable to such approaches and instead required precise formal mathematical models and provable correctness of implementations. These problems were quickly understood to be beyond the reach of mathematical solutions in the most general case [12]. Protection and security within computer systems (as opposed to external protection that could be handled through physical security and organizational policies) gained immediate relevancy as soon as the transition from closed-shop batch operation with implicitly trusted operators to multiprogramming [48] and time-sharing [27, 35, 28, 15] were first contemplated [24, 8, 56, 58] 2. The discussion in case of computer security or COMPUSEC, however, appears to have originated mainly in the civilian and academic sector [20] and was initially framed mainly in terms of protecting programs and computations from other programs (as 2 The origins of the concept of time-sharing itself has been the subject of contention for some time; [23, 19] discusses some of the claims to the invention (see also chapter??). It should be noted, however, that the SAGE (Semi-Aautomated Ground Environment) air defense command and control system network introduced by G.E. Valley provided an early if restricted operational multiprogramming environment [50, 39, 40]. 2

209 expressed by McCarthy in [27], recovery from stops and loops and preventing a bad progam from destroying other programs ) and initially concentrated on the academic and, to a lesser extent, commercial environment in which the initial time-sharing systems were developed. By the mid-1960s, however, applications of computer systems began to dominate both the public debate and academic inquiry, notably concerns over privacy of individuals from invasive governmental data collection 3. This debate covered both political and organizational safeguards [49, 55, 41, 6] as well as technical privacy protection means [4, 3, 52, 53, 37, 2, 14]; see [17] for an early survey of research perspectives on the subject. In addition, the increasing use of multiprogrammed and time-sharing computer systems in governmental, particularly defense and intelligence applications involving classified data for information processing also resulted in research and development primarily on providing confidentiality protection being initiated also in the mid-1960s [5, 36, 54]. This focus on the protection of confidentiality has since remained the defining characteristic of COMPUSEC. The use of computer systems, particularly general purpose computer systems, for providing cryptographic mechanisms for achieving COMSEC closely interlinked this objective with COMPUSEC since particularly the protection of key material must be preserved along with the integrity of the cryptographic mechanism by COMPUSEC means in such systems [12, 20]. This increasingly led to a blurring of the distinction between the two areas outside of specialized equipment. Moreover, the introduction of remote-access and networked systems subsequently furthered this intermingling by the need to use cryptographic primitives to provide for COMPUSEC objectives that increasingly incorporated not only computational aspects but also had to deal with communication both ephemerally (i.e. network communication) and persistently (i.e. for storage and storage media). As a result, the late 1980s and early 1990s saw the term information security (INFOSEC, also: information systems security) emerge; in one instance this was e.g. defined in [34] as a shorthand for COMPUSEC + COMSEC + TEMPEST = INFOSEC 4 and therefore encompassing fields previously separated at least in terminology. References [1] ANDERSON, R. J. Security Engineering: A Guide to Building Dependable Distributed Systems. John Wiley & Sons, Inc., New York, NY, USA, As the cost of computer systems decreased, the same concerns also began to apply to commercial data collection and subsequent threats to privacy; here, the debate was mainly conducted in European nations that also sought to place restrictions on such commercial enterprises. 4 Which was redundant given the definition of COMSEC in [33] already in effect and in use at the time. 3

210 [2] BABCOCK, J. D. A brief description of privacy measures in the RUSH time-sharing system. In Proceedings of the AFIPS Spring Joint Computer Conference (1967 SJCC) (Atlantic City, NJ, USA, Apr. 1967), vol. 30, AFIPS, AFIPS Press, pp [3] BARAN, P. On Distributed Communications: IX. Security, Secrecy, and Tamper- Free Considerations. Tech. Rep. Memorandum RM-3765-PR., RAND Corporation Mathematics Division, Santa Monica, CA, USA, Aug [4] BARAN, P. On Distributed Communications: XI. Summary Overview. Tech. Rep. Memorandum RM-3767-PR., RAND Corporation Mathematics Division, Santa Monica, CA, USA, Aug [5] BINGHAM, H. W. Security Techniques for EDP of Multilevel Classified Information. Tech. Rep. Document RADC-TR , U.S. Air Force Rome Air Development Center, Rome, NY, USA, Dec [6] BURNHAM, D. The Rise of the Computer State. Random House, New York, NY, USA, [7] COOPER, G. R., AND MCGILLEM, C. D. Modern Communications and Spread Spectrum. McGraw-Hill, New York, NY, USA, [8] CORBATÓ, F. J., MERWIN-DAGGETT, M. M., DALEY, R. C., CREASY, R. J., HELL- WIG, J. D., ORENSTEIN, R. H., AND KORN, L. K. The Compatible Time-Sharing System: A Programmer s Guide. MIT Press, Cambridge, MA, USA, [9] DEAVOURS, C. A., KAHN, D., KRUH, L., MELLEN, G., AND WINKEL, B. J., Eds. Cryptology Yesterday, Today, and Tomorrow. Artech House, Boston, MA, USA, [10] DEAVOURS, C. A., KAHN, D., KRUH, L., MELLEN, G., AND WINKEL, B. J., Eds. Cryptology: Machines, History & Methods. Artech House, Boston, MA, USA, [11] DEAVOURS, C. A., KRUH, L., KAHN, D., MELLEN, G., WINKEL, B. J., DILLARD, R. A., AND DILLARD, G. M., Eds. Selections from Cryptologia: History, People, and Technology. The Artech House Telecommunications Library. Artech House, Boston, MA, USA, [12] DENNING, D. E. Cryptography and Data Security. Addison-Wesley, Reading, MA, USA, [13] DENNIS, R. L. Security in the Computer Network. Tech. Rep. AD , System Development Corporation, Santa Monica, CA, USA, Aug [14] GLASER, E. L. A brief description of privacy measures in the MULTICS operating system. In Proceedings of the AFIPS Spring Joint Computer Conference (1967 SJCC) (Atlantic City, NJ, USA, Apr. 1967), vol. 30, AFIPS, AFIPS Press, pp [15] GREENBERGER, M., Ed. Management and the Computer of the Future. MIT Press, Cambridge, MA, USA,

211 [16] HIGHLAND, H. J. Electromagnetic Eavesdropping Machines for Christmas? Computers & Security 7, 4 (Aug. Sept. 1988), [17] HOFFMAN, L. J. Computers and Privacy: A Survey. ACM Computing Surveys 1, 2 (June 1969), [18] HOFFMAN, L. J., Ed. Security and Privacy in Computer Systems. John Wiley & Sons, Inc., New York, NY, USA, [19] IEEE ANNALS OF THE HISTORY OF COMPUTING STAFF. References and Bibliography. IEEE Annals of the History of Computing 14, 1 (Jan. Mar. 1992), Materials related to the history of time-sharing and CTSS. [20] JELEN, G. F. Information Security: An Elusive Goal. Tech. Rep. P-85-8, Harvard University Center for Information Policy Research Program on Information Resources Policy, Cambridge, MA, USA, June [21] KAHN, D. The Codebreakers: The Comprehensive History of Secret Communication from Ancient Times to the Internet, 2nd ed. Scribner, New York, NY, USA, [22] KOTOWSKI, P., AND DANNEHL, K. Distance Determining System. U.S. Patent , May Originally filed in Germany May 1935, granted in U.S. in August [23] LEE, J. A. N. Claims to the Term Time-Sharing. IEEE Annals of the History of Computing 14, 1 (Jan. Mar. 1992), [24] LICKLIDER, J. C. R. Man-Computer Symbiosis. IRE Transactions on Human Factors in Electronics HFE-1 (Mar. 1960), Also published as [25]. [25] LICKLIDER, J. C. R. Man-Computer Symbiosis. In Orr [35], pp Originally published as [24]. [26] LOUGHRY, J., AND UMPHRESS, D. A. Information Leakage from Optical Emanations. ACM Transactions on Information and System Security 5, 3 (Aug. 2002), [27] MCCARTHY, J. A Time Sharing Operator Program for Our Projected IBM 709. Memorandum to Prof. P.M. Morse, Massachusetts Institute of Technology, Jan [28] MCCARTHY, J. Time-Sharing Computer Systems. In Orr [35], pp Originally published as [29]. [29] MCCARTHY, J., AND MAUGHLEY, J. W. Time-Sharing Computer Systems. In Greenberger [15], pp Also published as [28]. [30] NALDER, R. F. H. The Royal Corps of Signals: A History of Its Antecedents and Development (Circa ). Royal Signals Institution, London, UK,

212 [31] NATIONAL COMMUNICATIONS SECURITY COMMITTEE S SUBCOMMITTEE ON COMPROMISING EMANATIONS. TEMPEST Fundamentals. Tech. rep., U.S. National Security Agency, Fort George G. Meade, MD, USA, May [32] NATIONAL SECURITY AGENCY. NONSTOP Security Evaluation Techniques. Tech. rep., U.S. National Security Agency, Fort George G. Meade, MD, USA, May Revised June 1977, May 1980, January 1982, July [33] NATIONAL SECURITY TELECOMMUNICATIONS AND INFORMATION SYSTEMS SE- CURITY COMMITTEE (NSTISSC) SECRETARIAT (I42). National Information Systems Security (INFOSEC) Glossary. Ft. George G. Meade, MD, USA, Sept NSTISSI No [34] NAVAL INFORMATION SYSTEMS MANAGEMENT CENTER. Navy Staff Office Publication NAVSO P : Introduction to Information Systems Security: Progam Guidelines. Tech. rep., U.S. Department of the Navy, Washington D.C., USA, May [35] ORR, W. D., Ed. Conversational Computers. John Wiley & Sons, Inc., New York, NY, USA, [36] PETERS, B. Security considerations in a multi-programmed computer system. In Proceedings of the AFIPS Spring Joint Computer Conference (1967 SJCC) (Atlantic City, NJ, USA, Apr. 1967), vol. 30, AFIPS, AFIPS Press, pp [37] PETERSEN, H. E., AND TURN, R. System implications of information privacy. In Proceedings of the AFIPS Spring Joint Computer Conference (1967 SJCC) (Atlantic City, NJ, USA, Apr. 1967), vol. 30, AFIPS, AFIPS Press, pp [38] PICKHOLZ, R. A., SCHILLING, D. L., AND MILSTEIN, L. B. Theory of Spread-- Spectrum Communictions: A Tutorial. IEEE Transactions on Communications 30, 5 (May 1982), [39] PUGH, E. W. Building IBM: Shaping an Industry and Its Technology. History of Computing. MIT Press, Cambridge, MA, USA, [40] REDMOND, K. C., AND SMITH, T. M. From Whirlwind to MITRE: The R&D Story of the SAGE Air Defense Computer. History of Computing. MIT Press, Cambridge, MA, USA, [41] RULE, J., MCADAM, D., STEARNS, L., AND UGLOW, D. The Politics of Privacy. New American Library, New York, NY, USA, [42] SCHOLTZ, R. A. The Origins of Spread-Spectrum Communication. IEEE Transactions on Communications 30, 5 (May 1982), [43] SHANNON, C. E. A Mathematical Theory of Communication. Bell System Technical Journal 27 (July 1948), Also published as [45]. 6

213 [44] SHANNON, C. E. A Mathematical Theory of Communication. Bell System Technical Journal 27 (Oct. 1948), Also published as [45]. [45] SHANNON, C. E. A Mathematical Theory of Communication. In Sloane and Wyner [46], pp Originally published as [43, 44]. [46] SLOANE, N. J. A., AND WYNER, A. D., Eds. Claude Elwood Shannon: Collected Papers. IEEE Press, Piscataway, NJ, USA, [47] SMULDERS, P. The Threat of Information Theft by Reception of Electromagnetic Radiation from RS-232 Cables. Computers & Security 9, 1 (Jan. Mar. 1990), [48] STRACHEY, C. Time sharing in large, fast computers. In Information Processing, Proceedings of the International Conference on Information Processing (1. IFIP Congress) (Paris, France, June 1959), UNESCO, R. Oldenbourg, Butterworths, and UNESCO, pp [49] UNITED STATES HOUSE OF REPRESENTATIVES COMMITTEE ON GOVERNMENT OPERATIONS. The computer and the invasion of privacy. Government Printing Office, July th Congress, 2nd session. Also known as the Gallagher report. [50] VALLEY, JR., G. E. How the SAGE Development Began. IEEE Annals of the History of Computing 7, 3 (July Sept. 1985), [51] VAN ECK, W. Electromagnetic Radiation from Video Display Units: An Eavesdropping Risk? Computers & Security 4, 4 (Oct. Dec. 1985), [52] WARE, W. H. Security and privacy in computer systems. In Proceedings of the AFIPS Spring Joint Computer Conference (1967 SJCC) (Atlantic City, NJ, USA, Apr. 1967), vol. 30, AFIPS, AFIPS Press, pp Chairman s introduction to the SJCC session. [53] WARE, W. H. Security and privacy: similarities and differences. In Proceedings of the AFIPS Spring Joint Computer Conference (1967 SJCC) (Atlantic City, NJ, USA, Apr. 1967), vol. 30, AFIPS, AFIPS Press, pp [54] WARE, W. H. Security Controls for Computer Systems: Report of Defense Science Board Task Force on Computer Security. Tech. rep., The RAND Corporation, Santa Monica, CA, USA, Feb Number R-609. Document was declassified in October 1975 and reissued as R-609/1 with a new introduction in [55] WESTIN, A. F. Privacy and Freedom. Atheneum, New York, NY, USA, [56] WILKES, M. V. Time-Sharing Computer Systems, 3rd ed. MacDonald and Jane s, London, UK, [57] WRIGHT, P. Spy Catcher: The Candid Autobiography of a Senior Intelligence Officer. Heinemann Australia, Sydney, Australia,

214 [58] ZIEGLER, J. R. Time-Sharing Data Processing Systems. Series in Automatic Computation. Prentice-Hall, Englewood Cliffs, NJ, USA,