1Industry Canada Industrie Canada

CASCON 2005 – Cybersecurity WorkshopOctober 17, 2005

IP Telecom and Security Program

• Attendees: Lewis Robart and David Gibson– IP Telecom and Security Group, Spectrum

Engineering Branch, Industry Canada• Group’s objective is to ensure reliable

telecommunications services, through engineering investigation and analysis of emerging technologies.

• Program Components– Engineering investigation and analysis

• Protocol Analysis Lab (PAL)• Industry collaboration

– Standards development– Academic partnerships

Centre for CyberSecurity ResearchCentre for CyberSecurity Researchat University of Toronto at Mississaugaat University of Toronto at MississaugaCentre for CyberSecurity ResearchCentre for CyberSecurity Researchat University of Toronto at Mississaugaat University of Toronto at Mississauga

Stefan SaroiuStefan SaroiuUniversity of TorontoUniversity of Toronto

Stefan Saroiu: Centre for CyberSecurityStefan Saroiu: Centre for CyberSecurity University of Toronto at MississaugaUniversity of Toronto at Mississauga

How do we start addressing the How do we start addressing the problem?problem?

We need modern ways of examining how We need modern ways of examining how Internet and networked information systems Internet and networked information systems work? work? Network traffic vantage pointsNetwork traffic vantage points Mechanisms to replay traffic in controlled Mechanisms to replay traffic in controlled

environmentsenvironments

We need to examine new problems We need to examine new problems introduced by new technologiesintroduced by new technologies Mobile devices + ubiquitous connectivityMobile devices + ubiquitous connectivity

$500/month buys WiMax metropolitan connectivity at $500/month buys WiMax metropolitan connectivity at broadband speeds in Seattlebroadband speeds in Seattle

In 10 years, a $500 PDA will have a 20x faster CPU and In 10 years, a $500 PDA will have a 20x faster CPU and a 30x bigger hard disk than your desktop [Keshav’ 05]a 30x bigger hard disk than your desktop [Keshav’ 05]

Eric YuAssoc. Prof.

Fac. Info. StudiesUniversity of Toronto

Systems design for security and privacy

Software Requirements Engineering, NFRs

Intentional modeling for Software Engineering

Strategic Modeling

Knowledge Management

Enterprise Architecture

www.fis.utoronto.ca/~yu

The i* framework for strategic actors modeling

Strategic Dependency Model – Smart Card System

Strategic Rationale Model – Card Manufacturer

Michel BarbeauSchool of Computer Science

Carleton UniversityInterests: Wireless security, intrusion detection, threat assessment, radio

frequency fingerprinting, mobility profiling

Recent Work

• WiMax/802.16 Threat Analysis– Paper in Q2SWinet 05

• Enhancing Intrusion Detection in Wireless Networks Using Radio Frequency Fingerprinting– Paper CIIT ’04 with J. Hall and E. Kranakis

• Rogue Access Point Detection in Wireless Networks– Patent with J.M. Robert (Alcatel)

• See: www.scs.carleton.ca/~barbeau

Contact infoRené Struik Phone: +1 (905) 501-6083 Certicom Research Email: rstruik@certicom.com

Research interests

Core crypto • ECDSA signatures: speed-up verification (single, batch) • ECDH key agreement: unbalanced and assisted computations

Adhoc sensor networks• Security models and trust management• Semi-automatic lifecycle management• Configuration and installation• Low implementation cost

- Protocols: re-use building blocks, parallelism flows, etc.- Keying material: key identification, key usage, key size

Security constraints• Decentralized key management• Flexible configuration and trust model• Low impact key compromise• Automatic lifecycle management • Low communication overhead• Low implementation cost

Adhoc networks• No centralized management• Promiscuous behavior• UnreliabilitySensor networks• Low energy consumption• Low manufacturing cost

Cyber-Security Cyber-Security Research and Test Research and Test

FacilityFacilityStephen NevilleStephen NevilleAssistant ProfessorAssistant Professor

Electrical & Computer Engineering DeptElectrical & Computer Engineering Dept..University of VictoriaUniversity of Victoria

Email: sneville@ece.uvic.caEmail: sneville@ece.uvic.ca

Overview Overview Development of a research and test facility for Development of a research and test facility for

accurately simulating corporate-scale network accurately simulating corporate-scale network environments for systems (and systems-of-environments for systems (and systems-of-systems) level cyber-security and privacy systems) level cyber-security and privacy

research.research.

Goals:Goals:a)a) Ability to simulate/re-create arbitrary network Ability to simulate/re-create arbitrary network

environments:environments: Up to full 1 Gbps bandwidths. Up to full 1 Gbps bandwidths. Reproductions down to packet payloads and inter-Reproductions down to packet payloads and inter-

packet timing characteristics.packet timing characteristics. Overlaying of arbitrary attack and normal events.Overlaying of arbitrary attack and normal events. Not based on virtual networksNot based on virtual networks

unlike Iowa State’s ISEAGE system. unlike Iowa State’s ISEAGE system. or, DETER – based on University of Utah’s EmuLab or, DETER – based on University of Utah’s EmuLab

suite.suite.

Overview (cont.)Overview (cont.)b)b) Ability to re-instantiate/re-run experiments on-demandAbility to re-instantiate/re-run experiments on-demand

Exact control over facility’s configurationExact control over facility’s configuration All system OSes (mirrored in at experiment run time)All system OSes (mirrored in at experiment run time) Network traffic data imagesNetwork traffic data images Network switch configurationsNetwork switch configurations Timing and sequencing of overlaid attack and normal traffic eventsTiming and sequencing of overlaid attack and normal traffic events Performed through custom experiment control and management Performed through custom experiment control and management

software:software: Experiment configurationExperiment configuration Data set loadingData set loading Experiment sequencingExperiment sequencing

On-demand isolation from all UVic networksOn-demand isolation from all UVic networks

To meet the goals of scientific repeatability To meet the goals of scientific repeatability To facilitate statistically valid sensitivity and robustness To facilitate statistically valid sensitivity and robustness

researchresearch

Overview (cont.)Overview (cont.)

c)c) Physically isolated & secure facilityPhysically isolated & secure facility

Exact control over all network trafficExact control over all network traffic Physically isolated networks (not virtual networks)Physically isolated networks (not virtual networks) Physically separate laboratory space Physically separate laboratory space

Complete facility behind locked doors.Complete facility behind locked doors.

No internet connection during experimental runsNo internet connection during experimental runs Access restrictions based on a per data set basis Access restrictions based on a per data set basis

Required to meet security and privacy concerns.Required to meet security and privacy concerns.

Equipment: Equipment: 42 dual-Xeon 3.0GHz IBM HS20 blades 42 dual-Xeon 3.0GHz IBM HS20 blades

Each with dual 36 G SCSI drivesEach with dual 36 G SCSI drives 2 dual-Xeon 3.0 GHz 2U x386 servers 2 dual-Xeon 3.0 GHz 2U x386 servers

each with its own 350G 15k SCSI RAIDeach with its own 350G 15k SCSI RAID 12 Nortel Layer 2/3 network switch modules12 Nortel Layer 2/3 network switch modules Cisco 4503 layer 2/3 switchCisco 4503 layer 2/3 switch 4 3.4 Ghz dual-Xeon desktop servers4 3.4 Ghz dual-Xeon desktop servers

2 with quad 2x2 20” LCD displays 2 with quad 2x2 20” LCD displays 9 small form factor 2.8Ghz Xeon PC’s9 small form factor 2.8Ghz Xeon PC’s 4 1 Gbps Ethernet ports per machine4 1 Gbps Ethernet ports per machine 4 independent 1 Gbps networks4 independent 1 Gbps networks

2 attack/simulation networks2 attack/simulation networks 2 experiments control networks 2 experiments control networks

Leverage UVic’s existing petabyte storage facility Leverage UVic’s existing petabyte storage facility 4 Gbps fiber connection to UVic’s research network 4 Gbps fiber connection to UVic’s research network

Physical Architecture:Physical Architecture:

Firewall/VPN

CISCO Catalyst 4503Firewall

(2U Rack Mount dual 3.0GHz Xeon w 2GB mem. Linux Servers )

Control Networks (dual 1 Gbps Cat5E ethernet)

Background

Traffic

Generation

Cluster

(30 3.0GHz dual Xeon Blades

CyberSecurityRisk Analysis

and ManagementCluster

(6 blades + 2 3.4Ghz 2 Gb Mem. 160 GB ATA drive

Real-Time Situational Awareness

displays)

Consoles (2x2 20.1” 1600x1200 LCD

Experiment Controllers

Software

Software Firewall

Software FirewallSoftware Router

Dual 1 Gbps Cat5e ethernet Attack and S imulation Networks

Attacking Hosts(3 blades + 2 2.8 GHz 1GB mem. 160G ATA drive

Target Hos ts

- All hosts except small form factor PC’s are dual processor machines with 4 1 Gbps ethernet ports

- The two desktop risk management clus ter hosts have a 4-head video card to support the 4x4 displays required for the risk management consoles

Note:Managed Internet Connection

Plus 5 small form factor PC’s for off-s ite data collection activities

each with a 5x73.4 GB 15k SCSI RAID

Network Switch

(dual card I/O)

Software

Software Firewall

4Gbps F iber connection to

UVic Research Network

- For clarity network hubs and switches are not shown.

2

1 GB mem. and 36.4 GB SCSIhard drive and 4 1Gbps Cat5eethernet ports)

desktops with 4 head video card and 4 1 Gbps ethernet ports)

small form factor PC’s) (3 blades + 2 2.8 GHz 1GB mem. 160G ATA drive

small form factor PC’s)

Firewall

Firewall

2

to Attack/Simulation Network- All machines except the machines in the target cluster will run a Linux variant- Target machines will run both Window OSes and Linux on a per experiment bas is

- Total facility non-educational cost $545,000.00

Blade Rack KVMConsole

Status Status

Fully funded. Fully funded. CFI New Opportunities grant CFI New Opportunities grant British Columbia Knowledge Development fund.British Columbia Knowledge Development fund. Generous in-kind donation by IBM Canada Inc.Generous in-kind donation by IBM Canada Inc. CFI Infrastructure 5 year Operating grantCFI Infrastructure 5 year Operating grant $550k+ in total funding. $550k+ in total funding.

Equipment on-site and powered (as of Oct. 1)Equipment on-site and powered (as of Oct. 1) Rack mount equipment is secure server room.Rack mount equipment is secure server room. Adjacent secure lab space under renovation.Adjacent secure lab space under renovation. Final network connections in process of being Final network connections in process of being

made.made.

Going ForwardGoing Forward Over next 4 to 8 weeks initial facility capabilities will come Over next 4 to 8 weeks initial facility capabilities will come

on-line.on-line.

Custom facility control and management softwareCustom facility control and management software Position to be filled Nov. 1Position to be filled Nov. 1stst

Completion time: estimated at 8 monthsCompletion time: estimated at 8 months Completion date: Late summer ’06Completion date: Late summer ’06 Interesting research can be undertaken prior to all the Interesting research can be undertaken prior to all the

facility’s capabilities are fully realized.facility’s capabilities are fully realized.

Seeking:Seeking: Representative network traffic data setsRepresentative network traffic data sets Academic and industrial collaboratorsAcademic and industrial collaborators

Not limited to cyber-security related researchNot limited to cyber-security related research Open to general systems and systems-of-systems level researchOpen to general systems and systems-of-systems level research

Ideally also, funding opportunities: Ideally also, funding opportunities: Particularly, student supportParticularly, student support

Securing Computing Systems

David LieDepartment of

Electrical and Computer

Engineering

University of Toronto

Interests: Virtual Machine Monitors to

provide: Isolation Customization Flexibility

Intrusion Detection Automatic Signature Generation Automatic Filter Generation Automatic Recovery

Preventing Information Leakage

SSH-Priv SSH-Unpriv

Minimal OS Operating System

Virtual Machine

Other Applicatio

ns

Private Key

Password File

Even if the Linux system is compromised, the private key and password are safe in a separate Virtual MachineThe adversary cannot get that information

Marsha ChechikUniversity of Toronto, Department of CS

Interests:Automated reasoning about softwareRequirements engineeringVerification and validation

Interests in Cybersecurity:Reasoning about components and their interactions

w.r.t. complex security propertiesSpecifications that allow compositional reasoningAnalysis of code

Automated, precise, scalable

Example: reasoning about sshSplit ssh into two parts (secure kernel and the rest)Prove that the two parts still perform the right functionProve that the splitting did not introduce new problems

In ssh: communication between the two parts could be undermined, allowing access to the rest of info

Prove, using Toronto software model-checker Yasm that secure kernel satisfies its properties

About 30,000 lines of code.

Guarantee, using Virtual Memory Monitors, that the rest of the system is secure

CISaCcisac.math.ucalgary.ca

H.C. Williams

iCORE Chair, Algorithmic Number Theory & Cryptography

Department of Mathematics and Statistics

University of Calgary

CISaC’s Mission

CISaC's objective is to conduct multi-disciplinary

research in information protection, including: mathematical foundations, Secure communication and cryptography, Quantum information science, Privacy Security of computer networks, software, and

hardware.

Urs Hengartner

Assistant Professor in the School of Computer Science at University of Waterloo

Ph.D. from Carnegie Mellon (August 2005) uhengart@cs.uwaterloo.ca

Research interests Privacy in future computing environments Uncertainty in access control Credential discovery

Urs Hengartner

Research Interests in Information Privacy Privacy violations caused by naïve

application of access control in pervasive computing Location-based service leaks current

location Calendar entry leaks participants’ location

Privacy for emerging services Bell Canada’s “Seek & Find” service Google’s talk, email,… services

• Ashraf Matrawy: Assistant Professor, Systems and Computer Engineering, Carleton University

• Background is network reliability, QoS, and security • Security interests

– Mitigation of Network Denial of Service (NDoS) through new network architectures and traffic management techniques. (with DSG at Carleton)

– Establishing trust in collaborative and P2P applications in wireless environments.

– Evaluation of network security: development of metrics that describe the security status of a computer network.

http://www.sce.carleton.ca/faculty/matrawy.html amatrawy@sce.carleton.ca

José M. Fernandez – École Polytechnique

Background M.Sc. Theoretical Crypto

(U of T, 1993) Ph.D. in Quantum Computing

(U of Montreal, 2004) Some government/industry experience in

ITSEC (1993-2004)

École Polytechnique Asst. Prof. Department of Computer

Engineering, since 2004 Teaching :

• 4th-year intro to ITSEC (updated!)• Graduate Network Security course• Graduate “Microprogramme” in

Computer Security in development

Research/training HQP:• Done:

3x M.Sc., 4x B.Sc.• In progress:

1x Ph.D.(co-dir) 8x M.Sc. (3x co-dir)

Current Research Areas1. DDoS Attacks

• Statistical modelling and defensive

strategy optimisation 2x M.Sc.A (EH, AB)

• In ad-hoc networks 2x M.Sc.A. (AM, SMR)

2. Next-generation IDS Mobile-agent based

1x M.Sc.A (ST) Evolutionary methods

1x M.Sc.A (FK) Collaborative strategies

1x M.Sc.A (KA)

3. Malware analysis and optimisation 1x M.Sc.A (PMB)

4. Quantum Stuff … 1x Ph.D.

José M. Fernandez – École Polytechnique

Funding CFI

• 1 M$ grant (eqpt+SW) • 144x blade cluster for

network emulation• Special-purpose HW

Traffic generator Reconfigurable network

• Research Sensor Network (looking for hosts!!)

• High-security Malware Lab NSERC :

• 15 k$/yr x 3 yr. Polytechnique start-up grants

• 15 k$ (+ 15k$ pending) FQRNT (pending)

• 20k$/yr x 2 yr.

Too many toys, not enough kids !!!

Collaborators & Partnerships DGI-Polytechnique

• John Mullins formal methods in security

• Ettore Merlo & Giuliano Antoniol Software security. Automated

vulnerability discovery by static analysis of source code

• Samuel Pierre Security in ad-hoc networks

CRIMOB • FQRNT research centre proposal

Sureté du Québec/RCMP• Teaching and trg of students (internships)• Possible R&D projects

ASIMM • Local IT Security prof. association

Bank of Montréal• Partner in CFI grant

____(your name here)____

Security and FLOSS

Professor Mark Perry mperry@uwo.ca

Faculty of LawFaculty of Science

University of Western Ontario

FLOSS for the ‘paranoid’

• Who can we trust?• Ourselves?

• What are vital systems for democracy?• Voting• Government • Tax• Defense

• What software to use?• FLOSS….

Nadia TAWBINadia TAWBIComputer Science & Software Engineering Computer Science & Software Engineering DepartmentDepartmentLaval UniversityLaval University

Research Interests:• Static Code Analysis• Dynamic Code Analysis• Malicious Code Detection• Formal Verification• Securing & Optimizing Resource Limited Devices

Security Policy Enforcement Security Policy Enforcement MechanismsMechanisms Malicious Code DetectionMalicious Code Detection

– Extracting a model representing program behaviour:Extracting a model representing program behaviour: Type based analysisType based analysis Flow analysisFlow analysis Abstract InterpretationAbstract Interpretation

– Expressing security policy in a modal logicExpressing security policy in a modal logic– Model checkingModel checking– Depending on the result :Depending on the result :

Accept Accept RejectReject Instrument Instrument

Embedded security Embedded security – Optimizing security enforcement mechanisms Optimizing security enforcement mechanisms

R&D Areas

• intelligent agents for trust communication, handling (personal) data, and computer activity monitoring

• privacy applications and negotiation

• trust: psychological and artificial

• biometrics: face recognition, usability

• human-computer interaction: interfaces and evaluation

• machine translation and data mining for security intelligence

• anonymous ad-hoc mobile networks

• security and privacy for e-services

• engineering software for security

Andrew.Patrick@nrc-cnrc.gc.ca

Gord AgnewUniversity of Waterloo

Long term storage of records in large databases (e-health records)

Secure and authenticated end-to-end VoIP Secure Sensor Networks

Patrick C. K. Hung

Faculty of Business and Information Technology

University of Ontario Institute of Technology (UOIT)

Oshawa, Ontario

Research Interests: Security and Privacy, Services Computing, Business Process Integration, Electronic Negotiation and Agreement.

What I am working on…• Teaching: Introduction to Programming, E-Commerce, E-Business Technologies, E-

Commerce Security Infrastructures, and External Environment of Business• Research:

– "Mobile Network Dynamic Workflow Exception Handling System," U.S. Patent Application Filed to U.S. Patent and Trademark Office, Boeing Phantom Works, USA, 2004-2006

– "M-services computing security and privacy enforcement model," NSERC Discovery Grants Program - Individual, 2005-2007

– “Requirements and Architecture for Healthcare Privacy in Mobile Ad Hoc Networks (MANETs)” with BUL, Bell’s Privacy Center of Excellence, UofT, and Faculty of Health Sciences at UOIT, IN PROGRESS

• Professional Services:– Program Co-chair of the Ninth IEEE EDOC Conference (EDOC 2005) "The

Enterprise Computing Conference" and the General Chair of the tenth IEEE EDOC 2006

– Program Committee Vice-Chair of 2006 IEEE International Conference on Services Computing (SCC 2006)

– Associate Editor of the International Journal of Web Services Research (JWSR) and International Journal of Business Process Integration Management (IJBPIM)

– Executive committee member of the IEEE Computer Society’s Technical Steering Committee for Services Computing (TSC-SC)

The 2006 International Conference on Privacy, Security and Trust (PST 2006)

Venue: University of Ontario Institute of Technology (UOIT) Oshawa, Ontario, Canada

Theme: Bridge the Gap between PST Technologies and Business ServicesDate: October 30 (Monday) - November 1 (Wednesday), 2006 

Topics of interest include, but are NOT limited to, the following: Privacy Preserving/Enhancing Technologies Critical Infrastructure Protection Identity and Trust management Network and Wireless Security Operating Systems Security Intrusion Detection Systems and Technologies Secure Software Development and Architecture Representations and formalizations of Trust in electronic and physical social systems PST challenges in e-services, e.g. e-Health, e-Government, e-Banking, e-Commerce, and e-Marketing Information filtering, recommendation, reputation and delivery technologies, spam handling technologies Trust technologies, technologies for building trust in e-Business Strategy Observations of PST in practice, society, policy and legislation Digital Rights Management Human Computer Interaction and PST Implications of, and technologies for, Lawful Surveillance Biometrics, National ID cards, identity theft PST in services computing Privacy, traceability, and anonymity Trust and reputation in self-organizing environments Anonymity and privacy vs. accountability Access control and capability delegation Case studies

Important Dates

PapersSubmission Deadline: April 3, 2006Notification of Acceptance: May 15, 2006Final Manuscript Due: June 5, 2006Conference: November 1-2, 2006 Workshop ProposalsSubmission Deadline: January 23, 2006Notification of Acceptance: February 6, 2006Final Workshop Papers Due: June 5, 2006Workshops: October 30, 2006 

Organizing Committee

General ChairGreg Sprague (NRC, Canada)  Program Co-ChairsBernadette Schell (UOIT, Canada)Wilfred Fong (UOIT, Canada)

Workshop ChairScott Knight (Royal Military College, Canada)

Publication & Publicity Co-Chairs:George Yee (National Research Council, Canada)Patrick Hung (UOIT, Canada)

Advisory Committee of PST 2006

Sushil Jajodia (George Mason University, USA) Ravi Sandhu (George Mason University, USA) Elisa Bertino (Purdue University, USA) Vijay Atluri (Rutgers University, USA) Lorrie Cranor (Carnegie Mellon University, USA) Vijay Varadharajan (Macquarie University, Australia) Larry Korba (NRC, Canada) Ian Blake (University of Toronto, Canada) J. Leon Zhao (The University of Arizona, USA) Cunsheng Ding (Hong Kong University of Science and Technology,

Hong Kong) Sylvia Osborn (The University of Western Ontario, Canada) John McHugh (Dalhouse University, Canada)

Location

www.uoit.ca

We are hiring faculty members insecurity and computer games!

The 2006 International Conference on Privacy, Security and Trust (PST 2006) is the FOURTH annual conference focusing on privacy, security and trust technologies and related research issues. PST is a forum for researchers, scientists, educators, business people, technologists, futurists, policy makers, and industry practitioners, who have a vision and an understanding of the large challenges (and accompanying advances), to exchange information re-garding advancements in the state of the art and practice of privacy, security and trust technologies, as well as to identify the emerging research topics and define the future of PST. The theme of PST 2006 is “Bridge the Gap Between PST Technologies and Business Services,” which aims to investigate the research issues of business ser-vices-level security and privacy considerations and objectives to the realization in PST technologies. The program of PST 2006 will continue to feature research papers with a wide range of topics, focusing on different aspects of electronic services and PST technologies. Topics of interest include, but are NOT limited to, the following: Privacy Preserving/Enhancing Technologies

Critical Infrastructure Protection

Identity and Trust management

Network and Wireless Security

Operating Systems Security

Intrusion Detection Systems and Technologies

Secure Software Development and Architecture

Representations and formalizations of Trust in electronic and physical social systems

PST challenges in e-services, e.g. e-Health, e-Government, e-Banking, e-Commerce, and e-Marketing

Information filtering, recommendation, reputation and delivery technologies, spam handling technologies

Trust technologies, technologies for building trust in e-Business Strategy

Observations of PST in practice, society, policy and legislation

Digital Rights Management

Human Computer Interaction and PST

Implications of, and technologies for, Lawful Surveillance

Biometrics, National ID cards, identity theft

PST in services computing

Privacy, traceability, and anonymity

Trust and reputation in self-organizing environments

Anonymity and privacy vs. accountability

Access control and capability delegation All accepted papers will be published in the conference proceedings in hardcopy and on-line version. It is planned to select the best research papers for special issues in top notch journals. There will be awards for winners of the Best Paper and Best Student Paper competitions. Submissions are encouraged as long papers (8-12 pages), short papers (4-5 pages) and posters. Further details will be announced soon. We are also inviting proposals for workshops to be held on October 30, 2006. Workshops provide organizers and participants an opportunity to discuss current topics on PST in a small and interactive atmosphere. Workshops can choose to concentrate in-depth on research topics, but can also be devoted to research, application and industry issues. Proposals should include the workshop, the names and a brief (200 word) biography for each organizer and a summary of the workshop contents (approximately 1-2 pages i.e. 500-1000 words). For any enquires, please contact Dr. Patrick Hung (patrick.hung AT uoit.ca).

Papers Submission Deadline: April 3, 2006 Notification of Acceptance: May 15, 2006 Final Manuscript Due: June 5, 2006 Conference: November 1-2, 2006 Workshop Proposals Submission Deadline: January 23, 2006 Notification of Acceptance: February 6, 2006 Final Workshop Papers Due: June 5, 2006 Workshops: October 30, 2006

Theme: Bridge the Gap between PST Technologies and Business Services Date: October 30 - November 1, 2006 Venue: University of Ontario Institute of Technology (UOIT) Oshawa, Ontario, Canada

Preliminary Call For Contributions The 2006 International Conference on Privacy, Security and Trust (PST 2006)

Supported by Faculty of Business and Information Technology (FBIT) - Version 1.0

See you at PST 2006!