1. Foundations of Secure Networked Computing Participants: Chen-Nee Chuah Joan Feigenbaum Russell Impagliazzo Matti Kaariainen Karl Levitt Scott Shenker Salil Vadhan

2. Directions Problems raised by networks to be solved by ToNC. More exciting: Networking problems can lead ToNC to develop new theoretical frameworks. ToNC can provide new paradigms for thinking about networking.

3. Where do security & reliability fit? First: building & running networks –Security-aware network architecture –Preventing, detecting, and recovering from attacks/failures Then: secure applications! –Modern crypto allows information to be used without revealing it –Google: Web search, e-mail, remote data storage –Auctions –E-voting –Databases, datamining –Real-time computing/control –Outsourced/grid computation –And much more…

4. Cryptography Crypto not limited to “transforming data”. ToC takes a broad view: secure multiparty computation 9 protocols for performing any task in face of adversarial behavior Security questions not traditionally addressed –What tasks to allow (privacy) –Denial of service –Cascading failures (critical infrastructure) –Malware (worms, viruses) Why? Conservative tendency

5. Extending Scope of Cryptography Model of adversary/faults: –monolithic vs. non-colluding –Byzantine vs. random vs. selfish Notions of “security” –Traditional crypto: black & white –Quantitative measures – tradeoffs between security, privacy, reliability, utility, resource depletion –System-wide vs. individual guarantees –What are we protecting - data, resources, channel? Want formal models, proofs of security –Don’t forget lessons learned (why we are so conservative)

6. Security Infrastructure/Architecture What can be built into a “clean-slate” architecture to enable security & reliability? [FIND/GENI] Can make difference between impossible & possible. Examples: secure logger, crypto “set-up” assumptions, key infrastructure, randomness beacons, micropayments, anonymous channels, … Separation of concerns (protecting channel vs. data, mechanism vs. policy, long-term vs. short-term)

7. Interactions between Protocols “Stand-alone” security/reliability/performance not necessarily maintained when protocols executed concurrently in complex network environment. Crypto community studying concurrent security, “universal composability”. Far from fully understood. Overlay networks optimizing resources (Chen-Nee). Dependency graph, predict what will happen.

8. Specifying/monitoring/verifying security & reliability properties Need language for expressing desired properties, and automatic tools for verifying (or designing) protocols & configuration Both static properties & real-time behavior –What to measure? –Decide what to monitor when designing architecture/protocols Bridge between logic/formal methods, probabilistic/learning models, and crypto. Troubleshooting & fault isolation

9. More Network Models –Wireless, optical switches, time-varying –How do these affect security, reliability? New Threats –Spam, DoS, clutter –Cascading failures (critical infrastructure) –Worms, viruses, intrusion