Agile security for cloud systems? Moti Yung to give a HAIC Talk at Aalto
Yung is particularly known for coining the term 鈥榗ryptovirology鈥 and the principles behind it. At his HAIC Talk he will explain how, in 鈥榯he cloud era鈥, software design and security tool development should be able to keep up with the constantly evolving ecosystem and take note of how cloud systems keep evolving.
Adhering to what he calls 鈥渁gile principles鈥 could also protect cloud systems from attacks and breaches.
鈥業n an environment where software development, updates and projects are always ongoing, also the cryptography and security designer should be in a state of adaptation to the system's evolution. I will demonstrate this in my talk based on a heavily-used real-world application,鈥 says Yung, referring to Google鈥檚 Advertisement Exchange, which supports the company鈥檚 multi-billion-dollar digital advertising.
Designing security tools and cryptographic solutions with the ever-extending scope and inevitable scaling up of the cloud system 鈥 such as Google鈥檚 Advertisement Exchange, Yung鈥檚 focus point in the upcoming talk 鈥 would be a way to avoid overly complex changes and loads of development overhead later on.
Yung finds an analogy of the 鈥榓gility principle鈥 even for keeping every-day users safe from ransomware and all other kinds of attacks.
鈥楾he two things people often think of only as disturbances 鈥 systems updates and backups 鈥 are in fact most essential! If everyone took care of them frequently, the window of opportunity for attackers would narrow considerably,鈥 reminds Yung.
Yung鈥檚 work on ransomware 鈥 the hijacking of systems or data from users or organisations and issuing demands for ransom for releasing the data 鈥 also becomes increasingly relevant with the current internet of things trend. The 鈥榯hings鈥 will enable new kinds of security breaches and attacks and prevention tactics need to be planned well in advance.
鈥楾he merging of computing and physical devices will lead to new attacks where ransomware will be replaced by physical consequences.鈥
鈥楢ny element of the new IoT systems will be a target, and there is not enough investment in their security. Ransomware could cause a man-made disaster if we do not secure the system-level infrastructure,鈥 believes Yung.
He also cautions that artificial intelligence applied without safety and security in mind will lead to attacks.
Moti Yung鈥檚 HAIC Talk The Advertisement Exchange: How to Develop Agile Cryptographic Support for an Evolving Ecosystem?, 19 June at Dipoli (Lumituuli) at 6 PM:
The talk is open for everyone, but please sign up in advance here:
Read more news
Publishing Research Data Alongside Research Articles
Data availability statements are increasingly required by scientific journals. They include information on what data are available, where they can be found, and any applicable access terms
Who publishes our open access publications?
Researchers at Aalto and Helsinki Universities favor open access journals with author fees published by large publishers. Popular journals without author fees are often published by universities or societies.
Learning, growing, and exploring: a path through doctoral studies at Aalto
Hamidreza Daghigh Shirazi reflects on his doctoral journey at Aalto University