2012年11月29日星期四

Hong Kong IT Security Summit 2012

The Hong Kong IT Security Summit was held at City University of Hong Kong on 28th Nov 2012. The Summit was co-organized by City University of Hong Kong (CityU), Velosti Technology Limited and Hong Kong Applied Science and Technology Research Institute (ASTRI), this annual event gathered top IT professionals and security experts in Hong Kong to address critical IT security issues for discussing the latest best practice security solution.

In the beginning, Dr. Ray Cheung (CS Dept., CityU) gave a welcome remark.


Dr. Ray Cheung said Mr. Hon Charles Mok (Legislative Councillor - IT, HKSAR) was invited to attend the summit but Mr. Mok was not available. His greet message was showed to congratulate the successful launch of the summit.


The first speaker was Mr. Alan Cheung (R&D Director, IC Design Group, ASTRI) and his topic named "ASTRI Secured Storage Technologies". He presented ASTRI technology in terms of performance, security and reliability.


Firstly, Mr. Alan Cheung introduced ASTRI product roadmap in storage technology. Then he introduced USB 3.0 which was 10x as fast as USB 2.0, high data throughput and low power consumption during idle.


After that he briefed the security designs as follows:
- Security with System Design (e.g. Fingerprint Sensing and Face Recognition)
- Security with Software Design (e.g. User-to-Computer Authentication (UCA) security algorithm)
- Security with Hardware Design (e.g. AES-XTS)


Reliability with Design Flow and with Verification Expertise were mentioned. USB 3.0 compliance tests and certification was challenge. The certified USB logo was showed in top right corner.


The second speaker was Dr. Patrick Hung (President, Velosti Technology Limited) and his presentation title was "USB Sticks: Culprit behind Security Breaches".


Dr. Patrick Hung said if you think all USB sticks are the same and secure, pigs can fly and can climb trees. Then he briefed different security breaches in US or UK as examples.


Dr. Patrick Hung said good news that USB sticks were getting cheaper with larger capacity. But the Downgraded Flash Devices (黑片) was unreliable and more than 50% of USB Sticks in China was built with Downgraded Flash Devices and TLC Flash Devices. Moreover, most of USB sticks did not support data encryption.


In addition, Dr. Hung introduced the latest development beyond password protection such as Platform Registration, USB Stick Registration, and Sideband Authentication. Finally, Dr. Hung recommended to use reliable USB Sticks and deployed encryption in workplace, scanning USB Sticks for Virus or Malware, as well as, employed "Password + Locks" for authentication.
The third speaker was Prof. John Lui (CS&E Dept., CUHK) and his topic named "Create Your Own Cloud-based Mobile Botnet".


Prof. Lui briefed the smart phone market in China and found that Android was dominant. Then he told us the Wiki definition of botnet "A botnet is a collection of internet-connected computers whose security defenses have been breached and control ceded to a malicious party."


Prof. Lui said botnet design was considered the Scalability (a large population), Controllability (short response delay for commands) and Stealthiness (hard to be detected), indicating three factors were important included "Keep-Alive Period", "Command Dissemination Period" and "Energy Consumption". There some traditional mobile botnets included SMS Botnet, HTTP Botnet and TCP Botnet.

Then Prof. Lui briefed Android Cloud to Device Messaging (C2DM) to Google Cloud Messaging for Android (GCM). And also discussed Bot registration into C2DM and large scale problem. Lastly, he concluded that Android, though popular, had many security issued. It needed better detection, forensic and architecture.


Dr. Ray C.C. Cheung (Assistant Professor, EE Dept., CityU) was the forth speaker and he presented the topic "Chip-To-Cloud Security: Secure Processor & Its Components".


Dr. Cheung briefed the security in new Cloud Landscape included computing technology for Mobile and Cloud, NFC & m-payment, End-to-End Security and Crypto & Embedded Security. Then he identified four major security concerns that were Confidentiality, Integrity, Genuine Authentication and Non-repudiation. Then Dr. Cheung explained the advantages and disadvantages between software and hardware security. They were opposite each other.


After that Dr. Cheung explained what is secure processor. It exploit hardware to provide both hardware and software protection. The common features were separated into Hardware Level Protection (e.g. Data encryption/decryption, Integrity verification, Tamper detection, OS authentication) and Software Level Protection (e.g. Software authentication).
Dr. Cheung said there was no convenient platform on which secure processors could be prototyped. His research was using reconfigurable platform through the advatage of the reconfigurable Field Programmable Gate Array (FPGA) platform for secure processor and then integrated the hardware secured components to the Cloud platform.


Finally, he demonstrated the Secure Computing Model and concluded that we needed to rethinking Trust (End-to-End Balance), Storage (Beyond Disks/Flash), SoC (Embrace Heterogeneity) and Reliability (Security Component Failure, only use the hardware you need).


Dr. Duncan Wong (Associate Professor, CS Dept., CityU) was the fifth speaker and his topic entitled "Sharing Encrypted Cloud Data Using Proxy Re-Encryption".


Firstly, Dr. Wong introduced the conventional cloud storage and sharing services such as Dropbox and Google Drive, which encrypted data on their servers and using internal policies to control. Key was belong to the service provider.


Then Dr. Wong explained Secure Cloud Storage but it needed to use out-of-band key distribution. For using Fine Grained Secure Cloud Storage Sharing could separate the folder distribution to different persons but out-of-band key distribution was still the problem.


Secure Cloud Storage Sharing using Proxy Re-Encryption (PRE) could solve out-of-band key distribution problem. The Multi-Share Fine Grained Secure Cloud Storage Using Conditional Proxy Broadcast Re-Encryption (CPBRE) was demonstrated in the following diagram. ReKey A->{B,C} [Folder A] where ReKey is Re-Encryption Key which send from Alice to Bob and Carol for Folder A only.


The sixth speaker was Dr. KP Chow (Associate Professor, CS Dept., HKU) and his presentation named "Corporate Digital Investigation - The China Challenge".


Dr. Chow quoted 2011 CyberSecurity Watch Survey that 21% of attacks were caused by insiders. He said it should be underestimated because 70% of insider incidents are handled internally without legal action. Insiders attacks were more difficult to defence, more harm and costly, and less likely to be reported.


HKSAR OGCIO - Info Security Incident Handling Guidelines was introduced. The clause 5.2.2 Security Incident Handling mentioned "Planning and Preparation", "Response to Security Incident" and "Aftermath".


If the Security Incident happened in China, you need to employ Judicial expert (計算機國家司法鑒定人) who needed to obtain practicing qualification certificate from the authority and to affiliate with an judicial expertise institution. Judicial expert had investigation and forensic "power". The license sample was showed.


The last speaker was Dr. KW Wong (Associate Professor, EE Dept., CityU) and his topic was "Joint Compression and Encryption for Multimedia Applications".


Dr. Wong briefed the traditional (Independent) Approach of Compression (e.g. WinZip/jpeg/mpeg) and Encryption (e.g. AES/RC4). It is not efficient because of Read/Write twice. Unlock either all or zero information which partial decryption was usually not allowed. It was because compression and encryption algorithms were designed independently and not fit each other. Then Dr. Wong introduced the design of Joint Source Coding and Encryption as follows.


Dr. Wong gave conclusions below.
- Joint operation of compression and encryption have certain advantages over the traditional approach.
- For image compression, some parameters of fractal image coding are encrypted to perform compression and partial encryption at the same time.


Reference:
“Top issues in Corporate IT Security” – Hong Kong IT Security Summit 2012 - http://www.hkcs.org.hk/whatsnew/20121123/files/Hong_Kong_IT_Security_Summit_2012/Reply_Slip.pdf


2012年11月25日星期日

CityU EngD(EM) Graduation Dinner 2012

The Celebration Dinner for EngD Graduates 2012 in the Department of Systems Engineering and Engineering Management (SEEM), City University of Hong Kong (CityUHK) was held on 24th Nov 2012.

Dr. Walter Fung (Vice-chairman, CityU EngD Society) was MC to arrange the dinner event.


In the beginning of celebration, Dr. Rocky Lam (President of CityU EngD Society) gave an opening speech.

Prof. Kwok Leung TSUI (Head and Chair Professor of Industrial Engineering, SEEM, CityU) gave a welcome speech.


Our keynote speaker was Mr. Simon Hui (Vice Chairman of CityU Eminence Society) and he shared the topic "CHANGES". Simon explained his company strategy how to change from Wholesale to Retail. He met many challenge during this change. Before that the model was from Ex-Factory to Distributors. After Change that the model became from Ex-Factory to End Users.


Then Simon demonstrated his strategy such as direct sale advertisement and new shops (13 location).
Newspaper adv

One of 13 Shops


Simon reviewed his company business development history from 1988 (Courier) to 1993 (Mail order) to 1994 (Redemption) to 1997 (Vending Machine) to 2000 (Wholesale) to 2002 (Octopus Watch) to Now (retail). He said the most important was to build a flexible team of talents.


Dr. Rocky Lam presented a souvenir to Mr. Simon Hui.


Then all EngD graduates took a photo with professors and guests.


Grateful Messages from Graduates session to give a chance for each graduate to thanks his family, teachers and shared the EngD journey.

Dr. Peter Ho

Dr. PL Yuen

Dr. Geoffrey Cho

Dr. PM Lai

Dr. Gaby Ku

Dr. Ronald Kwan

Dr. Dave Low

Dr. Albert Tam

After that our first EngD graduate Dr. Augustine Chow gave us a funny talk. He shared his ten years study life in CityU and asked us 3 questions which need us to think.
1) How do we become a BETTER PERSON in life?
2) How do we have HIGH VALUE in life?
3) What is the different between COMPLETE and FINISH?
For the question 3, Augustine explained that your life COMPLETED, if you chose a good degree or right girl friend. Otherwise, your life FINISHED.


Mr. Frankie YEUNG (Chairman, Cantonese Opera Development Fund Advisory Committee 粵劇發展基金顧問委員會) was our guest and invited to share his experience on promoting Cantonese Opera. Mr. Yeung said that Cantonese Opera listed as world heritage and they used new technology to promote this art such as facebook and twitter.


At the end, we cheered all EngD 2012 graduates.
Some photos of my classmates were taken for sharing.






Dr. KS Chin's student team was taken a group photo. We all passed the exam, indicating zero detect in KS team.


Reference:
Engineering Doctorate (Engineering Management) - http://www.cityu.edu.hk/seem-mbe/prg-engd.htm
CityU's Engineering Doctorate (Engineering Management) Programme 2012 - http://qualityalchemist.blogspot.hk/2012/04/cityus-engineering-doctorate.html
CityU Engineering Doctorate Society - http://cityu-engd.homepage.hk/
CityU Eminence Society - www.cityues.org


LinkWithin

Related Posts with Thumbnails