חדשות
חדשות והודעות הפקולטה למדעי המחשב ע"ש הנרי ומרילין טאוב
Sunday, November 17, 2013
הנכם מוזמנים לסדרת הרצאות אשר תינתן על ידי פרופ' רוס אנדרסון מאוניברסיטת
קיימברידג' לפי התוכנית הבאה:
הרצאה 1:
ASafety and Privacy – Health Systems in the Age of Biodata
יום שלישי, 10 בדצמבר 2013, בשעה 14:30
חדר 337, בניין טאוב למדעי המחשב
There have been serious tussles over health privacy in the UK, the USA and elsewhere over the safety and privacy of health IT systems. Many countries are moving medical records away from family doctors, clinics
and hospitals to central cloud systems. This can cut costs and increase resilience: Hurricane Katrina wiped out many New Orleans patients' records, but those covered by the Veterans' Administration
could walk into any VA hospital and find their files waiting for them. But centralisation can bring serious privacy failures: following the UK health service's National Programme for IT (NPfIT) receptionists
found they could access psychiatric casenotes, and over 700,000 people
opted out of an early centralised system. Such systems can also impair
functionality: once they are no longer bought by doctors but by large
firms or ministries, they become less good at supporting healthcare in
many subtle ways. And once the records are available in one place,
there are huge pressures for access by all manner of organisations,
benevolent and otherwise; lobbying over the new EU data protection
regulation is so fierce that the European Parliament and Council may
not be able to agree on it. Regulation is poor, as regulators are
captured by powerful lobbies; the safety of medical equipment still
awaits its Ralph Nader. Medical records are a hard problem not just
because the subject matter and the workflow are complex, but because
support systems embody power relationships and are the scene of fierce
struggles for control and for money. Into this cauldron, we are about
to add genomics. How will the world change once patients can add their
DNA sequence data to their records?
ביוגרפיה קצרה:
Ross Anderson is Professor of Security Engineering at Cambridge
University. He holds a Brandeis award for lifetime achievement in
health privacy; he has worked for the British and Icelandic medical
associations, been a special advisor to the UK parliament's health
committee, and was an author of "Database State" – a report that led
the UK government in 2010 to cancel two large systems to collect data
on children. He has made a number of technical contributions to
security, from cryptography through hardware tamper-resistance to API
security; and he is one of the founders of security economics, which
brings the tools of game theory and microeconomic analysis to bear on
complex multistakeholder systems.
הרצאה 2:
How Can we Recover from Protocol Failure?
יום חמישי, 12 בדצמבר 2013, בשעה 11:00
חדר 337, בניין טאוב למדעי המחשב
Security protocols are the foundations on which the digital age is
built. SSL/TLS is the basis for online commerce, email privacy and
much else; EMV is taking over the world of card payments; and
lesser-known protocols such as SSH and DNSSEC protect the
infrastructure. Stable, reliable platforms are the basis on which
others can innovate; but what happens when the platforms themselves
fail? We have so far seen about a dozen failures of SSL/TLS, and had
to patch them in very ad-hoc ways because it is not feasible to
replace whole ciphersuites quickly, or even to change the clients and
the servers at the same time. There has been a whole series of attacks
on EMV, many of which are still not really patched. And now we find,
pace Snowden, that many protocols have been the subject of deliberate
attempts to weaken them; we are dealing not just with bugs and
blunders but with adversarial behaviour. One of the most challenging
problems we face is how to repair broken protocols when some of the
participants are obstructive; we may have to move beyond protocol
analysis and security-economic analysis to think in terms of strategy,
politics and even diplomacy. A related problem is how to design
protocols that will be as resilient as possible against future
adversarial behaviour.
כולם
מוזמנים.[בחזרה לאינדקס החדשות]