|February 1, 2017||Abstract and optional full paper submission begins|
|May 26, 2017||Exhibit & Supporter registration opens|
|June 15, 2017||Abstract and optional extended abstract submission ends|
|June 29, 2017||Acceptance notifications sent|
|July 24, 2017||Submit final abstracts and presenter biographies|
|August 28, 2017||Submit final presentations and optional full papers|
Cryptography Classes in Bugs Framework (BF): Encryption (ENC), Verification (VRF), and Key Management (KMN)
Accurate, precise, and unambiguous definitions of software weaknesses (bugs) and clear descriptions of software vulnerabilities are vital for building the foundations of cybersecurity. The Bugs Framework (BF) comprises rigorous definitions and (static) attributes of bug classes, along with their related dynamic properties, such as proximate, secondary and tertiary causes, consequences, and sites. This paper presents an overview of previously developed BF classes and the new cryptography classes: encryption (ENC), verification (VRF), and key management (KMN). We analyze corresponding vulnerabilities and provide their clear descriptions by applying the BF taxonomy. Finally, we discuss the lessons learned and share our plans for developing next BF classes.
This presentation has not yet been uploaded.
No handouts have been uploaded.
Irena Bojanova (Primary Presenter), NIST, firstname.lastname@example.org;
Irena Bojanova is a computer scientist at NIST. Previously she was a program chair at UMUC, an academic director at JHU-CTY, and a co-founder of OBS Ltd. (now CSC Bulgaria). She earned her Ph.D. in Mathematics/ Computer Science from the Bulgarian Academy of Sciences in 1991. Irena serves as Member at Large on IEEE CS Publications Board, AEIC of IEEE IT Professional, co-chair of IEEE RS IoT TC and founding member of IEEE TSC on Big Data. Irena was the founding chair of IEEE CS Cloud Computing STC and EIC of IEEE Transactions on Cloud Computing. She writes cloud and IoT blogs for IEEE CS Computing Now.
Paul E. Black (Co-Presenter,Co-Author), NIST, email@example.com;
Paul E. Black has nearly 20 years of industrial experience in developing software for IC design and verification, assuring software quality, and managing business data processing. He is the founder and editor of the Dictionary of Algorithms and Data Structures http://www.nist.gov/dads/. Black earned a Ph.D. from Brigham Young University in 1998. He taught classes at Brigham Young University and Johns Hopkins University. He has published in static analysis, software testing, networks and queuing analysis, formal methods, software verification, quantum computing, and computer forensics. He is a member of ACM and a senior member of IEEE.
Yaacov Yesha (Co-Author), NIST, firstname.lastname@example.org ;
Yaacov Yesha is a professor at the Department of Computer Science and Electrical Engineering at the University of Maryland, Baltimore County. He earned his PhD in Computer Science in 1979 from the Weizmann Institute of Science. His research interests include software assurance and cloud computing.