HOME

ABOUT STC

CONFERENCE ORGANIZATION

PRESENTER LOGIN

KEYNOTES

TUTORIALS

EXHIBITORS AND SUPPORTERS

SCHEDULE

REGISTRATION

TRAVEL, LODGING, & AREA INFO

CONTACT US

PROCEEDINGS

IEEE STC Facebook Page IEEE STC Facebook Page

IMPORTANT DATES
Dates coming soon

Abstract Details

<< Back to Schedule

9/27/2017  |   10:25 AM - 11:10 AM   |  Track 1 - Cyber Security

Cryptography Classes in Bugs Framework (BF): Encryption (ENC), Verification (VRF), and Key Management (KMN)

Accurate, precise, and unambiguous definitions of software weaknesses (bugs) and clear descriptions of software vulnerabilities are vital for building the foundations of cybersecurity. The Bugs Framework (BF) comprises rigorous definitions and (static) attributes of bug classes, along with their related dynamic properties, such as proximate, secondary and tertiary causes, consequences, and sites. This paper presents an overview of previously developed BF classes and the new cryptography classes: encryption (ENC), verification (VRF), and key management (KMN). We analyze corresponding vulnerabilities and provide their clear descriptions by applying the BF taxonomy. Finally, we discuss the lessons learned and share our plans for developing next BF classes.

Presentation:
This presentation has not yet been uploaded.

Handouts:
No handouts have been uploaded.

Irena Bojanova (Primary Presenter), NIST, irena.bojanova@nist.gov;
Irena Bojanova is a computer scientist at NIST. Previously she was a program chair at UMUC, an academic director at JHU-CTY, and a co-founder of OBS Ltd. (now CSC Bulgaria). She earned her Ph.D. in Mathematics/ Computer Science from the Bulgarian Academy of Sciences in 1991. Irena serves as Member at Large on IEEE CS Publications Board, AEIC of IEEE IT Professional, co-chair of IEEE RS IoT TC and founding member of IEEE TSC on Big Data. Irena was the founding chair of IEEE CS Cloud Computing STC and EIC of IEEE Transactions on Cloud Computing. She writes cloud and IoT blogs for IEEE CS Computing Now.

Paul E. Black (Co-Presenter,Co-Author), NIST, paul.black@nist.gov;
Paul E. Black has nearly 20 years of industrial experience in developing software for IC design and verification, assuring software quality, and managing business data processing. He is the founder and editor of the Dictionary of Algorithms and Data Structures http://www.nist.gov/dads/. Black earned a Ph.D. from Brigham Young University in 1998. He taught classes at Brigham Young University and Johns Hopkins University. He has published in static analysis, software testing, networks and queuing analysis, formal methods, software verification, quantum computing, and computer forensics. He is a member of ACM and a senior member of IEEE.

Yaacov Yesha (Co-Author), NIST, yaacov.yesha@nist.gov ;
Yaacov Yesha is a professor at the Department of Computer Science and Electrical Engineering at the University of Maryland, Baltimore County. He earned his PhD in Computer Science in 1979 from the Weizmann Institute of Science. His research interests include software assurance and cloud computing.

2017 Sponsors: IEEE and IEEE Computer Society

This site and all contents (unless otherwise noted) are Copyright ©2017 IEEE. All rights reserved.