Anas Abou El Kalam is a university professor and president of the Moroccan Association of Digital Trust. He co-authored more than 150 papers and is certified ISO 27001 Lead Auditor, CEH (Certified Ethical Hacking) and CISSP (Certified Information Systems Security Professional). He was Assistant director of the OSCARS laboratory and in charge of the Networks, Systems and Security master as well as a former head of the Network and Telecommunication department at the UCA-ENSA. He also was an associate professor at the Institut National Polytechnique (INP) of Toulouse France where he obtained his HDR (Habilitation Diriger les Recherches) in security of critical networks and systems as well as his Ph.D. in security policies and models. He had several responsibilities as the Head of the Computer Science Department and the head of the Networks and Systems security Department at ENSIB (high school of engineers) France. He was invited professor at several universities in USA, Tunisia, Bucharest Technical Military Academy, etc. as well as a temporary professor at the Department of Defense training center in Bourges. His interest fields are Internet of Things security, Cloud security, critical systems security, access control models, and evaluation of security mechanisms.
Reinforcement Learning and Blockchain to Secure the Internet of Things
Christophe Bianco is the co-founder and the managing director of Excellium Services. Excellium was founded in 2012 by the willingness of people active in the Information Security field for over 14 years. Recently the Group Excellium have extended its operations to Belgium but also Morocco, Tunisia, Senegal and Ivory Coast.
Before Excellium, Christophe has been vice-president and General Manager for the European, Middle East & African region of the Qualys society, leader in computer vulnerability management solutions.
Beforehand, he managed the activities development of Verizon Business on the European Region for the security division during 10 years.
He regularly speaks at conferences on Information Security issues, analysis of the economics of cybercrime or evolving threats. He is trainer for Cases.lu about safety awareness in luxembourish organizations and speak in University or business school (Université de Lorraine, EDHEC Nice, IUT Metz, Telecom Nancy...).
Digital Trust at the Internet of Everything - The new world of insecurity
The current Internet world rely on the by-default principle that the network is secure! Blockchain, Encryption, ... all technologies subject to secure Internet, We will review different situations which demonstrate that technologies create the issues not because of the technologie but due to their implementation - and will start to elaborate few direction for improving the situation
Pierre Dandjinou is ICANN's Vice President of Stakeholder Engagement for the Africa region, and has held the position since December 2012. He coordinates outreach, support and engagement with all stakeholders, including governments, civil society and private sector in the Africa region.
He has also held roles as Director at INFOCOM Intelligence, Chairman at AfriNIC, E-Governance Advisor at the United Nations Development Program, and the President of the ISOC Benin Chapter. In November 2012, he was appointed as ICANN's Vice Presidents for Stakeholder Engagement for Africa, a position that reports to Sally Costerton and is part of CEO Fadi Chehadé's goal to expand ICANN outreach and involvement to the developing world and improve the international makeup of the organization.
Pierre was a Regional Policy Advisor on ICT for Development at SURF/UNDP, Africa. He served as a Programme Officer for UNDP (1997-2000); in this position, he coordinated the Africa node of the Sustainable Development Networking Programme (SDNP).
Pierre is involved with many IT related initiatives on the continent, and is a member of various Advisory Committees including AfriNIC, the At-Large Advisory Committee at ICANN, and the Global Internet Policy Initiative.
Pierre’s current specific areas of interest are e-strategies, e-governance and e-Parliaments as means for fostering use of ICTs for human development in Africa
DNS Abuse
The Internet Corporation for Assigned Names and Numbers (ICANN) plays a specific, technical role, acting in the global public interest as the trusted steward of the Internet’s unique identifier systems. We coordinate parts of the Domain Name System (DNS), which translates computer hostnames into IP addresses, as well as the Internet Protocol addressing system used to route Internet traffic. In short ICANN is an important part of the system that helps people connect to each other online.
This system can be put to danger if appropriate measures are not taken, as can be seen in recent attacks. DNS abuse and DNS misuses can be parts of these threats of the system. Our presentation will focus on what is DNS abuse, provide examples of DNS abuses and explain the evolving DNS threat landscape. Securing the DNS for a robust and secure and interoperable Internet constitutes ICANN contribution to fighting cyberthreats and the presentation will enlighten on current ICANN technical actions in that regards.
Sylvain Guilley is CTO at Secure-IC, a company offering security for embedded systems.
Sylvain is also professor at TELECOM-ParisTech, associate research at Ecole Normale Superieure (ENS), and adjunct professor at the Chinese Academy of Sciences (CAS).
His research interests are trusted computing, cyber-physical security, secure prototyping in FPGA and ASIC, and formal / mathematical methods.
Since 2012, he organizes the PROOFS workshop, which brings together researchers whose objective is to increase the trust in the security of embedded systems.
Sylvain is also lead editor of international standards, such as ISO/IEC 20897 (Physically Unclonable Functions) and ISO/IEC 20085 (Calibration of non-invasive testing tools).
Sylvain has co-authored 200+ research papers and filed 30+ patents.
He is member of the IACR, the IEEE and senior member of the CryptArchi club.
He is alumni from Ecole Polytechnique and TELECOM-ParisTech.
(*) remote speaker.
Real-World Cache Timing Attacks
With the rise of IoT market, more and more applications rely on software cryptography. Most of the time, the cryptography is strong against cryptanalysis, but weak in terms of physical attacks. In this talk, I'll explain how side-channel attacks threaten the security of such products. In particular, I'll compare the horizontal (cache-timing) and vertical (electromagnetic) side-channel analyses.
Cryptography plays a central role in facilitating data transformation, digital communication and transactions. In order to protect sensitive information against malicious attacks, it is crucial to take various important steps. The most efficient steps rely on cryptography. We will consider some effective situations to show that cryptography is of critical importance to effective cyber security and digital trust."
Aamer has over 25 years of experience in various business, management, and technical leadership roles. He has been part of transformational change in many industries including Industrial Products, Telco, T&T, Retail and Govt. Aamer’s combination of strong technical and business background has gained him recognition as a highly result oriented leader.
He is currently the CEO Teal Technology Services and the MEA Consumer Industry Leader.
Previously he held position of MEA Blockchain Leader, an IBM OCP venture. He has also held various managerial positions in Etihad airways and Airtel.
He hold a Master of Science in Computer Science from the University of Houston USA, as well as a Bachelor of Science in Electrical Engineering.
Jean-Louis Roch received the M.Eng. degree in from the “École Nationale Supérieure d'Informatique et de Mathématiques Appliquées (ENSIMAG)”, Grenoble, France, in 1986 and the Ph.D. degree in applied Mathematics from Grenoble INP, Grenoble, France in 1989. He is currently professor at ENSIMAG and rechercher at VERIMAG Lab. In 2017 his appointed as Director of ENSIMAG.
Within team PACSS at VERIMAG laboratory from March 2016, his research focus on provably secure distributed, parallel and interactive computations. Especially, he participates to Research and Development project with Industry in the context of both clouds (data and computations outsourcing, eg SHIVA or Incas-ITSec) and critical infrastructures (eg ARAMIS). He is also involved in the SCCyPhy: Security and Cryptology for CyberPhysical systems of LabEx Persyval-LAB.
Previously, within laboratory LIG <2006-2016> (and previously laboratories ID-IMAG <1999-2006>, LMC-IMAG <1991-1999> and TIM3 <1986-1990>), his research has largely been in the interaction of parallel algorithms and their programming on parallel and/or distributed architectures, from embedded or multicore systems to grid and cloud computing infrastructures. In the framework of the Inria LIG MOAIS team-project (2005-2015), he studied adaptive parallel algorithms and their scheduling in the context of interactive applications, on multi-processor system on chips (MPSoCs) and also on security and fault-tolerance on large scale platforms.
He is co-fonder the Master-2 program "Security, Cryptology and Coding of Information Systems" that he co-directed till august 2016. Since 2016 he is co-director of the new Master 2 program Cybersecurity.
SCADA Systems Security: Verifying Integrity Properties
Supervisory Control and Data Acquisition (SCADA) systems are used to monitor and control a physical process such as energy production and distribution, water cleaning or transport systems. Security of such systems is often critical and becomes a priority for governmental agencies. Beyond confidentiality or authentication of communication, guaranteeing integrity and availability is a main issue. For example, the reordering or deletion of some commands can cause the system to enter an unsafe state. Classically stateless and stateful integrity properties are distinguished. Focusing on real industrial protocols MODBUS and OPC-UA, we formalize flow integrity properties and overview off-line verification and on-line filtering tools.
References:
[1] Formally and Practically Verifying Flow Integrity Properties in Industrial Systems. Jannik Dreier, Maxime Puys, Marie-Laure Potet, Pascal Lafourcade, Jean-Louis Roch. Computers and Security, Elsevier, 2018
[2] Security Architecture for Embedded Point-to-Points Splitting Protocols. B. Badrignans, V. Danjean, J. Dumas, P. Elbaz-Vincent, S. Machenaud, J. Orfila, F. Pebay-Peyroula, F. Pebay-Peyroula, M. Potet, M. Puys, J.-L. Richier, and J.-L. Roch. In WCICSS'17, 2017 Dec 2017, Cambridge, United Kingdom.
