Speaker
Description
For computer systems to communicate with each-other they go through 7
layers of communication (assuming the Open Systems Interconnection,
OSI model). From the user visiting a website in a web browser
(layer 7) all the way to the physical internet cables (layer 1). At
each layer, there are different protocols or measures involved for
improving the security of the communication.
There is a lot of research going around on higher layer protocols.
Think about encryption protocols such as TLS (web traffic), SSH
(logging into remote systems) and VPNs (encrypting the whole chain for
e.g. institute access). The added benefit of these higher layer
protocols is clear, but what about the lower layers? Ever heard of
MACsec or OTNsec? What are these protocols for and what is their added
benefit?
This lightning talk will talk about these (obscure) protocols and
discuss what place they (can) have in the security landscape. It will
ask the question how widely used these protocols are and what
potential impact they can have on the three pillars of security:
Confidentiality, Integrity and Availability. It aims to answer a big
question: Should there be more research for protecting the lower
layers? What potential improvements can be made?
Due to the nature of being a lightning talk, it will focus less on
technical details of these protocols but more on the general idea of
them. It's aimed at a call to action: how much research are you doing
on improving the security of these lower layers? What is your
experience with the aforementioned protocols?
The talk is structured in the sense that we will start with the
security protocols of higher layers and as the talk progresses move towards the lower layers. The target audience is people working on networks or want to learn more about encryption protocols. That being said, exact technical knowledge such as cryptography is not expected.