2019 17th International Conference on Privacy, Security and Trust (PST)
August 26-28, 2019, Fredericton, NB,Canada

Francis P. McGuire
Biography: Francis P. McGuire became President (Deputy Minister) of the Atlantic Canada Opportunities Agency on June 12, 2017. From 2000 to 2015, he was President and CEO of Major Drilling Group International Inc. and served on the Board of Directors. He was Vice President, Marketing and Business Development of MITI Information Technology Inc. from 1998 to 2000. From 1985 to 1997, he was the New Brunswick Deputy Minister of Economic Development and Tourism and Leader of the province’s Information Highway Secretariat. He served on Industrial Alliance’s Board of Directors from 2001 to 2017. Atlantic Business Magazine named him CEO of the Year 2008. Emeritus member of the New Brunswick Business Council, he was inducted into the New Brunswick Business Hall of Fame in 2012 and was Ernst & Young’s Atlantic Entrepreneur of the Year 2013. Born in Halifax, Francis McGuire has two sons, Brendan and Dylan, and lives with his long-term partner, Elizabeth Webster.

Gaëtan Thomas
Biography: Serving as President & CEO of NB Power since February 2010, Gaëtan Thomas is a committed industry leader and agent of change. His vision for NB Power includes a made-in-New Brunswick smart grid aimed at creating a greener, more sustainable province, helping to reduce reliance on fossil fuels, lowering costs and keeping customer rates low and stable. Gaëtan has a degree in Electrical Engineering as well as an Honorary Doctor of Science Degree from the University of New Brunswick. A loyal and lifelong employee of the utility, he has worked in all aspects of the business including as Chief Nuclear Officer and Vice President of both Nuclear and Distribution and Customer Service divisions. He is also a Board Member for the Canadian Electricity Association, an electric vehicle advocacy group Plug’n Drive Canada and the New Brunswick Business Council as well as the Chairman of the Board of the Atlanta Center World Association of Nuclear Operators.

Sean C. Higgins
Biography: Sean C. Higgins is the CTO and co-founder of Herjavec Group. Sean has worked in the Information Technology Field for over 30 years with a specific focus on Internet Security for the last 20 years. In the early days of Internet Security, Sean worked closely with Check Point Firewall-1 in bringing the technology to Canada and then assisting in the development and delivery of Check Point training courses throughout Canada. Over the years, Sean became a trusted advisor in Internet Security and has been called upon to lead teams to assist companies in remediation of large corporate security incidents. Sean was one of the first to be called as an expert witness in a Canadian court regarding a cyber-security incident. He was named the first CTO of the month in September 2012 by IT Focus. Sean is also a coach, speaker, and author.

MATT BRODA
Biography: Matt Broda is a Technical Fellow in Security at Bell Canada. As the security CTO focused on Bell’s enterprise customers, Matt is responsible for Bell’s strategic security technology direction helping Canadian businesses to securely navigate digital transformation. Matt has devoted the last 20 years of his career to make cyberspace a safer place. In his work with international government and private sector organizations, Matt has helped to advance the state of security and privacy in key areas, including cloud and mobile computing, VoIP and multimedia communication, and critical information infrastructure protection. Before joining Bell Canada, Matt held leadership positions focused on security with Nortel’s Chief Technology Office, Microsoft’s Trustworthy Computing and as an entrepreneur and advisor. Matt holds an MBA from Ottawa University and a B.Sc. in Computer Science and Psychology from University of Toronto.
Talk Title: Securing Digital Transformation
Talk Abstract: This talk will explore security and privacy challenges that organizations encounter on their journey through digital transformation. With experience in operating the largest network in Canada and protecting organizations of all sizes, Bell sees and understands the challenges organizations are facing such as fast moving markets, cloud adoption, increasingly reliance on on-line model and increasing value of digital assets. Based on this experience we will share thoughts on securely enabling digital transformation in an ever-evolving threat landscape.

Dr. Makan Pourzandi
Biography: Dr. Makan Pourzandi is a research leader at Ericsson, Canada. He received his Ph.D. degree in Computer Science from University of Lyon I Claude Bernard, France and M.Sc. in parallel computing from École Normale Supérieure de Lyon, France. He has more than 20 years of experience in the fields of cyber security, Telecom and distributed systems. He co-authored a book on software security published by Springer on 2015 and is the co-inventor of 19 granted US patents. He has published more than 65 research papers in peer-reviewed scientific journals and conferences. His current research interests include security, cloud computing, software security engineering, cluster computing, and component-based methods for secure software development.
Talk Title: Security in Network Function Virtualization (NFV) environment for 5G networks
Talk Abstract: The 5G Telecom networks will play a central role in providing the common backbone for information exchange among different applications from different industries, e.g., smart manufacturing, smart cities, smart transportation. This then necessitates ensuring the security and resilience for these services as well as the privacy for their users. Fortunately, 5G systems are designed with the security in mind. Network Function Virtualization (NFV) is an important and novel aspect in these 5G networks, therefore its security is of a paramount importance to the overall security of 5G systems. This presentation provides an overview of different security mechanisms and approaches in NFV environment for 5G Telecom networks.

Gerry Fairweather
Gerry Fairweather
Biography: Gerry Fairweather, Chief Information Officer of the Government of New Brunswick (GNB), is an Enterprise Architect with 19+ years’ experience in Information Technology and a background in surveying and electrical engineering. Gerry has an enviable blend of strengths in team building, leadership, strategic thinking, talent acquisition, and technological expertise, and a passion for collaborating across government to achieve common goals. Gerry has provided thought leadership and collaborated with multiple GNB and private- sector partners to work towards the Digital Transformation of the Government of New Brunswick. As CIO he carries on that work by being accountable for the success of the GNB Digital Strategy and the Cyber Security Strategy. As a Security and Digital ID expert, Gerry’s roots in digital government go deep; during his time at CGI, he was a key part of the team building the original Single Window Government for Service New Brunswick. He also spent 11 years designing and building secure eHealth for GNB’s Department of Health, followed by two years as Chief Digital Officer of the Province.
Talk Title: Doing more with less: approaches to cyber with limited resources
Talk Abstract: New Brunswick is under cyberattack from the rest of the world, and we have only a handful of people to meet the challenge. In the digital age we are all doing more with less already, and expectations just keep rising – as do the volume of cyberattacks. That means we must be smart and resourceful. But we also need people to help! We in New Brunswick are looking to the future already, through the excellent work being done by ONB, UNB, CIC, and others to grow our cyber workforce. But it takes time to create a cyber workforce that will flourish, and to reach that future we need more resources to repel cyberattacks now.

Gerry Fairweather will look at approaches to meeting cybersecurity needs in small jurisdictions with limited resources through the power of partnerships. Leveraging the strengths of other partners in similar circumstances makes all partners stronger in their cyber defenses. Gerry will challenge us to look beyond our usual circles. The ever-changing cyberattacks are coming from all over the world; why shouldn’t the resistance to them come from just as far afield? Digital means that our colleagues in the fight are neighbours, no matter how far away they live. The solution in the “do more with less” environment is to find a way to rise to the current (and ever-increasing) cyber challenge together. We need to be smarter with the little we have, until we have grown it into a lot more than a little. And what’s in it for others to help us? There is a saying in the Maritimes: a rising tide lifts all boats. New Brunswick punches above its weight in cybersecurity as in so many other things, and we are happy to share our expertise. We will be helping partners just as much in return.

John Weigelt
John Weigelt
Biography: John Weigelt leads Microsoft Canada’s strategic policy and technology efforts. Mr. Weigelt helps individual and organizations across Canada innovate with technology while avoiding the unintended consequences that might arise. He leads Canadian outreach for a variety of technology policies including: Economic Development, Privacy, Security, Government 3.0, Accessibility, Environmental Sustainability and Interoperability.

Raj Thuppal
Raj Thuppal
Biography: Raj Thuppal is the Senior Assistant Deputy Minister for Networks, Security and Digital Services at Shared Services Canada (SSC) where he is responsible for the provision, security and ongoing maintenance of the Government of Canada’s data networks, standardizing, consolidating and re- engineering GC-wide delivery of employee services, including real property IT fit-up, and supporting enhanced telecommunications and network services that fall within SSC’s purview. Prior to his current role, Raj served as the Assistant Deputy Minister for Cyber and Information Technology (IT) Security at SSC for approximately 3 years. In this role, he was responsible for Cyber and IT Security program strategy, planning, design and implementation, security operations, identity and access management, risk management and compliance for Government of Canada IT infrastructure. After joining the public service in 2003, Raj worked in various management roles at the Department of National Defence and the Canada Revenue Agency. Before this, he held various engineering roles in the private sector at Marconi/FORE Systems in Ottawa Raj holds a Master’s Degree in Electrical/Computer Engineering from Memorial University of Newfoundland and a Bachelor’s Degree in Electronics & Communications Engineering from India.

Sylvie Frigon
Sylvie Frigon
Biography: Sylvie Frigon manages policy development for the Critical Cyber Systems initiative, within the National Cybersecurity Branch of Public Safety Canada. This initiative focuses on the development of a new framework to enhance the protection of cyber systems that underpin services and systems that are vital to Canada’s national security or the safety of Canadians.

Before joining Public Safety in 2016, Sylvie worked with FINTRAC and the Canada Revenue Agency. In addition to policy and regulatory initiatives and intelligence development related to anti-money laundering and against the financing of terrorist activity, her responsibilities included privacy-related activities such as the assessment of the privacy impact of new programs, the development of Memorandum of understanding for exchanges of information, and working closely with the Office of the Privacy Commisionner in support of privacy audits.

Martin Fontaine
Martin Fontaine
Biography: Martin Fontaine started his career at the Communication Security Establishment (CSE) in 1996. He is currently the Chief Research Officer of CSE, responsible for strategic and applied research teams as well as pan-organization research coordination. Martin’s duties include fostering research partnerships in government, with international allies and with the Canadian ecosystem (academia, labs and private sector). He is responsible for the TUTTE Institute in Mathematics and Computing (TIMC) and for the research activities done in collaboration with the Canadian Center for Cyber Security (CCCS). Part of his role, Martin has the privilege to work with world-class researchers in the fields of cryptography, cyber security, high-performance computing, applied mathematics and artificial intelligence. Prior to this role, Martin was the director of the Cyber Security Ecosystem Development team, advancing collaborative relationships with private industry for the purpose of strengthening best security practices in Canada. The Cyber Security Ecosystem Development team developed and maintained trust-based partnerships to enable the sharing of timely and relevant threat information, technical methodologies and associated tools with cyber security industry players. M. Fontaine was also the manager of CSE’s cyber defence operations & dynamic defence program for 3 years. The team was responsible for network security, inline defensive systems, national optical communication network security and data processing & storage infrastructure for multi-user government national consolidated networks. Among a few other preceding positions, M. Fontaine was responsible for CSE’s applied R&D division, both as a researcher and as the manager for a period of 12 years. CSE’s applied R&D team conducted research in various fields including high speed network processing., very large databases & distributed computing systems, artificial intelligence, machine learning, information retrieval, multi-media analysis (voice, video and image), information fusion systems and distributed autonomous agents systems. M. Fontaine holds a Bachelor in Computer Science from Sherbrooke University and a Master in Computer Science (specialisation in Machine Learning) from Ottawa University.
Talk Title: Cyber defence: Finding opportunities and overcoming challenges
Talk Abstract: This talk will present a set of challenges and technical gaps that have been revealed by analyzing the recent operational experiences of our cybersecurity analysis, development and operation teams. This will include a high-level overview of the cyber defence infrastructure operated by the CCCS (Canadian Centre for Cyber Security) and the main challenges and opportunities the agency is facing in the domains of: artificial intelligence, secure computing, virtual perimeter defence and vulnerability analysis.

Clark Smith
Clark Smith
Biography: Clark joined TD, effective January 2019, reporting to Greg Keeley, SVP and Head of Enterprise Operational Excellence. Clark comes to us from a global bank where he was Managing Director, Chief Technology Officer and Chief Security Office. In that role, he established the Center of Excellence for Cyber Security Architecture and Engineering and was responsible for conceiving, integrating, and delivering innovative technology solutions across their global enterprise.

Denis Siladi
Denis Siladi
Biography: Denis Siladi is a global head of cyber security incident response team within the Cyber-Fraud Threat Management group of TD Bank in Toronto, Canada. Denis holds a Master of Science degree in Computer Science and CISSP and CISA designations. He has over 16 years of experience in cybersecurity, information systems implementations and IT review areas. He joined TD Bank’s team in 2014 where he is currently leading a global team in charge of cyber security incident response, forensics and cyber-automation. Prior to joining TD Bank he worked for Deloitte for over 7 years in a management position, where he led variety of security related projects. Denis has a world-wide experience in different industries in Canada, USA, Europe, Australia and South Africa.

Professor Ravi Sandhu
Professor Ravi Sandhu
Biography: Ravi Sandhu is Professor of Computer Science, Executive Director of the Institute for Cyber Security and Lead PI of the NSF Center for Security and Privacy Enhanced Cloud Computing at the University of Texas at San Antonio, where he holds the Lutcher Brown Endowed Chair in Cyber Security. Previously he served on the faculty at George Mason University (1989-2007) and Ohio State University (1982-1989). He holds BTech and MTech degrees from IIT Bombay and Delhi, and MS and PhD degrees from Rutgers University. He is a Fellow of IEEE, ACM and AAAS, and has received numerous awards from IEEE, ACM, NSA, NIST and IFIP, including the 2018 IEEE Innovation in Societal Infrastructure award for seminal work on role-based access control (RBAC). A prolific and highly cited author, his research has been funded by NSF, NSA, NIST, DARPA, AFOSR, ONR, AFRL, ARO and private industry.

His seminal papers on role-based access control established it as the dominant form of access control in practical systems. His numerous other models and mechanisms have also had considerable real-world impact. He served as Editor-in-Chief of the IEEE Transactions on Dependable and Secure Computing, and previously as founding Editor-in-Chief of ACM Transactions on Information and System Security. He was Chairman of ACM SIGSAC, and founded the ACM Conference on Computer and Communications Security, the ACM Symposium on Access Control Models and Technologies and the ACM Conference on Data and Application Security and Privacy. He has served as General Chair, Steering Committee Chair, Program Chair and Committee Member for numerous security conferences. He has consulted for leading industry and government organizations, and has lectured all over the world. He is an inventor on 30 security technology patents and has accumulated over 41,000 Google Scholar citations for his papers. At UTSA his team seeks to pursue world-leading research in both the scientific foundations of cyber security and their applications in diverse 21st century cyber technology domains, including cloud computing, internet of things, autonomous vehicles, big data and blockchain. Particular focus is on foundations and technology of attribute-based access control (ABAC) as a successor to RBAC in these contexts. His web site is at www.profsandhu.com.
Talk Title: Access Control Evolution and Prospects
Talk Abstract: This lecture will begin with an overview of important and lasting access control concepts developed in the past 50 years or so. Many of these trace back to the needs of enterprise computing. As computing systems have evolved beyond the enterprise to include modern applications such as electronic commerce, social media and the internet of things, new paradigms of access control are needed. The lecture will conclude with a discussion of the challenges of these application domains and avenues for access control evolution responsive to these needs.

Professor Mourad Debbabi
Professor Mourad Debbabi
Biography: Mourad Debbabi is a Full Professor at the Concordia Institute for Information Systems Engineering and Associate Dean Research and Graduate Studies at the Gina Cody School of Engineering and Computer Science. He holds the NSERC/Hydro-Québec Thales Senior Industrial Research Chair in Smart Grid Security and the Concordia Research Chair Tier I in Information Systems Security. He is also the President of the National Cyber Forensics and Training Alliance (NCFTA) Canada. He is also a member of CATAAlliance's Cybercrime Advisory Council. He serves on the boards of the Canadian Police College, PROMPT Québec and Calcul Quebec. He is the founder and one of the leaders of the Security Research Centre at Concordia University. In the past, he was the Speciation Lead of four Standard JAIN (Java Intelligent Networks) Java Specification Requests dedicated to the elaboration of standard specifications for presence and instant messaging.

Dr. Debbabi holds Ph.D. and M.Sc. degrees in computer science from Paris-XI Orsay, University, France. He published 3 books and more than 300 peer-reviewed research articles in high-impact peer-reviewed international journals and conferences on cyber security, cyber forensics, privacy, cryptographic protocols, threat intelligence generation, malware analysis, reverse engineering, smart grid security, programming languages and type theory, and specification and very cation of safety-critical systems.

He supervised to successful completion 30 Ph.D. students, 72 Master students and 13 Postdoctoral Fellows. He served as a Senior Scientist at the Panasonic Information and Network Technologies Laboratory, Princeton, New Jersey, USA; Associate Professor at the Computer Science Department of Laval University, Canada; Senior Scientist at General Electric Research Centre, New York, USA; Research Associate at the Computer Science Department of Stanford University, California, USA; and Permanent Researcher at the Bull Corporate Research Centre, Paris, France.

Talk Title: Securing Smart Grid Operations: Challenges, Opportunities and the Way Forward
Talk Abstract: The successful deployment of smart grids is predicated on the ability to guarantee their security. Such a requirement is of paramount importance since electrical grids are essential to several components of the critical infrastructure. Recent cyber security incidents and security research studies demonstrate that electrical grids could be subjected to disrupting attacks that might lead to severe security and economic consequences, and even to the endangerment of human lives.

In this talk, we will first discuss the threat landscape through the presentation of recent attacks on industrial control systems. In this regard, we will also present a new capability for fingerprinting, characterizing, and investigating Internet-scale attacks on industrial control systems and IoT devices. Afterwards, we will discuss the opportunities in terms of monitoring, detection and prevention techniques that could be used to mitigate the risks underlying the aforementioned threats. An important goal of this talk is the discussion of security metrics that could be used to quantify security in smart grid operations. Finally, we will survey the ongoing activities of our research program in the area of smart grid security through the presentation of some of our recent research contributions.

Professor Chris Clifton
Professor Chris Clifton
Biography: Dr. Clifton works on data privacy, particularly with respect to analysis of private data. This includes privacy-preserving data mining, data de-identification and anonymization, and limits on identifying individuals from data mining models. He also works more broadly in data mining, including data mining of text and data mining techniques applied to interoperation of heterogeneous information sources. Fundamental data mining challenges posed by these applications include extracting knowledge from noisy data, identifying knowledge in highly skewed data (few examples of "interesting" behavior), and limits on learning. He also works on database support for widely distributed and autonomously controlled information, particularly issues related to data privacy.
Talk Title: Differential Privacy: Challenges on Moving Theory into Practice
Talk Abstract: Differential Privacy has emerged as a powerful technique to protect individual privacy, providing well-defined guarantees against strong adversaries. Differential privacy adds a small amount of noise to disclosed information, sufficient to obscure the impact of a single individual's data on the disclosed outcome. Unfortunately, some techniques used in real-world data analysis can result in a single individual potentially having an outsized impact on the outcome, requiring substantially more noise than would seem necessary. This talk demonstrates how this problem can happen, and presents a solution for nearest-neighbor imputation that provides significantly higher accuracy than baseline approaches. This is joint work with Shawn Merrill (Purdue), Keith Merrill (Brandeis Univ.) and Eric Hanson (Brandeis Univ.) This work supported by the U.S. Census Bureau under CRADA CB16ADR0160002. The views and opinions expressed in this talk are those of the authors and not the U.S. Census Bureau.

Professor Rei Safavi-Naini
Professor Rei Safavi-Naini
Biography: Rei Safavi-Naini is the NSERC/Telus Industrial Research Chair and Alberta Innovates Strategic Research Chair in Information Security at the University of Calgary. She is the co-founder of the Institute for Security, Privacy and Information Assurance at the University, and served as its Director until December 2018. She has published widely in premier journals and conferences on information security and privacy, and has given numerous keynote talks, most recently at Chinacrypt 2018 and the joint session of International Conference on Information Theoretic Security and Cryptology and Network Security, in 2017. She has served on the editorial board of numerous information security journals, has been a member of program committee of leading conferences, and has served as the program chair of major conferences such as Crypto, Financial Cryptography, and Applied Cryptography and Network Security. She is currently Associate Editor of IEEE Transactions on Information Theory, IET Information Security and Journal of Mathematical Cryptology.
Her current research interest includes post-quantum cryptography, communication and cloud security, and security in distributed systems.
Talk Title: Differential Privacy: Challenges on Moving Theory into Practice
Talk Abstract: Correctness Guarantees for Outsourced Computation. Outsourcing computation is an intriguing concept: a weak client wants to outsource a computationally intensive task to one or more untrusted computational agents, and receive the result with guaranteed correctness. Cryptographic verifiable computation systems consider malicious computational nodes, and provide security by requiring the computed results to be verifiable. This is an elegant approach to the problem, which in practice faces many challenges, including the need for significant additional computation and communication. Correctness guarantees have also been achieved by considering computational agents who are rational and can be incentivized to perform the computation correctly. This approach has been used for verifying outsourced computation in the cloud, as well as designing permissionless distributed outsourcing computation systems, using smart contracts.
This talk gives an overview of approaches to providing correctness guarantees for outsourced computation, and discusses some of the latest developments in incentivized computation systems, pointing out the challenges of analyzing their security against realistic attacks

Dr. Daisuke Inoue

Important Dates

Paper Submission:
26 April 2019
9 May 2019
Closed

Acceptance Notification:
14 June 2019
24 June 2019

Camera-Ready:
28 June 2019
5 July 2019

Early-Bird Registration:
12 July 2019

Registration:
5 August 2019

Conference Date:
26-28 August 2019

Poster Submission:
5 July 2019

Acceptance Notification:
15 July 2019

Poster Author Registration:
22 July 2019