[sage-hamburg] TUHH-Vorträge in ITSRM-Vorlesung und Oberseminar

Dirk Wetter dirk.wetter at guug.de
Mi Jun 4 23:08:41 CEST 2014


Moin Dieter,

On 14-06-04 21:32, Dieter Klünter wrote:
> Hallo Dirk,
> 
> Am Wed, 4 Jun 2014 21:18:47 +0200
> schrieb Dirk Wetter <dirk.wetter at guug.de>:
> 
> > Hi,
> > 
> > ich muss noch die Ankündigung für den 13.6. schreiben (siehe
> > www.guug.de/lokal/hamburg). Diese Mail lungerte noch seit einiger
> > Zeit in meiner Inbox herum (sorry+danke, Sven)
> 
> Muss ich das verstehen?

Muss nicht, aber kann...

> In deiner Ankündigung für den 13.6. wird OpenNebula angekündigt, in der
> E-Mail von Sven wird ein Vorlesungsreihe der TUHH angekündigt. 

Abgesehen davon, dass ich OpenNebula noch nicht angekündigt habe,
hast du den Nagel auf den Kopf getroffen.

> Wer hat schon Zeit und Lust morgens um 10:00 in Harburg zu sein?

Extra für dich gibt's noch einen Termin um 18:15. Dann bietet sich
auch für dich die Gelegenheit zu überzeugen, dass die TUHH mit 
Sicherheit 25 Minuten S-Bahn fahren Wert ist. SCNR

> Was gilt denn nun?

?

BG, Dirk


> 
> Gruß
> Dieter
> 
> 
> > 
> > BG, Dirk
> > 
> > ----- Forwarded message from Sven Übelacker <uebelacker at tuhh.de> -----
> > 
> > Subject: TUHH-Vorträge in ITSRM-Vorlesung und Oberseminar
> > From: Sven Übelacker <uebelacker at tuhh.de>
> > Organization: TUHH
> > To: Sven Übelacker <uebelacker at tuhh.de>
> > Date: Wed, 28 May 2014 16:30:21 +0200
> > 
> > FYI und zum Weiterleiten.
> > 
> > Danke,
> > Sven.
> > 
> > (ITSRM = IT Security Risk Management)
> > 
> > 
> > 
> > = ITSRM =
> > Wednesday, 2014-06-04, 10:00-12:00
> > TUHH Building A, Schwarzenbergstr. 93, room A1.16
> > Christoph Gerber, Uni Hamburg
> > "Collaborative Security Management based on BSI IT Baseline
> > Protection"
> > 
> > Abstract:
> > """
> > Security management supports the selection of on the one hand needed
> > and on the other hand economically reasonable safeguards. Security
> > management helps with its acknowledged standards like the IT Baseline
> > Protection Standard from the German Federal Office for Information
> > Security (BSI) or the ISO/IEC 27000 series to obtain a structured
> > protection of the company-wide IT systems by applying a so-called
> > information security management system (ISMS). Each ISMS is based on a
> > information security process (IS process) which allows for continuous
> > checking and improving the security aspects of business processes as
> > well as IT systems. This talk first describes how a security concept
> > can be created using the IT Baseline Protection methodology described
> > in BSI 100-2 and BSI 100-3. Afterwards, it is shown how data
> > protection officers from different companies can benefit from an
> > inter-organizational data exchange in the field of security management
> > and how such a data exchange can be realized. Therefore two
> > applications are described that allow for collaborative security
> > management. """
> > 
> > 
> > 
> > Wednesday, 2014-06-18, 10:00-12:00
> > TUHH Building A, Schwarzenbergstr. 93, room A1.16
> > Gernot Ladstätter, AIRBUS
> > "Taking ITSRM to the Sky"
> > 
> > 
> > 
> > 
> > Wednesday, 2014-06-25, 10:00-12:00
> > TUHH Building A, Schwarzenbergstr. 93, room A1.16
> > Dr Barbara Kordy, Uni Luxemburg
> > "Security modeling and analysis with attack-defense trees"
> > 
> > Abstract:
> > """
> > Graphical security models provide useful methods to analyze security
> > scenarios and examine vulnerabilities of systems and organizations.
> > The great advantage of graphical models lies in combining intuitive,
> > visual representation with sound formal foundations. This lecture
> > will give a general overview of the attack-defense tree methodology.
> > Attack-defense trees extend the well-known model of attack trees by
> > allowing for modeling of security scenarios involving an attacker,
> > whose goal is to compromise a system, and a defender trying to
> > protect against an attack. We will show how to model security
> > scenarios using attack-defense trees, present formal foundations
> > underlying the model, and explain how to perform quantitative
> > analysis with attack-defense trees. The ADTool software for creation
> > and analysis of attack-defense trees will also be presented and
> > typical mistakes to be avoided while using the attack tree-based
> > formalisms will be discussed. """
> > 
> > 
> > 
> > Wednesday, 2014-07-09, 10:00-12:00
> > TUHH Building A, Schwarzenbergstr. 93, room A1.16
> > Dr Christan Paulsen, DFN-CERT
> > "OCTAVE and the ADORA tool"
> > 
> > Abtract:
> > """
> > The Operationally Critical Threat, Asset, and Vulnerability Evaluation
> > (OCTAVE) approach defines a risk-based strategic assessment and
> > planning technique for security. OCTAVE is a self-directed approach,
> > meaning that people from an organization assume responsibility for
> > setting the organization’s security strategy. The analysis is led by
> > a small, interdisciplinary team (three to five people) of an
> > organization’s personnel who gather and analyze information,
> > producing a protection strategy and mitigation plans based on the
> > organization’s unique operational security risks. The DFN-CERT
> > translated, shortened and adopted OCTAVE to fit into German
> > requirements, IT-Grundschutz (Baseline Protection Manual) and ISO
> > 27001. The software tool ADORA was developed to support the analysis
> > team. """
> > 
> > 
> > 
> > = Oberseminar =
> > Tuesday, 2014-06-24, 18:15-19:45
> > Uni Hamburg, RRZ, Schlüterstr. 70, Raum 304
> > Dr Barbara Kordy, Uni Luxemburg
> > "On optimistic multi-party contract signing protocols"
> > 
> > Abstract:
> > """
> > Multi-party contract signing (MPCS) protocols specify how a number of
> > signers can cooperate in achieving a fully signed contract, even in
> > the presence of dishonest signers. Here we consider optimistic MPCS
> > protocols, where we assume presence of a trusted third party which is
> > contacted only in case of a conflict.
> > 
> > The presentation discusses a connection between optimistic MPCS
> > protocols and the combinatorial problem of constructing sequences
> > which contain all permutations of a set as subsequences. We provide an
> > explicit and general construction for MPCS protocols which converts a
> > sequence over a finite set of signers into a protocol specification
> > for the signers. Furthermore, we give tight conditions under which the
> > resulting protocols satisfy fairness and timeliness.
> > """
> > 
> > 
> 
> 
> 
> -- 
> Dieter Klünter | Systemberatung
> http://sys4.de
> GPG Key ID: E9ED159B
> 53°37'09,95"N
> 10°08'02,42"E
> 
> _______________________________________________
> SAGE-Hamburg mailing list
> SAGE-Hamburg at guug.de
> http://lists.guug.de/mailman/listinfo/sage-hamburg