First draft of STRINT workshop report available

The first draft of the STRINT workshop report was published by the IETF as the Internet Draft draft-iab-strint-report-00. The same text is also available, with different formatting, from the STRINT Web site as draft-iab-strint-report.html.

[Overview photo taken from the left side of the room.]
Co-chair Stephen Farrell summarizes the points on the projection screen during the concluding plenary session.

STRINT workshop papers published

The first version of the agenda and the list of submitted papers of the STRINT workshop were published today. The agenda has seven sessions, three on Friday and the rest on Saturday:

  1. Threats,
  2. COMSEC (part 1),
  3. Policy,
  4. COMSEC (part 2),
  5. Metadata,
  6. Deployment, and
  7. Break-out sessions

There are 66 papers. Together they give an overview of current thinking about the security threats from pervasive monitoring and a first set of ideas towards developing countermeasures.

D.1.1 Web-platform security guide

STREWS published the first of its reports:

Web-platform security guide: security assessment of the Web ecosystem [PDF]

Editors: Lieven Desmet and Frank Piessens

Here is the abstract:

This deliverable reports on the broad web security assessment of STREWS. As part of this report, we provide a clear and understandable overview of the Web ecosystem, and discuss the vulnerability landscape, as well as of the underlying attacker models. In addition, we provide a catalog of best prac- tices with existing countermeasures and mitigation techniques, to guide European industrial players to improve step-by-step the trustworthiness of their IT infrastructures. The report concludes with interesting challenges for securing the Web platform, opportunities for future research and trends in improving web security.