Abstract: In order to support its fast growing business Zalando applies Radical Agility, a software development methodology that allows engineers to get work done while management gets out of the way. It’s based on three pillars: Autonomy, Mastery, and Purpose, all held together and bound by organisational trust. While this enables our engineers to build
Abstract: Frequent headline-grabbing data breaches suggest that current best practices for safeguarding personal data are woefully inadequate. To try to move beyond the cycle of attacks and patches we see today, my group designs and builds systems with formal end-to-end guarantees. For example, to provide strong guarantees for outsourced computations, my colleagues and I developed
Abstract: Independent reviews of effectiveness of cyber controls and capabilities to respond to cyber events are fundamental components in the overall cyber security strategy for an organization. This session aims to propose participants with insights on Cyber Assurance Testing methodologies including Red Team Testing, Education and Awareness Testing and Cyber Assurance exercises.
Abstract: Swiss Post is a diversified Group that operates in four markets. Its three subsidiaries Post CH Ltd, PostFinance Ltd and PostBus Ltd provide high-quality, marketable and innovative services, and make every effort to satisfy the high expectations of their customers. Swiss Post constantly develops new solutions at the interface between the physical and digital
Abstract: The SPARK open source technology developed and commercialized by AdaCore (since 2008) and Altran (since 1987) is both a programming language and formal program verification toolset aimed at the highest levels of software assurance. In this presentation, we will give an overview of the SPARK Ada language and SPARK proof technology, focusing on its
Abstract: We have a clear understanding about how to handle information security in cryptographic cases where adversaries (provably) have a negligible chance of success. Definitions are solid and all is well. However, in many cases relevant for privacy, we cannot achieve such strong notions without paying outrageous costs: a utility approaching zero, vast communication costs,
Abstract Over the past years technology has become an essential part of our daily life. Be it free time, work, research or education – with the help of technology we’re able to set foot on yet unknown terrain, save resources and be more productive. We’re assumingly about to face even more fundamental changes considering the
Abstract: In the first part of the talk, we will discuss the vision, possible applications, and the economic power behind the phenomenon of cryptocurrencies and distributed ledgers. Then, based on your basic knowledge of Bitcoin, we will have a look at current technical limitations of the approach and approaches to overcome these. We will have
Abstract: When can you trust the software running on your computer? To answer this question, it is not enough to reason about the state of an individual host — we must also understand if real-world adversaries can invalidate the assumptions behind our methods for establishing trust in software components. In this talk I will
Abstract: A well-known and recurring Internet security concern is supporting HTTPS for the privacy and integrity of data in end-to-end communications. However, many studies have shown that HTTPS adoption rate remains low nowadays and websites often fail to correctly configure HTTPS. In this talk, I will present two of our recent studies that investigate the