News Bits
Februray 5, 2003
Milan Steve Kuchta
Born 22 December 1950, Chatham, Ontario.
Milan attended the University of Western Ontario, obtaining an Engineering
Science degree in 1972. He later followed this with a Masters degree in
Electrical Engineering from Carleton University in 1982. However, in spite
of his training in engineering, Milan considered himself a scientist, rather
than an engineer. He found that his academic background and work experience
further strengthened his beliefs and faith in God, and he was unimpressed
by quasi-intellectual theories.
Although he shied away from public demonstrations of affection, Milan was a
very warm-hearted and generous person, giving freely of his time to assist
others. He had a strong sense of family, greatly enjoying all his nieces and
nephews and spending time teaching and encouraging them. With his ever-present
positive synergy, loyalty and willingness to provide assistance, whatever
the challenge, not only was Milan well liked and admired by his colleagues,
but regarded as a wonderful mentor. Everyone who knew Milan appreciated his
laugh, accepting the fact that Milan's jokes were usually funnier to Milan
than to anyone else. Yet they were always based upon his in-depth knowledge
and understanding of the world as a whole. He could, however, be quite
persistent, as was the case when he insisted that his eyes were fine, but
that the lighting in restaurants was getting dimmer every year.
In 1974 Milan joined the Communications Security Establishment (CSE) and
within a year was heading up the Cryptographic Design and Evaluation Unit.
Realizing that information security was a new and rapidly emerging field
Milan grew his section into the security authority in Canada and began making
CSE's presence known in the field of information security. A regular at
those early computer security conferences, Milan would in later years
introduce new employees to the storied names of computer and information
security. Anyone walking the halls of the Baltimore Congress Centre during
the annual U.S. security conference would immediately realize that Milan not
only knew security but was known in security.
By the mid 80's Milan began to realize that the CSE required an even larger
presence in the Information Security arena and began drawing up plans for
what was to become, in 1987, the Canadian System Security Centre (CSSC).
His vision entailed hiring motivated staff willing to push the envelop in
security, R&D, training, and criteria. Milan's desire to share ideas and
see them come to fruition resulted in him granting his staff a huge degree
of freedom. Working closely with various research laboratories at the NRC
and Defence Research as an equal Milan was able to fund advanced projects
that would result in the emergence of some of the best known names in
computer security.
Milan left lasting impressions on staff and colleagues the world over. He
knew and had the respect of leading computer security scientists in every
industrialized nation on Earth. When, in the early 90s, Milan decided to
host a series of workshops to fine tune what was to become the Canadian
Trusted Computer Product Evaluation Criteria there was more than ample
interest. In fact, dozens of the best security minds came up to Ottawa
at Milan's bequest, in the middle of February, to assist Milan in his
endeavour to create a modern evaluation criteria. With the assistance of his
team Milan realized that vision, and many others. The work on the Canadian
Criteria went on to be used as the basis for the US Federal Criteria and
finally as the cornerstone for the Common Criteria. On both projects
members of Milan's team were lead authors and contributors. To this day
Milan is fondly remembered as someone who understood security and was
willing to look far down the road and make security an enabling technology,
something to improve everyone's life.
In 1995 Milan left the CSE and began research in the field of network
autonomy and security as an independent consultant. He spent the next
eight years of his life working on his vision of intelligent, interconnected
network security components known as Ironman. Perhaps the most fitting
tribute to him is the fact that on the day he died he excitedly discussed
the possibilities his technology offered to the security world with an
old colleague. He was looking forward to sharing his years of research
with those that he respected and admired for nearly thirty years --
his second family, those individuals the world over that make up the
information security community that he'd been a part of since 1974.
One of Milan's colleges from the U.S. National Institute of Standards
and Technology wrote: "Milan Kuchta was truly a pioneer and visionary
in the field of computer and information security. His passion for his
work and vision touched those around him and extended into the
international community. Milan's leadership and spirit of cooperation
significantly influenced the direction and outcome of some of our most
important international information security standards and standards-related
projects".
Growing up on a farm in southern Ontario Milan developed the interests,
beliefs, and values that would form the guiding principles in his life.
From his rural roots he gained an appreciation for nature, the outdoors,
and wide-open spaces. The last seven years of his life were spent surrounded
by nature in a house nestled on the shores of the Rideau River, a tranquil
spot where he continued his work on computer security research.
Although Milan's interests ranged from playing and recording music to fast
cars to computers it was his love of computer security that will be
remembered by most who knew him. It is, therefore, with deep sadness that
all of us in the security community wish to extend heartfelt sympathies
to his family for their untimely loss.
Correspondence from the Zurich Information Security Center
February 21, 2003
Correspondence from Zena Matilde Ariola [ariola@cs.uoregon.edu]:
Eugen Bacic (ebacic@rogers.com) wrote the memoriam below about the
loss of our colleague Milan Kuchta last November.
In Memoriam
Died 14 November 2002 at home in Ottawa, Ontario.
March 14, 2003
Dear Colleague
The Zurich Information Security Center (ZISC) is happy to make three
announcements:
1. The ZISC Announcements Mailing List
2. The ZISC Fall School on Formal Security Engineering
3. The ZISC Information Security Colloquium
We would appreciate if you would forward this message to colleagues
interested in information security, potentially through mailing lists
you are subscribed to. This will allow us to only send messages to
parties interested in ZISC events in the future, once they have had
a chance to subscribe to the mailing list presented below.
1. The ZISC Announcements Mailing List
The ZISC Announcements mailing list is a moderated, low-traffic
mailing list for ZISC-related announcements such as this one. Its
main purpose is to inform its subscribers about upcoming events such
as talks in a timely manner. You are invited to subscribe to it at
http://www.lists.inf.ethz.ch/mailman/listinfo/zisc-announcements
2. The ZISC Fall School on Formal Security Engineering
In late September, the ZISC is organizing a one-week course for
scientists and engineers working in the field of information security.
The speakers come from both academia and industry, including Freiburg
University, the German Research Center for Artificial Intelligence
(DFKI), IBM Research, Siemens, SRI International, Sun Microsystems
Laboratories, and the Swiss Federal Institute of Technology Zurich
(ETHZ). The school is sponsored by the ETHZ. The fee for participants
from industry is 1000 Swiss Francs, and there is no fee for participants
from academia. Further information, including registration material, can
be found at
http://www.zisc.ethz.ch/events/fallschool2003.html
3. The ZISC Information Security Colloquium
In the summer semester 2003, we are organizing an information security
colloquium with 4 to 6 talks at the ETHZ. The talks are public, free of
charge, and require no application.
Date, speaker, title, and abstract of the talks can be found at
http://www.zisc.ethz.ch/events/istalksss2003.html
Thank you for taking the time to read this message.
Paul E. Sevinç, Zurich Information Security Center
Paul E. Sevinç, Dipl. El.-Ing. ETH
E-Mail: paul.sevinc@inf.ethz.ch
Phones: +41 1 632 7250 (office)
+41 1 450 8578 (home)
+41 78 854 1773 (cell)
http://www.infsec.ethz.ch/~sevinc/
Summer School on the Foundation of Security
Eugene, Oregon, USA
June 16 - 27 , 2003
Organizers:
Martin Abadi University of California at Santa Cruz
Zena M. Ariola University of Oregon
Hugo Herbelin INRIA
John Mitchell Stanford University
Scientific committee:
Luca Cardelli Microsoft Research, Cambridge
Pierre-Louis Curien University of Paris 7
Robert Harper Carnegie Mellon University
Catuscia Palamidessi INRIA
Frank Pfenning Carnegie Mellon University
Benjamin Pierce University of Pennsylvania
The summer school on the Foundation of Security is a two week
course for computer scientists and mathematicians interested in
formal methods applied to software security. The program runs from
Monday, June 16 to Friday, June 27, 2003.
Graduate students who wish to attend should send an application
consisting of a short description of their educational background and
one letter of reference to summer-school-security@cs.uoregon.edu.
We anticipate making available a number of grants to cover travel and
lodging costs for qualified graduate students.
For more information see
http://www.cs.uoregon.edu/activities/summerschool/summer03/.
You can access information (including great pictures!) on last
year summer school at
http://www.cs.uoregon.edu/activities/summerschool/summer02/
----------------------------------------------------------------------
Preliminary program
- Type Systems
Robert Harper - Carnegie Mellon University
- Inductive Types
Christine Paulin - INRIA
- Linear Logic
Pierre-Louis Curien - University of Paris 7
- Coinduction and bisimulation
Roy L. Crole University of Leicester
- Formal methods and security
Catherine A. Meadows - Naval Research Laboratory
- Cryptographic Protocols
Cedric Fournet - Microsoft Research, Cambridge
- Language Based Information Security
Steve Zdancewic - University of Pennsylvania
- Typed Assembly Languages and Proof Carrying Code
David Walker - Princeton University
- Global Computing
Vladimiro Sassone - University of Sussex
- Linear Logic and Security
Iliano Cervesato - Naval Research Laboratory
February 21, 2003
Correspondence from Jamil Farshchi [jfarshch@hq.nasa.gov]:
Hello,
I recently wrote an article about Statistical Intrusion Detection
systems. It explains the difference between a Rule-based and Statistical IDS,
tells of the benefits of a stat IDS, as well as how to implement one with snort
-- This document is currently being posted on the SANS web site but I can write
a variation of it (or you can link to it
http://www.sans.org/resources/idfaq/statistic_ids.php) if you so choose.
I have attached the document for you to review in the event that you or your
readers would be interested. I am also working on a wireless (802.11b and 802.11a)
security document that may interest you as
well.
Jamil D. Farshchi
February 5, 2003
Correspondence from Dr. Gerald Masson, Johns Hopkins Univeristy: The Carolyn and Edward Wenk, Jr. Lecture in Technology and Public Policy Date: Tuesday, April 22, 2003 Time: 3-4 PM, reception to follow Location: Hodson Hall, Room 110, Homewood Campus Speaker: Ross Anderson, University of Cambridge Title: "Information Security and Public Policy" Sponsors: JHU Whiting School of Engineering, Information Security Institute
and Department of Computer Science For info:
www.jhuisi.jhu.edu RSVP: 410-516-4250
Thanks,
-jamil
Information Technology Security
NASA Office of Inspector General
Washington, DC 20546
Phone: 202.358.1897
Fax: 202.358.2990
News Bits contains correspondence, interesting links, non-commercial announcements and other snippets of information the editor thought that Cipher readers might find interesting.