Due to the corona pandemic, the 15th Paderborn IT Security Day, originally scheduled for March 2020, had to be postponed. The SICP - Software Innovation Campus Paderborn has now decided to hold it in November 2021. "We are pleased that we can still hold the event this year after the longer pause due to the pandemic," says Prof. Dr. Johannes Blömer, Vice President for Research and Young Scientists and Head of the Codes and Cryptography Group at the University of Paderborn. On Tuesday, November 30, current topics and issues in IT security will be highlighted and discussed from scientific-technical and economic perspectives by experts from the German Federal Office for Information Security, McAfee Germany and various universities, among others.
Prof. Dr. Jörg Schwenk from Ruhr University Bochum will give the first keynote of the day on the topic of "Current Attacks on Old (Still Used) Cryptography." "Attack methods on cryptographic building blocks such as encryption and digital signatures are becoming more sophisticated, complex and targeted over time, while important cryptographic standards used in practice, whose development often dates back to the 1990s, essentially continue to work with old cryptographic elements," explains Prof. Dr.-Ing. Juraj Somorovsky, head of the Systems Security Group at the University of Paderborn. "The keynote will use the example of the industry standards S/MIME (e-mail encryption) and PDF security to illustrate that a holistic view of applications is necessary to guarantee the security of these applications in the future," Somorovsky said.
For the second keynote, Prof. Dr. Matthew Smith from the University of Bonn, Fraunhofer FKIE, was able to present the topic "Developers are not the enemy! - On usability issues for secure software development". "Every software vulnerability basically arises during development, but little research has been done on the underlying causes and possible remediation strategies," explains Prof. Dr. Patricia Arias Cabarcos, head of the IT security group at the University of Paderborn. "The keynote will highlight possible security concepts for developers*, focusing on the secure storage of passwords and usability issues in software analysis," Arias Cabarcos continues.
"Questions to be explored at the event include: How can threats be properly assessed? How can developers* be supported to increase security? And: Which legal aspects have to be considered?", says Prof. Dr. Eric Bodden, director of the competence area "Digital Security" of the SICP - Software Innovation Campus Paderborn and head of the specialist group Secure Software Engineering at the University of Paderborn.
Due to applicable hygiene regulations, the event will be held online. Since the networking character of the successful event format is to be given more space in 2021, the lecture phases will alternate with longer networking phases. For the online execution, the use of the event platform trember is planned, with which the participants* move through the virtual event environment via avatar and can freely switch between the group conversations within a room in the interaction rooms, so that an event experience similar to a face-to-face event is made possible. "As it currently stands, one virtual lecture room and several interaction rooms will be set up, with the interaction rooms being used as "theme rooms" for specific IT security topics, among others. Other rooms are planned for the presentation of SICP member companies," explains Dr. Simon Oberthür, manager of the "Digital Security" competence area of the SICP - Software Innovation Campus Paderborn at the University of Paderborn.
The event series is organized by the Digital Security competence area of SICP - Software Innovation Campus Paderborn. The Digital Security competence area researches methods for integrating security into the design of long-lived systems and ensuring it throughout the entire lifecycle. "Our goal is to make Digital Security understandable, sustainable and comprehensible," explains Bodden.
The SICP - Software Innovation Campus Paderborn researches the development of highly networked, software-intensive systems and was initiated in 2013 by the University of Paderborn, ten technology companies in the region and the Fraunhofer Institute for Mechatronic Design (IEM).
The IT Security Day is supported by the InnoZent OWL e. V. innovation network and the OWL regional group of the Gesellschaft für Informatik e. V. Participation in the event is free of charge.
Further information and registration at: https://www.sicp.de/tdits21