Raven – attacks and countermeasures

Add to your list(s) Download to your calendar using vCal

• Graham Rymer, University of Cambridge
• Friday 30 October 2015, 16:20-16:40
• Computer Laboratory, William Gates Building, Room FW11.

If you have a question about this talk, please contact Professor Frank Stajano.

The University of Cambridge’s Central Web Authentication System (Raven) – Attacks and Countermeasures. Central to the functioning of this service is the Web Application Agent (WAA) to Web Login Service (WLS) protocol. We will briefly discuss some vulnerabilities discovered in WAAs implementing this protocol, the potentially significant threat impact, and how these vulnerabiltiies might stem from the design of the protocol itself. We will also look at some simple vulnerabilities exhibited by well-known University web applications, and look at how the University might plan to better defend itself against cyber attacks in the future.

Bio: Graham Rymer has an MSc in Computer Security and Forensics, is a trained ethical hacker, and currently works as an IT professional at the Cambridge Instititue for Medical Research on the Cambridge Biomedical Campus.

This talk is part of the Computer Laboratory Security Group meeting presentations series.

This talk is included in these lists:

• All Talks (aka the CURE list)
• Cambridge talks
• Computer Laboratory Security Group meeting presentations
• Computer Laboratory, William Gates Building, Room FW11
• Department of Computer Science and Technology talks and seminars
• Interested Talks
• School of Technology
• Security-related talks
• Trust & Technology Initiative - interesting events
• bld31

Note that ex-directory lists are not shown.