Menu Close

The HAIC public outreach initiative aims to make cybersecurity more accessible to a broader audience. As part of this initiative, are organizing HAIC Talks, a series of public lectures on contemporary topics in cybersecurity. In the style of studia generalia, these lectures are free and open to everyone. No background knowledge in cybersecurity is required. HAIC Talks are made possible through the generous support of the Aalto University School of Science.

Sign-up for our HAIC Talks mailing list to hear about future events.

Description: During the last 10 years security researchers and standards experts have been working on specifications to ensure that state-of-the-art cryptography can be used on low end IoT devices. Most of those standards efforts have either been completed or are in the final stages. At the same time, industry groups and governmental agencies have written IoT security guidelines offering valuable suggestions for developers to design more secure IoT products. Even IoT security regulation exists asking for state-of-the-art crypto, the use of standards, and for a ban of passwords.

What challenges do developers face designing IoT products? Can they use open source software implementations and follow IoT security guidelines? In this talk Hannes Tschofenig will make an attempt to answer this question.

About the speaker: Hannes Tschofenig is employed by Arm; prior employers include the European Data Protection Supervisor, Nokia Siemens Networks, and Siemens. His work life focused on developing global standards to make the Internet more secure. He has been active in the IETF for the past 15 years and contributed to more than 80 RFCs on security, privacy and various Internet protocols. Hannes co-chaired several IETF working groups, including OAuth, ACE, KEYPROV, DIME, and ECRIT. From 2010 to 2014 Hannes was a member of the Internet Architecture Board (IAB), a committee of the IETF. Currently, he is a board member and chair of the Device Management and Service Enablement working group of OMA SpecWorks.

Venue: Online

Time: 16:00-17:30. The lecture will be approximately 60 minutes, after which there will be time for questions.

Registration: Registration is closed.


This talk is part of the Secure Systems Demo Day 2020 program.

Description: A variety of experts — computer scientists, policy makers, judges — constantly make decisions about best practices for computational systems. They decide which features are fair to use in a machine learning classifier predicting whether someone will commit a crime, and which security behaviors to recommend and require from end-users. Yet, the best decision is not always clear. Studies have shown that experts often disagree with each other, and, perhaps more importantly, with the people for whom they are making these decisions: the users.

This raises a question: Is it possible to learn best-practices directly from the users? The field of moral philosophy suggests yes, through the process of descriptive decision-making, in which we observe people’s preferences from which to infer best practice rather than using experts’ normative (prescriptive) determinations of best practice. In this talk, I will explore the benefits and challenges of applying such a descriptive approach to making computationally-relevant decisions regarding: (i) optimizing security prompts for an online system; (ii) determining which features are fair to include in a classifier and which decision makers should evaluate fairness; (iii) defining standards for ethical virtual reality content.


You can find presentation slides here: Learning from the People: From Normative to Descriptive Solutions to Problems in Security, Privacy & Machine Learning


About the speaker: Elissa M. Redmiles is a Faculty Member and Research Group Leader of the Digital Harm group at the Max Planck Institute for Software Systems. She additionally serves as a consultant and researcher at multiple institutions, including Microsoft Research and Facebook. Dr. Redmiles uses computational, economic, and social science methods to understand users’ security, privacy, and online safety-related decision-making processes. Much of her work focuses specifically on investigating inequalities that arise in these decision-making processes and mitigating those inequalities through the design of systems that facilitate safety equitably across users. Dr. Redmiles’ work has been featured in popular press publications such as Scientific American, Wired, Business Insider, Newsweek, Schneier on Security, and CNET and has been recognized with multiple Distinguished Paper Awards at USENIX Security as well as the John Karat Usable Privacy and Security Research Award. Dr. Redmiles received her B.S. (Cum Laude), M.S., and Ph.D. in Computer Science from the University of Maryland. As a graduate student, she was supported by a NSF Graduate Research Fellowship, a National Defense Science and Engineering Graduate Fellowship, and a Facebook Fellowship.

This talk is part of the Secure Systems Demo Day 2020 program. With registration you get participation links to both online events. The Secure Systems Demo Day is an annual meet-up for researchers in academia and industry and gives an overview of the current information security research going on in Finland’s capital area.

You can find presentation slides here: 5th Generation Crime-fighting in Cyberspace: Lawful Intercept in 5G Networks