Tarah Wheeler is an information security researcher, political scientist in the area of international conflict, author, and poker player. She is Senior Director, Data Trust & Threat and Vulnerability Management at Splunk, as well as Cybersecurity Policy Fellow at New America. She is an inaugural contributing cybersecurity expert for the Washington Post and a Foreign Policy contributor on cyber warfare. She is the lead author of the best-selling Women In Tech: Take Your Career to The Next Level With Practical Advice And Inspiring Stories. She has been Senior Director of Engineering and Principal Security Advocate at Symantec Website Security. She has led projects at Microsoft Game Studios (Halo and Lips) and architected systems at encrypted mobile communications firm Silent Circle.

Details: http://www.cs.ox.ac.uk/seminars/2093.html

https://www.sant.ox.ac.uk/events/navigating-global-challenges-insurance-viewpoint

Details: https://www.oxfordmartin.ox.ac.uk/event/2613

Registration required: https://bit.ly/2DbqLh7

Interested in going from researcher to entrepreneur? Hear from people who've done it, and meet like-minded researchers.

Dave Hunter, CEO, Optimal Labs: "applying cutting-edge deep-reinforcement learning to grow safer, healthier food."

Talk followed by networking, pizza and beverages

https://www.facebook.com/events/354811588603339/
We are also having dinner with David before the talk. If anyone is interested in joining please get in touch with adam.zibak@keble.ox.ac.uk

Ripjar: https://ripjar.com/

Light lunch provided at 12:15, registration required: https://www.eventbrite.co.uk/e/the-politics-and-technology-of-cyber-security-tickets-51364301007

Details: https://www.maths.ox.ac.uk/events/list/3019

We provide lattice-based protocols allowing to prove relations among committed integers. While the most general zero-knowledge proof techniques can handle arithmetic circuits in the lattice setting, adapting them to prove statements over the integers is non-trivial, at least if we want to handle exponentially large integers while working with a polynomial-size modulus qq. For a polynomial L, we provide zero-knowledge arguments allowing a prover to convince a verifier that committed L-bit bitstrings x, y and z are the binary representations of integers X, Y and Z satisfying Z=X+Y over the integers. The complexity of our arguments is only linear in L. Using them, we construct arguments allowing to prove inequalities X <Z among committed integers, as well as arguments showing that a committed X belongs to a public interval [α,β], where α and β can be arbitrarily large. Our range arguments have logarithmic cost (i.e., linear in L) in the maximal range magnitude. Using these tools, we obtain zero-knowledge arguments showing that a committed element X does not belong to a public set S using soft-O(n⋅log|S|) bits of communication, where n is the security parameter. We finally give a protocol allowing to argue that committed L-bit integers X, Y and Z satisfy multiplicative relations Z=XY over the integers, with communication cost subquadratic in L. To this end, we use our protocol for integer addition to prove the correct recursive execution of Karatsuba's multiplication algorithm. The security of our protocols relies on standard lattice assumptions with polynomial modulus and polynomial approximation factor.

Details: http://www.cs.ox.ac.uk/seminars/2129.html

Registration required: https://www.eventbrite.co.uk/e/surveillance-capitalism-governance-and-social-justice-moving-beyond-data-centrism-tickets-50865916325

Details: https://www.oii.ox.ac.uk/events/surveillance-capitalism-governance-and-social-justice-moving-beyond-data-centrism/

The project “The Prosecution Service in favor of Digital Education in Schools” developed by the Federal Prosecution Service in partnership with the NGO SaferNet Brazil, aims to provide, through education, children and adolescents with awareness about their rights and duties in the use of the Internet, in order to make them grow concious about the risks at virtual environment, knowing how to protect themselves from being victims of crimes commited via Internet. The second scope is to prevent them from being future aggressors making clear that legal rules apply alike to the virtual environment and the real one. Explaining how the project's archetype emerged and how it developed in the prosecution environment has the goal to encourage simple and innovative ideas within the Institution, which, besides being a criminal prosecution service, is concerned with crime prevention, including cybercrimes.

Speakers: James Ball (Journalist and Author), Dr Lina Dencik (Cardiff University), Dr Vidya Narayanan (University of Oxford), Andrew Dywer (University of Oxford).

details: https://talks.ox.ac.uk/talks/id/832da97e-0e29-4a68-82d5-a718002be112/

The UK Department for Digital, Culture, Media & Sport (DCMS) has developed, in cooperation with industry, consumer associations and academia, the Code of Practice for Consumer IoT Security. It brings together, in thirteen outcome-focused guidelines, what is widely considered good practice in IoT security. Its aim is to support all parties involved in the development, manufacturing and retail of consumer IoT to ensure that products are secure by design.

Launched in October 2018, it puts the UK head and shoulders above the rest of the world for leadership in IoT security. David Rogers explains the background to the Code of Practice, what the guidelines mean from a technology perspective and what will come next.

Abstract: Security is a top priority at Amazon Web Services. In the shared responsibility model with customers, AWS manages the components from the operating system down to the physical security of the facilities; AWS customers are responsible for securing applications they build on top of it. In this talk I will describe tools that support our customers in securing their applications, and tools that we use to secure the infrastructure. This work is part of AWS'
Provable Security initiative, where we use automated reasoning to increase the security assurance of the cloud infrastructure and the applications built on top of it.

Bio: Michael Tautschnig is a Lecturer at Queen Mary University of London and a Senior Software Development Engineer at Amazon Web Services. The focus of his research lies in the application of automated formal methods for software and systems analysis, mostly applying model checking. In his role at Amazon Web Services, Michael applies automated software verification to low-level software to prove the absence of classes of security problems.

Details: http://www.cs.ox.ac.uk/seminars/2091.html

Email Valentin Weber to join the mailing list for future events.

This meeting will discuss CTGA Research Affiliate Robert Gorwa’s paper on the recent Cybersecurity Tech Accord. This is an excellent opportunity for those of you who are interested in the norm entrepreneurship of global companies such as Microsoft, so don’t miss out.

Abstract for the paper:

Geneva Calling: A Critical Analysis of the Cybersecurity Tech Accord
Robert Gorwa / Anjo Peez

Abstract
At its annual meeting in June 2017, the UN Group of Governmental Experts (UN GGE) failed to build upon its previous work regarding rules for state behavior in cyberspace, leading to what has widely been seen as the breakdown of the state-led cyber norm process in general. In the lead up to this meeting, the technology firm Microsoft launched a well-publicized campaign to convince states to broadly renounce certain cyber operations, advocating for what Microsoft President Brad Smith called a “Digital Geneva Convention.” Microsoft further pursued the cause in April 2018 with a “Cybersecurity Tech Accord” (CTA) calling on tech firms to not be complicit in state cyber operations. To date, 60 companies, spanning a number of different industries, have signed on. This paper asks two primary questions. (1) Why did Microsoft take this step, devoting resources and political capital to an apparent cyber norm-building campaign? (2) Why are others joining the accord? First, we ground our empirical analysis with IR scholarship on corporate norm entrepreneurship. Microsoft is a likely candidate for corporate norm entrepreneurship due to its social and material vulnerability, and due to the unregulated nature of the internet, which gives private actors a claim to set cyber policy and standards. We argue that Microsoft’s driving of the accord can be partially explained by accounting for the company’s participation in the NSA’s PRISM program from 2007–2013, and the subsequent PR and consumer trust fallout. We find rationalist elements of “levelling the playing field” in Microsoft’s efforts of soft standard-setting. Second, we argue that as a non-binding code of conduct, CTA membership is flexible and performative and further appropriates the language of international humanitarian law without adopting any of its commitments. Finally, we present the first analysis of CTA signatory firms and their stated reasons for joining, showing that they primarily attempt to cast themselves as champi- ons of security, and as innovative and impactful technology companies alongside tech giant Microsoft.

details: https://www.oxfordmartin.ox.ac.uk/event/2614